hxxp://www[.]letrasboom[.]com

Analysis

max time kernel
26s
max time network
29s
platform
windows10-1703_x64
resource
win10-20220812-en
resource tags

arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
submitted
16/02/2023, 08:15 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://www.letrasboom.com

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
2132	chrome.exe
2132	chrome.exe
2676	chrome.exe
2676	chrome.exe
1052	chrome.exe
1052	chrome.exe
5740	chrome.exe
5740	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 35 IoCs

pid	Process
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe
2676	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2676 wrote to memory of 2740	2676	chrome.exe	66
PID 2676 wrote to memory of 2740	2676	chrome.exe	66
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2096	2676	chrome.exe	68
PID 2676 wrote to memory of 2132	2676	chrome.exe	69
PID 2676 wrote to memory of 2132	2676	chrome.exe	69
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70
PID 2676 wrote to memory of 3868	2676	chrome.exe	70

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" http://www.letrasboom.com
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff9c8074f50,0x7ff9c8074f60,0x7ff9c8074f70
  2⤵
  PID:2740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1632 /prefetch:2
  2⤵
  PID:2096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=1696 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2204 /prefetch:8
  2⤵
  PID:3868
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2636 /prefetch:1
  2⤵
  PID:5084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2644 /prefetch:1
  2⤵
  PID:4356
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4188 /prefetch:8
  2⤵
  PID:3332
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4324 /prefetch:1
  2⤵
  PID:3560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3508 /prefetch:1
  2⤵
  PID:3608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3020 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3588 /prefetch:1
  2⤵
  PID:3764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5172 /prefetch:1
  2⤵
  PID:3880
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5612 /prefetch:1
  2⤵
  PID:2252
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1
  2⤵
  PID:4576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6332 /prefetch:1
  2⤵
  PID:3128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
  2⤵
  PID:4908
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6064 /prefetch:1
  2⤵
  PID:5072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7156 /prefetch:1
  2⤵
  PID:4460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6884 /prefetch:1
  2⤵
  PID:4452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7292 /prefetch:1
  2⤵
  PID:512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=8708 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8476 /prefetch:1
  2⤵
  PID:1516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8336 /prefetch:1
  2⤵
  PID:1524
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8200 /prefetch:1
  2⤵
  PID:1560
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=8088 /prefetch:1
  2⤵
  PID:1148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7956 /prefetch:1
  2⤵
  PID:1268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=26 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7824 /prefetch:1
  2⤵
  PID:1188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7684 /prefetch:1
  2⤵
  PID:1280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7548 /prefetch:1
  2⤵
  PID:1824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7328 /prefetch:1
  2⤵
  PID:3900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6792 /prefetch:1
  2⤵
  PID:4528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6772 /prefetch:1
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=33 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9128 /prefetch:1
  2⤵
  PID:2684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=34 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9432 /prefetch:1
  2⤵
  PID:5264
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=38 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9548 /prefetch:1
  2⤵
  PID:5300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=37 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9540 /prefetch:1
  2⤵
  PID:5292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9532 /prefetch:1
  2⤵
  PID:5284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=35 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=9452 /prefetch:1
  2⤵
  PID:5276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=39 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=7420 /prefetch:1
  2⤵
  PID:5484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=40 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10296 /prefetch:1
  2⤵
  PID:5536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=8360 /prefetch:8
  2⤵
  PID:5708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=10500 /prefetch:8
  2⤵
  PID:5748
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9212 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:5740
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=6508 /prefetch:8
  2⤵
  PID:5808
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=10640 /prefetch:8
  2⤵
  PID:5840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1600,12857593734150260802,2180768935262548552,131072 --disable-gpu-compositing --lang=en-US --extension-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=46 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=10196 /prefetch:1
  2⤵
  PID:5880

Network

DNS

accounts.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.251.36.45
DNS

www.letrasboom.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.letrasboom.com

IN A

Response

www.letrasboom.com

IN A

172.67.190.73

www.letrasboom.com

IN A

104.21.81.188
DNS

clients2.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

clients2.google.com

IN A

Response

clients2.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

172.217.168.238
POST

https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard

chrome.exe

Remote address:

142.251.36.45:443

Request

POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/2.0
host: accounts.google.com
content-length: 1
origin: https://www.google.com
content-type: application/x-www-form-urlencoded
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D188%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D188%2526e%253D1

chrome.exe

Remote address:

172.217.168.238:443

Request

GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D188%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D188%2526e%253D1 HTTP/2.0
host: clients2.google.com
x-goog-update-interactivity: fg
x-goog-update-appid: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfm
x-goog-update-updater: chromecrx-89.0.4389.114
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

http://www.letrasboom.com/

chrome.exe

Remote address:

172.67.190.73:80

Request

GET / HTTP/1.1
Host: www.letrasboom.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Date: Thu, 16 Feb 2023 08:16:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
location: https://www.letrasboom.com/
vary: User-Agent
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8w%2FrAMtwVgfgB9AVtgpUXDyE6sx7Jhebqibmg%2FkZWWs2VtBlWBH6Vfp2xNhlHE7E7JYiC6frmoLor51rRYGBZo3yxdLwpJtmVOSLCV8A08%2BRqmfeGeYTFy8GBVW%2BUDgAmqzSvtg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79a4d6d0ad53b7ae-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
DNS

edgedl.me.gvt1.com

chrome.exe

Remote address:

8.8.8.8:53

Request

edgedl.me.gvt1.com

IN A

Response

edgedl.me.gvt1.com

IN A

34.104.35.123
GET

http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crx

chrome.exe

Remote address:

34.104.35.123:80

Request

GET /edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crx HTTP/1.1
Host: edgedl.me.gvt1.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

accept-ranges: bytes
content-disposition: attachment
content-security-policy: default-src 'none'
server: Google-Edge-Cache
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-request-id: f460f3ee-be14-4197-a5b8-fd305857c920
content-length: 248531
date: Wed, 15 Feb 2023 18:29:23 GMT
age: 49602
last-modified: Fri, 25 Feb 2022 22:08:36 GMT
etag: "c994e6"
content-type: application/x-chrome-extension
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000
cache-control: public,max-age=86400
coprocessor-response: download-server
GET

https://www.letrasboom.com/

chrome.exe

Remote address:

172.67.190.73:443

Request

GET / HTTP/2.0
host: www.letrasboom.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
set-cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D; expires=Thu, 16-Feb-2023 10:16:06 GMT; Max-Age=7200; path=/; secure
set-cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9; expires=Thu, 16-Feb-2023 10:16:06 GMT; Max-Age=7200; path=/; HttpOnly; secure
vary: Accept-Encoding,User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZjrNkoFoFCXDeZTeE8oDW1k9MXGqxUZU%2Fiy%2BCceWdDVbxIhihk9HXZ%2F4zaDNehjGouhqxavFWnRMRHoe056ljcVOT56Qmft64u8NJm%2BKSToDD7E5UVRoz%2BqBX%2F%2FJ7w1jjlp%2FF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6d3be410e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/css/AdminLTE.css

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /css/AdminLTE.css HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=109232
cache-control: public, max-age=2678400
expires: Sat, 18 Feb 2023 11:35:41 GMT
last-modified: Fri, 05 Mar 2021 18:21:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 420025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1nyifH6iT5YZApl4%2F4Rl7SU%2BmdsME1MQWuJWK7z1hw3Go%2BqMWGJhv3%2B9fW%2FkDLjoj768Sj5hSFbhM%2F%2Bmv75oz1ekMfenpYcIhZuPKKS%2FKWXj5s7L7Q7LtCyaqTNVqCWwwvUr4g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6ddbc460e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/css/front.css

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /css/front.css HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3405
cache-control: public, max-age=2678400
expires: Sat, 18 Feb 2023 11:21:29 GMT
last-modified: Sat, 14 Dec 2019 21:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 420877
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Niared4rUOllbjWan2%2BTbsI9CB79A%2FMnQAWYmVilRi2JGk9AZQRu5NEmIIhw3KgsLIAyZQqgtX0%2BmTFkTW5glmBkDOLNE9UTszzWyb2bjqMnt03%2F2m%2BC%2F4IvYSYHmEqmrmLSvug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6ddbc500e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/css/skins/skin-red.css

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /css/skins/skin-red.css HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=418
cache-control: public, max-age=2678400
expires: Sat, 18 Feb 2023 11:35:41 GMT
last-modified: Sat, 14 Dec 2019 21:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 420025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1P1hIwpEiurSeTVybqNg%2FFaP%2BEqcFiZlfoRqybnGYxQPR6V6r2bElD6KaFJvluVEweSF1IAFg%2F5F0h4xTqEyN%2FxiBnX%2FzmYVYWrT1pBnHhmVrVPJMs8oqWKy%2FkxgtcyzGMhyB1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6ddbc520e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/css/noty.css

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /css/noty.css HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=67284
cache-control: public, max-age=2678400
expires: Sat, 18 Feb 2023 11:35:41 GMT
last-modified: Mon, 12 Sep 2022 05:55:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 420025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oB%2FxH2%2BSI3v1ZO2%2Bi%2Bq813TEcMyzZxVlS8f%2B0X%2Fdtc4AbaBw3tri3FbG7m8y84NFJAcE8mIVNMd1%2FXIIKKfScnXiYr8kgxneW3vu%2FVn8SCIVvGQROyTPw1yQQD238jOBwLd7Ipc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6ddbc4b0e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/css/player.css

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /css/player.css HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=19787
cache-control: public, max-age=2678400
expires: Wed, 22 Feb 2023 20:06:22 GMT
last-modified: Fri, 05 Mar 2021 18:29:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 43785
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8%2FcRzArn3tw13%2Bp78vlMNSEKX%2B9s9uHbDS9bgL99jDxH54FVnR1fjSp9T0ceClajuCGiAz%2FFXMtnLJtUPdDZYyqAHe4MeCtOg9XWRWfYddmu%2FPyCwiSbJ2soBLY5ID3wcKUy48%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6ddbc5a0e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/css/playeraudio.css

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /css/playeraudio.css HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=22600
cache-control: public, max-age=2678400
expires: Wed, 22 Feb 2023 20:06:22 GMT
last-modified: Fri, 05 Mar 2021 18:28:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 43785
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qurn3c3rPqIhIpNLkBUjU80T1JOG5O5OfAKWKlmxSbyUr9UE1OyEXvSPL7Gepst41i7yCd3FQZxbCejsZFUdch7M4abYIIrl5UWxBDsdegB8vF4m8l6CBOGP48B7Gsrs%2F4b1pns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6ddbc590e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/css/responsive.css

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /css/responsive.css HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/css,*/*;q=0.1
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=5485
cache-control: public, max-age=2678400
expires: Sat, 18 Feb 2023 11:35:41 GMT
last-modified: Sat, 14 Dec 2019 21:03:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 420025
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1%2F4F1k0KQN8nq2YptSESRnSfumgX%2B1Cvs4rGb88Tbvu9ZwCF3irgGCqW6QbF53SNQK%2B5KFv9yzLWymxt2YDSKsSkYqc%2Bqyun45w4FycKcQMgttkpef0NXnVZ%2BatUq3%2F4KBa8CA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6ddbc5d0e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/195_1631760609.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/195_1631760609.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: application/javascript
last-modified: Wed, 15 Feb 2023 11:11:08 GMT
etag: W/"63ecbdcc-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkswFusNKnZ8KpXnpRlFn2y1xDsYoWwhEiMNXvuij9M6f0sPmWC0C7j7EQTkqxdjhWdHBd%2BxJ4fwqrir%2BlkDaDvu83lbR6lf2lRd6mfSPyUjU%2FicApEFfJF7%2F4BfecvKDaZ7c0U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79a4d6ddfcc50e32-AMS
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 18 Feb 2023 08:16:07 GMT
cache-control: max-age=172800
cache-control: public
content-encoding: gzip
GET

https://www.letrasboom.com/thumbs/artistas/195_1538607003.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/195_1538607003.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: image/jpeg
content-length: 13962
cache-control: public, max-age=2678400
expires: Wed, 22 Feb 2023 20:06:22 GMT
last-modified: Thu, 16 Sep 2021 02:50:09 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 43785
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kr7mCvUBT8xP3HdXsO7Ej6cum1SOwgvD5ixPZi5U8u2hkb4h9XPT9blxmX9oVogxS3H05%2BW0F6JoUNxp6k2g6yi3gJHlmg365%2B1TwNS8%2BBz%2FWi5hSwVZIEsKNk0pKSvGQzpNz8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6ddfcb40e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/195_1539837574.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/195_1539837574.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: image/jpeg
content-length: 13692
cache-control: public, max-age=2678400
expires: Wed, 22 Feb 2023 20:06:22 GMT
last-modified: Fri, 29 Oct 2021 02:57:28 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 43785
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXp8X3gg5RXtbFoB6iczcX7gdq9H8xg5H%2FbpJB3v2oWXw33MZ8TN54CcyBnaGB5o0t4G5TrCe%2F5UoKh3GIC4PKifdtNdk1i%2BbnxRC3vcocgVRS0s9bUElFxDhHy7wkRt%2FsmkDik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6ddfcc10e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/195_1585893489.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/195_1585893489.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: image/jpeg
content-length: 10770
cache-control: public, max-age=2678400
expires: Wed, 22 Feb 2023 20:06:22 GMT
last-modified: Wed, 03 Oct 2018 22:50:03 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 43785
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lrvkyEPw3YCBawFvqsohM0%2FslYkyE9lJUD6F8%2BIb2L862KTFvdtJlrUCCaadZi4A1kAoScHmy1KHLhSL9VhvAd%2F5CCgIwb%2FG%2BS1J3j2PvWtPGDiSiVmJuN9oTnyuiGQqlqfVRwg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6ddfcb90e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/195_1635476248.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/195_1635476248.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: image/jpeg
content-length: 10342
cache-control: public, max-age=2678400
expires: Wed, 22 Feb 2023 20:06:22 GMT
last-modified: Fri, 03 Apr 2020 05:58:09 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 43785
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nibajJUltGCk38r7nnUxk%2FLOOh40NrYBEfvUtwrM8LogwsKC5pj46xCosLkXM0pNlDWg%2FAAhxAud9wyVueAMeEc%2Bdj5gEyNgydb6XLQhAEbyEyPDnFkvYxWadpnfm%2FSy9dhe%2B2I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6ddfcbe0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/195_1649946229.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/195_1649946229.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: image/jpeg
content-length: 13233
cache-control: public, max-age=2678400
expires: Wed, 22 Feb 2023 20:06:22 GMT
last-modified: Thu, 14 Apr 2022 14:23:49 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 43785
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IdKduQOrwo1L7VlkMEDwBkzjz0omGLbdjdh6ErXRTPY5SEHVwltICwjxsQ2wsqSrBqE3x4hYvqMpYPTVSn2zbh0ShTijwfSgbi5Ge38eeJspbT5uxbyDOsY0IJWcUFTAvPtz4Yw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6ddfcc30e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2678400
expires: Thu, 16 Feb 2023 11:42:13 GMT
last-modified: Sun, 30 May 2021 20:36:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 592433
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3BGzEUGILat2DXeWTROPRpl1Bfmj6gADll38tBsvAQpJMs53iI1q5V7qhTdQ9KfDpf9cfNHCx7t%2BNTugYLu4hjnwUrFjsKck1xrIfuzPVXMAhzmy3ahyeq1Xaz5r7LopIkcahc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6deadf50e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/js/radiotitle.js

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /js/radiotitle.js HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2678400
expires: Sat, 18 Feb 2023 10:27:27 GMT
last-modified: Sat, 14 Dec 2019 21:03:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 424119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3v0GnZmVJDCW1Fc1oliuypUWDXwsKnk0sv2TOuCEgpMRW2ZeFmJHBQ4zPJ8dr4a3HevaSuHkJBG3cN8oNnvW6sMacOS13IGfnCzoakgf3%2FfC0aDsqX5BCi%2FMpQrMzo2FIuYfjxI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6deadfe0e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/js/jquery.cleanaudioplayer.min.js

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /js/jquery.cleanaudioplayer.min.js HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=2678400
expires: Tue, 21 Feb 2023 23:40:59 GMT
last-modified: Sat, 14 Dec 2019 21:03:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 117308
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hc0UTMEt4gHsuSS1bQM64Aoa8%2B6hqtjeyvlF1tCiHLMT61d6YiuYCr77LO3RYrcrMBp%2Fd86YvC%2FE28wTjev9GufEYQ3uoVz3spwgJgvQPYWJFO1LEmo3ePcR8cPw%2BSubk3fT63I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6deadfc0e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/js/jquery.cleanvideoplayer.min.js

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /js/jquery.cleanvideoplayer.min.js HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: application/javascript
cache-control: public, max-age=2678400
expires: Sat, 18 Feb 2023 08:40:07 GMT
last-modified: Sat, 14 Dec 2019 21:03:24 GMT
vary: Accept-Encoding,User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 430559
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aP3Bx0mfNaddTGgXq2BcgoV8JVhU4GOK%2B35V%2BIh6%2F9G69thxwrp2J3bdsOmEE%2BYQhR1OhGuEIrh5ykfVdBnzBYu0FHvpdy%2FTnQ7amxXWojuRwuTQFZI3K%2BdqsIzSoMKlFVWdy6U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6debe010e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/plugins/noty/layouts/top.js

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /plugins/noty/layouts/top.js HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=9521
cache-control: public, max-age=2678400
expires: Sat, 18 Feb 2023 09:29:36 GMT
last-modified: Mon, 30 Aug 2021 22:07:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 427590
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRXimZ4CNlS4eAjgShaDNC8Aq54v6vB9%2Fvr%2FSQ7nC9lm0sojV4JLna0KWfZ%2FD5KcYGWzR9nEMxz%2BPlGKkk0d%2Fa3ukVezr%2Fje2TN5vBfhlaA6plA58KgMxWuLKVU4xE5OUy8WNt4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6deae000e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/plugins/noty/themes/default.js

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /plugins/noty/themes/default.js HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: application/javascript
cache-control: public, max-age=2678400
expires: Thu, 16 Feb 2023 22:21:07 GMT
last-modified: Sat, 14 Dec 2019 21:03:24 GMT
vary: Accept-Encoding,User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 554099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCTrzh6F3%2FhBClT548Q7I5XcPyVF1Hy61rVpVdRd21CduveJEchp3fECzl%2FRdzgthjjuqsVHcu%2FuTtz4e5UFNPXOUtZloUFVYSKkbsVb%2FKI23HmKeFCucpnoPTumrStf4LV%2FL5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6deadf90e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/plugins/noty/jquery.noty.js

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /plugins/noty/jquery.noty.js HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=8597
cache-control: public, max-age=2678400
expires: Sat, 18 Feb 2023 14:06:03 GMT
last-modified: Sat, 14 Dec 2019 21:03:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 411004
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwQyuYPcnzvYKgUZ1yqqtXLb%2BVsMLq8G2WORmYqA40z7zD3lRBLB9LOZergVBkX%2BvAzq4L7dgllfLd0IjRleIkgqHsdgupvcoPdZBxiQOHZHAPmz4mITQQhxQJ%2BiU0iHLsr%2Bu8A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6deadfd0e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/js/main.js

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /js/main.js HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: application/javascript
cache-control: public, max-age=2678400
expires: Mon, 20 Feb 2023 06:17:37 GMT
last-modified: Sat, 14 Dec 2019 21:03:24 GMT
vary: Accept-Encoding,User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 266310
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hy00sov1LwF492LLiFxOglppTIkx7HtqXWzGucTLcm8nWskX4VAukTL%2BBYxZpXcCF0oETaw4VdExX3s0kDwn6d%2BSws8qtbofU8AjWhdqxYVs9fp693dt%2Fjsso2j6BlLh7h0U6RQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6deadf70e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/js/percircle.min.js

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /js/percircle.min.js HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: image/png
content-length: 4116
cache-control: public, max-age=2678400
expires: Sat, 18 Feb 2023 11:28:45 GMT
last-modified: Sat, 14 Dec 2019 21:03:22 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 420441
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJHHX5iB4%2BpmG5jbioQaSKhNgcmYubga9nvdZVdcAGA%2Bg5ZskjgaTF9JI1nE46oJf0IdNWMKIat8mW695ZJqyDlbh%2FyaTWAzQi9MY6E96uMMq3xmNpOPtIcJ1mYn%2F1uizRBNDIM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6debe170e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/img/logo.png

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /img/logo.png HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/css/front.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: image/jpeg
content-length: 10718
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:07 GMT
last-modified: Thu, 18 Oct 2018 04:39:34 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZBxFzNb2JPUaLPx0moQZXKBhpSsdnwaq1mHL%2F6ZknnW6Zlgsr9zef%2BYWjwArN%2F4Q%2BzaDFajsYsfTzbmGJf6Pa3t3WtsewTjyjs4EGIQcWILtI%2Fl%2BugrK3KIp3nLRUkcZkkuKio%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6ddfcbc0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/img/favicon.ico

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /img/favicon.ico HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9
cookie: __oagr=true

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:08 GMT
content-type: image/x-icon
cache-control: public, max-age=2678400
expires: Sat, 18 Feb 2023 13:56:34 GMT
last-modified: Sat, 14 Dec 2019 21:03:22 GMT
vary: Accept-Encoding,User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 411573
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Prljut12Pqzsfxm4E076lI2ccWf0spk3f0HchebeT1HpyF2Upni6p4OjBvjnzbJ9Azjaec%2FaYyAZXJE30%2BBVB6O4YxzfUtQxQoAaU%2BbCc14Ory7sUD2Xnz8vtFR3bFiKJm8Tq4Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6e5afc70e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/img/load.gif

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /img/load.gif HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9
cookie: __oagr=true

