youareso.com Open in urlscan Pro
2606:4700:3030::6815:2d72 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://youareso.com/
Submission: On March 09 via api (March 9th 2024, 1:10:46 pm UTC) from US — Scanned from US

Summary HTTP 128 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 1 countries across 14 domains to perform 128 HTTP transactions. The main IP is 2606:4700:3030::6815:2d72, located in United States and belongs to CLOUDFLARENET, US. The main domain is youareso.com.
TLS certificate: Issued by GTS CA 1P5 on March 7th 2024. Valid for: 3 months.

This is the only time youareso.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	2606:4700:303... 2606:4700:3030::6815:2d72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	216.172.4.213 216.172.4.213	34655 (DOCLER-AS) (DOCLER-AS)
11	2607:f8b0:400... 2607:f8b0:4006:81c::2008	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80f::2003	15169 (GOOGLE) (GOOGLE)
20	216.172.4.212 216.172.4.212	34655 (DOCLER-AS) (DOCLER-AS)
8	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
1 5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:822::2004	15169 (GOOGLE) (GOOGLE)
7	4.227.249.197 4.227.249.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
3	216.172.4.215 216.172.4.215	34655 (DOCLER-AS) (DOCLER-AS)
1	216.172.4.209 216.172.4.209	() ()
128	19

38 2606:4700:3030::6815:2d72 (United States)

ASN13335 (CLOUDFLARENET, US)

youareso.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.172.4.213 (United States)

ASN34655 (DOCLER-AS, LU)

pt.potwmora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:81c::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 216.172.4.212 (United States)

ASN34655 (DOCLER-AS, LU)

pt-static5.orawmstc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static4.orawmstc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pt-static3.orawmstc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 4.227.249.197 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

u.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.172.4.215 (United States)

ASN34655 (DOCLER-AS, LU)

api-protected.oraprotogw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.172.4.209 (None, )

ASN- ()

msimg2.doclercdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	youareso.com youareso.com	443 KB
20	orawmstc.com pt-static5.orawmstc.com pt-static4.orawmstc.com pt-static3.orawmstc.com	1 MB
17	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 756 u.clarity.ms — Cisco Umbrella Rank: 7562 c.clarity.ms — Cisco Umbrella Rank: 1360	107 KB
11	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	1016 KB
8	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	274 KB
7	potwmora.com pt.potwmora.com	25 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 148	986 B
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	6 KB
5	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 375 c.bing.com — Cisco Umbrella Rank: 244	53 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	425 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	82 KB
3	oraprotogw.com api-protected.oraprotogw.com	2 KB
2	gstatic.com fonts.gstatic.com	22 KB
1	doclercdn.com msimg2.doclercdn.com	53 KB
128	14

	Domain	Requested by
38	youareso.com	youareso.com
11	pt-static5.orawmstc.com	pt.potwmora.com pt-static5.orawmstc.com
11	www.googletagmanager.com	youareso.com pt.potwmora.com www.googletagmanager.com
8	connect.facebook.net	youareso.com connect.facebook.net
8	www.clarity.ms	youareso.com www.clarity.ms
8	pt-static3.orawmstc.com	pt.potwmora.com pt-static3.orawmstc.com
7	u.clarity.ms	www.clarity.ms
7	pt.potwmora.com	youareso.com pt.potwmora.com
4	www.facebook.com	pt.potwmora.com
4	www.google.com	pt.potwmora.com
4	googleads.g.doubleclick.net	www.googletagmanager.com
4	bat.bing.com	www.googletagmanager.com
4	www.google-analytics.com	www.googletagmanager.com
3	api-protected.oraprotogw.com	pt-static5.orawmstc.com
2	c.clarity.ms	1 redirects
2	fonts.gstatic.com	youareso.com
1	msimg2.doclercdn.com	pt.potwmora.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	c.bing.com	1 redirects
1	pt-static4.orawmstc.com	pt.potwmora.com
128	21

This site contains links to these domains. Also see Links.

Domain
www.google.com

Subject Issuer	Validity	Valid
youareso.com GTS CA 1P5	`2024-03-07` - `2024-06-05`	3 months	crt.sh
pt.potwmora.com R3	`2024-02-19` - `2024-05-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
api.oraprotogw.com R3	`2024-02-20` - `2024-05-20`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.doclercdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-13` - `2024-10-12`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://youareso.com/
Frame ID: 634F3E6683CEFDCB6C90142223591827
Requests: 48 HTTP requests in this frame

Frame: https://pt.potwmora.com/match?psid=kikdirty&psprogram=pps&pstool=610_1&cobrandid=&campaign_id=126656&subaffid={SUBAFFID}
Frame ID: EAD7E8E96F510FA3BC4CC81DC9A6D81D
Requests: 25 HTTP requests in this frame

Frame: https://pt.potwmora.com/br/livefeed/207/?site=oranum&psid=kikdirty&pstool=600_207&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Frame ID: 639509AE57C91C1632D7FD1628723297
Requests: 18 HTTP requests in this frame

Frame: https://pt.potwmora.com/br/chat/002/?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Frame ID: 9B62EB2049B9C0071E92CE740A1CE838
Requests: 21 HTTP requests in this frame

Frame: https://pt.potwmora.com/br/chat/002/?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Frame ID: CB6BCB63DA8EBD49E376A2E061F3CE2A
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Youareso.com: You are so videosYouAreSo - FREE

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

128
Requests

99 %
HTTPS

67 %
IPv6

14
Domains

21
Subdomains

19
IPs

1
Countries

3275 kB
Transfer

8225 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/policies/technologies/cookies/
Title: More information

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5A1D51E4C4224947BD4CA7F44CA64AA6&RedC=c.clarity.ms&MXFR=22F1F7A2A88363B1255FE39FAC836DB2 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5A1D51E4C4224947BD4CA7F44CA64AA6&MUID=34CD677CADF16C9119FF7341AC9D6D0C

128 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
youareso.com/ 72 KB
14 KB 1788ms
1686ms Document
text/html 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youareso.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 860dccd9c8eaf8334cac440bf339530f38e5333e21c8b29a5da1c5b6d437cdef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 861b4e69ddda8db5-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 09 Mar 2024 13:10:40 GMT
last-modified: Sat, 09 Mar 2024 13:10:39 GMT
link: <https://youareso.com/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OZdQCQLf6JULzauP2myXK0pTTSESGYDlhoYjnMOzXLE2y4HZcODPX148wp2Uum4mr4inAdSBsRbc4Hs6fvTrJqkFL2ssb6cI%2BgsnFi2IkXs70Kr2AfTzdOYHYjyl0OCtnu%2BV4HOpTbyvMpo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent

GET
H2 200 fqjop.css
youareso.com/wp-content/cache/wpfc-minified/km9kdx8n/ 203 KB
34 KB 247ms
245ms Stylesheet
text/css 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youareso.com/wp-content/cache/wpfc-minified/km9kdx8n/fqjop.css
Requested by: Host: youareso.com
URL: https://youareso.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a411a873dff52798ac9005a072f796af5477e1d31f84adc577c02e00684342a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:40 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 07 Mar 2024 23:30:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ea4e01-32cc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2B6DDBeq862nOQzO%2F9hM18UxZv2L9cZXtpCsIf2b1XAtXrnLvZ%2BkeZVkT4Uy6m5rjAm15MsJR9GIv0UiWTzIATANszzDm1gKjCt7U4GnkkA4BIvb0w1H8vZEkalFVDMnfExF4xmsMfbyj3o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
cf-ray: 861b4e746ba58db5-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 px.gif
youareso.com/wp-content/themes/ultimatube/assets/img/ 1 KB
1 KB 177ms
177ms Image
image/gif 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/themes/ultimatube/assets/img/px.gif
Requested by: Host: youareso.com
URL: https://youareso.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9bb07bf95a4eb5b11f74e1be96e3cee1579e41c4c134b3773581c5340ba63ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:40 GMT
cf-cache-status: MISS
last-modified: Thu, 07 Mar 2024 00:14:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65e906e6-447"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWBUMwunZMoWqqcoiYKsmZ8CCHH0%2BW%2BrE01z%2FU0zWyE5gVjHDU%2BOBa8l2utIxgTDQ2GJQmnU5i7GAzbpDW0D6OnQjwwB3r1DRdA%2FERHcB7M8n17onUpIc9ya67JmShIVyEfVTHg4REzGClc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 861b4e746ba88db5-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1095
expires: max-age=A10368000, public

GET
H2 200 rocket-loader.min.js Show response
youareso.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 35ms
35ms Script
application/javascript 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://youareso.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: youareso.com
URL: https://youareso.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Mar 2024 17:52:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65e75beb-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Csn3jP7uMjMgtnrIFcY8CfLUo9qDaq%2F%2FhsRiwoLXTM12v8wwpOeAoveuZZCJTwjM7qKCU1vxk4JdEf%2B%2F%2BkWEPjrLyKsRY9QWMq3jrCT3iEEUmy0K%2BPkfXoKW%2BCl13new%2BxRBIT9U12saDak%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 861b4e746baa8db5-MIA
expires: Mon, 11 Mar 2024 13:10:40 GMT

GET
H2 200 match Show response
pt.potwmora.com/ Frame EAD7 27 KB
6 KB 513ms
169ms Document
text/html 216.172.4.213
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.potwmora.com/match?psid=kikdirty&psprogram=pps&pstool=610_1&cobrandid=&campaign_id=126656&subaffid={SUBAFFID}
Requested by: Host: youareso.com
URL: https://youareso.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.172.4.213 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 409fefd66cc4f3d5b36de22876b5f42d4358518d10af70a105d40646e7589754

Request headers

Referer: https://youareso.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 09 Mar 2024 13:10:40 GMT
server: unknown
vary: Accept-Encoding
x-ud-id: c2mGm/7pK

GET
H3 200 wpo-minify-footer-04e82422.min.js Show response
youareso.com/wp-content/cache/wpo-minify/1709854013/assets/ 32 KB
10 KB 228ms
226ms Script
application/javascript 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youareso.com/wp-content/cache/wpo-minify/1709854013/assets/wpo-minify-footer-04e82422.min.js
Requested by: Host: youareso.com
URL: https://youareso.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18fdb41ef75d60f7378a81d826da53d917a5ed536fc15db6f184e53f232b8266

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:40 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 07 Mar 2024 23:27:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ea4d44-23ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2gKDcdP7P9e4068n%2B%2BpVxEeU7ELRjI6Edcv%2FLRo03Pf1jy4xT42iu9X29Hp%2FV%2FexI3NdqSDt3lEwDKY15x%2Bc3h00DaGmw2H8p%2BT1ZmL%2FCJU3lujFn%2BMgmqJfjjLjTV%2BcCd5mvFfdGlapS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 861b4e760a54572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 002 Show response
pt.potwmora.com/embed/chat/ 2 KB
2 KB 255ms
165ms Script
application/javascript 216.172.4.213
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.potwmora.com/embed/chat/002?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid={SUBAFFID}&ms_notrack=1
Requested by: Host: youareso.com
URL: https://youareso.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.172.4.213 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 633dc2a4256a23a4dec7b94a6ea000969514013ce9c66785d1daed395e0adb22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:40 GMT
server: unknown
access-control-allow-methods: OPTIONS, GET
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-ud-id: 3cP3l/GjG
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 207 Show response
pt.potwmora.com/embed/livefeed/ 2 KB
2 KB 382ms
292ms Script
application/javascript 216.172.4.213
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.potwmora.com/embed/livefeed/207?site=oranum&psid=kikdirty&pstool=600_207&psprogram=pps&campaign_id=126656&subaffid={SUBAFFID}&ms_notrack=1
Requested by: Host: youareso.com
URL: https://youareso.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.172.4.213 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: cf7f68a71d6b3664b790c5ebf6c31305ec82ef504218f9d8b4e688c5e721d42c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:40 GMT
server: unknown
access-control-allow-methods: OPTIONS, GET
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-ud-id: lx6E6/gzm
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
95 KB 260ms
120ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-41BCQPZXPX