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:08 GMT
content-type: image/gif
content-length: 18633
cache-control: public, max-age=2678400
expires: Wed, 22 Feb 2023 20:06:25 GMT
last-modified: Sat, 14 Dec 2019 21:03:22 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 43783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3JhEFjOl9RflF6z9tsNeNu4W2eFdVUhhFOp9GA%2BueOPwV6if50FL9CvRwYcg04EQyJIcqrKgNLYseyMlR9XzORR%2BRTRiRNiWEDU4IsTGg4%2Bx4R7p7HdppTH1ONfdpMWJSzBojc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6e6e94f0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1649886344.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1649886344.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:12 GMT
content-type: image/jpeg
content-length: 533551
cache-control: public, max-age=2678400
expires: Sat, 18 Feb 2023 16:08:37 GMT
last-modified: Fri, 22 Jul 2022 11:50:01 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 403654
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sseTQ08lBoanU%2BKgAYz6tTSlWGSSGVXfeu%2FVKiE6h7Cy4D2tcQkeNSbLgo5kGISNEzE2suSBrr3Oi7c1bEPTRg5LvwNrYWAjigEVMz8im11pJ%2FG4xRvnD92eCV752hCc1q%2F7jVg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6ff3a040e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1622525503.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1622525503.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:13 GMT
content-type: image/jpeg
content-length: 1665
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:12 GMT
last-modified: Fri, 03 Feb 2023 16:56:16 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxKEx%2F8dpwYwLJbCfHuD0LWVnh%2FoS74J9oPSg2wm05VigogLzkIToJW1MuxrObXp9gKDX2vFs5aP%2Bj%2FvvhywGqAFrVQhIm134uUzAhQPogG0q4lrwyHwn4wpFohppvORur%2FrrWA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6fee98d0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1675443376.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1675443376.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:13 GMT
content-type: image/jpeg
content-length: 1687
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:12 GMT
last-modified: Wed, 13 Apr 2022 21:45:44 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VYmSyaEnHXa%2FvnAp7G%2FrLOYGSPwwyo8Olxx2HrQOASMGqNpgx2BmtPtG4pfvXYWzU%2B9Tc5TGtHemuTBrsGGYkWpxWcVVt3LY3PezY%2FJdDEcHYf3qakMZQfyDtBbFKe%2BvS0ObFc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6feb9390e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/adslb.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /adslb.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:13 GMT
content-type: image/jpeg
content-length: 2040
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:12 GMT
last-modified: Tue, 01 Jun 2021 05:31:43 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YM0HP6Dz5DNTYsyD3%2FX2RjsmNLH7DHKW%2FEm7kZrFhROfKufzvkEWJmLLmlVVm3XrcLT9Uj2%2BgxNwqu%2BghpxHNswt%2BgtNrk1xMASrOYGsXDFlHgNf9ShexavxqJOvP0GcHzeoKB4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6fed9850e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/live/song

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /live/song HTTP/2.0
host: www.letrasboom.com
accept: */*
x-csrf-token: w1hwZ30k4JbYtXZOON7kMhxVmZY7sqRSrJH65feV
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
x-requested-with: XMLHttpRequest
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: XSRF-TOKEN=eyJpdiI6ImdEa0tNcm1RWktnVThFMGx6TXdldEE9PSIsInZhbHVlIjoiV0IyY0wwKzNXNVlPeGNHZkc4a0tUWjN2eVwvK013T00wclhFbWRaUktJUXRzZlk4d2k5VFpQb3BIODVGaGxBbW1hc21SSGFQOXF6ejloR2JyMWp1TmVnPT0iLCJtYWMiOiJhMDM2ZjdiZWIyM2IxZjZmMTJhYjhjMjliNTQ2NDNlN2QwYjM4NGFjYWJhMGY2NWI0ZmVmYjEyN2EwMWE5YTczIn0%3D
cookie: laravel_session=eyJpdiI6IkxtYTFPVityOUQzSHFpQ3dvQXlNN1E9PSIsInZhbHVlIjoiSVZOaVdhc0xxemFpTER3MTF6THVuTmxHN2RMcWdKeTg2bTJUZTY2cVBUcEE5XC80bEZwT0hjSkRnejBGdzgrXC91N3ZJUzZ3TlIzRHJ2VDRJYm1jckNZUT09IiwibWFjIjoiMzY0OWFiODUwYzE4N2M3MGU5ZjFjMzNiY2JhNDdhZjRiNmQ4ZjRkNzA1MGZmYWE4NjgwNWNkZWQ1YTMzY2IxZCJ9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:18 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
set-cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D; expires=Thu, 16-Feb-2023 10:16:17 GMT; Max-Age=7200; path=/; secure
set-cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D; expires=Thu, 16-Feb-2023 10:16:17 GMT; Max-Age=7200; path=/; HttpOnly; secure
vary: Accept-Encoding,User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZhnsRBbswL%2BAZomrkx%2FJSfL4n3UBfA0glgDmET4ueEPxx7N0vxFsNVg5OpQpFAf%2FDDkhqx8l4Dt31Mn5gVQHRA61KUnwuqlG0fmdh3lLfS4SBmy1xVayk6MX7bVdwX%2BlKCVOOI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d71ecb8a0e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1541829084.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1541829084.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:18 GMT
content-type: image/jpeg
content-length: 1951
cache-control: public, max-age=2678400
expires: Mon, 20 Feb 2023 11:33:45 GMT
last-modified: Wed, 03 Oct 2018 22:50:03 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 247353
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9UIGotMy2KTOfsIWBZKvzds57vck47ztvp2ouXPfpPf9hAL7hOuNoTce%2FZkslN7yiwB08DpQRU3DzLMElEF1ON5JyZ344vi4AkCsrXqdqWWZ8774ZmRQZu%2F%2BYqV3XVjoLRvlGk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd190e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1665017211.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1665017211.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:18 GMT
content-type: image/jpeg
content-length: 1503
cache-control: public, max-age=2678400
expires: Sun, 19 Feb 2023 15:19:17 GMT
last-modified: Thu, 02 Sep 2021 13:25:39 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 320221
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FHIccxpRzWvsbKTh2LfbnpPr00Uv4egyI7EOf3cjygIrVwQH%2FxGAPSBqCZbenO%2FZxc%2BP06khKrGZLfw27JX6TEaHCLLLlDUCBnnoXIBa%2BJIIIn3tAxhADNr%2Br3As18XNTX115Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd250e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1541020194.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1541020194.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:18 GMT
content-type: image/jpeg
content-length: 2391
cache-control: public, max-age=2678400
expires: Sun, 19 Feb 2023 08:09:21 GMT
last-modified: Sun, 14 May 2017 18:41:10 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 346017
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PbPumjbW02Ae%2Fn3C%2BuT8bpdRDXunQHiHD9EX1WkPZleBYMav7vHbhBYJDbipExcZtB92VEv3meJL%2FmHsykzTIDBjnrHdauhXBdM%2BoI569ajYtZzNjPuwxTmclNJxKvb1UuoMHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd260e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1657751802.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1657751802.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:18 GMT
content-type: image/jpeg
content-length: 1748
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 02:43:10 GMT
last-modified: Mon, 29 Aug 2022 20:10:35 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 19988
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eOCOL1%2FcP1ucTZDuTOAGwsVm9oYf%2FQEf536oPV9TLBYcBuYE2mGvUncQTld85ard2fYEKV3Eo2WuFeJ03eQs48rqJm0k2rTF46IO0JmPHiZAscjifbON8Mu8FvpzWZ0hloPzK4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd290e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1538607003.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1538607003.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:18 GMT
content-type: image/jpeg
content-length: 2119
cache-control: public, max-age=2678400
expires: Wed, 22 Feb 2023 20:06:28 GMT
last-modified: Sun, 14 Oct 2018 05:28:37 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 43790
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6LV%2FVZcuWDMCi3Z%2FTKAzC4KZUwlujctLT1YqTFdUMwSoyVw5boweV7c3qPbz6Y14u0RYdV9VFzbM3IGNT2bvdX%2F00J6OIYmP2YcX0aB29IH9%2FpuPcUrPGoS%2BQQ5qa1LBlTynDU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd2c0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1541544354.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1541544354.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:18 GMT
content-type: image/jpeg
content-length: 2117
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 02:43:10 GMT
last-modified: Tue, 14 Dec 2021 01:12:57 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 19988
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwAgMfpfvJkGdv4TacyXI3gjyZuLJ31qox7qlJ7GTMTgnxJLTLEqBGl2iW05S9vY1PMggZqhyoByPZ7uZcuvP4L%2FogrXOvs1D8LIu6utb8eKRY%2FJx8hH3o6gdzNGBWvRgK7p%2BtE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd300e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1628718389.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1628718389.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:18 GMT
content-type: image/jpeg
content-length: 1824
cache-control: public, max-age=2678400
expires: Wed, 22 Feb 2023 20:06:28 GMT
last-modified: Thu, 13 May 2021 14:47:57 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 43790
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2CRBuSVyqGpCJOpBhxLjcH99%2Fa%2BiUmDKpqqOpgzHsAS6N3JYKUOmFKKJRjfvlvqsjX3sqFk9hFVuLHp%2BSCtqtPhsjRuq7uJWFytZO4hQiAM9A1FX%2BesbybTWWmFvxV8B5%2F7YNM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd330e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1670904712.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1670904712.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:18 GMT
content-type: image/jpeg
content-length: 2539
cache-control: public, max-age=2678400
expires: Wed, 22 Feb 2023 00:05:00 GMT
last-modified: Thu, 18 Oct 2018 22:22:08 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 115878
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yN3xlw28UoYrW9M8WALZMr5DNXUI8l7hFg1oY8bcpXpYHMHD21DZ%2F%2Fy0XR%2F6UtWNytg7xJp7tW829YBn0MIaQVfDu9MuqdGG1hHKUiRihBLTItCBiOQlurUBuqhnZ%2BIexoGdaZo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd2b0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1650745049.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1650745049.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: image/jpeg
content-length: 1655
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:18 GMT
last-modified: Wed, 13 Jul 2022 22:36:42 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3GK42mlxzkVBNqfvE7SKgxlodq0te8FHbnWmuA9Hnm4VatlO%2Bnm3285qQHmvXqz%2F9%2BJt8jYJ4w%2B4pRSp6r%2BdyxMG8VDbOQiSGZxVLyN%2BQ2u6L7F6DnM3fPzA3mHR8zeu8LZd0s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd170e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1541180013.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1541180013.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: image/jpeg
content-length: 2100
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:18 GMT
last-modified: Wed, 11 Aug 2021 21:46:29 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euOO03C5QgMWZaPBwpoZ2w0DWgUSo3ChvjPrGzgDNaqByjcjU9c2HvY9rYyKwncp53g7vXZnFbYKBaaNybwQIjfFKoeutlT2y1wEpI98RELirhrT7Wwg5mCoXzOO9BFMNTjI99w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd1d0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1630589139.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1630589139.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: image/jpeg
content-length: 1525
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:18 GMT
last-modified: Sat, 23 Apr 2022 20:17:29 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CDCcGF2VjJ05vYI9UZrKnaVu8Ijs9mmwhLCqZ5c7X%2F4Uih5uHOjt8%2BYO5i%2BG%2Byq6ttnMDxmjsrzkLHtyiEzkKwXSG83Yrsibkom%2F2ymlKWqI0JsaBQ44DM6NAHN3AS1qyUmYeIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd210e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1494790867.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1494790867.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: image/jpeg
content-length: 1943
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:18 GMT
last-modified: Tue, 06 Nov 2018 22:45:54 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MH9GeVI33XnPnqpMt4MZgWQ9SsI5mD0d1zvoW0eCikukuCECTFDQEIMvOCtqe5qu7De4yQvJQZE37e9bq8NcLVi%2BOrcpe7o9C8Vk%2Bgh6PF114N06bacOjkCiGA2ZT15uDIcWicY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd1a0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1661803835.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1661803835.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: image/jpeg
content-length: 1604
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:18 GMT
last-modified: Tue, 13 Dec 2022 04:11:52 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ua8EiSgKU0wdQUWwfN1720B1y2JSYDxJsD1cpYyWTj1BGGcjbBQGtYhhD7ZAj2vbF6d83nHYv8Yz5iwhZRU9zIJN6YpBR6yQG19auMy5VY8%2FNHKfvMsGwqz6NWX1cImJ42EiKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd1e0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1624327988.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1624327988.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: image/jpeg
content-length: 2198
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:18 GMT
last-modified: Thu, 04 Oct 2018 01:56:36 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yPxYalhulhEH%2BYCHDY49EOQIjhcFKMF28GHM3%2BUs2BcYoAkqVVfxgP01HED2Ck1ywPumnWiRT%2FFs4y%2Fu9ieXpFNGZyO3UaBxiTgv3CUT4ADr5fQBxa2zvmk4EA4qFeyw9JoJ%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd2f0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1539901328.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1539901328.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: image/jpeg
content-length: 2009
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:18 GMT
last-modified: Fri, 02 Nov 2018 17:33:33 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCF0yQbuZQxcKYiM%2F2UU29thANGj5Pk9a3R8KnJXO%2BM9UP%2BYB3LmYmnxX3TZ3q8BbdJprPEh1a6hAxqCZxWqU29GBbSmrEX0pF1A%2FtsOGRThMKSZbrAz58FngAyctd5vGkDvQdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd230e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1539494917.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1539494917.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: image/jpeg
content-length: 2145
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:18 GMT
last-modified: Wed, 31 Oct 2018 21:09:54 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnIcTXyeW7yiJ8sZkl2YbLoJGWO6PqKJBcLnealuJCuuFNk4djzTUZ64wUmx%2F2D0e7XgSLTBPoggL0NOYFy4DruxFziFHw0%2BDkMFzBleWVA%2BzdHSi1LPAjJ%2Bo9ZrB3h0ENVBUHQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd140e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1674412547.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1674412547.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: image/jpeg
content-length: 2039
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:18 GMT
last-modified: Sat, 10 Nov 2018 05:51:24 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GsIH1YQgd2gW2x8C5JNK76DqruIaNzuDkDVX14muFImry0yVVAwRvjZMx1ok6C4Q9B%2BkAlO6b1bhicBviElXT8n7ljmGZcOYqtlikO%2FOaFTIeiQCcYxrT4WwZIOvRTmfxvN8nEk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725ed0b0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1538618196.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1538618196.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: image/jpeg
content-length: 1529
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:18 GMT
last-modified: Fri, 22 Oct 2021 07:49:47 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRlColTHWKB5S3CVV8MX7hwPqk9DfyJ9dsc4gEJ%2FC8H9%2B8QwMl5LkfyqvyceZnFJ9OVcVR4tyvFc1j5ISHiEy0YQaauneC%2BjtyA%2BiYmYI%2Bf3n7aUeAZHUKI%2FPCkQGhcD6K5Eu20%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd340e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1639444377.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1639444377.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: image/jpeg
content-length: 1694
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:18 GMT
last-modified: Thu, 06 Oct 2022 00:46:52 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=72sb3io9p00m1CY%2FeahL8BRxGydvTFqa7HW%2FKz2cSkCYlAk78fOYYLx09e7cSMcpYpJrixwlz84PIEmNvrkYuSv4RcxW9iNbxG3V8rUw7A%2BkQHIqrEtwsKF9IuDmKz5kH8Fkmhw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd100e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1661925755.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1661925755.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: image/jpeg
content-length: 1963
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:18 GMT
last-modified: Tue, 22 Jun 2021 02:13:08 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTs6xRgMVmyNpRDbmHX1Ra%2BdNylbIwSRJNvY%2FEdsfpeqApCifJSN45xZwH6wh5l6b1yAh9DaJYibzyAmFPggAbtsCtYaklLFrN5TufhBQBS6rrClIiKnyn9uixO%2B3u2WMIQwn%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd2a0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1620917277.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1620917277.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: image/jpeg
content-length: 1849
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:18 GMT
last-modified: Wed, 31 Aug 2022 06:02:35 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnH2B2Sz8VWbgb2%2BlZiLODhFOAbeB0GE8VUlm8A2CPwl9h8Flj%2FJ8Pkb0GgRhd2Cnlh7c%2FphBfuocP9acLUQjKx0DoXWq%2BEo65sgRDLZVtL9NJfViCgb42OnnG%2BYwxXJT7W5%2FpU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd310e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1634888987.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1634888987.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: image/jpeg
content-length: 2011
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:18 GMT
last-modified: Sun, 22 Jan 2023 18:35:47 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8Q5SMWaEqzs%2B1%2B8235Aoqli0nP8%2BgwkVezgM8z0sCpMRVccudLlCG0TvmkmACvJZagixkaX4M8wZrCjBpmOBuk2PEJlrpYajVjDxa65vKgdt6lA3APCkFeO%2Bp3nfogZPAXig4c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d725fd2d0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/live/song

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /live/song HTTP/2.0
host: www.letrasboom.com
accept: */*
x-csrf-token: w1hwZ30k4JbYtXZOON7kMhxVmZY7sqRSrJH65feV
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
x-requested-with: XMLHttpRequest
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6IkY4UmNtUm1IK2FmaktUOUpkZlR5eEE9PSIsInZhbHVlIjoiTFlmYk16cVZzQWhpenkzOTJEU2t1MmpWcTdiczVwcnJmYlpXMkJjdlwvR0lwaXhhalB6NFlHRmFnYlRFRmVRVnliTTFRWUxMY0Q1a1p4Y0ZrVnJaU0pBPT0iLCJtYWMiOiI5MDUzNGFlOGNmYjM1MWZmYWE1NWI2M2Q2ZWViZWRjN2ZmNTA3ODYwMTBjOTZhMGQzMWY4YTdmMjQ4NDI2MTcxIn0%3D
cookie: laravel_session=eyJpdiI6IjNSUVVoK1wvSnV4dCtiZ2dVbUdPZit3PT0iLCJ2YWx1ZSI6IkJXWVJhY2JUTSt6WThnbm9LWFdtWjJsbWZiN3JGSDV5cVYxaGdLcXlDUmlGMWJReUd5SWEzU0gyNDQxMm1zdXVXUXQzVDl4c2NESUhham9zekZIOVhRPT0iLCJtYWMiOiJlNzUyM2FmZmUxNTIyZTNjNTFkNWQzMTc2OGUwMzEyNjJjYTRiM2Q2ZGI2ZGI3MzU5MTAzYTJmYTA1NDY4OWUyIn0%3D