Requested by

Host: youareso.com
URL: https://youareso.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae811cff7867d74f0cffb77a8348a9bce79d718b87c673ce1eef6c9448f7811f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Mar 2024 13:10:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 285 KB
95 KB 242ms
104ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=GT-K4ZBRZFQ

Requested by

Host: youareso.com
URL: https://youareso.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab1414874550c8609b2ca25feefbbc13f78e0ab8f73362e2a24560291f44ed61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96739
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Mar 2024 13:10:40 GMT

GET
H3 200 fqj3d.js Show response
youareso.com/wp-content/cache/wpfc-minified/dhpj83yl/ 99 KB
35 KB 239ms
239ms Script
application/javascript 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youareso.com/wp-content/cache/wpfc-minified/dhpj83yl/fqj3d.js
Requested by: Host: youareso.com
URL: https://youareso.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8bfeb7f9b1a344cf5c77e33eeb9eb4901f844436136be5689e531c76b2403b6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:40 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 07 Mar 2024 23:27:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65ea4d45-18b82"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3DG47xc7xTtP947C68H7EJAe2FD%2F7qUhCgbU7iaUAKS9d%2FAS4xFrThnTq0Cv5AmTQyk%2Fa5hOkJfuJBXoLb1HA%2BC26u6gNXvEkks6wICKhBLp6L3bS2uZPIdXnZcKZeucu9xQAj0O7LkFgKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 861b4e760a59572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 202ms
64ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: youareso.com
URL: https://youareso.com/wp-content/cache/wpfc-minified/km9kdx8n/fqjop.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://youareso.com/
Origin: https://youareso.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:10:15 GMT
x-content-type-options: nosniff
age: 54025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11028
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Mar 2025 22:10:15 GMT

GET
H3 200 fontawesome-webfont.woff2
youareso.com/wp-content/themes/ultimatube/assets/stylesheets/font-awesome/fonts/ 75 KB
76 KB 314ms
313ms Font
application/font-woff2 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youareso.com/wp-content/themes/ultimatube/assets/stylesheets/font-awesome/fonts/fontawesome-webfont.woff2
Requested by: Host: youareso.com
URL: https://youareso.com/wp-content/cache/wpfc-minified/km9kdx8n/fqjop.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://youareso.com/wp-content/cache/wpfc-minified/km9kdx8n/fqjop.css
Origin: https://youareso.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:40 GMT
cf-cache-status: EXPIRED
last-modified: Thu, 07 Mar 2024 00:14:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65e906e6-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fhfe6eQnawZ6XsYWENujtR1UHjus5kMpM3e4qK8nNf0w%2FJWyaJyYGzKpqocbmJyIHUVMXEODgvTeZcXhAfrMgGbYijw4sswzfDkkLc33oR6XKu%2Fcb94pk6m5Sq63oAt8CbMzpBSmAcM789s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 861b4e761a5d572a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 77160
expires: max-age=A10368000, public

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
11 KB 211ms
75ms Font
font/woff2 2607:f8b0:4006:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: youareso.com
URL: https://youareso.com/wp-content/cache/wpfc-minified/km9kdx8n/fqjop.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://youareso.com/
Origin: https://youareso.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 09:14:02 GMT
x-content-type-options: nosniff
age: 273398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11040
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 09:14:02 GMT

GET
H2 200 match-maker-v297914.css
pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/ Frame EAD7 156 KB
20 KB 301ms
125ms Stylesheet
text/css 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/match?psid=kikdirty&psprogram=pps&pstool=610_1&cobrandid=&campaign_id=126656&subaffid={SUBAFFID}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 0a134ccb56659072b4b71e362bd611e8d5775737b2b44b558d2e7be69f902b54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:40 GMT
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 11:27:19 GMT
server: unknown
etag: W/"65e06a17-27062"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Sat, 23 Mar 2024 13:10:40 GMT

GET
H2 200 match-v297914.js Show response
pt-static4.orawmstc.com/mstpromo/ba/matchmaker/script/ Frame EAD7 449 KB
151 KB 298ms
124ms Script
application/javascript 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static4.orawmstc.com/mstpromo/ba/matchmaker/script/match-v297914.js
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/match?psid=kikdirty&psprogram=pps&pstool=610_1&cobrandid=&campaign_id=126656&subaffid={SUBAFFID}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: b79f28dfd01bda64639ad5921e3e74816f96e00eb6d0591b3a5dfa152f923642

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:40 GMT
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 11:27:19 GMT
server: unknown
etag: W/"65e06a17-704c4"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Sat, 23 Mar 2024 13:10:40 GMT

GET
H2 200 advertisement-v297914.js Show response
pt-static3.orawmstc.com/mstpromo/_common/script/adblock/ Frame EAD7 21 B
277 B 233ms
63ms Script
application/javascript 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static3.orawmstc.com/mstpromo/_common/script/adblock/advertisement-v297914.js
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/match?psid=kikdirty&psprogram=pps&pstool=610_1&cobrandid=&campaign_id=126656&subaffid={SUBAFFID}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:40 GMT
last-modified: Thu, 29 Feb 2024 11:27:18 GMT
server: unknown
etag: "65e06a16-15"
x-cache-status: R-HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21
expires: Sat, 23 Mar 2024 13:10:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame EAD7 346 KB
109 KB 109ms
107ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Requested by

Host: pt.potwmora.com
URL: https://pt.potwmora.com/match?psid=kikdirty&psprogram=pps&pstool=610_1&cobrandid=&campaign_id=126656&subaffid={SUBAFFID}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

50a2ede4dbc42c620242012068e56a3e4dd42372225d4187822547eb23d895ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111095
x-xss-protection: 0
last-modified: Sat, 09 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Mar 2024 13:10:40 GMT

GET
H2 200 bannerbg-v297914.png
pt-static5.orawmstc.com/mstpromo/image/match-maker/sticky-banner/ Frame EAD7 66 KB
67 KB 67ms
62ms Image
image/png 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt-static5.orawmstc.com/mstpromo/image/match-maker/sticky-banner/bannerbg-v297914.png
Requested by: Host: pt-static5.orawmstc.com
URL: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 5ef1fba28c8b13ef8ac08ddebfb65a9a2ee74d1f41b9e8ee35e8047ab2ba3550

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:40 GMT
last-modified: Thu, 29 Feb 2024 11:27:19 GMT
server: unknown
etag: "65e06a17-10964"
x-cache-status: R-HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 67940
expires: Sat, 23 Mar 2024 13:10:40 GMT

GET
H2 200 Oranum_Logo-v297914.svg
pt-static5.orawmstc.com/mstpromo/image/ Frame EAD7 7 KB
7 KB 129ms
125ms Image
image/svg+xml 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt-static5.orawmstc.com/mstpromo/image/Oranum_Logo-v297914.svg
Requested by: Host: pt-static5.orawmstc.com
URL: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 7205b900ff2a46b3863aa7bed29bbea646319f52fffd0c845e9d525693ffa5c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:40 GMT
last-modified: Thu, 29 Feb 2024 11:27:19 GMT
server: unknown
etag: "65e06a17-1a9b"
x-cache-status: R-HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 6811
expires: Sat, 23 Mar 2024 13:10:40 GMT

GET
H2 200 sprite1-v297914.svg
pt-static5.orawmstc.com/mstpromo/image/match-maker/ Frame EAD7 47 KB
47 KB 129ms
126ms Image
image/svg+xml 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pt-static5.orawmstc.com/mstpromo/image/match-maker/sprite1-v297914.svg
Requested by: Host: pt-static5.orawmstc.com
URL: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: d0564469c3be238cc2e035190376714d0fa568f5f706ffb4d0f29f92c558ecf6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:40 GMT
last-modified: Thu, 29 Feb 2024 11:27:19 GMT
server: unknown
etag: "65e06a17-bc60"
x-cache-status: R-HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 48224
expires: Sat, 23 Mar 2024 13:10:40 GMT

GET
H2 200 roboto_bold-webfont-v297914.woff
pt-static5.orawmstc.com/mstpromo/_common/fonts/ Frame EAD7 87 KB
88 KB 265ms
127ms Font
application/font-woff 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static5.orawmstc.com/mstpromo/_common/fonts/roboto_bold-webfont-v297914.woff
Requested by: Host: pt-static5.orawmstc.com
URL: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e485cf8605b5490285c439b818a7123f5855c6a3e831b01046c6dc62718bac88

Request headers

Referer: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
Origin: https://pt.potwmora.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:41 GMT
last-modified: Thu, 29 Feb 2024 11:27:18 GMT
server: unknown
etag: "65e06a16-15df0"
x-cache-status: R-HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 89584
expires: Sat, 23 Mar 2024 13:10:41 GMT

GET
H2 200 roboto_regular-webfont-v297914.woff
pt-static5.orawmstc.com/mstpromo/_common/fonts/ Frame EAD7 87 KB
88 KB 387ms
249ms Font
application/font-woff 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static5.orawmstc.com/mstpromo/_common/fonts/roboto_regular-webfont-v297914.woff
Requested by: Host: pt-static5.orawmstc.com
URL: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 866c21d6cada368ff5a8049cb94a899b547fc763068036aacf94be7b24a2a40e

Request headers

Referer: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
Origin: https://pt.potwmora.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:41 GMT
last-modified: Thu, 29 Feb 2024 11:27:18 GMT
server: unknown
etag: "65e06a16-15d5c"
x-cache-status: R-HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 89436
expires: Sat, 23 Mar 2024 13:10:41 GMT

GET
H2 200 PlayfairDisplay-Regular-v297914.woff
pt-static5.orawmstc.com/mstpromo/_common/fonts/ Frame EAD7 113 KB
114 KB 567ms
429ms Font
application/font-woff 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static5.orawmstc.com/mstpromo/_common/fonts/PlayfairDisplay-Regular-v297914.woff
Requested by: Host: pt-static5.orawmstc.com
URL: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 00ae7fd44720434a5e84bdbebd7a68f0b7eb5dff1a0bba9b2c6dbbe8e6b926fb

Request headers

Referer: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
Origin: https://pt.potwmora.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:41 GMT
last-modified: Thu, 29 Feb 2024 11:27:18 GMT
server: unknown
etag: "65e06a16-1c5e0"
x-cache-status: R-HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 116192
expires: Sat, 23 Mar 2024 13:10:41 GMT

GET
H2 200 roboto_medium-webfont-v297914.woff
pt-static5.orawmstc.com/mstpromo/_common/fonts/ Frame EAD7 69 KB
69 KB 562ms
425ms Font
application/font-woff 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static5.orawmstc.com/mstpromo/_common/fonts/roboto_medium-webfont-v297914.woff
Requested by: Host: pt-static5.orawmstc.com
URL: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: bbd509f42e1a66e91e73bb195a7a837284c1ace0d35eddae02a52877ea20f149

Request headers

Referer: https://pt-static5.orawmstc.com/mstpromo/ba/matchmaker/styles/match-maker-v297914.css
Origin: https://pt.potwmora.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:41 GMT
last-modified: Thu, 29 Feb 2024 11:27:18 GMT
server: unknown
etag: "65e06a16-11228"
x-cache-status: R-HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 70184
expires: Sat, 23 Mar 2024 13:10:41 GMT

GET
H2 200 fmilmpoxrc Show response
www.clarity.ms/tag/ Frame EAD7 675 B
1 KB 208ms
90ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/fmilmpoxrc?ref=gtm2
Requested by: Host: youareso.com
URL: https://youareso.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 127a2dcc8e162f3566f0050d8c08bd2337c9064005935e8dc46f657e6aeab1e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: -1
date: Sat, 09 Mar 2024 13:10:41 GMT
x-azure-ref: 20240309T131041Z-9bgfrrkd711et5anx5mqty25nw00000000ug000000004eeb
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 675
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame EAD7 52 KB
21 KB 329ms
181ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Mar 2024 11:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4739
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 09 Mar 2024 13:51:42 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ Frame EAD7 204 KB
75 KB 95ms
94ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1007793848&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d590f90318cbc3eb3a31d3e40c1e311bcfd1635943940930fbd20bbdd074020d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76251
x-xss-protection: 0
last-modified: Sat, 09 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Mar 2024 13:10:41 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame EAD7 45 KB
13 KB 197ms
58ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 09 Mar 2024 13:10:40 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B1D6529D6AC249BC8C27D9131A6AC9C8 Ref B: MIAEDGE2809 Ref C: 2024-03-09T13:10:41Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame EAD7 215 KB
58 KB 324ms
161ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: youareso.com
URL: https://youareso.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Mar 2024 13:10:41 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=12, mss=1294, tbw=2767, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: hAdRpCGs9m84JAh7vs27pMgspGtJS/xVZYmxA/LOMWfk2Flt3Ku2u73d0AEKvPHPcC/gaQVsojmGl9g6OCkEOw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1007793848/ Frame EAD7 2 KB
2 KB 303ms
83ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007793848/?random=1709989841350&cv=11&fst=1709989841350&bg=ffffff&guid=ON&async=1&gtm=45be4360z876220651za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpt.potwmora.com%2Fmatch%3Fpsid%3Dkikdirty%26psprogram%3Dpps%26pstool%3D610_1%26cobrandid%3D%26campaign_id%3D126656%26subaffid%3D%7BSUBAFFID%7D&ref=https%3A%2F%2Fyouareso.com%2F&top=https%3A%2F%2Fyouareso.com%2F&hn=www.googleadservices.com&frm=2&npa=0&pscdl=noapi&uamb=0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1007793848&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a78300d67e1ba0b1f572688325d74da6fa59109ec938420db05f36ee021621b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 13:10:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.23/ Frame EAD7 60 KB
25 KB 553ms
553ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.23/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fmilmpoxrc?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 99cc7e38bd1cebb323caec6c6044867d48645133ac1e457f46bf986e360b52e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:41 GMT
content-encoding: br
last-modified: Thu, 07 Mar 2024 11:18:26 GMT
etag: W/"0x8DC3E984F270C4F"
vary: Accept-Encoding
x-azure-ref: 20240309T131041Z-9bgfrrkd711et5anx5mqty25nw00000000ug000000004eek
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 84dbff3f-801e-0077-5c84-70fb4f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 205589434897536 Show response
connect.facebook.net/signals/config/ Frame EAD7 54 KB
12 KB 572ms
570ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/205589434897536?v=2.9.148&r=stable&domain=youareso.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90d3605b79be486c3f56493677cf436fc5905c66d229f02c7046d199c36ec508

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Mar 2024 13:10:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=75, rtx=0, c=46, mss=1294, tbw=62440, tp=-1, tpl=-1, uplat=501, ullat=1
pragma: public
x-fb-debug: YyjIYQYwCifFTZBj0ZtsMFolzIgqFqfoK2+075Wh17xhJ5t+gpebgRItQNAXUYJsbaEn37kF0Eyego0pHFUwEw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1007793848/ Frame EAD7 42 B
455 B 613ms
84ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1007793848/?random=1709989841350&cv=11&fst=1709989200000&bg=ffffff&guid=ON&async=1&gtm=45be4360z876220651za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpt.potwmora.com%2Fmatch%3Fpsid%3Dkikdirty%26psprogram%3Dpps%26pstool%3D610_1%26cobrandid%3D%26campaign_id%3D126656%26subaffid%3D%7BSUBAFFID%7D&ref=https%3A%2F%2Fyouareso.com%2F&frm=2&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqGUv4XMn-aiAH4B5PAv1Orj55i-XdEQ&random=3899890129&rmt_tld=0&ipr=y

Requested by

Host: pt.potwmora.com
URL: https://pt.potwmora.com/match?psid=kikdirty&psprogram=pps&pstool=610_1&cobrandid=&campaign_id=126656&subaffid={SUBAFFID}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 13:10:42 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ Frame EAD7 0
295 B 216ms
71ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.23/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pt.potwmora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pt.potwmora.com
Date: Sat, 09 Mar 2024 13:10:42 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 /
www.facebook.com/tr/ Frame EAD7 0
269 B 698ms
67ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=205589434897536&ev=PageView&dl=https%3A%2F%2Fpt.potwmora.com%2Fmatch%3Fpsid%3Dkikdirty%26psprogram%3Dpps%26pstool%3D610_1%26cobrandid%3D%26campaign_id%3D126656%26subaffid%3D%7BSUBAFFID%7D&rl=https%3A%2F%2Fyouareso.com%2F&if=true&ts=1709989842256&sw=1600&sh=1200&v=2.9.148&r=stable&a=gtmss&ec=0&o=4126&fbp=fb.2.1709989842255.363152331&ler=other&cdl=API_unavailable&it=1709989841663&coo=false&eid=b9ad444e-3463-49d9-b9bf-b8fe3b446a34_1709989840889.8&rqm=GET

Requested by

Host: pt.potwmora.com
URL: https://pt.potwmora.com/match?psid=kikdirty&psprogram=pps&pstool=610_1&cobrandid=&campaign_id=126656&subaffid={SUBAFFID}

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=10, mss=1294, tbw=2760, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 09 Mar 2024 13:10:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

c.gif
c.clarity.ms/ Frame EAD7
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5A1D51E4C4224947BD4CA7F44CA64AA6&RedC=c.clarity.ms&MXFR=22F1F7A2A88363B1255FE39FAC836DB2
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5A1D51E4C4224947BD4CA7F44CA64AA6&MUID=34CD677CADF16C9119FF7341AC9D6D0C

42 B
466 B

62ms
59ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5A1D51E4C4224947BD4CA7F44CA64AA6&MUID=34CD677CADF16C9119FF7341AC9D6D0C
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 13:10:43 GMT
last-modified: Fri, 01 Mar 2024 22:53:54 GMT
server: Microsoft-IIS/10.0
etag: "32434d562b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 09 Mar 2024 13:10:42 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 14383BA0B4244B4FA42F821A7DDDDD78 Ref B: MIAEDGE2809 Ref C: 2024-03-09T13:10:43Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5A1D51E4C4224947BD4CA7F44CA64AA6&MUID=34CD677CADF16C9119FF7341AC9D6D0C
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
94 KB 92ms
92ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-41BCQPZXPX

Requested by

Host: youareso.com
URL: https://youareso.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae811cff7867d74f0cffb77a8348a9bce79d718b87c673ce1eef6c9448f7811f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96722
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Mar 2024 13:10:43 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
251 B 141ms
46ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-41BCQPZXPX&gtm=45je4360v9179565771za200&_p=1709989842958&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=354757155.1709989843&ecid=1083831950&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&ec_mode=a&_s=1&sid=1709989843&sct=1&seg=0&dl=https%3A%2F%2Fyouareso.com%2F&dt=Youareso.com%3A%20You%20are%20so%20videos&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=4774
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-41BCQPZXPX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 13:10:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://youareso.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 190ms
71ms Ping
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-41BCQPZXPX&cid=354757155.1709989843&gtm=45je4360v9179565771za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-41BCQPZXPX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 13:10:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://youareso.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 002 Show response
pt.potwmora.com/embed/chat/ 2 KB
2 KB 163ms
163ms Script
application/javascript 216.172.4.213
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.potwmora.com/embed/chat/002?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid={SUBAFFID}&ms_notrack=1
Requested by: Host: youareso.com
URL: https://youareso.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.172.4.213 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: c0bcda41629093a27bcc157526ee6baa80720fc5a7732892d438ab020b40a345

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
server: unknown
access-control-allow-methods: OPTIONS, GET
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-ud-id: ITLMz/24I
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 / Show response
pt.potwmora.com/br/livefeed/207/ Frame 6395 10 KB
4 KB 172ms
171ms Document
text/html 216.172.4.213
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.potwmora.com/br/livefeed/207/?site=oranum&psid=kikdirty&pstool=600_207&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/embed/livefeed/207?site=oranum&psid=kikdirty&pstool=600_207&psprogram=pps&campaign_id=126656&subaffid={SUBAFFID}&ms_notrack=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.172.4.213 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 11fad247886d0f80cae2f57a9902bbc91a858895f533698802de7a6f670222aa

Request headers

Referer: https://youareso.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 09 Mar 2024 13:10:43 GMT
server: unknown
vary: Accept-Encoding
x-ud-id: kM9eN/bR8

GET
H2 200 / Show response
pt.potwmora.com/br/chat/002/ Frame 9B62 12 KB
4 KB 171ms
167ms Document
text/html 216.172.4.213
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.potwmora.com/br/chat/002/?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/embed/chat/002?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid={SUBAFFID}&ms_notrack=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.172.4.213 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: b741388184a340e5b2e6ea249dabded81b97dbe8e6dab5abde0657f376ffe063

Request headers

Referer: https://youareso.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 09 Mar 2024 13:10:43 GMT
server: unknown
vary: Accept-Encoding
x-ud-id: cpu4y/glC

GET
H2 200 / Show response
pt.potwmora.com/br/chat/002/ Frame CB6B 12 KB
4 KB 311ms
309ms Document
text/html 216.172.4.213
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt.potwmora.com/br/chat/002/?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/embed/chat/002?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid={SUBAFFID}&ms_notrack=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.172.4.213 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 0cd36e701e26e6fe00fd7d01a7ee3a970ddc7318a7683c9c5c9f6c0db8663fae

Request headers

Referer: https://youareso.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 09 Mar 2024 13:10:43 GMT
server: unknown
vary: Accept-Encoding
x-ud-id: 3ruLn/QKU

GET
H3 200 octanes-origin-story-is-an-inside-jokee29d97efb88ftitanfall-f09f9189f09f8fbb-apex-legends-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 8 KB
8 KB 211ms
210ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/octanes-origin-story-is-an-inside-jokee29d97efb88ftitanfall-f09f9189f09f8fbb-apex-legends-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ac3184124b26504cae06c24063ccb5857b70d9bc0cd57572127562114f78b6a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 02:51:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PUYFlmIewM213Ovo%2B3LBd%2B9dLy%2FDtOki%2FHNScinVzLhqF05EoMcG2DXcrkjQiR%2BV5U9TzoQ2D%2FjVem8rlOalHKJrZGhdPKM8D1p6Md9W6vAlJZc7K4F5kdQHNYFVndz4zlYbxlZSlx%2BR09U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e884afc572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 young-ronaldo-in-fifa-23-shorts-fifa-fifa23-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 5 KB
5 KB 206ms
204ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/young-ronaldo-in-fifa-23-shorts-fifa-fifa23-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 859fb645ace051ee4b91f3ecc4c847c642d8c8bb73829a78c6e7cc56b029e3d7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 02:50:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fo745%2Bt%2BqGctJj3SyOMjWQZRaw1TFIb2Sv4sz%2BOQtQd1zdZhjVeZ%2Bz%2FBl7IHeC72ID0H%2BUZKJ%2Bj8SlaJJo%2Bd2CA%2F7I%2BHE6rLutdfevpjoNjvS8qFm0tATaameRWmRFh5F1BpJcxVpcCpalc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e884afd572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 final-fantasy-vii-rebirth-trailer-del-summer-game-fest-2023-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 14 KB
14 KB 259ms
255ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/final-fantasy-vii-rebirth-trailer-del-summer-game-fest-2023-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34cd1093e1cf7e02a288f6011e9bdc53605c71a52bf5ae880f0017065743b116

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 04:12:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcXtBUW%2FfBr1psA1K72ktpq0OGSl0QHeBVnneJRNhQZnTfyjMfZ3QRKZO8o9wdmqTCdQu2sIjJssiSkZtHnKU8g5%2BcIf0BfgIp%2BHMlNzt5nPIZqrAm82kZgC65j7XMMsLJfrn6ZLp0ZB3SI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b01572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 boywithuke-long-drives-lyrics-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 6 KB
7 KB 210ms
204ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/boywithuke-long-drives-lyrics-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad3f411373401df3b9e9b718106abd1915ef1155d2c9ae047298b56e31aec627