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:27 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache
set-cookie: XSRF-TOKEN=eyJpdiI6Inl0WTBxeVE4M0dOM3VwZFVveCtXQWc9PSIsInZhbHVlIjoiVkQ4UE9iVmFTR1l4dHc2RW5yY2p0dnRYaldNMUtjV3NEWldzT1dXMEF5b0dSM0dwSnpDZkd6cGtMV0VCbEtzbzZHSWYyXC9obEFqWmNCdGhacDNvMnN3PT0iLCJtYWMiOiI2ODc0MTlkNmM3M2ZkYjFiY2RjOTE1MDJiZTE0MGY0MmJmMWUzMDllOGVhYWE2ZTFiYjBmMzQ1ZWQ4ZjRmN2NhIn0%3D; expires=Thu, 16-Feb-2023 10:16:26 GMT; Max-Age=7200; path=/; secure
set-cookie: laravel_session=eyJpdiI6ImxDN3VWUlpKWXJ1eDNTbGZMZFRWMnc9PSIsInZhbHVlIjoieGhmNVh2aE9iTGNTbzRYeCs2OGl3XC9DODQyM3JGWFwvcjhVZnpOY1dSQmdzSlZtZnYrYW4rMW5vTUlkKytVQWM3cUxCdFZHV2Rpa3VLM2lpMlk4U281QT09IiwibWFjIjoiZmQ4MTQ2MTFiZTU0YTUwODE5ZTdkNWQwZTA2Yzg3MWE1OWIwNDAwNDUzY2E1NzNhMDZmNTcxNGYyZjQyYTYwMiJ9; expires=Thu, 16-Feb-2023 10:16:26 GMT; Max-Age=7200; path=/; HttpOnly; secure
vary: Accept-Encoding,User-Agent
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lbvtVMRXLkRCKgRGqgylmPztoUqHaw7qvVUY867jYAObApMzIBkH8FShdgOPEgE1BXs0PjZa9tAH3pCQqSEtox3i94IPEyrMg1JIqMv9gKPF2hduHbWKz5xV30uyEGiVfwcK5u8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d75709560e32-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1539385605.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1539385605.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6Inl0WTBxeVE4M0dOM3VwZFVveCtXQWc9PSIsInZhbHVlIjoiVkQ4UE9iVmFTR1l4dHc2RW5yY2p0dnRYaldNMUtjV3NEWldzT1dXMEF5b0dSM0dwSnpDZkd6cGtMV0VCbEtzbzZHSWYyXC9obEFqWmNCdGhacDNvMnN3PT0iLCJtYWMiOiI2ODc0MTlkNmM3M2ZkYjFiY2RjOTE1MDJiZTE0MGY0MmJmMWUzMDllOGVhYWE2ZTFiYjBmMzQ1ZWQ4ZjRmN2NhIn0%3D
cookie: laravel_session=eyJpdiI6ImxDN3VWUlpKWXJ1eDNTbGZMZFRWMnc9PSIsInZhbHVlIjoieGhmNVh2aE9iTGNTbzRYeCs2OGl3XC9DODQyM3JGWFwvcjhVZnpOY1dSQmdzSlZtZnYrYW4rMW5vTUlkKytVQWM3cUxCdFZHV2Rpa3VLM2lpMlk4U281QT09IiwibWFjIjoiZmQ4MTQ2MTFiZTU0YTUwODE5ZTdkNWQwZTA2Yzg3MWE1OWIwNDAwNDUzY2E1NzNhMDZmNTcxNGYyZjQyYTYwMiJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:27 GMT
content-type: image/jpeg
content-length: 2126
cache-control: public, max-age=2678400
expires: Mon, 20 Feb 2023 00:17:18 GMT
last-modified: Sun, 07 Oct 2018 19:50:19 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 287949
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9S0HSI%2FA%2F97zG0BLDJgVzYWYXcc8ALt6hosvtqC1kKyeWo3%2FqzJst%2FMAkcG3RGNBlvvkH7GszzkD2h0lFNiNNK7Al%2FwXCkh0HL4hNm6VtxVGZIjhXLONG2DlyFLLeQClFyWcEes%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d75a8e380e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1631678751.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1631678751.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6Inl0WTBxeVE4M0dOM3VwZFVveCtXQWc9PSIsInZhbHVlIjoiVkQ4UE9iVmFTR1l4dHc2RW5yY2p0dnRYaldNMUtjV3NEWldzT1dXMEF5b0dSM0dwSnpDZkd6cGtMV0VCbEtzbzZHSWYyXC9obEFqWmNCdGhacDNvMnN3PT0iLCJtYWMiOiI2ODc0MTlkNmM3M2ZkYjFiY2RjOTE1MDJiZTE0MGY0MmJmMWUzMDllOGVhYWE2ZTFiYjBmMzQ1ZWQ4ZjRmN2NhIn0%3D
cookie: laravel_session=eyJpdiI6ImxDN3VWUlpKWXJ1eDNTbGZMZFRWMnc9PSIsInZhbHVlIjoieGhmNVh2aE9iTGNTbzRYeCs2OGl3XC9DODQyM3JGWFwvcjhVZnpOY1dSQmdzSlZtZnYrYW4rMW5vTUlkKytVQWM3cUxCdFZHV2Rpa3VLM2lpMlk4U281QT09IiwibWFjIjoiZmQ4MTQ2MTFiZTU0YTUwODE5ZTdkNWQwZTA2Yzg3MWE1OWIwNDAwNDUzY2E1NzNhMDZmNTcxNGYyZjQyYTYwMiJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:27 GMT
content-type: image/jpeg
content-length: 1902
cache-control: public, max-age=2678400
expires: Wed, 22 Feb 2023 01:30:09 GMT
last-modified: Tue, 24 Aug 2021 16:48:09 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
age: 110778
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWA51MtUtQL%2BOG46XSoo4r6a3G%2BuK8xm512DUjGAEk5ypEGrYxqBRw59vMGfWQPfcfD3%2B1OGBkuCYLN0FN7YeCqLLLgigmhwzP1%2BiwfXeMoe%2B9GLF4aSaK5POaVYgzNkuE1y0YM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d75a8e3a0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1539144058.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1539144058.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6Inl0WTBxeVE4M0dOM3VwZFVveCtXQWc9PSIsInZhbHVlIjoiVkQ4UE9iVmFTR1l4dHc2RW5yY2p0dnRYaldNMUtjV3NEWldzT1dXMEF5b0dSM0dwSnpDZkd6cGtMV0VCbEtzbzZHSWYyXC9obEFqWmNCdGhacDNvMnN3PT0iLCJtYWMiOiI2ODc0MTlkNmM3M2ZkYjFiY2RjOTE1MDJiZTE0MGY0MmJmMWUzMDllOGVhYWE2ZTFiYjBmMzQ1ZWQ4ZjRmN2NhIn0%3D
cookie: laravel_session=eyJpdiI6ImxDN3VWUlpKWXJ1eDNTbGZMZFRWMnc9PSIsInZhbHVlIjoieGhmNVh2aE9iTGNTbzRYeCs2OGl3XC9DODQyM3JGWFwvcjhVZnpOY1dSQmdzSlZtZnYrYW4rMW5vTUlkKytVQWM3cUxCdFZHV2Rpa3VLM2lpMlk4U281QT09IiwibWFjIjoiZmQ4MTQ2MTFiZTU0YTUwODE5ZTdkNWQwZTA2Yzg3MWE1OWIwNDAwNDUzY2E1NzNhMDZmNTcxNGYyZjQyYTYwMiJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:27 GMT
content-type: image/jpeg
content-length: 2360
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:27 GMT
last-modified: Mon, 05 Jul 2021 05:28:50 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6lIkxbSvcd2BobXILFV3Qy6iTrrUYg68lmplZY%2F9uS1f3K7IVTUJDdRKC5ihXLxDIvybi%2FdDa3O2aURt7U5UzISTjn3K5eVkJhQKQU2DL%2F%2BlomrbiRztZyu6QNdrEgiG%2BBQ12g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d75a8e370e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1625462930.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1625462930.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6Inl0WTBxeVE4M0dOM3VwZFVveCtXQWc9PSIsInZhbHVlIjoiVkQ4UE9iVmFTR1l4dHc2RW5yY2p0dnRYaldNMUtjV3NEWldzT1dXMEF5b0dSM0dwSnpDZkd6cGtMV0VCbEtzbzZHSWYyXC9obEFqWmNCdGhacDNvMnN3PT0iLCJtYWMiOiI2ODc0MTlkNmM3M2ZkYjFiY2RjOTE1MDJiZTE0MGY0MmJmMWUzMDllOGVhYWE2ZTFiYjBmMzQ1ZWQ4ZjRmN2NhIn0%3D
cookie: laravel_session=eyJpdiI6ImxDN3VWUlpKWXJ1eDNTbGZMZFRWMnc9PSIsInZhbHVlIjoieGhmNVh2aE9iTGNTbzRYeCs2OGl3XC9DODQyM3JGWFwvcjhVZnpOY1dSQmdzSlZtZnYrYW4rMW5vTUlkKytVQWM3cUxCdFZHV2Rpa3VLM2lpMlk4U281QT09IiwibWFjIjoiZmQ4MTQ2MTFiZTU0YTUwODE5ZTdkNWQwZTA2Yzg3MWE1OWIwNDAwNDUzY2E1NzNhMDZmNTcxNGYyZjQyYTYwMiJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:27 GMT
content-type: image/jpeg
content-length: 1536
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:27 GMT
last-modified: Fri, 03 Jun 2022 04:26:27 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hXL5XoVod6oW4NocJhUU8NpOOYDI%2BHdyOECDrrUH3YEo4AYIJKz4oSlDxrVFI5OHfyu4%2F8rDtRk5V8QliLMxEjo5k28vpWTa5wrEEFwnK2%2B%2Bp4VDZQiy7jOh6yxLz5bgcVSkmS8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d75a8e3d0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1538941819.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1538941819.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6Inl0WTBxeVE4M0dOM3VwZFVveCtXQWc9PSIsInZhbHVlIjoiVkQ4UE9iVmFTR1l4dHc2RW5yY2p0dnRYaldNMUtjV3NEWldzT1dXMEF5b0dSM0dwSnpDZkd6cGtMV0VCbEtzbzZHSWYyXC9obEFqWmNCdGhacDNvMnN3PT0iLCJtYWMiOiI2ODc0MTlkNmM3M2ZkYjFiY2RjOTE1MDJiZTE0MGY0MmJmMWUzMDllOGVhYWE2ZTFiYjBmMzQ1ZWQ4ZjRmN2NhIn0%3D
cookie: laravel_session=eyJpdiI6ImxDN3VWUlpKWXJ1eDNTbGZMZFRWMnc9PSIsInZhbHVlIjoieGhmNVh2aE9iTGNTbzRYeCs2OGl3XC9DODQyM3JGWFwvcjhVZnpOY1dSQmdzSlZtZnYrYW4rMW5vTUlkKytVQWM3cUxCdFZHV2Rpa3VLM2lpMlk4U281QT09IiwibWFjIjoiZmQ4MTQ2MTFiZTU0YTUwODE5ZTdkNWQwZTA2Yzg3MWE1OWIwNDAwNDUzY2E1NzNhMDZmNTcxNGYyZjQyYTYwMiJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:27 GMT
content-type: image/jpeg
content-length: 2208
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:27 GMT
last-modified: Thu, 01 Sep 2022 12:26:29 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=whei%2BjuTNuj7risftOzNvGqx8BycUL8ZGkVuz%2B8jqnDPOs9cqTvcYat98yNoowaRfuwUdtnRgDwc4CAm7ZC5CYKoWoxLJtgkU1O8N0aZnDl%2Bs5q2%2FKl4f1UTpekz2lyjj7wZi6k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d75a8e390e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1662035189.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1662035189.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6Inl0WTBxeVE4M0dOM3VwZFVveCtXQWc9PSIsInZhbHVlIjoiVkQ4UE9iVmFTR1l4dHc2RW5yY2p0dnRYaldNMUtjV3NEWldzT1dXMEF5b0dSM0dwSnpDZkd6cGtMV0VCbEtzbzZHSWYyXC9obEFqWmNCdGhacDNvMnN3PT0iLCJtYWMiOiI2ODc0MTlkNmM3M2ZkYjFiY2RjOTE1MDJiZTE0MGY0MmJmMWUzMDllOGVhYWE2ZTFiYjBmMzQ1ZWQ4ZjRmN2NhIn0%3D
cookie: laravel_session=eyJpdiI6ImxDN3VWUlpKWXJ1eDNTbGZMZFRWMnc9PSIsInZhbHVlIjoieGhmNVh2aE9iTGNTbzRYeCs2OGl3XC9DODQyM3JGWFwvcjhVZnpOY1dSQmdzSlZtZnYrYW4rMW5vTUlkKytVQWM3cUxCdFZHV2Rpa3VLM2lpMlk4U281QT09IiwibWFjIjoiZmQ4MTQ2MTFiZTU0YTUwODE5ZTdkNWQwZTA2Yzg3MWE1OWIwNDAwNDUzY2E1NzNhMDZmNTcxNGYyZjQyYTYwMiJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:27 GMT
content-type: image/jpeg
content-length: 2063
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:27 GMT
last-modified: Fri, 12 Oct 2018 23:06:45 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ladij1JrwoPHEZpJQ8SgjPOekpnFpJUcUkDYYyI%2FgumWBwHKIIHGl9Jf536YX3Mmk7sGfwbGw6Bzh%2Fbi1ZGLZRy8GiIaoxOB6NsAX2WXsvdseF%2FZ7dbpe6a%2Fws6W6fTfI%2Bvt%2B1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d75a8e320e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1629823689.jpeg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1629823689.jpeg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6Inl0WTBxeVE4M0dOM3VwZFVveCtXQWc9PSIsInZhbHVlIjoiVkQ4UE9iVmFTR1l4dHc2RW5yY2p0dnRYaldNMUtjV3NEWldzT1dXMEF5b0dSM0dwSnpDZkd6cGtMV0VCbEtzbzZHSWYyXC9obEFqWmNCdGhacDNvMnN3PT0iLCJtYWMiOiI2ODc0MTlkNmM3M2ZkYjFiY2RjOTE1MDJiZTE0MGY0MmJmMWUzMDllOGVhYWE2ZTFiYjBmMzQ1ZWQ4ZjRmN2NhIn0%3D
cookie: laravel_session=eyJpdiI6ImxDN3VWUlpKWXJ1eDNTbGZMZFRWMnc9PSIsInZhbHVlIjoieGhmNVh2aE9iTGNTbzRYeCs2OGl3XC9DODQyM3JGWFwvcjhVZnpOY1dSQmdzSlZtZnYrYW4rMW5vTUlkKytVQWM3cUxCdFZHV2Rpa3VLM2lpMlk4U281QT09IiwibWFjIjoiZmQ4MTQ2MTFiZTU0YTUwODE5ZTdkNWQwZTA2Yzg3MWE1OWIwNDAwNDUzY2E1NzNhMDZmNTcxNGYyZjQyYTYwMiJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:27 GMT
content-type: image/jpeg
content-length: 1488
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:27 GMT
last-modified: Fri, 20 May 2022 06:49:49 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUl6oBSxaHz%2FqlPuHupMu6xh0jIhRsat3%2FxdtaZ%2BFZHkdGggeV%2Bei7G9Cg2qYSgRgx1SA9zw1TfDaCCKbb4%2FJjMqrzidN4RrfWtakf%2F0ADCzI2LUeISFqgLks0easNpCXdnaSq0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d75a8e3b0e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1653029389.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1653029389.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6Inl0WTBxeVE4M0dOM3VwZFVveCtXQWc9PSIsInZhbHVlIjoiVkQ4UE9iVmFTR1l4dHc2RW5yY2p0dnRYaldNMUtjV3NEWldzT1dXMEF5b0dSM0dwSnpDZkd6cGtMV0VCbEtzbzZHSWYyXC9obEFqWmNCdGhacDNvMnN3PT0iLCJtYWMiOiI2ODc0MTlkNmM3M2ZkYjFiY2RjOTE1MDJiZTE0MGY0MmJmMWUzMDllOGVhYWE2ZTFiYjBmMzQ1ZWQ4ZjRmN2NhIn0%3D
cookie: laravel_session=eyJpdiI6ImxDN3VWUlpKWXJ1eDNTbGZMZFRWMnc9PSIsInZhbHVlIjoieGhmNVh2aE9iTGNTbzRYeCs2OGl3XC9DODQyM3JGWFwvcjhVZnpOY1dSQmdzSlZtZnYrYW4rMW5vTUlkKytVQWM3cUxCdFZHV2Rpa3VLM2lpMlk4U281QT09IiwibWFjIjoiZmQ4MTQ2MTFiZTU0YTUwODE5ZTdkNWQwZTA2Yzg3MWE1OWIwNDAwNDUzY2E1NzNhMDZmNTcxNGYyZjQyYTYwMiJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:27 GMT
content-type: image/jpeg
content-length: 2157
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:27 GMT
last-modified: Wed, 15 Sep 2021 04:05:51 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMZY5dgC2seJyTn8UyDPDbHJw7Y0nJeOKM63050i6bEX2eSA8TslKizN38EjcuhH%2FRV8%2B9IrN3sf7E%2FZAXpfizsjx5RyeVQNHbXjSxtW7RPwZlV0xxUUEQPq2c5BO58oNoifqoo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d75a8e340e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://www.letrasboom.com/thumbs/artistas/50_1654230387.jpg

chrome.exe

Remote address:

172.67.190.73:443

Request

GET /thumbs/artistas/50_1654230387.jpg HTTP/2.0
host: www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __oagr=true
cookie: _pbjs_userid_consent_data=6683316680106290
cookie: _sharedID=a7272b49-a17d-40f4-b927-249106a98416
cookie: _ga_D1VQ2GT2X8=GS1.1.1676538969.1.0.1676538969.0.0.0
cookie: _ga=GA1.2.924694017.1676538969
cookie: _gid=GA1.2.335613043.1676538969
cookie: _gat_gtag_UA_126554797_1=1
cookie: __gads=ID=a22efaa8ec6a9f25:T=1676535372:S=ALNI_MYit7SkT8R2f4uiJWSexVmiMG5UcA
cookie: __gpi=UID=00000bb750a2e059:T=1676535372:RT=1676535372:S=ALNI_MbxjLVmN2cS6zmzcBvtVsUc0lr5zA
cookie: cto_bundle=B68DWF8wSldLSWtRJTJCWGdrYm5WOHNPc3JlOXFSOHpPNzBPRXhlSnAwMiUyQmZMdkZnTGdTYlBWZUFUMHpLJTJCTzJwdmdoeDJINVJ3Y3JYJTJCdkJOOVZhbDI2NDg3cWdLYmZGSG9nbmpPakh3ZXA1ZWl0ejBRJTJCZHYlMkJsRVdkV3RJc1hIY3U3VHJqM25HSzcwbEpxUzNVRXplWWclMkZ2MW9FdyUzRCUzRA
cookie: cto_bidid=0j5zoF9SUTViTHZTQ1NoS3FkOFFNaUR4aTFrWDdsbEhoTGZJYWlZQkR2NUZ1JTJCRyUyQjRZeVIzRjB5bWlTZFlWTEhrT29GQk1GODZycnljWFlyVjUwaDQlMkJ6YVhESlBZNURVVU5NOEIlMkZmUDJsWmVSV3EzTHFpJTJCMFp1NE55VUglMkZpakpkSWk3Ug
cookie: unifiedid=%7B%22TDID%22%3A%2213f1a438-84fc-4092-aa9c-6cd65def94f6%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-16T08%3A16%3A15%22%7D
cookie: XSRF-TOKEN=eyJpdiI6Inl0WTBxeVE4M0dOM3VwZFVveCtXQWc9PSIsInZhbHVlIjoiVkQ4UE9iVmFTR1l4dHc2RW5yY2p0dnRYaldNMUtjV3NEWldzT1dXMEF5b0dSM0dwSnpDZkd6cGtMV0VCbEtzbzZHSWYyXC9obEFqWmNCdGhacDNvMnN3PT0iLCJtYWMiOiI2ODc0MTlkNmM3M2ZkYjFiY2RjOTE1MDJiZTE0MGY0MmJmMWUzMDllOGVhYWE2ZTFiYjBmMzQ1ZWQ4ZjRmN2NhIn0%3D
cookie: laravel_session=eyJpdiI6ImxDN3VWUlpKWXJ1eDNTbGZMZFRWMnc9PSIsInZhbHVlIjoieGhmNVh2aE9iTGNTbzRYeCs2OGl3XC9DODQyM3JGWFwvcjhVZnpOY1dSQmdzSlZtZnYrYW4rMW5vTUlkKytVQWM3cUxCdFZHV2Rpa3VLM2lpMlk4U281QT09IiwibWFjIjoiZmQ4MTQ2MTFiZTU0YTUwODE5ZTdkNWQwZTA2Yzg3MWE1OWIwNDAwNDUzY2E1NzNhMDZmNTcxNGYyZjQyYTYwMiJ9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:27 GMT
content-type: image/jpeg
content-length: 2275
cache-control: public, max-age=2678400
expires: Thu, 23 Feb 2023 08:16:27 GMT
last-modified: Wed, 10 Oct 2018 04:00:59 GMT
vary: User-Agent, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogiPEHZ25cYqdF8L7HHFbrWWLz%2FOtv%2BnmgjZHUJMcFze0Sfb5WU%2BqXpYE9ZhRDB%2B79KxPN64Hspu%2BxyJOYvpm%2F%2BGI6b4B7in3ykNucjYFQ8fMEYCM6781U1trScPOlKej3yLryU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d75a8e360e32-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
DNS

cdnjs.cloudflare.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cdnjs.cloudflare.com

IN A

Response

cdnjs.cloudflare.com

IN A

104.17.24.14

cdnjs.cloudflare.com

IN A

104.17.25.14
DNS

maxcdn.bootstrapcdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

maxcdn.bootstrapcdn.com

IN A

Response

maxcdn.bootstrapcdn.com

IN A

104.18.11.207

maxcdn.bootstrapcdn.com

IN A

104.18.10.207
DNS

www.facebook.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.facebook.com

IN A

Response

www.facebook.com

IN CNAME

star-mini.c10r.facebook.com

star-mini.c10r.facebook.com

IN A

157.240.201.35
GET

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

chrome.exe

Remote address:

104.18.11.207:443

Request

GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/2.0
host: maxcdn.bootstrapcdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617
cdn-edgestorageid: 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-04-13 02:55:53
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: a4c754a17577d74a872d3c9c794d1a4f
cdn-cache: HIT
cf-cache-status: HIT
age: 21862543
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79a4d6de8e01b7d3-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

chrome.exe

Remote address:

104.18.11.207:443

Request

GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/2.0
host: maxcdn.bootstrapcdn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617
cdn-edgestorageid: 617
cdn-edgestorageid: 617
cdn-edgestorageid: 617
cdn-edgestorageid: 617
cdn-edgestorageid: 617
cdn-edgestorageid: 617
cdn-edgestorageid: 617
cdn-edgestorageid: 617
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 2021-06-08 14:35:59
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: b078a1e046f360931b46757d100ff8d1
cdn-cache: HIT
cf-cache-status: HIT
age: 21862532
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79a4d6debe2bb7d3-AMS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css

chrome.exe

Remote address:

104.17.24.14:443

Request

GET /ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css HTTP/2.0
host: cdnjs.cloudflare.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: style
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: text/css; charset=utf-8
content-length: 16149
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-1d970"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 574690
expires: Tue, 06 Feb 2024 08:16:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTS%2BSostwpQacXva6lYjLE3WpBAAQ%2Fn3KfZs6jtLmrnZCd4Ji6WQZIbs5DCnX%2B0zAigZl3zscLBFH6yKYGq%2BGFmFghs4fLiYQRlZ%2Fj%2FmGSGhLgBaGz%2FQsngb4obGNBWnZcA00Z%2F2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79a4d6de8d3db846-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js

chrome.exe

Remote address:

104.17.24.14:443

Request

GET /ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js HTTP/2.0
host: cdnjs.cloudflare.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: application/javascript; charset=utf-8
content-length: 1120
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-d35"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 13337608
expires: Tue, 06 Feb 2024 08:16:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xP5ruXYnk6YJ8pXqdwqlGnPoAiBSjbBjaOXqRxMPyXgAyozgNBtrkNLC7k%2F0%2F3zHFRvs6Y5l%2Bn7Qk0YPrqSKehMOEzEpZ2P6m4z0GpdSFdf7IOo7EewxiXQRgwuqRN4FUUNLRXyY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 79a4d6debd4db846-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
DNS

static.videoo.tv

chrome.exe

Remote address:

8.8.8.8:53

Request

static.videoo.tv

IN A

Response

static.videoo.tv

IN A

104.22.75.85

static.videoo.tv

IN A

104.22.74.85

static.videoo.tv

IN A

172.67.25.36
DNS

ajax.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ajax.googleapis.com

IN A

Response

ajax.googleapis.com

IN A

142.251.36.10
DNS

cmp.optad360.io

chrome.exe

Remote address:

8.8.8.8:53

Request

cmp.optad360.io

IN A

Response

cmp.optad360.io

IN CNAME

d3ltpzjuv81rgc.cloudfront.net

d3ltpzjuv81rgc.cloudfront.net

IN A

18.65.39.84

d3ltpzjuv81rgc.cloudfront.net

IN A

18.65.39.6

d3ltpzjuv81rgc.cloudfront.net

IN A

18.65.39.85

d3ltpzjuv81rgc.cloudfront.net

IN A

18.65.39.103
DNS

get.optad360.io

chrome.exe

Remote address:

8.8.8.8:53

Request

get.optad360.io

IN A

Response

get.optad360.io

IN CNAME

d1s82kbginhvh2.cloudfront.net

d1s82kbginhvh2.cloudfront.net

IN A

108.156.60.9

d1s82kbginhvh2.cloudfront.net

IN A

108.156.60.6

d1s82kbginhvh2.cloudfront.net

IN A

108.156.60.51

d1s82kbginhvh2.cloudfront.net

IN A

108.156.60.97
GET

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

chrome.exe

Remote address:

142.251.36.10:443

Request

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/2.0
host: ajax.googleapis.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://cmp.optad360.io/items/35ee166a-3201-4cc7-a239-4fac6cf8bbf4.min.js

chrome.exe

Remote address:

18.65.39.84:443

Request

GET /items/35ee166a-3201-4cc7-a239-4fac6cf8bbf4.min.js HTTP/2.0
host: cmp.optad360.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 497
last-modified: Mon, 12 Apr 2021 08:54:56 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 16 Feb 2023 02:33:34 GMT
etag: "7acdc116a0830ba0aef5e087010246ba"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 29d6db1b5ecb170f22487453430df556.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: S6XC2ajJB9mQL3DxuDWw3qh7nIbyDrWNA52VcQLqMYkF9FZP2y1-fg==
age: 20579
GET

https://static.videoo.tv/b07559121e9d14312fc97f12ac8f4551b04a17099bd8725c53bd2d3b8133a4ae.js

chrome.exe

Remote address:

104.22.75.85:443

Request

GET /b07559121e9d14312fc97f12ac8f4551b04a17099bd8725c53bd2d3b8133a4ae.js HTTP/2.0
host: static.videoo.tv
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:07 GMT
content-type: application/javascript
content-length: 281859
etag: "633abafb-44d03"
expires: Thu, 16 Feb 2023 08:20:24 GMT
cache-control: public, max-age=14400, s-maxage=300, no-transform
access-control-max-age: : 60
access-control-allow-methods: : *
access-control-allow-origin: *
last-modified: Monday, 03-Oct-2022 14:39:36 GMT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79a4d6dfa8811cb1-AMS
GET

https://static.videoo.tv/videootv-player/videootv-player.min.1.0.8.js

chrome.exe

Remote address:

104.22.75.85:443

Request

GET /videootv-player/videootv-player.min.1.0.8.js HTTP/2.0
host: static.videoo.tv
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:19 GMT
content-type: application/javascript
content-length: 1853116
etag: "63359830-1c46bc"
expires: Thu, 16 Feb 2023 08:15:25 GMT
cache-control: public, max-age=14400, s-maxage=300, no-transform
access-control-max-age: : 60
access-control-allow-methods: : *
access-control-allow-origin: *
last-modified: Thursday, 29-Sep-2022 13:11:15 GMT
cf-cache-status: HIT
age: 277
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79a4d729fc8b1cb1-AMS
GET

https://get.optad360.io/sf/f8916de8-8bef-4e56-a4e1-3640ebc1adb7/plugin.min.js

chrome.exe

Remote address:

108.156.60.9:443

Request

GET /sf/f8916de8-8bef-4e56-a4e1-3640ebc1adb7/plugin.min.js HTTP/2.0
host: get.optad360.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
date: Mon, 13 Feb 2023 06:45:56 GMT
last-modified: Sun, 15 Jan 2023 18:55:34 GMT
etag: W/"9d99f13a50f2100b4ff070622a53c563"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76a2ca53c94ecdb2669e24612a611a48.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: wSlMWCvlO-AvURY9j7eeW9jgmZ-PWoWcen2MdM-YUaxLqxnSwb8d1A==
age: 264613
GET

https://get.optad360.io/sf/prebid7.17.0.js

chrome.exe

Remote address:

108.156.60.9:443

Request

GET /sf/prebid7.17.0.js HTTP/2.0
host: get.optad360.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 504152
date: Thu, 17 Nov 2022 16:28:11 GMT
last-modified: Mon, 03 Oct 2022 06:53:57 GMT
etag: "840fa482840c0b1f014b3c14f6e0ab2e"
cache-control: public, max-age=360000000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 76a2ca53c94ecdb2669e24612a611a48.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: psJ9H9Bb4xDNrcGH_B7W8g6ldsrlHWbg68NJeRtWvJ_nuD0Z9PGS9Q==
age: 7832878
DNS

translate.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

translate.googleapis.com

IN A

Response

translate.googleapis.com

IN A

142.251.36.42
GET

https://translate.googleapis.com/translate_a/l?client=chrome&hl=en&key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw

chrome.exe

Remote address:

142.251.36.42:443

Request

GET /translate_a/l?client=chrome&hl=en&key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/2.0
host: translate.googleapis.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
GET

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

chrome.exe

Remote address:

104.18.11.207:443

Request

GET /font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0 HTTP/2.0
host: maxcdn.bootstrapcdn.com
origin: https://www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:08 GMT
content-type: font/woff2
content-length: 56780
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617
cdn-edgestorageid: 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 14:23:29
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 38a105778197723aff83f756b3eb8974
cdn-cache: HIT
cf-cache-status: HIT
age: 21756140
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79a4d6e34edab994-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
DNS

connect.facebook.net

chrome.exe

Remote address:

8.8.8.8:53

Request

connect.facebook.net

IN A

Response

connect.facebook.net

IN CNAME

scontent.xx.fbcdn.net

scontent.xx.fbcdn.net

IN A

157.240.247.8
DNS

googleads.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.250.179.130
GET

https://googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/zrt_lookup.html

chrome.exe

Remote address:

142.250.179.130:443

Request

GET /pagead/html/r20230213/r20190131/zrt_lookup.html HTTP/2.0
host: googleads.g.doubleclick.net
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8529738176339949&output=html&adk=1812271804&adf=3025194257&lmt=1676538969&plat=1%3A1024%2C2%3A16778240%2C3%3A2097152%2C4%3A2097152%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.letrasboom.com%2F&ea=0&pra=5&wgl=1&dt=1676538967127&bpp=6&bdt=1205&idt=2018&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3590571353406&frm=20&pv=2&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=1&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&adx=-12245933&ady=-12245933&biw=1263&bih=561&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072408%2C44774606%2C44779794&oid=2&pvsid=314466341267225&tmod=1711111623&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C561&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2058

chrome.exe

Remote address:

142.250.179.130:443

Request

GET /pagead/ads?client=ca-pub-8529738176339949&output=html&adk=1812271804&adf=3025194257&lmt=1676538969&plat=1%3A1024%2C2%3A16778240%2C3%3A2097152%2C4%3A2097152%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.letrasboom.com%2F&ea=0&pra=5&wgl=1&dt=1676538967127&bpp=6&bdt=1205&idt=2018&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3590571353406&frm=20&pv=2&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=1&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&adx=-12245933&ady=-12245933&biw=1263&bih=561&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072408%2C44774606%2C44779794&oid=2&pvsid=314466341267225&tmod=1711111623&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C561&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2058 HTTP/2.0
host: googleads.g.doubleclick.net
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8529738176339949&output=html&h=280&slotname=7258792395&adk=447111016&adf=4043329827&pi=t.ma~as.7258792395&w=1170&fwrn=4&fwrnh=100&lmt=1676538969&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.letrasboom.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676538967133&bpp=3&bdt=1211&idt=2074&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3590571353406&frm=20&pv=1&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=1&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&adx=47&ady=110&biw=1263&bih=561&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072408%2C44774606%2C44779794&oid=2&pvsid=314466341267225&tmod=1711111623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C561&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YUHFxK7TJK&p=https%3A//www.letrasboom.com&dtd=2079

chrome.exe

Remote address:

142.250.179.130:443

Request

GET /pagead/ads?client=ca-pub-8529738176339949&output=html&h=280&slotname=7258792395&adk=447111016&adf=4043329827&pi=t.ma~as.7258792395&w=1170&fwrn=4&fwrnh=100&lmt=1676538969&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.letrasboom.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676538967133&bpp=3&bdt=1211&idt=2074&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3590571353406&frm=20&pv=1&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=1&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&adx=47&ady=110&biw=1263&bih=561&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072408%2C44774606%2C44779794&oid=2&pvsid=314466341267225&tmod=1711111623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C561&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YUHFxK7TJK&p=https%3A//www.letrasboom.com&dtd=2079 HTTP/2.0
host: googleads.g.doubleclick.net
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8529738176339949&output=html&h=280&adk=4256748862&adf=2426917324&pi=t.aa~a.2301765837~rp.3&w=545&fwrn=4&fwrnh=100&lmt=1676538971&rafmt=1&to=qs&pwprc=1767027533&format=545x280&url=https%3A%2F%2Fwww.letrasboom.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1676538971647&bpp=10&bdt=5725&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=2&correlator=3590571353406&frm=20&pv=1&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=1&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&adx=647&ady=2516&biw=1263&bih=561&scr_x=0&scr_y=799&eid=44759876%2C44759927%2C44759837%2C31072408%2C44774606%2C44779794&oid=2&pvsid=314466341267225&tmod=1711111623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C561&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2XDUw83Bot&p=https%3A//www.letrasboom.com&dtd=15

chrome.exe

Remote address:

142.250.179.130:443

Request

GET /pagead/ads?client=ca-pub-8529738176339949&output=html&h=280&adk=4256748862&adf=2426917324&pi=t.aa~a.2301765837~rp.3&w=545&fwrn=4&fwrnh=100&lmt=1676538971&rafmt=1&to=qs&pwprc=1767027533&format=545x280&url=https%3A%2F%2Fwww.letrasboom.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1676538971647&bpp=10&bdt=5725&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=2&correlator=3590571353406&frm=20&pv=1&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=1&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&adx=647&ady=2516&biw=1263&bih=561&scr_x=0&scr_y=799&eid=44759876%2C44759927%2C44759837%2C31072408%2C44774606%2C44779794&oid=2&pvsid=314466341267225&tmod=1711111623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C561&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2XDUw83Bot&p=https%3A//www.letrasboom.com&dtd=15 HTTP/2.0
host: googleads.g.doubleclick.net
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://googleads.g.doubleclick.net/pagead/id

chrome.exe

Remote address:

142.250.179.130:443

Request

GET /pagead/id HTTP/2.0
host: googleads.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
origin: https://www.youtube.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8529738176339949&output=html&h=280&adk=4256748862&adf=3901308243&pi=t.aa~a.2301765486~rp.2&w=545&fwrn=4&fwrnh=100&lmt=1676538971&rafmt=1&to=qs&pwprc=1767027533&format=545x280&url=https%3A%2F%2Fwww.letrasboom.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1676538971647&bpp=2&bdt=5725&idt=2&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C545x280&nras=3&correlator=3590571353406&frm=20&pv=1&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=1&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&adx=62&ady=2536&biw=1263&bih=561&scr_x=0&scr_y=799&eid=44759876%2C44759927%2C44759837%2C31072408%2C44774606%2C44779794&oid=2&pvsid=314466341267225&tmod=1711111623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C561&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=5oQhVLRX16&p=https%3A//www.letrasboom.com&dtd=33

chrome.exe

Remote address:

142.250.179.130:443

Request

GET /pagead/ads?client=ca-pub-8529738176339949&output=html&h=280&adk=4256748862&adf=3901308243&pi=t.aa~a.2301765486~rp.2&w=545&fwrn=4&fwrnh=100&lmt=1676538971&rafmt=1&to=qs&pwprc=1767027533&format=545x280&url=https%3A%2F%2Fwww.letrasboom.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1676538971647&bpp=2&bdt=5725&idt=2&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C545x280&nras=3&correlator=3590571353406&frm=20&pv=1&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=1&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&adx=62&ady=2536&biw=1263&bih=561&scr_x=0&scr_y=799&eid=44759876%2C44759927%2C44759837%2C31072408%2C44774606%2C44779794&oid=2&pvsid=314466341267225&tmod=1711111623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C561&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=5oQhVLRX16&p=https%3A//www.letrasboom.com&dtd=33 HTTP/2.0
host: googleads.g.doubleclick.net
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDK5HkYpP2O4QEwAQ&v=APEucNUd2xRkABmVaNf1oZi3MCqphgNuAY98twXOJx-pDAzHIPFnROh2ULP_aSuWWbYg-0lVt6gIGMhsGqcxv1Y-k0b-NDiR8g

chrome.exe

Remote address:

142.250.179.130:443

Request

GET /xbbe/pixel?d=CKfHXRDK5HkYpP2O4QEwAQ&v=APEucNUd2xRkABmVaNf1oZi3MCqphgNuAY98twXOJx-pDAzHIPFnROh2ULP_aSuWWbYg-0lVt6gIGMhsGqcxv1Y-k0b-NDiR8g HTTP/2.0
host: googleads.g.doubleclick.net
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVMMLUkvUrDGODbd11cqh4Ygpyf30o5xB7eeB1EPC6tuLIaGuEJY7L_T1oLoGZUj1mqCdRf2n_L0wFXo2CpE6Kvihm_w&cry=1&dbm_d=AKAmf-C32NWT3mtrPmEpbjqgLPI_OqXQsw74CyEN6Cj4V7ymCEa_DE1i6UDITYadsuS8KVMQ7r3YSIEWlr52QSJlY3xtycO8JyWbZpGGO8dwlBBgwyza3poUkTuIsPqxaPji1czMh4l81Q06Jv0S7kO276STi7De-WdWJB59tIfVCXjhs1DLfds6p-VrgVwILq28DJ4CL4IWtES8pd2LdRzek35LIsY8D5onKzJzfgGH5ZPyYlyKdBNAkeYep4YvS0hjlgEU3657-UGkG5QFnbTUiaG47TQVmJKzyIi6P1eBcAPwVZBEQLE0eiDkt8NzUNRrHKUc1vD__aGGB3kF7xZvhlh8hvR8BWWw9bZJIWaA1F-Vw8mKxBsbVPOLYwb8IZ0nQMHrbEWgght9skgv9GGTqBqUZNLP1ekfQnpHnnIw81bqtVn5EClCkBrOFzkdIduA5hOufWb5goXJgcJE4-rM5fWiyNxd2F_YqvTGAsVx4fPAJTkzIgjXA-hmNKvx9dRRkwrySQYbyoEUy8IgHPFj5AjEnn-4s_Zyvw_-Is8jW_Ej0BPW5GhhkowqkCAmHpcX87-zs5FPtAPXbOknG18WHhfuqfAwYyWjK5KRA_KP8FFTmBzpRUmDIyijvhawswp2lDktPpWVRrj1dCwExqo2Y77kdwzqzq-iB_BFqOxnePNXH6_I5wc-t6NZdoQOgU7CaO12c1A6deREHyE-f-VyLBiIYh2qq8uzAIJ8deoubfXTZKZNfz4i0YjUe59q9LK4Q-MK0whYIOiUCmpaugTxKTK_ouIdk4lNxs-ihLn3gvG5zV8j64nUkphZuzMWTIoDsdLZFCqJmGJF6WBNZ8-IhpYvNPBQFgoOskWS2MkecNPvVQxlS2jIEnQz4CZIfd_7dNDYko0ZeylxvEoAmtc4sIMWSZaQxbz4cRVkgqa3hRDPDX9h4dw2JayWgj93TAMUe6z9Ygi9a3UxR1HKHt2iWDYgpe5Wn55QwEU9SI_szHa8h8p8Sl77-ECq2cM-4xlzbLOJY7plpgbfK6hqNiM60DJKUKQsF4ROd8vA33Drn386Z9mdBR1eaPL2d7iMIp25wk6mlk05wGpThQt8zyX-zWuJ1Yy4ER7_03FbtRMzj8GhPd7dBzDNPu6qStr2Yfj40AoJgtiauJlbtK0kKBVKyslUhUS3tvw-TwhAirnnOYL9BKkIb6FNIpFloAMVFqVN6p_dHNq5RKV_u6m2m9cFanVXYoXdjejRhRxF_TVd8kjLGoAvqs0z3vghlMrTfqgRJVU2_MGn9OhBZH2VOB7Tz3oieebGTSXM9YTqaPknlk1Iw7H24g8AlpERWkkYhft4RqX_QsoB-7veAYUJTC8wGCzgkRb41nRlSh1H-rKcJpMVw3OFNR_ydZVmCRjvj_tyD7oDy-3_jhKbWOsr1SfGvwWqo0xuCR6I4hjK6vjde6MHpzsTqNP3K5tk3VSDtFigw2_iJDFOeUFE3iLu1DK7A1bV38nIkNVqR5C1cc4JWlsRgVvZj9zKdrbj2U2-uZhZ_y2IVB3uCuiNNnLiO8Sl4ppT9N1_XxvlHe_wLd9KYr6yKWjKJgcMW5L4VzDDaKnTk8eLFfM-ypuJNUXAED6X77pNWKFQ2sF_tQ5PMdzgGPaNbAqHL7E2QGPUUAhLd8_SFsr-y-jixHCHZiJDQdzls0Me8yBDnJdpcWgL3lbejno4cdft450-OsFXc62IMxOvXmmGRLFr_1rFmaCqHNnmHSLyNxhEhF6QUuu3ntTCfQHIGwveKJAbWtlHIeUhvtGTSARMb65UUKp72S47CK0dWHLyudRisQI8KBV4So3Nc_LrdRG7J-1FKG8rKLcyTrKoz6E4vZf2_AvwIr9k-1Z_6YrFOedOg5xbP84gXvF7DBjq0rPwqSKge009YpF3oxrcIOIRaS3D-_Ojr3zDJqjfZi3ShWfQQo5Oo0V_cg6rCih3UjYekqnE0Adtvgj97A2PLWzgV-0DQZQ2HFiG-Fzo2F_lGJ4cGKixTAiUBnYSujXleu3heS0LQ4GV941Jf46Pz8MhbWJa_DqPKK79aaEVkile3kAXCJSRDBmZ96A9rJFrzZ-xW7DVEFI_AgVHRWSX9sO5nDibKKbKi-BF9mWWUURbWIcLuQQpXv3jmH76ORyHJ79pXw7GkdaS9bCYYRYet7z17fSA12p1VF2gkz0ICvHtM8cFFRaccO8JXB8jnlmjoov2DGjGXfbHBtuUqo4HDjxzXtDJO3lLLPuSY_gG3UDzxqtZwkrDp8aTVR9ep2xwlewtiXjUKPLLDBahQ3DZh1VVinHF33D-K2LP20iSXrwbpYQgwgrQRzq8flhJeNjwwpddI2MEhdgcC3qKnieg3m3rhraknClL4QOg579i6lhQ9Nqe-VE6vz3vQxz83zRdzdGKDVjC6DwrHniRYzMQboEHH11TO7LxfP3wfV2rJtd8V5GyfAtd1LGsLEYH3rEd1MGoZEALbxbKPZoIyYfFvwEpi5HRp2ZNLBxFRq_fjqiVcWAJM0VmuhO9AnenNta0vYdfb5C9BfX264QUYgwxQUQLzycpheS-wYn3dE6l3xuBBsoSswsi7PPTqqhwauqyQrj8ICt-hBkrepYXkbRGyUrXU1AtQvxVo9AdhYRRpvpi0Ljy8BF_l_CLAKIYDUrWwQm6kxCxltLZXixqz_gcxDD23NhBw7kkzDCCsZyGfaHjyJYs3xaPo9HQF2_R0LsUkXv8tUQrqU5KGXjUtUnvd8UMClLG1CabTYtPwEUnD-gXb2TZ6iTt3wfTVl-oYcnPwgxQLTlLv9hjRCnGv8pZsalz0NNYeFwNSAc92gp2FVJS5bI_tlc98wf6h2nrfwkaQGLRIvdxEPQJZT8S19cSMNrNMKOfbWaKCjT8lhlbRhluMSo2P4gVK_ubBN_e2sllkp_9dYacTx9zF4AfJ3ExQPdiu1BLXFuS63r7acfG8_E1uw7oJdo4dKbCFEtJtFYjK-8OiiXBTcGQyBB4VvN7915-TMXJlBoHcNY6BNhIDi-rSRF9uZ0vjA8pqbwh3XeSTfA7iujFvyqzLfjiKZXCeZeBiC3V5DCAEU-zSSBTkpNgzrmhJPnxzjjLeB3I-ZTPw6rkzVufvhgLAw9v1n8AdlczTrlyE_vs3koVBj5uqpVLZY6CORPjiTTvbouaCeO4scGZC1kqTn5_PmY5SnARJrUwTT6fOxYofLZECTh4w3f2QdBxFsA3R_R32EyxaRyYlr2p14E&cid=CAQSPADUE5ymhpU1v_ENhhV0SWBCy2xcHTC6xxoUCsKyr8L3HuVIYORQCpwVZhxx0fGmHO4RVc1Ak9FWNDGODxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.letrasboom.com%2F&ds=l&xdt=1&iif=1&cor=3918056682965084700&adk=3690638929&idt=90&cac=0&dtd=9

chrome.exe

Remote address:

142.250.179.130:443

Request

GET /dbm/ad?dbm_c=AKAmf-CVMMLUkvUrDGODbd11cqh4Ygpyf30o5xB7eeB1EPC6tuLIaGuEJY7L_T1oLoGZUj1mqCdRf2n_L0wFXo2CpE6Kvihm_w&cry=1&dbm_d=AKAmf-C32NWT3mtrPmEpbjqgLPI_OqXQsw74CyEN6Cj4V7ymCEa_DE1i6UDITYadsuS8KVMQ7r3YSIEWlr52QSJlY3xtycO8JyWbZpGGO8dwlBBgwyza3poUkTuIsPqxaPji1czMh4l81Q06Jv0S7kO276STi7De-WdWJB59tIfVCXjhs1DLfds6p-VrgVwILq28DJ4CL4IWtES8pd2LdRzek35LIsY8D5onKzJzfgGH5ZPyYlyKdBNAkeYep4YvS0hjlgEU3657-UGkG5QFnbTUiaG47TQVmJKzyIi6P1eBcAPwVZBEQLE0eiDkt8NzUNRrHKUc1vD__aGGB3kF7xZvhlh8hvR8BWWw9bZJIWaA1F-Vw8mKxBsbVPOLYwb8IZ0nQMHrbEWgght9skgv9GGTqBqUZNLP1ekfQnpHnnIw81bqtVn5EClCkBrOFzkdIduA5hOufWb5goXJgcJE4-rM5fWiyNxd2F_YqvTGAsVx4fPAJTkzIgjXA-hmNKvx9dRRkwrySQYbyoEUy8IgHPFj5AjEnn-4s_Zyvw_-Is8jW_Ej0BPW5GhhkowqkCAmHpcX87-zs5FPtAPXbOknG18WHhfuqfAwYyWjK5KRA_KP8FFTmBzpRUmDIyijvhawswp2lDktPpWVRrj1dCwExqo2Y77kdwzqzq-iB_BFqOxnePNXH6_I5wc-t6NZdoQOgU7CaO12c1A6deREHyE-f-VyLBiIYh2qq8uzAIJ8deoubfXTZKZNfz4i0YjUe59q9LK4Q-MK0whYIOiUCmpaugTxKTK_ouIdk4lNxs-ihLn3gvG5zV8j64nUkphZuzMWTIoDsdLZFCqJmGJF6WBNZ8-IhpYvNPBQFgoOskWS2MkecNPvVQxlS2jIEnQz4CZIfd_7dNDYko0ZeylxvEoAmtc4sIMWSZaQxbz4cRVkgqa3hRDPDX9h4dw2JayWgj93TAMUe6z9Ygi9a3UxR1HKHt2iWDYgpe5Wn55QwEU9SI_szHa8h8p8Sl77-ECq2cM-4xlzbLOJY7plpgbfK6hqNiM60DJKUKQsF4ROd8vA33Drn386Z9mdBR1eaPL2d7iMIp25wk6mlk05wGpThQt8zyX-zWuJ1Yy4ER7_03FbtRMzj8GhPd7dBzDNPu6qStr2Yfj40AoJgtiauJlbtK0kKBVKyslUhUS3tvw-TwhAirnnOYL9BKkIb6FNIpFloAMVFqVN6p_dHNq5RKV_u6m2m9cFanVXYoXdjejRhRxF_TVd8kjLGoAvqs0z3vghlMrTfqgRJVU2_MGn9OhBZH2VOB7Tz3oieebGTSXM9YTqaPknlk1Iw7H24g8AlpERWkkYhft4RqX_QsoB-7veAYUJTC8wGCzgkRb41nRlSh1H-rKcJpMVw3OFNR_ydZVmCRjvj_tyD7oDy-3_jhKbWOsr1SfGvwWqo0xuCR6I4hjK6vjde6MHpzsTqNP3K5tk3VSDtFigw2_iJDFOeUFE3iLu1DK7A1bV38nIkNVqR5C1cc4JWlsRgVvZj9zKdrbj2U2-uZhZ_y2IVB3uCuiNNnLiO8Sl4ppT9N1_XxvlHe_wLd9KYr6yKWjKJgcMW5L4VzDDaKnTk8eLFfM-ypuJNUXAED6X77pNWKFQ2sF_tQ5PMdzgGPaNbAqHL7E2QGPUUAhLd8_SFsr-y-jixHCHZiJDQdzls0Me8yBDnJdpcWgL3lbejno4cdft450-OsFXc62IMxOvXmmGRLFr_1rFmaCqHNnmHSLyNxhEhF6QUuu3ntTCfQHIGwveKJAbWtlHIeUhvtGTSARMb65UUKp72S47CK0dWHLyudRisQI8KBV4So3Nc_LrdRG7J-1FKG8rKLcyTrKoz6E4vZf2_AvwIr9k-1Z_6YrFOedOg5xbP84gXvF7DBjq0rPwqSKge009YpF3oxrcIOIRaS3D-_Ojr3zDJqjfZi3ShWfQQo5Oo0V_cg6rCih3UjYekqnE0Adtvgj97A2PLWzgV-0DQZQ2HFiG-Fzo2F_lGJ4cGKixTAiUBnYSujXleu3heS0LQ4GV941Jf46Pz8MhbWJa_DqPKK79aaEVkile3kAXCJSRDBmZ96A9rJFrzZ-xW7DVEFI_AgVHRWSX9sO5nDibKKbKi-BF9mWWUURbWIcLuQQpXv3jmH76ORyHJ79pXw7GkdaS9bCYYRYet7z17fSA12p1VF2gkz0ICvHtM8cFFRaccO8JXB8jnlmjoov2DGjGXfbHBtuUqo4HDjxzXtDJO3lLLPuSY_gG3UDzxqtZwkrDp8aTVR9ep2xwlewtiXjUKPLLDBahQ3DZh1VVinHF33D-K2LP20iSXrwbpYQgwgrQRzq8flhJeNjwwpddI2MEhdgcC3qKnieg3m3rhraknClL4QOg579i6lhQ9Nqe-VE6vz3vQxz83zRdzdGKDVjC6DwrHniRYzMQboEHH11TO7LxfP3wfV2rJtd8V5GyfAtd1LGsLEYH3rEd1MGoZEALbxbKPZoIyYfFvwEpi5HRp2ZNLBxFRq_fjqiVcWAJM0VmuhO9AnenNta0vYdfb5C9BfX264QUYgwxQUQLzycpheS-wYn3dE6l3xuBBsoSswsi7PPTqqhwauqyQrj8ICt-hBkrepYXkbRGyUrXU1AtQvxVo9AdhYRRpvpi0Ljy8BF_l_CLAKIYDUrWwQm6kxCxltLZXixqz_gcxDD23NhBw7kkzDCCsZyGfaHjyJYs3xaPo9HQF2_R0LsUkXv8tUQrqU5KGXjUtUnvd8UMClLG1CabTYtPwEUnD-gXb2TZ6iTt3wfTVl-oYcnPwgxQLTlLv9hjRCnGv8pZsalz0NNYeFwNSAc92gp2FVJS5bI_tlc98wf6h2nrfwkaQGLRIvdxEPQJZT8S19cSMNrNMKOfbWaKCjT8lhlbRhluMSo2P4gVK_ubBN_e2sllkp_9dYacTx9zF4AfJ3ExQPdiu1BLXFuS63r7acfG8_E1uw7oJdo4dKbCFEtJtFYjK-8OiiXBTcGQyBB4VvN7915-TMXJlBoHcNY6BNhIDi-rSRF9uZ0vjA8pqbwh3XeSTfA7iujFvyqzLfjiKZXCeZeBiC3V5DCAEU-zSSBTkpNgzrmhJPnxzjjLeB3I-ZTPw6rkzVufvhgLAw9v1n8AdlczTrlyE_vs3koVBj5uqpVLZY6CORPjiTTvbouaCeO4scGZC1kqTn5_PmY5SnARJrUwTT6fOxYofLZECTh4w3f2QdBxFsA3R_R32EyxaRyYlr2p14E&cid=CAQSPADUE5ymhpU1v_ENhhV0SWBCy2xcHTC6xxoUCsKyr8L3HuVIYORQCpwVZhxx0fGmHO4RVc1Ak9FWNDGODxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.letrasboom.com%2F&ds=l&xdt=1&iif=1&cor=3918056682965084700&adk=3690638929&idt=90&cac=0&dtd=9 HTTP/2.0
host: googleads.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

chrome.exe

Remote address:

142.250.179.130:443

Request

GET /pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1 HTTP/2.0
host: googleads.g.doubleclick.net
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

chrome.exe

Remote address:

142.250.179.130:443

Request

GET /pagead/drt/s?v=r20120211 HTTP/2.0
host: googleads.g.doubleclick.net
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

chrome.exe

Remote address:

142.250.179.130:443

Request

GET /pagead/drt/si?st=NO_DATA HTTP/2.0
host: googleads.g.doubleclick.net
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
DNS

securepubads.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

securepubads.g.doubleclick.net

IN A

Response

securepubads.g.doubleclick.net

IN CNAME

securepubads46.g.doubleclick.net

securepubads46.g.doubleclick.net

IN A

216.58.208.98
GET

https://securepubads.g.doubleclick.net/tag/js/gpt.js

chrome.exe

Remote address:

216.58.208.98:443

Request

GET /tag/js/gpt.js HTTP/2.0
host: securepubads.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021301.js

chrome.exe

Remote address:

216.58.208.98:443

Request

GET /gpt/pubads_impl_2023021301.js HTTP/2.0
host: securepubads.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=314466341267225&correlator=2044187490518723&eid=31071362%2C31072020&output=ldjh&gdfp_req=1&vrg=2023021301&ptt=17&impl=fif&iu_parts=121764058%3A21820527814%2Cletrasboom.com%2Cletrasboom.com_o3b_display_SF_o3b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&ifi=4&adks=983911378&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1676538971208&lmt=1676538971&dlt=1676538965922&idt=5060&adxs=282&adys=561&biw=1263&bih=561&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&bc=31&nvt=1&url=https%3A%2F%2Fwww.letrasboom.com%2F&frm=20&vis=1&psz=0x-1&msz=700x-1&fws=644&ohw=1263&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=true

chrome.exe

Remote address:

216.58.208.98:443

Request

GET /gampad/ads?pvsid=314466341267225&correlator=2044187490518723&eid=31071362%2C31072020&output=ldjh&gdfp_req=1&vrg=2023021301&ptt=17&impl=fif&iu_parts=121764058%3A21820527814%2Cletrasboom.com%2Cletrasboom.com_o3b_display_SF_o3b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&ifi=4&adks=983911378&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1676538971208&lmt=1676538971&dlt=1676538965922&idt=5060&adxs=282&adys=561&biw=1263&bih=561&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&bc=31&nvt=1&url=https%3A%2F%2Fwww.letrasboom.com%2F&frm=20&vis=1&psz=0x-1&msz=700x-1&fws=644&ohw=1263&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=true HTTP/2.0
host: securepubads.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
origin: https://www.letrasboom.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: test_cookie=CheckForPermission
DNS

cdn.jsdelivr.net

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.jsdelivr.net

IN A

Response

cdn.jsdelivr.net

IN CNAME

cdn.jsdelivr.net.cdn.cloudflare.net

cdn.jsdelivr.net.cdn.cloudflare.net

IN A

104.16.86.20

cdn.jsdelivr.net.cdn.cloudflare.net

IN A

104.16.87.20

cdn.jsdelivr.net.cdn.cloudflare.net

IN A

104.16.89.20

cdn.jsdelivr.net.cdn.cloudflare.net

IN A

104.16.85.20

cdn.jsdelivr.net.cdn.cloudflare.net

IN A

104.16.88.20
GET

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230216

chrome.exe

Remote address:

104.16.86.20:443

Request

GET /gh/prebid/currency-file@1/latest.json?date=20230216 HTTP/2.0
host: cdn.jsdelivr.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.letrasboom.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:09 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.0.1619
x-jsd-version-type: version
etag: W/"63c-C5rNjecPiOL2cTNpi3hRsJWlZ7k"
x-served-by: cache-fra-eddf8230021-FRA, cache-yyz4564-YYZ
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 15316
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3DYmo5G1eoUe6O7SYsATJCOw7nKOLJYBFYdy%2Bm7Jm366Xam1XbnzxkUVKh8GDJJYVAbdMFpBr8oEAVsGJHNDHkfpQPBXJnAXCgm7E%2Bat8xUP%2BYIaKoOTvrrAzPqp5GxYbk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79a4d6e86ba8b83c-AMS
content-encoding: br
DNS

dns.google

chrome.exe

Remote address:

8.8.8.8:53

Request

dns.google

IN A

Response

dns.google

IN A

8.8.8.8

dns.google

IN A

8.8.4.4
DNS

prebid-eu.creativecdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

prebid-eu.creativecdn.com

IN A

Response

prebid-eu.creativecdn.com

IN A

185.184.8.90
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2FwaQtkYWlseW1vdGlvbgNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA2FwaQtkYWlseW1vdGlvbgNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCWFkc2VydmljZQZnb29nbGUDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCWFkc2VydmljZQZnb29nbGUDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABDHNlY3VyZXB1YmFkcwFnC2RvdWJsZWNsaWNrA25ldAAAAQABAAApEAAAAAAAAEUADABBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABDHNlY3VyZXB1YmFkcwFnC2RvdWJsZWNsaWNrA25ldAAAAQABAAApEAAAAAAAAEUADABBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABC3N0YXRpYy1mZWVkBnZpZGVvbwJ0dgAAAQABAAApEAAAAAAAAE4ADABKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABC3N0YXRpYy1mZWVkBnZpZGVvbwJ0dgAAAQABAAApEAAAAAAAAE4ADABKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3NzcAJ3cAJwbAAAAQABAAApEAAAAAAAAFoADABWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3NzcAJ3cAJwbAAAAQABAAApEAAAAAAAAFoADABWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAWMGdmlkZW9vAnR2AAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAWMGdmlkZW9vAnR2AAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABB3BhcnRuZXIQZ29vZ2xlYWRzZXJ2aWNlcwNjb20AAAEAAQAAKRAAAAAAAABHAAwAQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABB3BhcnRuZXIQZ29vZ2xlYWRzZXJ2aWNlcwNjb20AAAEAAQAAKRAAAAAAAABHAAwAQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAzF4MQRhLW1vA25ldAAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAzF4MQRhLW1vA25ldAAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnN0YXRpYwZjcml0ZW8DbmV0AAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBnN0YXRpYwZjcml0ZW8DbmV0AAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBTIwMTMzBGxpdmUOc3RyZWFtdGhld29ybGQDY29tAAABAAEAACkQAAAAAAAARgAMAEIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBTIwMTMzBGxpdmUOc3RyZWFtdGhld29ybGQDY29tAAABAAEAACkQAAAAAAAARgAMAEIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXN0YXRzAWcLZG91YmxlY2xpY2sDbmV0AAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBXN0YXRzAWcLZG91YmxlY2xpY2sDbmV0AAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3RwYxFnb29nbGVzeW5kaWNhdGlvbgNjb20AAAEAAQAAKRAAAAAAAABKAAwARgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3RwYxFnb29nbGVzeW5kaWNhdGlvbgNjb20AAAEAAQAAKRAAAAAAAABKAAwARgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABIDVjM2Q4ZmRiZmI1ZjdjOWI4ZmI5ZTZiNDkxYmU5NTgzCXNhZmVmcmFtZRFnb29nbGVzeW5kaWNhdGlvbgNjb20AAAEAAQAAKRAAAAAAAAAjAAwAHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABIDVjM2Q4ZmRiZmI1ZjdjOWI4ZmI5ZTZiNDkxYmU5NTgzCXNhZmVmcmFtZRFnb29nbGVzeW5kaWNhdGlvbgNjb20AAAEAAQAAKRAAAAAAAAAjAAwAHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnN0YXRpYwtkb3VibGVjbGljawNuZXQAAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBnN0YXRpYwtkb3VibGVjbGljawNuZXQAAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBmpubi1wYQpnb29nbGVhcGlzA2NvbQAAAQABAAApEAAAAAAAAE4ADABKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBmpubi1wYQpnb29nbGVhcGlzA2NvbQAAAQABAAApEAAAAAAAAE4ADABKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2d1bQZjcml0ZW8DY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA2d1bQZjcml0ZW8DY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwZnb29nbGUDY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwZnb29nbGUDY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dxFnb29nbGV0YWdzZXJ2aWNlcwNjb20AAAEAAQAAKRAAAAAAAABKAAwARgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dxFnb29nbGV0YWdzZXJ2aWNlcwNjb20AAAEAAQAAKRAAAAAAAABKAAwARgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmNtAWcLZG91YmxlY2xpY2sDbmV0AAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAmNtAWcLZG91YmxlY2xpY2sDbmV0AAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCGRzdW0tc2VjC2Nhc2FsZW1lZGlhA2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCGRzdW0tc2VjC2Nhc2FsZW1lZGlhA2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmliBWFkbnhzA2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAmliBWFkbnhzA2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBW1hdGNoBmFkc3J2cgNvcmcAAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBW1hdGNoBmFkc3J2cgNvcmcAAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2FkcwhwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA2FkcwhwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHN5bmMKcXVhbnR1bWRleAJpbwAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBHN5bmMKcXVhbnR1bWRleAJpbwAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAnMwBDJtZG4DbmV0AAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAnMwBDJtZG4DbmV0AAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBmltYWdlNghwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBmltYWdlNghwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCHNzdW0tc2VjC2Nhc2FsZW1lZGlhA2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCHNzdW0tc2VjC2Nhc2FsZW1lZGlhA2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCm9uZXRhZy1zeXMDY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCm9uZXRhZy1zeXMDY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABDXNlY3VyZS1hc3NldHMOcnViaWNvbnByb2plY3QDY29tAAABAAEAACkQAAAAAAAAQwAMAD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABDXNlY3VyZS1hc3NldHMOcnViaWNvbnByb2plY3QDY29tAAABAAEAACkQAAAAAAAAQwAMAD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCXVzZXJtYXRjaAl0YXJnZXRpbmcLdW5ydWx5bWVkaWEDY29tAAABAAEAACkQAAAAAAAAQAAMADwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCXVzZXJtYXRjaAl0YXJnZXRpbmcLdW5ydWx5bWVkaWEDY29tAAABAAEAACkQAAAAAAAAQAAMADwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2Fkcw5iZXR3ZWVuZGlnaXRhbANjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA2Fkcw5iZXR3ZWVuZGlnaXRhbANjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBW1hdGNoDHNoYXJldGhyb3VnaANjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBW1hdGNoDHNoYXJldGhyb3VnaANjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3VwcwlhbmFseXRpY3MFeWFob28DY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3VwcwlhbmFseXRpY3MFeWFob28DY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCGlkNS1zeW5jA2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCGlkNS1zeW5jA2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAXMCYWQGc21hYXRvA25ldAAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAXMCYWQGc21hYXRvA25ldAAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmFwBWxpaml0A2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAmFwBWxpaml0A2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3NzcAZkaXNxdXMDY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3NzcAZkaXNxdXMDY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2hieAVtZWRpYQNuZXQAAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA2hieAVtZWRpYQNuZXQAAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2NtcwpxdWFudHNlcnZlA2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA2NtcwpxdWFudHNlcnZlA2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAWEMdHJpYmFsZnVzaW9uA2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAWEMdHJpYmFsZnVzaW9uA2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXByLWJoA3licAV5YWhvbwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBXByLWJoA3licAV5YWhvbwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmMxBmFkZm9ybQNuZXQAAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAmMxBmFkZm9ybQNuZXQAAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmNzEWNob2NvbGF0ZXBsYXRmb3JtA2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAmNzEWNob2NvbGF0ZXBsYXRmb3JtA2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnNlY3VyZQVhZG54cwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBnNlY3VyZQVhZG54cwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3NzbAdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3NzbAdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCmdvb2dsZWFkczQBZwtkb3VibGVjbGljawNuZXQAAAEAAQAAKRAAAAAAAABHAAwAQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCmdvb2dsZWFkczQBZwtkb3VibGVjbGljawNuZXQAAAEAAQAAKRAAAAAAAABHAAwAQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHN5bmMHbWF0aHRhZwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBHN5bmMHbWF0aHRhZwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2Q1cAVkZTE3YQNjb20AAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA2Q1cAVkZTE3YQNjb20AAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2RpcwZjcml0ZW8DY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA2RpcwZjcml0ZW8DY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBmFheC1ldQ9hbWF6b24tYWRzeXN0ZW0DY29tAAABAAEAACkQAAAAAAAASQAMAEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBmFheC1ldQ9hbWF6b24tYWRzeXN0ZW0DY29tAAABAAEAACkQAAAAAAAASQAMAEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2RzcAdhZGZhcm0xB2FkaXRpb24DY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA2RzcAdhZGZhcm0xB2FkaXRpb24DY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHN5bmMDc3J2CnN0YWNrYWRhcHQDY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBHN5bmMDc3J2CnN0YWNrYWRhcHQDY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBW1hdGNoBHByb2QEYmlkcgJpbwAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBW1hdGNoBHByb2QEYmlkcgJpbwAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABB3N5bmMtdG0LZXZlcmVzdHRlY2gDbmV0AAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABB3N5bmMtdG0LZXZlcmVzdHRlY2gDbmV0AAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXBpeGVsCm9uYXVkaWVuY2UDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBXBpeGVsCm9uYXVkaWVuY2UDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABB3Zpc2l0b3IGZmlmdHl0A2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABB3Zpc2l0b3IGZmlmdHl0A2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAnVtBnNpbXBsaQJmaQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAnVtBnNpbXBsaQJmaQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAXgJYmlkc3dpdGNoA25ldAAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAXgJYmlkc3dpdGNoA25ldAAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABDnB1Ym1hdGljLW1hdGNoBmRvdG9taQNjb20AAAEAAQAAKRAAAAAAAABKAAwARgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABDnB1Ym1hdGljLW1hdGNoBmRvdG9taQNjb20AAAEAAQAAKRAAAAAAAABKAAwARgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCnBpeGVsLXN5bmMJc2l0ZXNjb3V0A2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCnBpeGVsLXN5bmMJc2l0ZXNjb3V0A2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBWZvbnRzB2dzdGF0aWMDY29tAAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBWZvbnRzB2dzdGF0aWMDY29tAAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABB3NpbWFnZTIIcHVibWF0aWMDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABB3NpbWFnZTIIcHVibWF0aWMDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2V1cw5ydWJpY29ucHJvamVjdANjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA2V1cw5ydWJpY29ucHJvamVjdANjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBndpZGdldAJhcwZjcml0ZW8DY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBndpZGdldAJhcwZjcml0ZW8DY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAXMMdHJpYmFsZnVzaW9uA2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAXMMdHJpYmFsZnVzaW9uA2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBGNvZGUIY3JlYXRlanMDY29tAAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBGNvZGUIY3JlYXRlanMDY29tAAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBmltYWdlMghwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBmltYWdlMghwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3N0ZAV3cGNkbgJwbAAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3N0ZAV3cGNkbgJwbAAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmNzBmlxem9uZQNjb20AAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAmNzBmlxem9uZQNjb20AAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3NwbAZ6ZW90YXADY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3NwbAZ6ZW90YXADY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCXJ0Yi1jc3luYw1zbWFydGFkc2VydmVyA2NvbQAAAQABAAApEAAAAAAAAEgADABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCXJ0Yi1jc3luYw1zbWFydGFkc2VydmVyA2NvbQAAAQABAAApEAAAAAAAAEgADABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAXMPYW1hem9uLWFkc3lzdGVtA2NvbQAAAQABAAApEAAAAAAAAE4ADABKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAXMPYW1hem9uLWFkc3lzdGVtA2NvbQAAAQABAAApEAAAAAAAAE4ADABKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAWQGYWRyb2xsA2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAWQGYWRyb2xsA2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABFHNvbmF0YS1ub3RpZmljYXRpb25zDnRhcHRhcG5ldHdvcmtzA2NvbQAAAQABAAApEAAAAAAAADwADAA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABFHNvbmF0YS1ub3RpZmljYXRpb25zDnRhcHRhcG5ldHdvcmtzA2NvbQAAAQABAAApEAAAAAAAADwADAA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBmltYWdlNAhwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBmltYWdlNAhwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2F1ZAhwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA2F1ZAhwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmJoCmNvbnRleHR3ZWIDY29tAAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAmJoCmNvbnRleHR3ZWIDY29tAAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXRva2VuDnJ1Ymljb25wcm9qZWN0A2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBXRva2VuDnJ1Ymljb25wcm9qZWN0A2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABB3NpbWFnZTQIcHVibWF0aWMDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABB3NpbWFnZTQIcHVibWF0aWMDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBm13emVvbQZ6ZW90YXADY29tAAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBm13emVvbQZ6ZW90YXADY29tAAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBWNzeW5jBmxvb3BtZQJtZQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBWNzeW5jBmxvb3BtZQJtZQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBGNvcmUFaXByb20DbmV0AAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBGNvcmUFaXByb20DbmV0AAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHN5bmMDMXJ4AmlvAAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBHN5bmMDMXJ4AmlvAAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCG1hdGNoaW5nB3RydWZmbGUDYmlkAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCG1hdGNoaW5nB3RydWZmbGUDYmlkAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBGlwYWMHY3Ruc25ldANjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBGlwYWMHY3Ruc25ldANjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABDXBpeGVsLXVzLWVhc3QOcnViaWNvbnByb2plY3QDY29tAAABAAEAACkQAAAAAAAAQwAMAD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABDXBpeGVsLXVzLWVhc3QOcnViaWNvbnByb2plY3QDY29tAAABAAEAACkQAAAAAAAAQwAMAD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBWdyZWVuBGVybmUCY28AAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBWdyZWVuBGVybmUCY28AAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABB3VpcGdsb2IHc2VtYXNpbwNuZXQAAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABB3VpcGdsb2IHc2VtYXNpbwNuZXQAAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAWEGYXVkcnRlA2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAWEGYXVkcnRlA2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmNyCGZyb250ZW5kCHdlYm9yYW1hAmZyAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAmNyCGZyb250ZW5kCHdlYm9yYW1hAmZyAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmFkBHR1cm4DY29tAAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAmFkBHR1cm4DY29tAAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBW1hdGNoBWFkc2J5CmJpZHRoZWF0cmUDY29tAAABAAEAACkQAAAAAAAASQAMAEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBW1hdGNoBWFkc2J5CmJpZHRoZWF0cmUDY29tAAABAAEAACkQAAAAAAAASQAMAEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2FkcwpwbGF5Z3JvdW5kA3h5egAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA2FkcwpwbGF5Z3JvdW5kA3h5egAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCHBpeGVsLWV1Cm9uYXVkaWVuY2UDY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCHBpeGVsLWV1Cm9uYXVkaWVuY2UDY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXBpeGVsDnJ1Ymljb25wcm9qZWN0A2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBXBpeGVsDnJ1Ymljb25wcm9qZWN0A2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAnB4A2FkcwhsaW5rZWRpbgNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAnB4A2FkcwhsaW5rZWRpbgNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXVpcHVzB3NlbWFzaW8DbmV0AAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBXVpcHVzB3NlbWFzaW8DbmV0AAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHN5bmMJY3J3ZGNudHJsA25ldAAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBHN5bmMJY3J3ZGNudHJsA25ldAAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnNzLXBicwpxdWFudHVtZGV4AmlvAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBnNzLXBicwpxdWFudHVtZGV4AmlvAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHN5bmMJdGFyZ2V0aW5nC3VucnVseW1lZGlhA2NvbQAAAQABAAApEAAAAAAAAEUADABBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBHN5bmMJdGFyZ2V0aW5nC3VucnVseW1lZGlhA2NvbQAAAQABAAApEAAAAAAAAEUADABBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABAXQGdmlkZW9vAnR2AAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABAXQGdmlkZW9vAnR2AAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHZhc3QIc3VubWVkaWECdHYAAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBHZhc3QIc3VubWVkaWECdHYAAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnN0YXRpYwhzdW5tZWRpYQJ0dgAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBnN0YXRpYwhzdW5tZWRpYQJ0dgAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCHNlcnZpY2VzCHN1bm1lZGlhAnR2AAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCHNlcnZpY2VzCHN1bm1lZGlhAnR2AAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABDmVzLXN1bmljb250ZW50CnZpZGVvcGxhemECdHYAAAEAAQAAKRAAAAAAAABHAAwAQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABDmVzLXN1bmljb250ZW50CnZpZGVvcGxhemECdHYAAAEAAQAAKRAAAAAAAABHAAwAQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXRyYWNrCHN1bm1lZGlhAnR2AAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBXRyYWNrCHN1bm1lZGlhAnR2AAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2FkZRFnb29nbGVzeW5kaWNhdGlvbgNjb20AAAEAAQAAKRAAAAAAAABKAAwARgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA2FkZRFnb29nbGVzeW5kaWNhdGlvbgNjb20AAAEAAQAAKRAAAAAAAABKAAwARgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHd3dzgNc21hcnRhZHNlcnZlcgNjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBHd3dzgNc21hcnRhZHNlcnZlcgNjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCWNyZWF0aXZlcwZzYXNjZG4DY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCWNyZWF0aXZlcwZzYXNjZG4DY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnd3Mjk1MQ1zbWFydGFkc2VydmVyA2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBnd3Mjk1MQ1zbWFydGFkc2VydmVyA2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnNlYXJjaAtzcG90eGNoYW5nZQNjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBnNlYXJjaAtzcG90eGNoYW5nZQNjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXd3dzE0DXNtYXJ0YWRzZXJ2ZXIDY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBXd3dzE0DXNtYXJ0YWRzZXJ2ZXIDY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
DNS