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Thu, 07 Mar 2024 16:39:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6w2ndKVnTqkEjU1oXKTW64Zbh3miLuyUG78%2BSTiVU2Afra69HWnB4GLBWBHCXpeopPER7JysaSSFg0WC%2FqIJkETe5v5H02abNBuUHm3xs2DVCw1Z2ygV8og4tv51net%2F%2F4rTCethRcux%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b04572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 destroying-castle-clash-rank-1-might-player-base-in-gw-castle-clash-castleclash-cbcevent-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 17 KB
17 KB 259ms
253ms Image
image/jpeg 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/destroying-castle-clash-rank-1-might-player-base-in-gw-castle-clash-castleclash-cbcevent-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fcb68ebd91a5140a33749dab8de8938506a1e7f521db7369cecd325ffdf0121

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 04:02:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65ebdf55-4406"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BTyNr3bQulkURKfNEFxyfz1Ip%2FSoedcVnwaExTusXt9wVizQ51FEgp1t5aCWE9SbInUxoi2JCmzFuivWkI1g6vY2yTMyYJIm2NRCEjOueT%2B0JW6uLfWaC2JLm12syz7Y0sllSI1ee%2BdWA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: private, max-age=10368000
accept-ranges: bytes
cf-ray: 861b4e885b08572a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 17414
expires: max-age=A10368000, public

GET
H3 200 f09fa5b0-marinetta-viral-dance-tiktok-shorts-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 7 KB
7 KB 228ms
222ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/f09fa5b0-marinetta-viral-dance-tiktok-shorts-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa109961abd71a248ec305807a2782a7016f4f90d0fbbdae8e28b5270b6438de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Thu, 07 Mar 2024 16:27:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBrAm%2B25dbNYe1VfJ%2FkHmFwYLaLOc2QafPUpYmtSU0gvZW0d5BAzLvVaLW1%2F3EmT9MM92j0B24dchkjN5s2hNz%2BsgFliJQHvOzFZqetitV%2Fj3FDLSnXCCkBiYO5BdBYKN8c1YSJNujH303Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b0a572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 cute-baby-watching-funny-tiktok-f09fa4aaf09f9898-shorts-diary-of-4-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 10 KB
10 KB 216ms
210ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/cute-baby-watching-funny-tiktok-f09fa4aaf09f9898-shorts-diary-of-4-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c1815d8cef06e07d4370f679f242aff03a1151bac86ead4284928597a1f2639

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 05:06:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8u%2BRKmZ3jp31bY9Upzx9Jh6L73evEfWxcga4m68GyR1QnMJ2zlENkZXNvMAc9C994RPFY1b1B4T1rK3vffxvpKgd2o%2B6UTSSAe3Bc0cY4CLatzjNq8LDz8tJXAe6aVYkEZaAAdZzgsl5hU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b0d572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 justin-bieber-mistletoe-official-music-video-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 9 KB
10 KB 229ms
223ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/justin-bieber-mistletoe-official-music-video-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6f4f2aa0e35daddfc547925377afa7655b3813768f67437016700bf1e5b2b91

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Thu, 07 Mar 2024 23:11:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JZbAy9B7MnlhpU83bOSOgLtcP4H%2B1VDA7tL9MEXFCr68nSNPJiF3JwUMxpDhqyjhVtaXefNguVCgs8sPV%2BeTBiNs92h4sFrMbPSPZPNXnx7teR7qYZ6fu3mDH40omGTis%2BNwPSeIBUeQ1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b0e572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 f09f929c-f09d91b7f09d9296f09d9293f09d9291f09d928df09d9286-f09d9299-f09d91b7f09d928af09d928ff09d928c-f09f9296-e2889e-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 4 KB
5 KB 239ms
234ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/f09f929c-f09d91b7f09d9296f09d9293f09d9291f09d928df09d9286-f09d9299-f09d91b7f09d928af09d928ff09d928c-f09f9296-e2889e-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5077627cfca0a180feec8ac89489c9eb202f786a296cc6d4704fa889caa70589

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 01:49:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BzsPWRLmwuCTtgnDtI%2Bj42CY%2Bjd1lHnY7kr5szTmIVqdffCmvlQj3yiebetpuEc2WWAPv1As6VSTwX5EGaCQIBvSN02O%2FX9iPxNJBTPfkLuGINxBAz8okoQ7KbkQi%2FPb02Jdw8I06sdAkTk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b0f572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 f09fa5b9-cat-cats-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 5 KB
6 KB 210ms
204ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/f09fa5b9-cat-cats-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 189b6528de226714dd55dd864a68abb16eae56e859208354ba2f5a7a5635c2ad

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Thu, 07 Mar 2024 16:30:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8WlexDa5j85XUL2BlFqoLlPQ7rSv2ZaqGE5XyJqiJQBw2dU2n4XdYIhAXOUCEvEvlIx8KEM92hcoNu9CpqiTujpdnU0zIlcu4d8dXp2va1ZqcGkGiwNzZyHuIjIVQ0Cpqvb7wm6vRl89SY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b10572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 sieges-darkest-easter-egg-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 5 KB
6 KB 215ms
209ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/sieges-darkest-easter-egg-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 283c3986e9c4b63b4b694bf32b10b9ff91d87ff4c77765983f3c55d69fd9c3e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 04:37:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUgNgWjSC7HCIgo6m64%2FqCX2CPJnFL%2BolOCI1PvClRch19guuLPlw4bbxo0sHhtLwABYetyRbwyyYOmxjTnyZvHeXD9hsMYve8DK8xEhp43USzQ1Fv16og8cGbDsGLZ%2F1EIEOazDUyMO4ng%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b11572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 anne-wilson-strong-official-performance-lyric-video-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 7 KB
8 KB 187ms
182ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/anne-wilson-strong-official-performance-lyric-video-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cf48d1a60e1c95dde71b47c68aef81b4331db9ea04dc47c0004d9b341f499d9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Thu, 07 Mar 2024 16:39:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Q8qSw6PTBJuFcjbxvppIOIDxRyn%2FxU4I42BmfbN3OJchJk0vTgBU8Xzj2foMixSzOnV2v%2B%2BE1F2HRatA%2FY7wQeaQU6jqG9R8LT%2B8hGwHvIiHQuUBhbHvRD%2F7wl3ePWZ8Fb7sdeDrirx9Lg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b12572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 whitney-houston-clean-bandit-how-will-i-know-official-video-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 7 KB
8 KB 215ms
210ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/whitney-houston-clean-bandit-how-will-i-know-official-video-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d78582ad924c4c6f893222bbb9d19d6c92a4b9b649a638a4ce75648832e88b7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Fri, 08 Mar 2024 00:46:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfGAwtKqyL4IAHuV4SgGe3u%2B2hcpm83ffMIwt1dH3MoG5fcIogrCHgmJtfFPHMa135vTJxj6u1iCxd3oGkUPLCTPGacqA7jdi0LM%2BLGe44jVH6mKxOK4jd4AkKlIsj7lyrf2iG6LbCNG2pY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b13572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 yesterday-with-spoken-word-intro-live-from-studio-50-new-york-city-1965-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 4 KB
5 KB 239ms
234ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/yesterday-with-spoken-word-intro-live-from-studio-50-new-york-city-1965-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad8ad4db27cc402427f4ea7b8b91e3cfe73f48a80952c00f99ad004501f8b353

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Thu, 07 Mar 2024 23:33:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bn3DcKiLhRz0Epp0qml9D8Zyoc4ChVmlDgm%2FNWEWFGht07bAm%2F%2Fbu2ScQ%2F7uZ7vUUumCXCjHNnmHUcf3%2B3om%2FCQXKhaS3fkIZNIFq%2BV6t105YHnqs%2FMjlYMeJcoJHc3UEQkBDQJwnLcHbzY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b14572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 lots-of-unblocked-games-and-proxies-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 5 KB
5 KB 240ms
236ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/lots-of-unblocked-games-and-proxies-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a483c7a2d443572e19858c2d85adda0a1e5785fa75d6d7c396a1630618a0392b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 03:52:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdN3kHyAvj7jzNIrGhxIpx7RPkkxyVSydP76mIbQzeHK7Uro%2BwO7sj%2FuTEpmOtooiD%2BDrd9pT0LmPMlZggHwbmWTrp27mv4%2FZzjc%2BIJcbczrHJja73bbmCo1pFN075RWf3zDt%2FMedDek864%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b15572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 fifa-23-official-launch-trailer-matchday-for-the-worlds-game-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 7 KB
7 KB 193ms
189ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/fifa-23-official-launch-trailer-matchday-for-the-worlds-game-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8775b76b83f95844bebc82807c57e7a2bf29d0371ec3e5feef7380e522f4a3e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 02:19:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSDX20SnrxuwKyL9X%2BeOmWsiP8R9seqr2JyPXoekjpaUv5x5%2FRhc0%2FhwqCPbBxdw0m5lep9Pj%2FeWONWLELt7V%2FmIOpJE9k8VtVKIyE0xoXOYU1KVk8ylR7TA2jSbu%2FiSQv0VK4WD%2BY2SWfU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b16572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 il-cielo-in-una-stanza-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 6 KB
6 KB 241ms
236ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/il-cielo-in-una-stanza-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26fd6095bea5e12039a16c0feb7d89281c7034d1f821a160e4fd7a02b9eacdcf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Thu, 07 Mar 2024 22:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ng7cxDgkFWvpOaGZl85vVf5nMrFk5R2SYJY7wgp3ZGp%2BSIwpXBwqARnQo0vwNqwns2xpW59n0ezbsU6f57RF6b8kXvxhlI4ezeyW7917X5OEviXlxI1Jl1vBddN3JDXh%2B%2Fpsx1iD4Yejrc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b18572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 top-tier-strategies-baldurs-gate-3-ep-7-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 16 KB
17 KB 261ms
256ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/top-tier-strategies-baldurs-gate-3-ep-7-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 963e8b753cac6b04cf64359b99f69d5625736cd7ad805b2940b4df5d6915f105

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 02:56:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OPc%2B%2BYegPdAKT2m9OydtNsLtXXLfe2FgMS%2Bsx%2F0qtpdZSuyVCDWShhF0NOZgW1xWfHs0ItMQX8adYbYr5Gs%2Bpl0nkcKQAdyjjlcg2Ho%2Bsni6w%2F%2F%2BI6zJzW72E4Y8kcOWt8H%2F6K9%2FVVfmrE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b19572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 eng-sub-bts-yet-to-come-in-cinesmas-coming-to-theaters-mbcnews-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 17 KB
17 KB 271ms
267ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/eng-sub-bts-yet-to-come-in-cinesmas-coming-to-theaters-mbcnews-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86046b15b2b4086fa22930c7d0c79796a7cd7fc01b60c8bc8e3e32285814a6d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 05:10:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mscsc99aXqRePjo0lf8UtWZsBcpCuWC%2F2vm3nPv7kgH6p%2BfID0012qaET09L58QDr7t9rGkAR96RVVeVrhj2MgJBKfzKlgr2jpuep18xSie7NFO0lTsczgbRb3FabrbduUWIdhIHAX0OMs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b1b572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 sierra-and-rhia-got-a-new-pet-fish-guess-the-name-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 12 KB
13 KB 261ms
257ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/sierra-and-rhia-got-a-new-pet-fish-guess-the-name-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 358152014ea5023bf478ba73787ab3d2ca6d8fc277f453fb792889ac998da725

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 05:02:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ENIMWuZrNwU0MZKd8lbecn%2FP%2FrpOUmqnY1aOrNRoj9Ix5ntvM4VBbn0zvPnwYqWJfoUxaPhKehvBr0TUn9OgHnvvK5SpdGK5x1C9QGH9QynqFROSzHm%2FzAROV86fyF8pEvWy%2FU6YexFkAI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b1d572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 the-amazing-digital-circus-characters-as-memes-f09fabb6f09f8fbb-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 10 KB
11 KB 241ms
236ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/the-amazing-digital-circus-characters-as-memes-f09fabb6f09f8fbb-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7742c6c03f14804cfea8aedf7b719d6698a7c1f593c900bf4fdc6bdac75a20

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Thu, 07 Mar 2024 16:32:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moj4gBop6ImtdMKZvS0jnvQQZbfiTkrU0GKPaDBG4oD1GRnFhkK2FTFtrZKWO2DFoOCgdgyOKwYbQnQFJmv32bnbBvScdqLsa%2FBQ2dgCuM0nPcw%2FG8KtVFdFJZnQq1ZoUvxivAcXlvEykQ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b20572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 i-created-my-own-mobile-game-for-20-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 5 KB
5 KB 241ms
237ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/i-created-my-own-mobile-game-for-20-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b020c3832897ad73da648063dc81507e0d2c275e1ad243757b33ad6010d5226

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 01:22:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2vChaTfeUywIp7h24%2BAS9HdTXdlvbwN75173u92qrjN4xk%2FNOfxX7HYnrjIUVAu5DTnSuBNiCyg7QdrYaY33K6ZpN%2BewfSjTw8yUbzABO0v44MF68cXV3hIHqT59wh4uTj07B7l0i2pbAg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b21572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 connor-price-smooth-lyrics-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 9 KB
10 KB 241ms
237ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/connor-price-smooth-lyrics-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86ab9f94a096172ade9f6a75ea3133bfe57993a739f2562c94c6725719bb7249

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Thu, 07 Mar 2024 16:38:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46I7n8aBC2ngV4Mvh3y6P5A9GqSDPSXNpjqcqBpuCsvIRtLdd7FYOKLfZbM22YOI6JqDygGsjtoIqz4KJ11BDV7u3IKd7wGyJjhQCkCQKSuVM1IYzzEIcOM%2B0bvBN3XYyOOmkAtmkyNiazk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b22572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 how-to-unblock-all-websites-on-a-school-chromebook-2024-1-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 11 KB
11 KB 244ms
241ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/how-to-unblock-all-websites-on-a-school-chromebook-2024-1-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 369a6d638f470e9978663042f862fc82ea2610b312c3396da4c7865c83dd6b48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 03:55:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zS2m9bkYeFZRljoEZRdaXXhRDxebWUOJ74KnRZWrdoTbyZgWl0icVsx6jk46n%2FijX8oY3%2BIOCSArEnczk4BUgjmfTiilCmTtbWgha0zMxQUdYIMCIEceG3ynzXkv63eUoFu44yh6W7cxMM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b23572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 supermode-tell-me-why-meduza-remix-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 6 KB
6 KB 273ms
270ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/supermode-tell-me-why-meduza-remix-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89610af90239b7c3dc167e62030dbc77b0769301a98c1e6c2d8b8e2801e42da5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Thu, 07 Mar 2024 23:58:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PCZB%2F5r27K3pKyp0ZhurM9GDBQdgXvxKOS0AGKBsLHPgkyBwd3YQevU7rkeKjjpUT00IXuCCSCByVvIOs9FrS0AHWbmCTE9nLIxIWxVQckT7um0pdUfzieqXmCaTAdyFWDeZh6HJkhDNd0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b24572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 madonna-showed-up-to-remas-show-in-new-york-f09fa4af-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 7 KB
7 KB 274ms
271ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/madonna-showed-up-to-remas-show-in-new-york-f09fa4af-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dcbae8cd86ad3b6b24cc91c29799aeededc39921e53663679f9cb27f9f3fd66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Thu, 07 Mar 2024 23:09:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akCGW37ggV1rkdErGH08rQRuHSXjBdOxQq8ySLlXpq1Q22SZI0UQjaEJELCfZK885z%2FXwf5BNU2cD2iKXcPxCXKDIeo4888EK90tjPcF5pnfkrruZhUIIa02waryZMbYy5WdZGMr7KAOXW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b25572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 characters-will-fight-even-underwater-in-gta-5-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 4 KB
5 KB 274ms
271ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/characters-will-fight-even-underwater-in-gta-5-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57ae72a28dd9a3ae9be21ef826843f87b52c91bbc043b0fd575ea4300daedfe3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 01:35:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2B94Bx6mkBkRPWVyjhfvVqfEqxHWGe6MyehMF0XBZYmkC3G%2FHzk8XYhe2bEWDtBgrUMhJAwxpgOTsA7ct%2F1wgO0e%2FstxWsnCFZLFXeLWCIzhkawYkMtGsvm4AOhw9JBARYnU6hw%2BWedv3Wc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b27572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 agame-agame-com-kizi-games-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 7 KB
7 KB 274ms
271ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/agame-agame-com-kizi-games-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35e8b73850af3a82b11248c3ded362318e43dade678b7e1b8890e78a308240c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 03:58:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JP41phIwW2PsEjr2sbtZAPrSv4UpptP5LnWtkR46waaFrrNkExVJtSAn0pza8VUKmfaINOoCR2YpEUNQXdsSoM1q7oR0eOb%2F6%2FneyGZ45B48sTymsL5PScxie6zgYhwnNhLTzXV0wd3Ba3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b28572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 beyonce-alien-superstar-official-lyric-video-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 2 KB
2 KB 186ms
183ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/beyonce-alien-superstar-official-lyric-video-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3d1236219691ce9285aea209821cac22e079c4bd126d87ebb85e170fb1449bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Fri, 08 Mar 2024 00:37:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sR6p7QGSPZwIsyaoHcQ8KcemNWiwODPvwqibDBgkmvu%2FvPf79fXFeFKrF7pPvC3xp7xfKVcamND2umbq1KQhjxzmUETQBfrzKlTBvLYkfmuQqAr0Liwr8qXpDsYWLEr6x%2BsNTJ4FppOQhs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b29572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 jason-aldean-1994-music-video-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 9 KB
10 KB 275ms
272ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/jason-aldean-1994-music-video-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e81fd08c1cc8f6ac51c98a9aedbc54119ef1a632f57b986beb6c18e5929153d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Thu, 07 Mar 2024 23:11:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YyqVYONJTFS27sFsCYuVmwUg%2FTDnfFRbiS2VjZGBBD1XTEBMnGn9wQEWmwTccCtT%2BvbtFHvYrjfqMvligS8qn8zcj%2Bldw1EmuAm5WuF6g23glMem3yHru69CxpjHw0M9uRPsRJnZRXEZg1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b2b572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 boss-fight-in-god-of-war-ragnarok-animation-320x180.jpg
youareso.com/wp-content/uploads/2024/03/ 14 KB
14 KB 283ms
280ms Image
image/webp 2606:4700:3030::6815:2d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://youareso.com/wp-content/uploads/2024/03/boss-fight-in-god-of-war-ragnarok-animation-320x180.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::6815:2d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8afc3f2d56ad5f19e8d2d40a992bee125303be4e1d5100e6aa015ba1bd92b92e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://youareso.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
cf-cache-status: BYPASS
last-modified: Sat, 09 Mar 2024 02:17:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVis0dRl4bdO%2BfTwVAU5De06zyTuuAwRFNoHcQjoUY2wrGmdmXy1l7bQZGcZK9aEoCxW6bVcyeT5Z8%2BFwomTScYsUOyqbJCDvsxOvgF41llEk8H1sxRDzueYTXGd3amNQ0NfhurPehAM2gw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: private, max-age=10368000
cf-ray: 861b4e885b2d572a-MIA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 livefeed_207-v297914.css
pt-static3.orawmstc.com/mstpromo/legacy-tools/livefeed/css/ Frame 6395 34 KB
11 KB 66ms
65ms Stylesheet
text/css 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static3.orawmstc.com/mstpromo/legacy-tools/livefeed/css/livefeed_207-v297914.css
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/br/livefeed/207/?site=oranum&psid=kikdirty&pstool=600_207&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 792518916e29c9e8f588f8aebfe6bb1825c249cde0fbbea0f4a334ff939bb28e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 11:27:19 GMT
server: unknown
etag: W/"65e06a17-8806"
x-cache-status: R-MISS
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Sat, 23 Mar 2024 13:10:43 GMT

GET
H2 200 advertisement-v297914.js Show response
pt-static3.orawmstc.com/mstpromo/_common/script/adblock/ Frame 6395 21 B
276 B 63ms
62ms Script
application/javascript 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static3.orawmstc.com/mstpromo/_common/script/adblock/advertisement-v297914.js
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/br/livefeed/207/?site=oranum&psid=kikdirty&pstool=600_207&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:43 GMT
last-modified: Thu, 29 Feb 2024 11:27:18 GMT
server: unknown
etag: "65e06a16-15"
x-cache-status: R-HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21
expires: Sat, 23 Mar 2024 13:10:43 GMT

GET
H2 200 freechat-v297914.js Show response
pt-static5.orawmstc.com/mstpromo/legacy-tools/chat/script/ Frame 9B62 454 KB
153 KB 131ms
130ms Script
application/javascript 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static5.orawmstc.com/mstpromo/legacy-tools/chat/script/freechat-v297914.js
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/br/chat/002/?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 5a628ff72d2e0badae7b85e8d489ef92239f5b242b03a14a242618202957460d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 11:27:19 GMT
server: unknown
etag: W/"65e06a17-71938"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Sat, 23 Mar 2024 13:10:43 GMT

GET
H2 200 chat_002-v297914.css
pt-static3.orawmstc.com/mstpromo/legacy-tools/chat/css/ Frame 9B62 12 KB
5 KB 127ms
126ms Stylesheet
text/css 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static3.orawmstc.com/mstpromo/legacy-tools/chat/css/chat_002-v297914.css
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/br/chat/002/?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 2b1102dc6ac5e244c375ecc6a989c42202739a58f27be9e1ab9466f0ae9bcba3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 11:27:19 GMT
server: unknown
etag: W/"65e06a17-3198"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Sat, 23 Mar 2024 13:10:43 GMT

GET
H2 200 advertisement-v297914.js Show response
pt-static3.orawmstc.com/mstpromo/_common/script/adblock/ Frame 9B62 21 B
276 B 128ms
127ms Script
application/javascript 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static3.orawmstc.com/mstpromo/_common/script/adblock/advertisement-v297914.js
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/br/chat/002/?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:43 GMT
last-modified: Thu, 29 Feb 2024 11:27:18 GMT
server: unknown
etag: "65e06a16-15"
x-cache-status: R-HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21
expires: Sat, 23 Mar 2024 13:10:43 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 6395 346 KB
109 KB 109ms
109ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Requested by

Host: pt.potwmora.com
URL: https://pt.potwmora.com/br/livefeed/207/?site=oranum&psid=kikdirty&pstool=600_207&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31105db42a75717dcb99ac0ed0d652db26796762d41efcfa07754fe6c6eada36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111155
x-xss-protection: 0
last-modified: Sat, 09 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Mar 2024 13:10:43 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 9B62 346 KB
109 KB 116ms
115ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Requested by

Host: pt.potwmora.com
URL: https://pt.potwmora.com/br/chat/002/?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9985ca01d81ceea7256e84356f799b9926d699fe28325d5c108b0e1725be5bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111098
x-xss-protection: 0
last-modified: Sat, 09 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Mar 2024 13:10:43 GMT

GET
H2 200 livefeed-v297914.js Show response
pt-static5.orawmstc.com/mstpromo/legacy-tools/livefeed/script/ Frame 6395 449 KB
151 KB 84ms
82ms Script
application/javascript 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static5.orawmstc.com/mstpromo/legacy-tools/livefeed/script/livefeed-v297914.js
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/br/livefeed/207/?site=oranum&psid=kikdirty&pstool=600_207&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 6c3b74de4d063cfa2e569feb5c921afd175a1bc0a49226cf54f7a87ab0682789

Request headers

Referer: https://pt.potwmora.com/
Origin: https://pt.potwmora.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 11:27:19 GMT
server: unknown
etag: W/"65e06a17-70406"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Sat, 23 Mar 2024 13:10:43 GMT

GET
H2 200 freechat-v297914.js Show response
pt-static5.orawmstc.com/mstpromo/legacy-tools/chat/script/ Frame CB6B 454 KB
153 KB 166ms
162ms Script
application/javascript 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static5.orawmstc.com/mstpromo/legacy-tools/chat/script/freechat-v297914.js
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/br/chat/002/?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 5a628ff72d2e0badae7b85e8d489ef92239f5b242b03a14a242618202957460d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 11:27:19 GMT
server: unknown
etag: W/"65e06a17-71938"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Sat, 23 Mar 2024 13:10:43 GMT

GET
H2 200 chat_002-v297914.css
pt-static3.orawmstc.com/mstpromo/legacy-tools/chat/css/ Frame CB6B 12 KB
5 KB 67ms
63ms Stylesheet
text/css 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static3.orawmstc.com/mstpromo/legacy-tools/chat/css/chat_002-v297914.css
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/br/chat/002/?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 2b1102dc6ac5e244c375ecc6a989c42202739a58f27be9e1ab9466f0ae9bcba3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: gzip
last-modified: Thu, 29 Feb 2024 11:27:19 GMT
server: unknown
etag: W/"65e06a17-3198"
x-cache-status: R-HIT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1209600
expires: Sat, 23 Mar 2024 13:10:43 GMT

GET
H2 200 advertisement-v297914.js Show response
pt-static3.orawmstc.com/mstpromo/_common/script/adblock/ Frame CB6B 21 B
276 B 69ms
66ms Script
application/javascript 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static3.orawmstc.com/mstpromo/_common/script/adblock/advertisement-v297914.js
Requested by: Host: pt.potwmora.com
URL: https://pt.potwmora.com/br/chat/002/?site=oranum&psid=kikdirty&pstool=605_002&psprogram=pps&campaign_id=126656&subaffid=%7BSUBAFFID%7D&ms_notrack=1&category=oranum_broadcaster
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:43 GMT
last-modified: Thu, 29 Feb 2024 11:27:18 GMT
server: unknown
etag: "65e06a16-15"
x-cache-status: R-HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 21
expires: Sat, 23 Mar 2024 13:10:43 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame CB6B 346 KB
109 KB 134ms
133ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ca8c7808229071724898b2842e82a07598004e03c62b4d67938d18139c05509e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111157
x-xss-protection: 0
last-modified: Sat, 09 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Mar 2024 13:10:43 GMT

GET
H2 200 fmilmpoxrc Show response
www.clarity.ms/tag/ Frame 6395 588 B
842 B 86ms
85ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/fmilmpoxrc?ref=gtm2
Requested by: Host: youareso.com
URL: https://youareso.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 40a19ca2d0c1fbc93f6d6734a84c276758f6356e43d9169b810f96ee3f383f98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: -1
date: Sat, 09 Mar 2024 13:10:43 GMT
x-azure-ref: 20240309T131043Z-9bgfrrkd711et5anx5mqty25nw00000000ug000000004ekv
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 588
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 6395 52 KB
21 KB 66ms
64ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Mar 2024 11:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4741
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 09 Mar 2024 13:51:42 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ Frame 6395 204 KB
75 KB 94ms
94ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1007793848&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d590f90318cbc3eb3a31d3e40c1e311bcfd1635943940930fbd20bbdd074020d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76251
x-xss-protection: 0
last-modified: Sat, 09 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Mar 2024 13:10:43 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 6395 215 KB
56 KB 72ms
72ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: youareso.com
URL: https://youareso.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Mar 2024 13:10:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=23, mss=1232, tbw=4315, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: bvdbphOYzNqAssFhSjH3n+PEN4GJEcTpMZ8SUaEoVO0joymEmSR14dTJUhqdcrRio9ytxrw7E+QubpdU42+N4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 search Show response
api-protected.oraprotogw.com/v2/player/performer/ Frame 6395 465 B
586 B 571ms
198ms Fetch
application/json 216.172.4.215
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api-protected.oraprotogw.com/v2/player/performer/search?noRedirect=1&mitigable=1&includeTestAccounts=0&product=oranum&ngs=1&streamType=rtmp&category=oranum_broadcaster
Requested by: Host: pt-static5.orawmstc.com
URL: https://pt-static5.orawmstc.com/mstpromo/legacy-tools/livefeed/script/livefeed-v297914.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.172.4.215 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: edffbbf5d7fd28541dd1b1e619466b44d7e2a4696055bf8fd2b9f4266c7fa838

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:44 GMT
content-encoding: gzip
server: unknown
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type

GET
DATA 200
OK truncated
/ Frame 9B62 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca8a748f82290bc53e159360fc510c0280cceb02cf381be01147a7ac34c4c9ad

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 roboto_regular-webfont-v297914.woff2
pt-static3.orawmstc.com/mstpromo/_common/fonts/ Frame 9B62 62 KB
62 KB 78ms
77ms Font
application/octet-stream 216.172.4.212
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pt-static3.orawmstc.com/mstpromo/_common/fonts/roboto_regular-webfont-v297914.woff2
Requested by: Host: pt-static3.orawmstc.com
URL: https://pt-static3.orawmstc.com/mstpromo/legacy-tools/chat/css/chat_002-v297914.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.172.4.212 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: a8e3787c057ac5fde150df53d35d12bf1d020732840cbcb3e3c0efa82e076360

Request headers

Referer: https://pt-static3.orawmstc.com/mstpromo/legacy-tools/chat/css/chat_002-v297914.css
Origin: https://pt.potwmora.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-cdn-node: usnyc
date: Sat, 09 Mar 2024 13:10:43 GMT
last-modified: Thu, 29 Feb 2024 11:27:18 GMT
server: unknown
etag: "65e06a16-f764"
x-cache-status: R-HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 63332
expires: Sat, 23 Mar 2024 13:10:43 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.23/ Frame 6395 60 KB
25 KB 72ms
71ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.23/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fmilmpoxrc?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 99cc7e38bd1cebb323caec6c6044867d48645133ac1e457f46bf986e360b52e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: br
last-modified: Thu, 07 Mar 2024 11:18:26 GMT
etag: W/"0x8DC3E984F270C4F"
vary: Accept-Encoding
x-azure-ref: 20240309T131043Z-9bgfrrkd711et5anx5mqty25nw00000000ug000000004emh
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 84dbff3f-801e-0077-5c84-70fb4f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 fmilmpoxrc Show response
www.clarity.ms/tag/ Frame 9B62 538 B
793 B 100ms
97ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/fmilmpoxrc?ref=gtm2
Requested by: Host: youareso.com
URL: https://youareso.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 628e3b473b334b156d94669ad80bd948b22be40aee28dd5661f843ff3ea2f709

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: -1
date: Sat, 09 Mar 2024 13:10:43 GMT
x-azure-ref: 20240309T131043Z-9bgfrrkd711et5anx5mqty25nw00000000ug000000004emn
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 538
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 9B62 52 KB
21 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Mar 2024 11:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4741
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 09 Mar 2024 13:51:42 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ Frame 9B62 204 KB
75 KB 94ms
94ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1007793848&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c477609137ebde36ae37903a03c51de5921ae23c4e0372789bae9b8473aee7eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76251
x-xss-protection: 0
last-modified: Sat, 09 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Mar 2024 13:10:43 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 9B62 215 KB
56 KB 69ms
68ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: youareso.com
URL: https://youareso.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Mar 2024 13:10:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=64, mss=1232, tbw=64987, tp=61, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: bvdbphOYzNqAssFhSjH3n+PEN4GJEcTpMZ8SUaEoVO0joymEmSR14dTJUhqdcrRio9ytxrw7E+QubpdU42+N4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 search Show response
api-protected.oraprotogw.com/v2/player/performer/ Frame 9B62 434 B
559 B 501ms
199ms Fetch
application/json 216.172.4.215
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api-protected.oraprotogw.com/v2/player/performer/search?noRedirect=1&mitigable=1&includeTestAccounts=0&product=oranum&ngs=1&streamType=rtmp&category=oranum_broadcaster
Requested by: Host: pt-static5.orawmstc.com
URL: https://pt-static5.orawmstc.com/mstpromo/legacy-tools/chat/script/freechat-v297914.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.172.4.215 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 1f7d60b0f0a7c1bd4b1e95e1117cd3b2db9e9f03e43e1eb6bbb0b9f76f40575d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:44 GMT
content-encoding: gzip
server: unknown
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1007793848/ Frame 6395 2 KB
2 KB 86ms
82ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007793848/?random=1709989843856&cv=11&fst=1709989843856&bg=ffffff&guid=ON&async=1&gtm=45be4360z876220651za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpt.potwmora.com%2Fbr%2Flivefeed%2F207%2F%3Fsite%3Doranum%26psid%3Dkikdirty%26pstool%3D600_207%26psprogram%3Dpps%26campaign_id%3D126656%26subaffid%3D%257BSUBAFFID%257D%26ms_notrack%3D1%26category%3Doranum_broadcaster&ref=https%3A%2F%2Fyouareso.com%2F&top=https%3A%2F%2Fyouareso.com%2F&hn=www.googleadservices.com&frm=2&npa=0&pscdl=noapi&uamb=0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1007793848&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aeae0b4cd71f0ce7360896f1e1b741bdb0e9145f25d0d4041ccfad0560d31b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1388
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 205589434897536 Show response
connect.facebook.net/signals/config/ Frame 6395 54 KB
12 KB 69ms
68ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90d3605b79be486c3f56493677cf436fc5905c66d229f02c7046d199c36ec508

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Mar 2024 13:10:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11920
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=89, mss=1232, tbw=123771, tp=111, tpl=0, uplat=2, ullat=-1
pragma: public
x-fb-debug: YyjIYQYwCifFTZBj0ZtsMFolzIgqFqfoK2+075Wh17xhJ5t+gpebgRItQNAXUYJsbaEn37kF0Eyego0pHFUwEw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 search Show response
api-protected.oraprotogw.com/v2/player/performer/ Frame CB6B 430 B
557 B 355ms
199ms Fetch
application/json 216.172.4.215
DOCLER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api-protected.oraprotogw.com/v2/player/performer/search?noRedirect=1&mitigable=1&includeTestAccounts=0&product=oranum&ngs=1&streamType=rtmp&category=oranum_broadcaster
Requested by: Host: pt-static5.orawmstc.com
URL: https://pt-static5.orawmstc.com/mstpromo/legacy-tools/chat/script/freechat-v297914.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 216.172.4.215 , United States, ASN34655 (DOCLER-AS, LU),
Reverse DNS
Software: unknown /
Resource Hash: 441dd14fbd4728680f619eb802735c5d95eaef95e86e007171e7fc607c7845bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:44 GMT
content-encoding: gzip
server: unknown
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET, POST, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 fmilmpoxrc Show response
www.clarity.ms/tag/ Frame CB6B 587 B
842 B 347ms
347ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/fmilmpoxrc?ref=gtm2
Requested by: Host: youareso.com
URL: https://youareso.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 595399e2689c59f4e949bf2d9ff46ff859044e7df4db0f12efde320afe6ed9e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

expires: -1
date: Sat, 09 Mar 2024 13:10:44 GMT
x-azure-ref: 20240309T131043Z-9bgfrrkd711et5anx5mqty25nw00000000ug000000004emv
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 587
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame CB6B 52 KB
21 KB 121ms
121ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Mar 2024 11:51:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4742
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 09 Mar 2024 13:51:42 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ Frame CB6B 204 KB
75 KB 124ms
123ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1007793848&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1fb7e27199415dcf4808adc9414aadd41177c551224d4ea87c511836eae7f775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76250
x-xss-protection: 0
last-modified: Sat, 09 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 09 Mar 2024 13:10:44 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame CB6B 215 KB
56 KB 123ms
123ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: youareso.com
URL: https://youareso.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Mar 2024 13:10:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=112, mss=1232, tbw=136267, tp=124, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: bvdbphOYzNqAssFhSjH3n+PEN4GJEcTpMZ8SUaEoVO0joymEmSR14dTJUhqdcrRio9ytxrw7E+QubpdU42+N4A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.23/ Frame 9B62 60 KB
25 KB 263ms
263ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.23/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fmilmpoxrc?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 99cc7e38bd1cebb323caec6c6044867d48645133ac1e457f46bf986e360b52e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:43 GMT
content-encoding: br
last-modified: Thu, 07 Mar 2024 11:18:26 GMT
etag: W/"0x8DC3E984F270C4F"
vary: Accept-Encoding
x-azure-ref: 20240309T131043Z-9bgfrrkd711et5anx5mqty25nw00000000ug000000004emw
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 84dbff3f-801e-0077-5c84-70fb4f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H3 200 205589434897536 Show response
connect.facebook.net/signals/config/ Frame 9B62 54 KB
12 KB 128ms
128ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90d3605b79be486c3f56493677cf436fc5905c66d229f02c7046d199c36ec508

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Mar 2024 13:10:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11920
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=112, mss=1232, tbw=195051, tp=174, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: YyjIYQYwCifFTZBj0ZtsMFolzIgqFqfoK2+075Wh17xhJ5t+gpebgRItQNAXUYJsbaEn37kF0Eyego0pHFUwEw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 6395 0
121 B 114ms
113ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=205589434897536&ev=PageView&dl=https%3A%2F%2Fpt.potwmora.com%2Fbr%2Flivefeed%2F207%2F%3Fsite%3Doranum%26psid%3Dkikdirty%26pstool%3D600_207%26psprogram%3Dpps%26campaign_id%3D126656%26subaffid%3D%257BSUBAFFID%257D%26ms_notrack%3D1%26category%3Doranum_broadcaster&rl=https%3A%2F%2Fyouareso.com%2F&if=true&ts=1709989844010&sw=1600&sh=1200&v=2.9.148&r=stable&a=gtmss&ec=0&o=4126&fbp=fb.2.1709989844009.819045704&ler=other&cdl=API_unavailable&it=1709989843866&coo=false&eid=b9ad444e-3463-49d9-b9bf-b8fe3b446a34_1709989843407.5&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=64, rtx=0, c=10, mss=1294, tbw=3108, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 09 Mar 2024 13:10:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1007793848/ Frame 9B62 2 KB
1 KB 115ms
115ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007793848/?random=1709989844021&cv=11&fst=1709989844021&bg=ffffff&guid=ON&async=1&gtm=45be4360z876220651za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpt.potwmora.com%2Fbr%2Fchat%2F002%2F%3Fsite%3Doranum%26psid%3Dkikdirty%26pstool%3D605_002%26psprogram%3Dpps%26campaign_id%3D126656%26subaffid%3D%257BSUBAFFID%257D%26ms_notrack%3D1%26category%3Doranum_broadcaster&ref=https%3A%2F%2Fyouareso.com%2F&top=https%3A%2F%2Fyouareso.com%2F&hn=www.googleadservices.com&frm=2&npa=0&pscdl=noapi&uamb=0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1007793848&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e73860b02a743dd221e8ace408048cac77915d2df983b3661b10c02ad1a99661

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 13:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ Frame EAD7 0
295 B 86ms
85ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.23/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pt.potwmora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pt.potwmora.com
Date: Sat, 09 Mar 2024 13:10:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 /
www.google.com/pagead/1p-user-list/1007793848/ Frame 6395 42 B
108 B 107ms
106ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1007793848/?random=1709989843856&cv=11&fst=1709989200000&bg=ffffff&guid=ON&async=1&gtm=45be4360z876220651za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpt.potwmora.com%2Fbr%2Flivefeed%2F207%2F%3Fsite%3Doranum%26psid%3Dkikdirty%26pstool%3D600_207%26psprogram%3Dpps%26campaign_id%3D126656%26subaffid%3D%257BSUBAFFID%257D%26ms_notrack%3D1%26category%3Doranum_broadcaster&ref=https%3A%2F%2Fyouareso.com%2F&frm=2&npa=0&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqFqfyrANCudPj4z31vhjXMtT5_bzxDWPdVX8DJowOCXIb4eqx&random=2550836699&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 13:10:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ Frame 6395 0
295 B 102ms
60ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.23/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pt.potwmora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pt.potwmora.com
Date: Sat, 09 Mar 2024 13:10:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H3 200 205589434897536 Show response
connect.facebook.net/signals/config/ Frame CB6B 54 KB
12 KB 67ms
67ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

90d3605b79be486c3f56493677cf436fc5905c66d229f02c7046d199c36ec508

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Mar 2024 13:10:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 11920
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=85, rtx=0, c=112, mss=1232, tbw=207547, tp=187, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: YyjIYQYwCifFTZBj0ZtsMFolzIgqFqfoK2+075Wh17xhJ5t+gpebgRItQNAXUYJsbaEn37kF0Eyego0pHFUwEw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1007793848/ Frame CB6B 2 KB
1 KB 82ms
82ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1007793848/?random=1709989844170&cv=11&fst=1709989844170&bg=ffffff&guid=ON&async=1&gtm=45be4360z876220651za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpt.potwmora.com%2Fbr%2Fchat%2F002%2F%3Fsite%3Doranum%26psid%3Dkikdirty%26pstool%3D605_002%26psprogram%3Dpps%26campaign_id%3D126656%26subaffid%3D%257BSUBAFFID%257D%26ms_notrack%3D1%26category%3Doranum_broadcaster&ref=https%3A%2F%2Fyouareso.com%2F&top=https%3A%2F%2Fyouareso.com%2F&hn=www.googleadservices.com&frm=2&npa=0&pscdl=noapi&uamb=0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1007793848&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6c13b07bc35d62b1c4ffbad5b75c1ce7dcaf1a048a36bd4e3da5ab4f906a8be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 13:10:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1381
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1007793848/ Frame 9B62 42 B
108 B 84ms
84ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1007793848/?random=1709989844021&cv=11&fst=1709989200000&bg=ffffff&guid=ON&async=1&gtm=45be4360z876220651za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpt.potwmora.com%2Fbr%2Fchat%2F002%2F%3Fsite%3Doranum%26psid%3Dkikdirty%26pstool%3D605_002%26psprogram%3Dpps%26campaign_id%3D126656%26subaffid%3D%257BSUBAFFID%257D%26ms_notrack%3D1%26category%3Doranum_broadcaster&ref=https%3A%2F%2Fyouareso.com%2F&frm=2&npa=0&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqVFEFsvOACAelEY3Ca2dkjhd4slPF598JoNcd8kTCicetyVB5&random=2380173719&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 13:10:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 9B62 0
19 B 66ms
65ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=205589434897536&ev=PageView&dl=https%3A%2F%2Fpt.potwmora.com%2Fbr%2Fchat%2F002%2F%3Fsite%3Doranum%26psid%3Dkikdirty%26pstool%3D605_002%26psprogram%3Dpps%26campaign_id%3D126656%26subaffid%3D%257BSUBAFFID%257D%26ms_notrack%3D1%26category%3Doranum_broadcaster&rl=https%3A%2F%2Fyouareso.com%2F&if=true&ts=1709989844186&sw=1600&sh=1200&v=2.9.148&r=stable&a=gtmss&ec=0&o=4126&fbp=fb.2.1709989844185.379799808&ler=other&cdl=API_unavailable&it=1709989844001&coo=false&eid=b9ad444e-3463-49d9-b9bf-b8fe3b446a34_1709989843417.5&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=69, rtx=0, c=23, mss=1232, tbw=4316, tp=9, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 09 Mar 2024 13:10:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ Frame CB6B 0
16 B 66ms
65ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=205589434897536&ev=PageView&dl=https%3A%2F%2Fpt.potwmora.com%2Fbr%2Fchat%2F002%2F%3Fsite%3Doranum%26psid%3Dkikdirty%26pstool%3D605_002%26psprogram%3Dpps%26campaign_id%3D126656%26subaffid%3D%257BSUBAFFID%257D%26ms_notrack%3D1%26category%3Doranum_broadcaster&rl=https%3A%2F%2Fyouareso.com%2F&if=true&ts=1709989844235&sw=1600&sh=1200&v=2.9.148&r=stable&a=gtmss&ec=0&o=4126&fbp=fb.2.1709989844234.994054623&ler=other&cdl=API_unavailable&it=1709989844156&coo=false&eid=b9ad444e-3463-49d9-b9bf-b8fe3b446a34_1709989843573.5&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=68, rtx=0, c=23, mss=1232, tbw=4684, tp=12, tpl=0, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 09 Mar 2024 13:10:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.google.com/pagead/1p-user-list/1007793848/ Frame CB6B 42 B
64 B 82ms
81ms Image
image/gif 2607:f8b0:4006:822::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1007793848/?random=1709989844170&cv=11&fst=1709989200000&bg=ffffff&guid=ON&async=1&gtm=45be4360z876220651za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpt.potwmora.com%2Fbr%2Fchat%2F002%2F%3Fsite%3Doranum%26psid%3Dkikdirty%26pstool%3D605_002%26psprogram%3Dpps%26campaign_id%3D126656%26subaffid%3D%257BSUBAFFID%257D%26ms_notrack%3D1%26category%3Doranum_broadcaster&ref=https%3A%2F%2Fyouareso.com%2F&frm=2&npa=0&fmt=3&is_vtc=1&cid=CAQSKQB7FLtqwjRQRxWz6HsO7Q6t3sWtceetY4zmfyDYIT-yaRdazxko1Oi4&random=3626962312&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Mar 2024 13:10:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 6395 45 KB
13 KB 59ms
59ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 09 Mar 2024 13:10:43 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D5F41A64A60D448594F0EBC68B1A5A8B Ref B: MIAEDGE2809 Ref C: 2024-03-09T13:10:44Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 d5b5763b084354d61b8be4e317885894_glamour_896x504.jpg
msimg2.doclercdn.com/ff268cab8d9fbae1ed7506f97496274f1d/ Frame 9B62 52 KB
53 KB 267ms
125ms Image
image/jpeg 216.172.4.209

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://msimg2.doclercdn.com/ff268cab8d9fbae1ed7506f97496274f1d/d5b5763b084354d61b8be4e317885894_glamour_896x504.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.172.4.209 -, , ASN (),

Reverse DNS

Software

unknown /

Resource Hash

5a057fd86b769fce7d44d31f23bb7c22242ed8b115e40c41b4e7631d4ecfccfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:44 GMT
x-content-type-options: nosniff
x-cache-status: R-HIT
x-cache-source: Origin
content-length: 53467
x-cdn-node: usnyc
last-modified: Tue, 07 Sep 2021 16:14:36 GMT
server: unknown
etag: "2afb3427af43a3c20ce7532c1ca43419"
content-type: image/jpeg
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public
x-real-source: core-fe-staticorigin-usnyc-1
accept-ranges: bytes
expires: Thu, 21 Mar 2024 17:41:05 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame 9B62 45 KB
13 KB 57ms
57ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 09 Mar 2024 13:10:43 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F2BA767C2549414A9501235752C465E4 Ref B: MIAEDGE2809 Ref C: 2024-03-09T13:10:44Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.23/ Frame CB6B 60 KB
25 KB 69ms
67ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.23/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/fmilmpoxrc?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 99cc7e38bd1cebb323caec6c6044867d48645133ac1e457f46bf986e360b52e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sat, 09 Mar 2024 13:10:44 GMT
content-encoding: br
last-modified: Thu, 07 Mar 2024 11:18:26 GMT
etag: W/"0x8DC3E984F270C4F"
vary: Accept-Encoding
x-azure-ref: 20240309T131044Z-9bgfrrkd711et5anx5mqty25nw00000000ug000000004env
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 84dbff3f-801e-0077-5c84-70fb4f000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 bat.js Show response
bat.bing.com/ Frame CB6B 45 KB
13 KB 57ms
57ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV3674Q

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pt.potwmora.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 09 Mar 2024 13:10:43 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D661502E29284417B4BF420E70A616FE Ref B: MIAEDGE2809 Ref C: 2024-03-09T13:10:44Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ Frame 9B62 0
295 B 64ms
63ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.23/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pt.potwmora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pt.potwmora.com
Date: Sat, 09 Mar 2024 13:10:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ Frame CB6B 0
295 B 63ms
63ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.23/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pt.potwmora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pt.potwmora.com
Date: Sat, 09 Mar 2024 13:10:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ Frame 6395 0
295 B 62ms
62ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.23/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pt.potwmora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pt.potwmora.com
Date: Sat, 09 Mar 2024 13:10:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ Frame 9B62 0
295 B 71ms
70ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.23/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pt.potwmora.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pt.potwmora.com
Date: Sat, 09 Mar 2024 13:10:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pt.potwmora.com/	1970-01-20 19:43:01	Name: psui Value: b77c6a3f62c1d529372ec3e5ea9e9ac1
www.clarity.ms/	1970-01-21 03:45:25	Name: CLID Value: 89e1cb695ffa46c89f4ddbac320fa8e1.20240309.20250309
.youareso.com/	1970-01-21 04:35:49	Name: _ga_41BCQPZXPX Value: GS1.1.1709989843.1.0.1709989843.60.0.1083831950
.youareso.com/	1970-01-21 04:35:49	Name: _ga Value: GA1.1.354757155.1709989843
.bing.com/	1970-01-21 04:21:25	Name: MUID Value: 34CD677CADF16C9119FF7341AC9D6D0C
.c.bing.com/	1970-01-20 19:09:54	Name: MR Value: 0
.c.bing.com/	1970-01-21 04:21:25	Name: SRM_B Value: 34CD677CADF16C9119FF7341AC9D6D0C
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 04:21:25	Name: MUID Value: 34CD677CADF16C9119FF7341AC9D6D0C
.c.clarity.ms/	1970-01-20 19:09:54	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 18:59:50	Name: ANONCHK Value: 0
.doubleclick.net/	1970-01-21 04:35:49	Name: IDE Value: AHWqTUlnQApYzd2S3ZiKedjR4oO3VXo_BLwq-eaniHwNmxIQ6LZSj_D3NzB8Kt5v

61 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/205589434897536?v=2.9.148&r=stable&domain=youareso.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/205589434897536?v=2.9.148&r=stable&domain=youareso.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/205589434897536?v=2.9.148&r=stable&domain=youareso.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/205589434897536?v=2.9.148&r=stable&domain=youareso.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://youareso.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api-protected.oraprotogw.com
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
fonts.gstatic.com
googleads.g.doubleclick.net
msimg2.doclercdn.com
pt-static3.orawmstc.com
pt-static4.orawmstc.com
pt-static5.orawmstc.com
pt.potwmora.com
stats.g.doubleclick.net
u.clarity.ms
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
youareso.com
20.110.205.119
2001:4860:4802:38::181
216.172.4.209
216.172.4.212
216.172.4.213
216.172.4.215
2606:4700:3030::6815:2d72
2607:f8b0:4004:c06::9d
2607:f8b0:4006:80f::2003
2607:f8b0:4006:81c::2008
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2004
2607:f8b0:4006:824::2002
2620:1ec:bdf::40
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
4.227.249.197
00ae7fd44720434a5e84bdbebd7a68f0b7eb5dff1a0bba9b2c6dbbe8e6b926fb
0a134ccb56659072b4b71e362bd611e8d5775737b2b44b558d2e7be69f902b54
0b020c3832897ad73da648063dc81507e0d2c275e1ad243757b33ad6010d5226
0cd36e701e26e6fe00fd7d01a7ee3a970ddc7318a7683c9c5c9f6c0db8663fae
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
11fad247886d0f80cae2f57a9902bbc91a858895f533698802de7a6f670222aa
127a2dcc8e162f3566f0050d8c08bd2337c9064005935e8dc46f657e6aeab1e8
189b6528de226714dd55dd864a68abb16eae56e859208354ba2f5a7a5635c2ad
18fdb41ef75d60f7378a81d826da53d917a5ed536fc15db6f184e53f232b8266
1f7d60b0f0a7c1bd4b1e95e1117cd3b2db9e9f03e43e1eb6bbb0b9f76f40575d
1fb7e27199415dcf4808adc9414aadd41177c551224d4ea87c511836eae7f775
26fd6095bea5e12039a16c0feb7d89281c7034d1f821a160e4fd7a02b9eacdcf
283c3986e9c4b63b4b694bf32b10b9ff91d87ff4c77765983f3c55d69fd9c3e5
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b1102dc6ac5e244c375ecc6a989c42202739a58f27be9e1ab9466f0ae9bcba3
2c1815d8cef06e07d4370f679f242aff03a1151bac86ead4284928597a1f2639
2cf48d1a60e1c95dde71b47c68aef81b4331db9ea04dc47c0004d9b341f499d9
31105db42a75717dcb99ac0ed0d652db26796762d41efcfa07754fe6c6eada36
34cd1093e1cf7e02a288f6011e9bdc53605c71a52bf5ae880f0017065743b116
358152014ea5023bf478ba73787ab3d2ca6d8fc277f453fb792889ac998da725
35e8b73850af3a82b11248c3ded362318e43dade678b7e1b8890e78a308240c8
369a6d638f470e9978663042f862fc82ea2610b312c3396da4c7865c83dd6b48
3ac3184124b26504cae06c24063ccb5857b70d9bc0cd57572127562114f78b6a
409fefd66cc4f3d5b36de22876b5f42d4358518d10af70a105d40646e7589754
40a19ca2d0c1fbc93f6d6734a84c276758f6356e43d9169b810f96ee3f383f98
441dd14fbd4728680f619eb802735c5d95eaef95e86e007171e7fc607c7845bf
5077627cfca0a180feec8ac89489c9eb202f786a296cc6d4704fa889caa70589
50a2ede4dbc42c620242012068e56a3e4dd42372225d4187822547eb23d895ff
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
57ae72a28dd9a3ae9be21ef826843f87b52c91bbc043b0fd575ea4300daedfe3
595399e2689c59f4e949bf2d9ff46ff859044e7df4db0f12efde320afe6ed9e1
5a057fd86b769fce7d44d31f23bb7c22242ed8b115e40c41b4e7631d4ecfccfb
5a628ff72d2e0badae7b85e8d489ef92239f5b242b03a14a242618202957460d
5ef1fba28c8b13ef8ac08ddebfb65a9a2ee74d1f41b9e8ee35e8047ab2ba3550
628e3b473b334b156d94669ad80bd948b22be40aee28dd5661f843ff3ea2f709
633dc2a4256a23a4dec7b94a6ea000969514013ce9c66785d1daed395e0adb22
6c3b74de4d063cfa2e569feb5c921afd175a1bc0a49226cf54f7a87ab0682789
7205b900ff2a46b3863aa7bed29bbea646319f52fffd0c845e9d525693ffa5c6
792518916e29c9e8f588f8aebfe6bb1825c249cde0fbbea0f4a334ff939bb28e
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
7a78300d67e1ba0b1f572688325d74da6fa59109ec938420db05f36ee021621b
7dcbae8cd86ad3b6b24cc91c29799aeededc39921e53663679f9cb27f9f3fd66
7fcb68ebd91a5140a33749dab8de8938506a1e7f521db7369cecd325ffdf0121
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
859fb645ace051ee4b91f3ecc4c847c642d8c8bb73829a78c6e7cc56b029e3d7
86046b15b2b4086fa22930c7d0c79796a7cd7fc01b60c8bc8e3e32285814a6d4
860dccd9c8eaf8334cac440bf339530f38e5333e21c8b29a5da1c5b6d437cdef
866c21d6cada368ff5a8049cb94a899b547fc763068036aacf94be7b24a2a40e
86ab9f94a096172ade9f6a75ea3133bfe57993a739f2562c94c6725719bb7249
89610af90239b7c3dc167e62030dbc77b0769301a98c1e6c2d8b8e2801e42da5
8afc3f2d56ad5f19e8d2d40a992bee125303be4e1d5100e6aa015ba1bd92b92e
8d78582ad924c4c6f893222bbb9d19d6c92a4b9b649a638a4ce75648832e88b7
90d3605b79be486c3f56493677cf436fc5905c66d229f02c7046d199c36ec508
963e8b753cac6b04cf64359b99f69d5625736cd7ad805b2940b4df5d6915f105
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99cc7e38bd1cebb323caec6c6044867d48645133ac1e457f46bf986e360b52e4
9e81fd08c1cc8f6ac51c98a9aedbc54119ef1a632f57b986beb6c18e5929153d
a411a873dff52798ac9005a072f796af5477e1d31f84adc577c02e00684342a3
a483c7a2d443572e19858c2d85adda0a1e5785fa75d6d7c396a1630618a0392b
a6f4f2aa0e35daddfc547925377afa7655b3813768f67437016700bf1e5b2b91
a8bfeb7f9b1a344cf5c77e33eeb9eb4901f844436136be5689e531c76b2403b6
a8e3787c057ac5fde150df53d35d12bf1d020732840cbcb3e3c0efa82e076360
a9985ca01d81ceea7256e84356f799b9926d699fe28325d5c108b0e1725be5bc
a9bb07bf95a4eb5b11f74e1be96e3cee1579e41c4c134b3773581c5340ba63ac
ab1414874550c8609b2ca25feefbbc13f78e0ab8f73362e2a24560291f44ed61
ad3f411373401df3b9e9b718106abd1915ef1155d2c9ae047298b56e31aec627
ad8ad4db27cc402427f4ea7b8b91e3cfe73f48a80952c00f99ad004501f8b353
ae811cff7867d74f0cffb77a8348a9bce79d718b87c673ce1eef6c9448f7811f
aeae0b4cd71f0ce7360896f1e1b741bdb0e9145f25d0d4041ccfad0560d31b46
b6c13b07bc35d62b1c4ffbad5b75c1ce7dcaf1a048a36bd4e3da5ab4f906a8be
b741388184a340e5b2e6ea249dabded81b97dbe8e6dab5abde0657f376ffe063
b79f28dfd01bda64639ad5921e3e74816f96e00eb6d0591b3a5dfa152f923642
bbd509f42e1a66e91e73bb195a7a837284c1ace0d35eddae02a52877ea20f149
c0bcda41629093a27bcc157526ee6baa80720fc5a7732892d438ab020b40a345
c477609137ebde36ae37903a03c51de5921ae23c4e0372789bae9b8473aee7eb
ca8a748f82290bc53e159360fc510c0280cceb02cf381be01147a7ac34c4c9ad
ca8c7808229071724898b2842e82a07598004e03c62b4d67938d18139c05509e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf7f68a71d6b3664b790c5ebf6c31305ec82ef504218f9d8b4e688c5e721d42c
d0564469c3be238cc2e035190376714d0fa568f5f706ffb4d0f29f92c558ecf6
d3d1236219691ce9285aea209821cac22e079c4bd126d87ebb85e170fb1449bd
d590f90318cbc3eb3a31d3e40c1e311bcfd1635943940930fbd20bbdd074020d
d8775b76b83f95844bebc82807c57e7a2bf29d0371ec3e5feef7380e522f4a3e
db7742c6c03f14804cfea8aedf7b719d6698a7c1f593c900bf4fdc6bdac75a20
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e485cf8605b5490285c439b818a7123f5855c6a3e831b01046c6dc62718bac88
e73860b02a743dd221e8ace408048cac77915d2df983b3661b10c02ad1a99661
e97a9988dce8067f81f57557b349dd481e0335e75175179b6b01322be2ff13a5
edffbbf5d7fd28541dd1b1e619466b44d7e2a4696055bf8fd2b9f4266c7fa838
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa109961abd71a248ec305807a2782a7016f4f90d0fbbdae8e28b5270b6438de

youareso.com Open in urlscan Pro 2606:4700:3030::6815:2d72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

128 Requests

99 %HTTPS

67 %IPv6

14 Domains

21 Subdomains

19 IPs

1 Countries

3275 kBTransfer

8225 kBSize

12 Cookies

1 Outgoing links

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

youareso.com Open in urlscan Pro
2606:4700:3030::6815:2d72 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

99 %
HTTPS

67 %
IPv6

14
Domains

21
Subdomains

19
IPs

1
Countries

3275 kB
Transfer

8225 kB
Size

12
Cookies

128 HTTP transactions
1 data transactions