hbopenbid.pubmatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

hbopenbid.pubmatic.com

IN A

Response

hbopenbid.pubmatic.com

IN CNAME

hbprebid-v3.pubmnet.com

hbprebid-v3.pubmnet.com

IN CNAME

hbopenbid-ams.pubmnet.com

hbopenbid-ams.pubmnet.com

IN A

185.64.189.112
DNS

adx.adform.net

chrome.exe

Remote address:

8.8.8.8:53

Request

adx.adform.net

IN A

Response

adx.adform.net

IN CNAME

track-eu.adformnet.akadns.net

track-eu.adformnet.akadns.net

IN A

37.157.6.233

track-eu.adformnet.akadns.net

IN A

37.157.6.254
DNS

useast.quantumdex.io

chrome.exe

Remote address:

8.8.8.8:53

Request

useast.quantumdex.io

IN A

Response

useast.quantumdex.io

IN A

104.22.37.96

useast.quantumdex.io

IN A

172.67.42.201

useast.quantumdex.io

IN A

104.22.36.96
POST

https://prebid-eu.creativecdn.com/bidder/prebid/bids

chrome.exe

Remote address:

185.184.8.90:443

Request

POST /bidder/prebid/bids HTTP/2.0
host: prebid-eu.creativecdn.com
content-length: 644
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.letrasboom.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 16 Feb 2023 08:16:09 GMT
access-control-allow-origin: https://www.letrasboom.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
DNS

bidder.criteo.com

chrome.exe

Remote address:

8.8.8.8:53

Request

bidder.criteo.com

IN A

Response

bidder.criteo.com

IN CNAME

bidder.nl3.vip.prod.criteo.com

bidder.nl3.vip.prod.criteo.com

IN A

178.250.1.8
DNS

ssp.wp.pl

chrome.exe

Remote address:

8.8.8.8:53

Request

ssp.wp.pl

IN A

Response

ssp.wp.pl

IN A

212.77.99.29
DNS

prebid.a-mo.net

chrome.exe

Remote address:

8.8.8.8:53

Request

prebid.a-mo.net

IN A

Response

prebid.a-mo.net

IN A

145.40.89.200
POST

https://useast.quantumdex.io/auction/pbjs

chrome.exe

Remote address:

104.22.37.96:443

Request

POST /auction/pbjs HTTP/2.0
host: useast.quantumdex.io
content-length: 799
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.letrasboom.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 16 Feb 2023 08:16:09 GMT
access-control-allow-origin: https://www.letrasboom.com
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
set-cookie: uid=3cf3fa95-9e41-4d1e-97e6-1fe0ebde7ac9; expires=Sat, 18 Mar 2023 07:16:09 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d6e95b1fb761-AMS
GET

https://sync.quantumdex.io/usersync/pbjs

chrome.exe

Remote address:

104.22.37.96:443

Request

GET /usersync/pbjs HTTP/2.0
host: sync.quantumdex.io
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=3cf3fa95-9e41-4d1e-97e6-1fe0ebde7ac9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:13 GMT
content-type: text/html
set-cookie: uid=3cf3fa95-9e41-4d1e-97e6-1fe0ebde7ac9; expires=Sun, 26 Feb 2023 08:16:13 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d704db61b761-AMS
content-encoding: gzip
GET

https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

chrome.exe

Remote address:

104.22.37.96:443

Request

GET /setuid?bidder=medianet&uid=0000EEA HTTP/2.0
host: sync.quantumdex.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=3cf3fa95-9e41-4d1e-97e6-1fe0ebde7ac9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:16 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d713d87ab761-AMS
GET

https://sync.quantumdex.io/setuid?bidder=smaato&uid=dd5e0fca

chrome.exe

Remote address:

104.22.37.96:443

Request

GET /setuid?bidder=smaato&uid=dd5e0fca HTTP/2.0
host: sync.quantumdex.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=3cf3fa95-9e41-4d1e-97e6-1fe0ebde7ac9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:16 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d713c862b761-AMS
GET

https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=481445b5-026b-438d-8979-31c73dd24cca

chrome.exe

Remote address:

104.22.37.96:443

Request

GET /setuid?bidder=sharethrough&uid=481445b5-026b-438d-8979-31c73dd24cca HTTP/2.0
host: sync.quantumdex.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=3cf3fa95-9e41-4d1e-97e6-1fe0ebde7ac9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:16 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d713c872b761-AMS
GET

https://sync.quantumdex.io/setuid?bidder=between&uid=c4facd13-fa64-522f-884f-0690eba2e0de

chrome.exe

Remote address:

104.22.37.96:443

Request

GET /setuid?bidder=between&uid=c4facd13-fa64-522f-884f-0690eba2e0de HTTP/2.0
host: sync.quantumdex.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=3cf3fa95-9e41-4d1e-97e6-1fe0ebde7ac9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:16 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d71428d6b761-AMS
GET

https://sync.quantumdex.io/setuid?bidder=sovrn&uid=GKkwsLZHbGXWDkqKTAKQ75GR

chrome.exe

Remote address:

104.22.37.96:443

Request

GET /setuid?bidder=sovrn&uid=GKkwsLZHbGXWDkqKTAKQ75GR HTTP/2.0
host: sync.quantumdex.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=3cf3fa95-9e41-4d1e-97e6-1fe0ebde7ac9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:16 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d71438ecb761-AMS
GET

https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-YaRZyfFE2uHP9bnHxvTtHLEHBtYpe_hSV2zA.90-~A

chrome.exe

Remote address:

104.22.37.96:443

Request

GET /setuid?bidder=verizon-display&uid=y-YaRZyfFE2uHP9bnHxvTtHLEHBtYpe_hSV2zA.90-~A HTTP/2.0
host: sync.quantumdex.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=3cf3fa95-9e41-4d1e-97e6-1fe0ebde7ac9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:16 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d71428d7b761-AMS
GET

https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-d75cwl_EIS4BtmlWQ-ItZFlWDpifj4pGtm5vClEy3w

chrome.exe

Remote address:

104.22.37.96:443

Request

GET /setuid?bidder=inmobi&uid=ID5-d75cwl_EIS4BtmlWQ-ItZFlWDpifj4pGtm5vClEy3w HTTP/2.0
host: sync.quantumdex.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=3cf3fa95-9e41-4d1e-97e6-1fe0ebde7ac9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:16 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d71438e6b761-AMS
GET

https://sync.quantumdex.io/setuid?bidder=ix&uid=Y-3mTaZpbrcFP0dlQKNcNQAABIkAAAAB

chrome.exe

Remote address:

104.22.37.96:443

Request

GET /setuid?bidder=ix&uid=Y-3mTaZpbrcFP0dlQKNcNQAABIkAAAAB HTTP/2.0
host: sync.quantumdex.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=3cf3fa95-9e41-4d1e-97e6-1fe0ebde7ac9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:16 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d716ab90b761-AMS
GET

https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B

chrome.exe

Remote address:

104.22.37.96:443

Request

GET /setuid?bidder=pubmatic&uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B HTTP/2.0
host: sync.quantumdex.io
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=3cf3fa95-9e41-4d1e-97e6-1fe0ebde7ac9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:17 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d71dba96b761-AMS
GET

https://sync.quantumdex.io/setuid?bidder=rubicon&uid=LE6TVK0W-1D-GVS3

chrome.exe

Remote address:

104.22.37.96:443

Request

GET /setuid?bidder=rubicon&uid=LE6TVK0W-1D-GVS3 HTTP/2.0
host: sync.quantumdex.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://eus.rubiconproject.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=3cf3fa95-9e41-4d1e-97e6-1fe0ebde7ac9

Response

HTTP/2.0 302

date: Thu, 16 Feb 2023 08:16:18 GMT
content-type: image/gif
content-length: 43
location: https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=&f=&uid=LE6TVK0W-1D-GVS3
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d7202cc4b761-AMS
GET

https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=&f=&uid=LE6TVK0W-1D-GVS3

chrome.exe

Remote address:

104.22.37.96:443

Request

GET /setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=&f=&uid=LE6TVK0W-1D-GVS3 HTTP/2.0
host: ss-pbs.quantumdex.io
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://eus.rubiconproject.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=3cf3fa95-9e41-4d1e-97e6-1fe0ebde7ac9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:18 GMT
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: uids=eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMRTZUVkswVy0xRC1HVlMzIiwiZXhwaXJlcyI6IjIwMjMtMDMtMDJUMDg6MTY6MTguMTUxMTEzWiJ9fSwiYmRheSI6IjIwMjMtMDItMTZUMDg6MTY6MTguMTUxMDgzWiJ9; Max-Age=7776000; Expires=Wed, 17 May 2023 08:16:18 GMT; Path=/; Domain=quantumdex.io; SameSite=None; Secure
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d7212dc9b761-AMS
POST

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=14483891437&lsavail=0

chrome.exe

Remote address:

178.250.1.8:443

Request

POST /cdb?profileId=207&av=34&wv=7.17.0&cb=14483891437&lsavail=0 HTTP/2.0
host: bidder.criteo.com
content-length: 507
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.letrasboom.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Thu, 16 Feb 2023 08:16:08 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://www.letrasboom.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
DNS

rtb.adxpremium.services

chrome.exe

Remote address:

8.8.8.8:53

Request

rtb.adxpremium.services

IN A

Response

rtb.adxpremium.services

IN A

185.106.140.18
POST

https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.17.0&inver=0

chrome.exe

Remote address:

212.77.99.29:443

Request

POST /bidder/?bdver=5.7&pbver=7.17.0&inver=0 HTTP/2.0
host: ssp.wp.pl
content-length: 997
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.letrasboom.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=13298436275084868000&sn=undefined

chrome.exe

Remote address:

212.77.99.29:443

Request

GET /bidder/usersync?tcf=2&pvid=13298436275084868000&sn=undefined HTTP/2.0
host: ssp.wp.pl
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

t.videoo.tv

chrome.exe

Remote address:

8.8.8.8:53

Request

t.videoo.tv

IN A

Response

t.videoo.tv

IN A

144.76.196.237
DNS

api.dailymotion.com

chrome.exe

Remote address:

8.8.8.8:53

Request

api.dailymotion.com

IN A

Response

api.dailymotion.com

IN CNAME

dmapi.geo.dmcdn.net

dmapi.geo.dmcdn.net

IN CNAME

fp.gcp-as1.dailymotion.com

fp.gcp-as1.dailymotion.com

IN A

35.244.47.206
POST

https://prebid.a-mo.net/a/c

chrome.exe

Remote address:

145.40.89.200:443

Request

POST /a/c HTTP/2.0
host: prebid.a-mo.net
content-length: 883
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.letrasboom.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-credentials: true
access-control-allow-origin: https://www.letrasboom.com
cache-control: max-age=0, private, must-revalidate
date: Thu, 16 Feb 2023 08:16:08 GMT
server: envoy
vary: origin, Accept-Encoding
set-cookie: __amc=1_1676535369_1676535369; path=/; domain=prebid.a-mo.net; expires=Fri, 16 Feb 2024 08:16:09 GMT; max-age=31536000; secure; HttpOnly; SameSite=None
x-envoy-upstream-service-time: 81
POST

https://rtb.adxpremium.services/openrtb2/auction

chrome.exe

Remote address:

185.106.140.18:443

Request

POST /openrtb2/auction HTTP/1.1
Host: rtb.adxpremium.services
Connection: keep-alive
Content-Length: 778
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Content-Type: text/plain
Accept: */*
Origin: https://www.letrasboom.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.letrasboom.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 400 Bad Request

Server: nginx
Date: Thu, 16 Feb 2023 08:16:09 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 69
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.letrasboom.com
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Vary: Origin
X-Prebid: pbs-go/unknown
GET

https://api.dailymotion.com/playlist/x6fc42/videos?fields=id&page=1&limit=100

chrome.exe

Remote address:

35.244.47.206:443

Request

GET /playlist/x6fc42/videos?fields=id&page=1&limit=100 HTTP/1.1
Host: api.dailymotion.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Origin: https://www.letrasboom.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.letrasboom.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Access-Control-Allow-Headers: Content-Type, Authorization
Access-Control-Allow-Methods: GET, POST, DELETE
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Date, X-DM-BackNode-Response-Time, X-DM-Edge, X-DM-Cache-Status, X-Served-By
Cache-Control: public, max-age=900
Content-Encoding: gzip
Content-Length: 370
Content-Security-Policy: upgrade-insecure-requests
Content-Security-Policy-Report-Only: default-src https: blob: wss: data: android-webview-video-poster: android-webview: chrome-extension: safari-extension: 'unsafe-eval' 'unsafe-inline'; report-uri https://www.dailymotion.com/content_security_policy_report_uri
Content-Type: application/json; charset=UTF-8
Date: Thu, 16 Feb 2023 08:16:09 GMT
Expect-Ct: max-age=0, report-uri="https://www.dailymotion.com/content_security_policy_report_uri"
Referrer-Policy: no-referrer-when-downgrade
Server: DMS/1.0.42
Server-Timing: total;dur=85, dc;desc="ix7"
Timing-Allow-Origin: *
Vary: X-DM-SSL,Accept-Encoding
X-Frame-Options: DENY
X-Robots-Tag: noindex
DNS

apps.identrust.com

chrome.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

88.221.25.169

a1952.dscq.akamai.net

IN A

88.221.25.153
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

chrome.exe

Remote address:

88.221.25.169:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.identrust.com
Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
ETag: "37d-5f433188daa00"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Thu, 16 Feb 2023 09:16:09 GMT
Date: Thu, 16 Feb 2023 08:16:09 GMT
Connection: keep-alive
OPTIONS

https://ssp.wp.pl/bidder/notify

chrome.exe

Remote address:

212.77.99.29:443

Request

OPTIONS /bidder/notify HTTP/2.0
host: ssp.wp.pl
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type
origin: https://www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://ssp.wp.pl/bidder/notify

chrome.exe

Remote address:

212.77.99.29:443

Request

POST /bidder/notify HTTP/2.0
host: ssp.wp.pl
content-length: 182
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
content-type: application/json
accept: */*
origin: https://www.letrasboom.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://20133.live.streamtheworld.com/LOS40_SC

chrome.exe

Remote address:

208.92.53.98:443

Request

GET /LOS40_SC HTTP/1.1
Host: 20133.live.streamtheworld.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept-Encoding: identity;q=1, *;q=0
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: audio
Referer: https://www.letrasboom.com/
Accept-Language: en-US,en;q=0.9
Range: bytes=0-

Response

HTTP/1.0 403 Forbidden

Expires: Thu, 01 Dec 2003 16:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 103
Content-Type: text/html
X-STW-Error: 430 Invalid Mount
GET

https://static.criteo.net/js/ld/publishertag.prebid.123.js

chrome.exe

Remote address:

178.250.1.3:443

Request

GET /js/ld/publishertag.prebid.123.js HTTP/2.0
host: static.criteo.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 16 Feb 2023 08:16:12 GMT
content-type: text/javascript
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Fri, 17 Feb 2023 08:16:12 GMT
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
cache-control: public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
GET

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.letrasboom.com

chrome.exe

Remote address:

216.58.208.98:443

Request

GET /pagead/ppub_config?ippd=www.letrasboom.com HTTP/2.0
host: securepubads.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
origin: https://www.letrasboom.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://static-feed.videoo.tv/recirculation_b07559121e9d14312fc97f12ac8f4551b04a17099bd8725c53bd2d3b8133a4ae.json

chrome.exe

Remote address:

104.22.74.85:443

Request

GET /recirculation_b07559121e9d14312fc97f12ac8f4551b04a17099bd8725c53bd2d3b8133a4ae.json HTTP/2.0
host: static-feed.videoo.tv
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
origin: https://www.letrasboom.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:12 GMT
content-type: application/json
content-length: 4488
etag: "63eda195-1188"
expires: Thu, 16 Feb 2023 08:20:43 GMT
cache-control: public, max-age=14400, s-maxage=300, no-transform
access-control-max-age: : 60
access-control-allow-methods: : *
access-control-allow-origin: *
last-modified: Thursday, 16-Feb-2023 03:30:25 GMT
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79a4d6fcfc99b734-AMS
GET

https://partner.googleadservices.com/gampad/cookie.js?domain=www.letrasboom.com&callback=_gfp_s_&client=ca-pub-8529738176339949

chrome.exe

Remote address:

142.251.36.2:443

Request

GET /gampad/cookie.js?domain=www.letrasboom.com&callback=_gfp_s_&client=ca-pub-8529738176339949 HTTP/2.0
host: partner.googleadservices.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-126554797-1&cid=924694017.1676538969&jid=1535941918&gjid=196570008&_gid=335613043.1676538969&_u=YADAAUAAAAAAACAAI~&z=1920142404

chrome.exe

Remote address:

142.250.102.157:443

Request

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-126554797-1&cid=924694017.1676538969&jid=1535941918&gjid=196570008&_gid=335613043.1676538969&_u=YADAAUAAAAAAACAAI~&z=1920142404 HTTP/2.0
host: stats.g.doubleclick.net
content-length: 0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.letrasboom.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/sodar/sodar2.js

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /sodar/sodar2.js HTTP/2.0
host: tpc.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /sodar/sodar2/225/runner.html HTTP/2.0
host: tpc.googlesyndication.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /pagead/js/r20230213/r20110914/client/window_focus_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /sodar/UFYwWwmt.js HTTP/2.0
host: tpc.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /sodar/Enqz_20U.html HTTP/2.0
host: tpc.googlesyndication.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/interstitial_ad_frame_fy2021.js

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /pagead/js/r20230213/r20110914/elements/html/interstitial_ad_frame_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/load_preloaded_resource_fy2021.js

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /pagead/js/r20230213/r20110914/client/load_preloaded_resource_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /pagead/js/r20230213/r20110914/abg_lite_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /pagead/js/r20230213/r20110914/client/window_focus_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /pagead/images/nessie_icon_tiamat_white.png HTTP/2.0
host: tpc.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/generate_204?bX3jDA

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /generate_204?bX3jDA HTTP/2.0
host: tpc.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

chrome.exe

Remote address:

142.250.179.161:443

Request

GET /safeframe/1-0-40/html/container.html HTTP/2.0
host: 5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://static.doubleclick.net/instream/ad_status.js

chrome.exe

Remote address:

142.251.36.6:443

Request

GET /instream/ad_status.js HTTP/2.0
host: static.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
OPTIONS

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

chrome.exe

Remote address:

142.250.179.202:443

Request

OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
host: jnn-pa.googleapis.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type,x-goog-api-key,x-user-agent
origin: https://www.youtube.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

chrome.exe

Remote address:

142.250.179.202:443

Request

POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
host: jnn-pa.googleapis.com
content-length: 24
x-user-agent: grpc-web-javascript/0.1
x-goog-api-key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
content-type: application/json+protobuf
accept: */*
origin: https://www.youtube.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
OPTIONS

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

chrome.exe

Remote address:

142.250.179.202:443

Request

OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/2.0
host: jnn-pa.googleapis.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type,x-goog-api-key,x-user-agent
origin: https://www.youtube.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

chrome.exe

Remote address:

142.250.179.202:443

Request

POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/2.0
host: jnn-pa.googleapis.com
content-length: 1112
x-user-agent: grpc-web-javascript/0.1
x-goog-api-key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
content-type: application/json+protobuf
accept: */*
origin: https://www.youtube.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://static.criteo.net/js/ld/publishertag.prebid.js

chrome.exe

Remote address:

178.250.1.3:443

Request

GET /js/ld/publishertag.prebid.js HTTP/2.0
host: static.criteo.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
origin: https://www.letrasboom.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Thu, 16 Feb 2023 08:16:13 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-162fa"
expires: Fri, 17 Feb 2023 08:16:13 GMT
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
cache-control: public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
GET

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.letrasboom.com

chrome.exe

Remote address:

178.250.2.146:443

Request

GET /syncframe?origin=publishertag&topUrl=www.letrasboom.com HTTP/2.0
host: gum.criteo.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:12 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=b283464d-57ab-4fcd-911d-e1507851678b; expires=Tue, 12 Mar 2024 08:16:12 GMT; domain=.criteo.com; path=/; secure; samesite=none
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 660192
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
GET

https://gum.criteo.com/sid/json?origin=publishertag&domain=letrasboom.com&sn=ChromeSyncframe&so=0&topUrl=www.letrasboom.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

chrome.exe

Remote address:

178.250.2.146:443

Request

GET /sid/json?origin=publishertag&domain=letrasboom.com&sn=ChromeSyncframe&so=0&topUrl=www.letrasboom.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP/2.0
host: gum.criteo.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.letrasboom.com
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=b283464d-57ab-4fcd-911d-e1507851678b

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:12 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 2900787
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
GET

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.letrasboom.com%2F&domain=www.letrasboom.com&cw=1&pbt=1&lsw=1

chrome.exe

Remote address:

178.250.2.146:443

Request

GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.letrasboom.com%2F&domain=www.letrasboom.com&cw=1&pbt=1&lsw=1 HTTP/2.0
host: gum.criteo.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
content-type: application/json
accept: */*
origin: https://www.letrasboom.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=b283464d-57ab-4fcd-911d-e1507851678b

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://www.letrasboom.com
server-processing-duration-in-ticks: 2302208
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
GET

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

chrome.exe

Remote address:

142.251.36.2:443

Request

GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/2.0
host: www.googletagservices.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

chrome.exe

Remote address:

142.251.36.2:443

Request

GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/2.0
host: www.googletagservices.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D

chrome.exe

Remote address:

185.80.39.216:443

Request

GET /rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP/1.1
Host: dsum-sec.casalemedia.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Date: Thu, 16 Feb 2023 08:16:13 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: /rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=Y.3mTaZpbrcFP0dlQKNcNAAA; Path=/; Domain=casalemedia.com; Expires=Fri, 16 Feb 2024 08:16:13 GMT; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: CMPS=1161; Path=/; Domain=casalemedia.com; Expires=Wed, 17 May 2023 08:16:13 GMT; Max-Age=7776000; Secure; SameSite=None
Set-Cookie: CMPRO=1161; Path=/; Domain=casalemedia.com; Expires=Wed, 17 May 2023 08:16:13 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
GET

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

chrome.exe

Remote address:

185.80.39.216:443

Request

GET /rum?cm_dsp_id=45&external_user_id=&google_error=15 HTTP/1.1
Host: dsum-sec.casalemedia.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Date: Thu, 16 Feb 2023 08:16:13 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: /rum?cm_dsp_id=45&external_user_id=&google_error=15&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=Y.3mTaZpbrcFP0dlQKNcNQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 16 Feb 2024 08:16:13 GMT; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: CMPS=1161; Path=/; Domain=casalemedia.com; Expires=Wed, 17 May 2023 08:16:13 GMT; Max-Age=7776000; Secure; SameSite=None
Set-Cookie: CMPRO=1161; Path=/; Domain=casalemedia.com; Expires=Wed, 17 May 2023 08:16:13 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=499
Connection: Keep-Alive
GET

https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1

chrome.exe

Remote address:

185.80.39.216:443

Request

GET /rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP/1.1
Host: dsum-sec.casalemedia.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: CMID=Y.3mTaZpbrcFP0dlQKNcNAAA; CMPS=1161; CMPRO=1161

Response

HTTP/1.1 302 Found

Date: Thu, 16 Feb 2023 08:16:13 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.3mTaZpbrcFP0dlQKNcNAAA
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=Y.3mTaZpbrcFP0dlQKNcNAAA; Path=/; Domain=casalemedia.com; Expires=Fri, 16 Feb 2024 08:16:13 GMT; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: CMPS=1161; Path=/; Domain=casalemedia.com; Expires=Wed, 17 May 2023 08:16:13 GMT; Max-Age=7776000; Secure; SameSite=None
Set-Cookie: CMPRO=1161; Path=/; Domain=casalemedia.com; Expires=Wed, 17 May 2023 08:16:13 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=498
Connection: Keep-Alive
GET

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=appnexus&google_cm&google_dbm HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY3NzE1MDY3MDc0MzI1MDk4Ng%3D%3D

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=appnexus&google_hm=NTY3NzE1MDY3MDc0MzI1MDk4Ng%3D%3D HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.3mTaZpbrcFP0dlQKNcNAAA

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.3mTaZpbrcFP0dlQKNcNAAA HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lrg58qCMhnPILba1g-2HiUEAXZbVDw5fKyCjHcs9viazH7WCLXe2j2r5yfXHB4IgIIBTaUK6Q

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel/attr?d=AHNF13Lrg58qCMhnPILba1g-2HiUEAXZbVDw5fKyCjHcs9viazH7WCLXe2j2r5yfXHB4IgIIBTaUK6Q HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fPVB97snT9aZpTcD1MqBiw%3D%3D&gdpr=0&gdpr_consent=

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=pmeb&google_sc=1&google_hm=fPVB97snT9aZpTcD1MqBiw%3D%3D&gdpr=0&gdpr_consent= HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0NGNTQxRjctQkIyNy00RkQ2LTk5QTUtMzcwM0Q0Q0E4MThC&gdpr=0&gdpr_consent=

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=pubmatic&google_hm=N0NGNTQxRjctQkIyNy00RkQ2LTk5QTUtMzcwM0Q0Q0E4MThC&gdpr=0&gdpr_consent= HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTY3NzE1MDY3MDc0MzI1MDk4Ng%3D%3D&google_push=Aa02lx8nb4RCc1VMZ-InjSh9XAbwZrzzfitzpBas-GZQJrc9pazrEWYYawK4DySB578MRBJXt_qZbz2S75f4331t5Ff_twcXSB4O3A

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=xandr_eb&google_hm=NTY3NzE1MDY3MDc0MzI1MDk4Ng%3D%3D&google_push=Aa02lx8nb4RCc1VMZ-InjSh9XAbwZrzzfitzpBas-GZQJrc9pazrEWYYawK4DySB578MRBJXt_qZbz2S75f4331t5Ff_twcXSB4O3A HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx86eevMnxQoqcS_cpIyJhUcqoJPzFlShf8ljqQ_fgt1YiLV_9hf8nTDQR8gd7PGWKVM6SwFWqLJQ4aV3XufJIqpGlsVr4h4&google_hm=eS0weEtpZTlORTJwSGw0dkdkUjhYWWhQY1hJOElfdmxoYn5B

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=yahoo&google_push=Aa02lx86eevMnxQoqcS_cpIyJhUcqoJPzFlShf8ljqQ_fgt1YiLV_9hf8nTDQR8gd7PGWKVM6SwFWqLJQ4aV3XufJIqpGlsVr4h4&google_hm=eS0weEtpZTlORTJwSGw0dkdkUjhYWWhQY1hJOElfdmxoYn5B HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjgyODM4NDI4NDQzMDE4MzAyNw&google_push=Aa02lx_CiyijVCLwU2nA43sVXtpzYll7bC3JW5Zk9qLlXMWeNp4nfod-h6rrE2Fy7HTjf01tcDrO97A-uL2dNVCZV3DAiflViRlq

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=1024&google_ula=1641347&google_hm=MjgyODM4NDI4NDQzMDE4MzAyNw&google_push=Aa02lx_CiyijVCLwU2nA43sVXtpzYll7bC3JW5Zk9qLlXMWeNp4nfod-h6rrE2Fy7HTjf01tcDrO97A-uL2dNVCZV3DAiflViRlq HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1OaWlYZzdaRTJ1SGlRZm5sU0dtdmZGUG16alFLbndtbn5B&google_push=Aa02lx_3B0pEkiXr3WZv0E_Dsv6g_1UHSA307V9zUSEmgPM0vBZSMhwU0yxQQpEiWEjgWYygh6njaK45-bSBmthgX-Qy4BVOrEZaeA

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=oath__display__app_eb_&google_hm=eS1OaWlYZzdaRTJ1SGlRZm5sU0dtdmZGUG16alFLbndtbn5B&google_push=Aa02lx_3B0pEkiXr3WZv0E_Dsv6g_1UHSA307V9zUSEmgPM0vBZSMhwU0yxQQpEiWEjgWYygh6njaK45-bSBmthgX-Qy4BVOrEZaeA HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
GET

https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWXVFN0gyODBBQUNBRFhoX29zdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWXVFN0gyODBBQUNBRFhoX29zdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP/2.0
host: cm.g.doubleclick.net
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
cookie: DSID=NO_DATA
GET

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y-3mTaZpbrcFP0dlQKNcNQAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=index&google_cm&google_hm=Y-3mTaZpbrcFP0dlQKNcNQAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
cookie: DSID=NO_DATA
GET

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y.3mTaZpbrcFP0dlQKNcNQAA

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y.3mTaZpbrcFP0dlQKNcNQAA HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
cookie: DSID=NO_DATA
GET

https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3bd2438-86d4-4ee4-5dc0-45c9e3f9fe7d&reqId=72051f62-78b7-47dd-669f-5ee3a2d88bd0&zcluid=bb97073075a6d23c&zdid=1332

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3bd2438-86d4-4ee4-5dc0-45c9e3f9fe7d&reqId=72051f62-78b7-47dd-669f-5ee3a2d88bd0&zcluid=bb97073075a6d23c&zdid=1332 HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
cookie: DSID=NO_DATA
GET

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=rubicon&google_cm&google_sc HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://eus.rubiconproject.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
cookie: DSID=NO_DATA
GET

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU2VFZLMFctMUQtR1ZTMw==

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=rp&google_hm=TEU2VFZLMFctMUQtR1ZTMw== HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://eus.rubiconproject.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
cookie: DSID=NO_DATA
GET

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTFjODNiMDNkNWYzYzE5MWRlNjNkZGVmMDc1Njc0MmFlZGFmMGI0ZA

chrome.exe

Remote address:

142.250.179.194:443

Request

GET /pixel?google_nid=rubicon&google_hm=YTFjODNiMDNkNWYzYzE5MWRlNjNkZGVmMDc1Njc0MmFlZGFmMGI0ZA HTTP/2.0
host: cm.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://eus.rubiconproject.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUnBC6aRLQ58Yr7bitMyObRje3WazrYnLpGNZNWi77uWfm6NPBlZMqphkMDedhY
cookie: DSID=NO_DATA
OPTIONS

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.letrasboom.com%2F&domain=www.letrasboom.com&cw=1&pbt=1&lsw=1

chrome.exe

Remote address:

178.250.2.146:443

Request

OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.letrasboom.com%2F&domain=www.letrasboom.com&cw=1&pbt=1&lsw=1 HTTP/2.0
host: gum.criteo.com
accept: */*
access-control-request-method: GET
access-control-request-headers: content-type
origin: https://www.letrasboom.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:12 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.letrasboom.com
server-processing-duration-in-ticks: 533329
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
GET

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&C=1

chrome.exe

Remote address:

185.80.39.216:443

Request

GET /rum?cm_dsp_id=45&external_user_id=&google_error=15&C=1 HTTP/1.1
Host: dsum-sec.casalemedia.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: CMPS=1161; CMPRO=1161; CMID=Y.3mTaZpbrcFP0dlQKNcNQAA

Response

HTTP/1.1 200 OK

Date: Thu, 16 Feb 2023 08:16:13 GMT
Server: Apache
Cache-Control: no-cache
Content-Type: image/gif
Expires: 0
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 43
Set-Cookie: CMID=Y.3mTaZpbrcFP0dlQKNcNQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 16 Feb 2024 08:16:13 GMT; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: CMPRO=1161; Path=/; Domain=casalemedia.com; Expires=Wed, 17 May 2023 08:16:13 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
GET

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

chrome.exe

Remote address:

185.80.39.216:443

Request

GET /rum?cm_dsp_id=45&external_user_id=&google_error=15 HTTP/1.1
Host: dsum-sec.casalemedia.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: CMPS=1161; CMPRO=1161; CMID=Y.3mTaZpbrcFP0dlQKNcNQAA

Response

HTTP/1.1 200 OK

Date: Thu, 16 Feb 2023 08:16:13 GMT
Server: Apache
Cache-Control: no-cache
Content-Type: image/gif
Expires: 0
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 43
Set-Cookie: CMID=Y.3mTaZpbrcFP0dlQKNcNQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 16 Feb 2024 08:16:13 GMT; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: CMPRO=1161; Path=/; Domain=casalemedia.com; Expires=Wed, 17 May 2023 08:16:13 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=499
Connection: Keep-Alive
GET

https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.html

chrome.exe

Remote address:

142.250.179.134:443

Request

GET /sadbundle/11916972404551150278/leaderboard/leaderboard.html HTTP/2.0
host: s0.2mdn.net
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

chrome.exe

Remote address:

142.250.179.134:443

Request

GET /ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js HTTP/2.0
host: s0.2mdn.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.js?1676026655841

chrome.exe

Remote address:

142.250.179.134:443

Request

GET /sadbundle/11916972404551150278/leaderboard/leaderboard.js?1676026655841 HTTP/2.0
host: s0.2mdn.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/bg.png?1676026655836

chrome.exe

Remote address:

142.250.179.134:443

Request

GET /sadbundle/11916972404551150278/leaderboard/images/bg.png?1676026655836 HTTP/2.0
host: s0.2mdn.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/cta.png?1676026655836

chrome.exe

Remote address:

142.250.179.134:443

Request

GET /sadbundle/11916972404551150278/leaderboard/images/cta.png?1676026655836 HTTP/2.0
host: s0.2mdn.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/fixed.png?1676026655836

chrome.exe

Remote address:

142.250.179.134:443

Request

GET /sadbundle/11916972404551150278/leaderboard/images/fixed.png?1676026655836 HTTP/2.0
host: s0.2mdn.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/h.png?1676026655836

chrome.exe

Remote address:

142.250.179.134:443

Request

GET /sadbundle/11916972404551150278/leaderboard/images/h.png?1676026655836 HTTP/2.0
host: s0.2mdn.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/l1.png?1676026655836

chrome.exe

Remote address:

142.250.179.134:443

Request

GET /sadbundle/11916972404551150278/leaderboard/images/l1.png?1676026655836 HTTP/2.0
host: s0.2mdn.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/l2.png?1676026655836

chrome.exe

Remote address:

142.250.179.134:443

Request

GET /sadbundle/11916972404551150278/leaderboard/images/l2.png?1676026655836 HTTP/2.0
host: s0.2mdn.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/pessoas.png?1676026655836

chrome.exe

Remote address:

142.250.179.134:443

Request

GET /sadbundle/11916972404551150278/leaderboard/images/pessoas.png?1676026655836 HTTP/2.0
host: s0.2mdn.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/preco.png?1676026655836

chrome.exe

Remote address:

142.250.179.134:443

Request

GET /sadbundle/11916972404551150278/leaderboard/images/preco.png?1676026655836 HTTP/2.0
host: s0.2mdn.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/sh.png?1676026655836

chrome.exe

Remote address:

142.250.179.134:443

Request

GET /sadbundle/11916972404551150278/leaderboard/images/sh.png?1676026655836 HTTP/2.0
host: s0.2mdn.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-origin
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.html
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east

chrome.exe

Remote address:

23.2.211.147:443

Request

GET /utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP/2.0
host: secure-assets.rubiconproject.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 301

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
date: Thu, 16 Feb 2023 08:16:14 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
GET

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

chrome.exe

Remote address:

51.89.9.251:443

Request

GET /usync/?pubId=2bb78272a859ca6 HTTP/2.0
host: onetag-sys.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000
GET

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

chrome.exe

Remote address:

104.18.25.185:443

Request

GET /usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP/2.0
host: ssum-sec.casalemedia.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: CMPS=1161
cookie: CMPRO=1161
cookie: CMID=Y.3mTaZpbrcFP0dlQKNcNQAA

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:14 GMT
content-type: text/html
cf-ray: 79a4d70918520e60-AMS
cache-control: no-cache
expires: 0
set-cookie: CMID=Y.3mTaZpbrcFP0dlQKNcNQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 16 Feb 2024 08:16:14 GMT; Max-Age=31536000; Secure; SameSite=None
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPRO=1161; Path=/; Domain=casalemedia.com; Expires=Wed, 17 May 2023 08:16:14 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1ld33%2BxT4PgeUM93nb4GUyx3cDVcNHZyEmxe0DT8VW77kevR7u%2BAg0cc5rXQQgNnuBW15TGFWzpSCCDn%2FTayEu0Iegwl%2FtWChAxgjQp%2BPkypuyBy8BveHlhCflPsgCpGVDpd8O6OzGqbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D

chrome.exe

Remote address:

188.42.196.115:443

Request

GET /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP/2.0
host: ads.betweendigital.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

location: /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 16 Feb 2024 08:16:14 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
set-cookie: tuuid=c4facd13-fa64-522f-884f-0690eba2e0de; Max-Age=31536000; Expires=Fri, 16 Feb 2024 08:16:14 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
set-cookie: ut=Y-3mTgAFIIA3d3uDjD6n0D5ZMnyNGbdeNjV0fg==; Max-Age=31536000; Expires=Fri, 16 Feb 2024 08:16:14 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
set-cookie: ss=1; Max-Age=31536000; Expires=Fri, 16 Feb 2024 08:16:14 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
content-length: 0
GET

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1

chrome.exe

Remote address:

188.42.196.115:443

Request

GET /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP/2.0
host: ads.betweendigital.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: dc=lux1
cookie: tuuid=c4facd13-fa64-522f-884f-0690eba2e0de
cookie: ut=Y-3mTgAFIIA3d3uDjD6n0D5ZMnyNGbdeNjV0fg==
cookie: ss=1

Response

HTTP/2.0 302

location: https://sync.quantumdex.io/setuid?bidder=between&uid=c4facd13-fa64-522f-884f-0690eba2e0de
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Fri, 16 Feb 2024 08:16:15 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
set-cookie: tuuid=c4facd13-fa64-522f-884f-0690eba2e0de; Max-Age=31536000; Expires=Fri, 16 Feb 2024 08:16:15 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
set-cookie: ut=Y-3mTwAOvXB2UDReFxZNVvJbprLaLAsj2toC5g==; Max-Age=31536000; Expires=Fri, 16 Feb 2024 08:16:15 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
content-length: 0
GET

https://ups.analytics.yahoo.com/ups/58424/occ

chrome.exe

Remote address:

18.156.0.31:443

Request

GET /ups/58424/occ HTTP/2.0
host: ups.analytics.yahoo.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_push=Aa02lx_3B0pEkiXr3WZv0E_Dsv6g_1UHSA307V9zUSEmgPM0vBZSMhwU0yxQQpEiWEjgWYygh6njaK45-bSBmthgX-Qy4BVOrEZaeA

chrome.exe

Remote address:

18.156.0.31:443

Request

GET /ups/58281/sync?redir=true&google_push=Aa02lx_3B0pEkiXr3WZv0E_Dsv6g_1UHSA307V9zUSEmgPM0vBZSMhwU0yxQQpEiWEjgWYygh6njaK45-bSBmthgX-Qy4BVOrEZaeA HTTP/2.0
host: ups.analytics.yahoo.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&redir=true&gdpr=0&gdpr_consent=

chrome.exe

Remote address:

18.156.0.31:443

Request

GET /ups/58292/sync?_origin=1&uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&redir=true&gdpr=0&gdpr_consent= HTTP/2.0
host: ups.analytics.yahoo.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_push=Aa02lx_3B0pEkiXr3WZv0E_Dsv6g_1UHSA307V9zUSEmgPM0vBZSMhwU0yxQQpEiWEjgWYygh6njaK45-bSBmthgX-Qy4BVOrEZaeA&verify=true

chrome.exe

Remote address:

18.156.0.31:443

Request

GET /ups/58281/sync?redir=true&google_push=Aa02lx_3B0pEkiXr3WZv0E_Dsv6g_1UHSA307V9zUSEmgPM0vBZSMhwU0yxQQpEiWEjgWYygh6njaK45-bSBmthgX-Qy4BVOrEZaeA&verify=true HTTP/2.0
host: ups.analytics.yahoo.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: A3=d=AQABBE7m7WMCEN4KEcs1F8zKj0oGgvCR4E0FEgEBAQE372P3YwAAAAAA_eMAAA&S=AQAAAtf9on3PRhBrngkb-k6QEU8
GET

https://ups.analytics.yahoo.com/ups/58424/occ?verify=true

chrome.exe

Remote address:

18.156.0.31:443

Request

GET /ups/58424/occ?verify=true HTTP/2.0
host: ups.analytics.yahoo.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: A3=d=AQABBE7m7WMCEN4KEcs1F8zKj0oGgvCR4E0FEgEBAQE372P3YwAAAAAA_eMAAA&S=AQAAAtf9on3PRhBrngkb-k6QEU8
cookie: IDSYNC=18yx~2a0w
GET

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&redir=true&gdpr=0&gdpr_consent=&verify=true

chrome.exe

Remote address:

18.156.0.31:443

Request

GET /ups/58292/sync?_origin=1&uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP/2.0
host: ups.analytics.yahoo.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: A3=d=AQABBE7m7WMCEN4KEcs1F8zKj0oGgvCR4E0FEgEBAQE372P3YwAAAAAA_eMAAA&S=AQAAAtf9on3PRhBrngkb-k6QEU8
cookie: IDSYNC="18yx~2a0w:192w~2a0w"
GET

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y-3mTaZpbrcFP0dlQKNcNQAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=

chrome.exe

Remote address:

18.156.0.31:443

Request

GET /ups/55940/sync?_origin=1&redir2=true&uid=Y-3mTaZpbrcFP0dlQKNcNQAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP/2.0
host: ups.analytics.yahoo.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ssum-sec.casalemedia.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: A3=d=AQABBE7m7WMCEN4KEcs1F8zKj0oGgvCR4E0FEgEBAQE372P3YwAAAAAA_eMAAA&S=AQAAAtf9on3PRhBrngkb-k6QEU8
cookie: IDSYNC="18yx~2a0w:192w~2a0w:18z8~2a0w"
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID

chrome.exe

Remote address:

216.52.2.86:443

Request

GET /pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP/1.1
Host: ap.lijit.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 307 Temporary Redirect

Date: Thu, 16 Feb 2023 08:16:14 GMT
Location: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
Set-Cookie: ljt_reader=GKkwsLZHbGXWDkqKTAKQ75GR;Version=1;Domain=.lijit.com;Path=/;Max-Age=31536000;Secure; SameSite=None;
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0
X-Sovrn-Pod: ad_ap4ams1
GET

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true

chrome.exe

Remote address:

216.52.2.86:443

Request

GET /pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP/1.1
Host: ap.lijit.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ljt_reader=GKkwsLZHbGXWDkqKTAKQ75GR

Response

HTTP/1.1 307 Temporary Redirect

Date: Thu, 16 Feb 2023 08:16:15 GMT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=GKkwsLZHbGXWDkqKTAKQ75GR
Set-Cookie: ljt_reader=GKkwsLZHbGXWDkqKTAKQ75GR;Version=1;Domain=.lijit.com;Path=/;Max-Age=31536000;Secure; SameSite=None;
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0
X-Sovrn-Pod: ad_ap4ams1
GET

https://ssl.gstatic.com/safebrowsing/csd/client_model_v5_variation_6.pb

chrome.exe

Remote address:

216.58.208.99:443

Request

GET /safebrowsing/csd/client_model_v5_variation_6.pb HTTP/2.0
host: ssl.gstatic.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

chrome.exe

Remote address:

162.19.138.118:443

Request

GET /i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP/1.1
Host: id5-sync.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302

vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Thu, 16-Feb-2023 08:21:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
set-cookie: cip=; Max-Age=300; Expires=Thu, 16-Feb-2023 08:21:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
set-cookie: cnac=; Max-Age=300; Expires=Thu, 16-Feb-2023 08:21:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
set-cookie: car=; Max-Age=300; Expires=Thu, 16-Feb-2023 08:21:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
set-cookie: gdpr=; Max-Age=300; Expires=Thu, 16-Feb-2023 08:21:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
set-cookie: id5=05b8a3dd-2df7-7e3b-88a5-9a339d2d34cc#1676535374336#1; Max-Age=300; Expires=Thu, 16-Feb-2023 08:21:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
set-cookie: callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D; Max-Age=300; Expires=Thu, 16-Feb-2023 08:21:14 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
transfer-encoding: chunked
date: Thu, 16 Feb 2023 08:16:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=

chrome.exe

Remote address:

162.19.138.118:443

Request

GET /c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: id5-sync.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: cf=; cip=; cnac=; car=; gdpr=; id5=05b8a3dd-2df7-7e3b-88a5-9a339d2d34cc#1676535374336#1; callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Response

HTTP/1.1 302

vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: id5=05b8a3dd-2df7-7e3b-88a5-9a339d2d34cc#1676535374336#2; Max-Age=7776000; Expires=Wed, 17-May-2023 08:16:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
set-cookie: 3pi=; Max-Age=7776000; Expires=Wed, 17-May-2023 08:16:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
set-cookie: cf=; Max-Age=300; Expires=Thu, 16-Feb-2023 08:21:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
set-cookie: cip=; Max-Age=300; Expires=Thu, 16-Feb-2023 08:21:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
set-cookie: cnac=; Max-Age=300; Expires=Thu, 16-Feb-2023 08:21:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
set-cookie: car=; Max-Age=300; Expires=Thu, 16-Feb-2023 08:21:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
set-cookie: gdpr=; Max-Age=300; Expires=Thu, 16-Feb-2023 08:21:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
set-cookie: callback=; Max-Age=300; Expires=Thu, 16-Feb-2023 08:21:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
location: https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-d75cwl_EIS4BtmlWQ-ItZFlWDpifj4pGtm5vClEy3w
transfer-encoding: chunked
date: Thu, 16 Feb 2023 08:16:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
GET

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuj75wiRC4kRAJbM3M6KR0oD2-PcwVZZSJWOV_jd6D9SORE-myIpfhCPp_c3Y0f1dHYh38yxc8hvMxaDC-Rsw7MgT3-GTyeYeNhOueJdjp-Ub8dINtLL8phzl3gMJHIZyAJGO6fBb6fKUSfMuHfSLVo5-HweKUxhCjfml4tnfxBYXMZPW7fdC1YDgG6bu0piNXs7v3SmwEx3e9Ox-NVCwKOKN7dmBF3bcA7yT9fXucU-8AFw4Oa7kuG4kyCfYO8X91LNuBN2asTo8yFcs97kd8fcLpCE3S9_Gqd0LjUnnKAjid2B3vfME6j5-D47Huzxkg-5mHKfi9A9PELYRE8kVbod1Km1M9yHOTfE13sJEOsiql_KhF-XcUlLyRjUyyUGOtKUhzvuWjw7KbifmmxuuTb4H2Il8u3azNe9Y8p1r5iCNqItjaF3aEtOZ2ZsDI_EMjmj6G6ZiypahYE8pkmJMPZL68YIOCALTpuwQfrtz1TG1-DRc5tuZF7YcXp6qgHwkUoTJLpyaIUURFrKidy9gqA7tFoTuJPLY6-l1JTwYDAvhcCPtzPQ-8krAlnI5MQIAw9w5J_4u9ai2FAXCxzztCzMAOvcVfmZlSpCgCSKNhZMLu8oQ95AFC1qho74_9jqopeR6umJN23jxo_wUi4c1HE7iDbI9fu3UNkmp9g3SzfW1vtCLEtO93tqTBVoqNxgn3GVfaQzX1P6-e8zJn0NjF6eF-cbHuDLVNncGLXIo7QBeSUO2FmyS9xIYC2H1abxj5ecVF23LSVbMlafkmK39rrdmD5zJ47AVYR6hNDvz9Pjm58Ef96ZDHhYiwiWvFhRDgaisdWUtrQ9EVPpLj8JqLjnZ8InmA2Ea1Dq-rNMPt92RGtCmai6GuwSgk-oyNVLTPNo9p-NU0q5vc-2ibVjBpvUG3jBEiJoGLJOapr1u_GMwCODscNH5db_mvRk5JONYmDoLo2OlW3FcQoc3CvivdJrvmcnnR7NIGrZwivni47jv90QSBKABKrcDTpiqDZSzkBTb670r9DPTx37ukp8ap3bE1aeO8rr8i1CRw3cePU_5A2Y90WMFhoA4icFnlWj8c5oU5OzcXRYQZA6lJuphea88ajZ40fVxMNU2z9YceR8o9wIzTkvD--bGlEgx9Wt0we4NrliJ0RAt1JP22aanyOnkHFPzmTgUT-u8SLic51SJ8Hds9ZKIXgp4Smz6EEOtxf76dpOJdcBWbOeCUXof6WcfoOH62hABYFgoiZJA&sai=AMfl-YR6U6cCzb5SFeRvk4DGyInaLHYQN4nFYYnfewiUi4ww7kX9_Kq3lWLGlLsVrmHvtfOpBeKCudHkiCBKbyoAjY_xG6ptd-Rn1hMABVsBx5dgRvi2dyWjvHvUkbFYAymKMFZQQ9RDEwR1mVOUa0IzurGGPp0j-sRA0pRdAHk0p6wKxlsyMaByQlhfLeubPhzb-qWQEdcXqCFHfK7mfRqBTzaWaW3lX99XUoyvyuvkcjLTtm6Boa7OJbI8rXftuAmtLmnyrx8&sig=Cg0ArKJSzFWFCbCD-8VjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=506&cbvp=1&cstd=496&cisv=r20230213.69408&arae=0&ftch=1&adurl=

chrome.exe

Remote address:

172.217.168.226:443

Request

GET /pcs/view?xai=AKAOjsuj75wiRC4kRAJbM3M6KR0oD2-PcwVZZSJWOV_jd6D9SORE-myIpfhCPp_c3Y0f1dHYh38yxc8hvMxaDC-Rsw7MgT3-GTyeYeNhOueJdjp-Ub8dINtLL8phzl3gMJHIZyAJGO6fBb6fKUSfMuHfSLVo5-HweKUxhCjfml4tnfxBYXMZPW7fdC1YDgG6bu0piNXs7v3SmwEx3e9Ox-NVCwKOKN7dmBF3bcA7yT9fXucU-8AFw4Oa7kuG4kyCfYO8X91LNuBN2asTo8yFcs97kd8fcLpCE3S9_Gqd0LjUnnKAjid2B3vfME6j5-D47Huzxkg-5mHKfi9A9PELYRE8kVbod1Km1M9yHOTfE13sJEOsiql_KhF-XcUlLyRjUyyUGOtKUhzvuWjw7KbifmmxuuTb4H2Il8u3azNe9Y8p1r5iCNqItjaF3aEtOZ2ZsDI_EMjmj6G6ZiypahYE8pkmJMPZL68YIOCALTpuwQfrtz1TG1-DRc5tuZF7YcXp6qgHwkUoTJLpyaIUURFrKidy9gqA7tFoTuJPLY6-l1JTwYDAvhcCPtzPQ-8krAlnI5MQIAw9w5J_4u9ai2FAXCxzztCzMAOvcVfmZlSpCgCSKNhZMLu8oQ95AFC1qho74_9jqopeR6umJN23jxo_wUi4c1HE7iDbI9fu3UNkmp9g3SzfW1vtCLEtO93tqTBVoqNxgn3GVfaQzX1P6-e8zJn0NjF6eF-cbHuDLVNncGLXIo7QBeSUO2FmyS9xIYC2H1abxj5ecVF23LSVbMlafkmK39rrdmD5zJ47AVYR6hNDvz9Pjm58Ef96ZDHhYiwiWvFhRDgaisdWUtrQ9EVPpLj8JqLjnZ8InmA2Ea1Dq-rNMPt92RGtCmai6GuwSgk-oyNVLTPNo9p-NU0q5vc-2ibVjBpvUG3jBEiJoGLJOapr1u_GMwCODscNH5db_mvRk5JONYmDoLo2OlW3FcQoc3CvivdJrvmcnnR7NIGrZwivni47jv90QSBKABKrcDTpiqDZSzkBTb670r9DPTx37ukp8ap3bE1aeO8rr8i1CRw3cePU_5A2Y90WMFhoA4icFnlWj8c5oU5OzcXRYQZA6lJuphea88ajZ40fVxMNU2z9YceR8o9wIzTkvD--bGlEgx9Wt0we4NrliJ0RAt1JP22aanyOnkHFPzmTgUT-u8SLic51SJ8Hds9ZKIXgp4Smz6EEOtxf76dpOJdcBWbOeCUXof6WcfoOH62hABYFgoiZJA&sai=AMfl-YR6U6cCzb5SFeRvk4DGyInaLHYQN4nFYYnfewiUi4ww7kX9_Kq3lWLGlLsVrmHvtfOpBeKCudHkiCBKbyoAjY_xG6ptd-Rn1hMABVsBx5dgRvi2dyWjvHvUkbFYAymKMFZQQ9RDEwR1mVOUa0IzurGGPp0j-sRA0pRdAHk0p6wKxlsyMaByQlhfLeubPhzb-qWQEdcXqCFHfK7mfRqBTzaWaW3lX99XUoyvyuvkcjLTtm6Boa7OJbI8rXftuAmtLmnyrx8&sig=Cg0ArKJSzFWFCbCD-8VjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=506&cbvp=1&cstd=496&cisv=r20230213.69408&arae=0&ftch=1&adurl= HTTP/2.0
host: googleads4.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuj75wiRC4kRAJbM3M6KR0oD2-PcwVZZSJWOV_jd6D9SORE-myIpfhCPp_c3Y0f1dHYh38yxc8hvMxaDC-Rsw7MgT3-GTyeYeNhOueJdjp-Ub8dINtLL8phzl3gMJHIZyAJGO6fBb6fKUSfMuHfSLVo5-HweKUxhCjfml4tnfxBYXMZPW7fdC1YDgG6bu0piNXs7v3SmwEx3e9Ox-NVCwKOKN7dmBF3bcA7yT9fXucU-8AFw4Oa7kuG4kyCfYO8X91LNuBN2asTo8yFcs97kd8fcLpCE3S9_Gqd0LjUnnKAjid2B3vfME6j5-D47Huzxkg-5mHKfi9A9PELYRE8kVbod1Km1M9yHOTfE13sJEOsiql_KhF-XcUlLyRjUyyUGOtKUhzvuWjw7KbifmmxuuTb4H2Il8u3azNe9Y8p1r5iCNqItjaF3aEtOZ2ZsDI_EMjmj6G6ZiypahYE8pkmJMPZL68YIOCALTpuwQfrtz1TG1-DRc5tuZF7YcXp6qgHwkUoTJLpyaIUURFrKidy9gqA7tFoTuJPLY6-l1JTwYDAvhcCPtzPQ-8krAlnI5MQIAw9w5J_4u9ai2FAXCxzztCzMAOvcVfmZlSpCgCSKNhZMLu8oQ95AFC1qho74_9jqopeR6umJN23jxo_wUi4c1HE7iDbI9fu3UNkmp9g3SzfW1vtCLEtO93tqTBVoqNxgn3GVfaQzX1P6-e8zJn0NjF6eF-cbHuDLVNncGLXIo7QBeSUO2FmyS9xIYC2H1abxj5ecVF23LSVbMlafkmK39rrdmD5zJ47AVYR6hNDvz9Pjm58Ef96ZDHhYiwiWvFhRDgaisdWUtrQ9EVPpLj8JqLjnZ8InmA2Ea1Dq-rNMPt92RGtCmai6GuwSgk-oyNVLTPNo9p-NU0q5vc-2ibVjBpvUG3jBEiJoGLJOapr1u_GMwCODscNH5db_mvRk5JONYmDoLo2OlW3FcQoc3CvivdJrvmcnnR7NIGrZwivni47jv90QSBKABKrcDTpiqDZSzkBTb670r9DPTx37ukp8ap3bE1aeO8rr8i1CRw3cePU_5A2Y90WMFhoA4icFnlWj8c5oU5OzcXRYQZA6lJuphea88ajZ40fVxMNU2z9YceR8o9wIzTkvD--bGlEgx9Wt0we4NrliJ0RAt1JP22aanyOnkHFPzmTgUT-u8SLic51SJ8Hds9ZKIXgp4Smz6EEOtxf76dpOJdcBWbOeCUXof6WcfoOH62hABYFgoiZJA&sai=AMfl-YR6U6cCzb5SFeRvk4DGyInaLHYQN4nFYYnfewiUi4ww7kX9_Kq3lWLGlLsVrmHvtfOpBeKCudHkiCBKbyoAjY_xG6ptd-Rn1hMABVsBx5dgRvi2dyWjvHvUkbFYAymKMFZQQ9RDEwR1mVOUa0IzurGGPp0j-sRA0pRdAHk0p6wKxlsyMaByQlhfLeubPhzb-qWQEdcXqCFHfK7mfRqBTzaWaW3lX99XUoyvyuvkcjLTtm6Boa7OJbI8rXftuAmtLmnyrx8&sig=Cg0ArKJSzFWFCbCD-8VjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1990&vt=11&dtpt=1484&dett=3&cstd=496&cisv=r20230213.69408&arae=0&ftch=1&adurl=

chrome.exe

Remote address:

172.217.168.226:443

Request

GET /pcs/view?xai=AKAOjsuj75wiRC4kRAJbM3M6KR0oD2-PcwVZZSJWOV_jd6D9SORE-myIpfhCPp_c3Y0f1dHYh38yxc8hvMxaDC-Rsw7MgT3-GTyeYeNhOueJdjp-Ub8dINtLL8phzl3gMJHIZyAJGO6fBb6fKUSfMuHfSLVo5-HweKUxhCjfml4tnfxBYXMZPW7fdC1YDgG6bu0piNXs7v3SmwEx3e9Ox-NVCwKOKN7dmBF3bcA7yT9fXucU-8AFw4Oa7kuG4kyCfYO8X91LNuBN2asTo8yFcs97kd8fcLpCE3S9_Gqd0LjUnnKAjid2B3vfME6j5-D47Huzxkg-5mHKfi9A9PELYRE8kVbod1Km1M9yHOTfE13sJEOsiql_KhF-XcUlLyRjUyyUGOtKUhzvuWjw7KbifmmxuuTb4H2Il8u3azNe9Y8p1r5iCNqItjaF3aEtOZ2ZsDI_EMjmj6G6ZiypahYE8pkmJMPZL68YIOCALTpuwQfrtz1TG1-DRc5tuZF7YcXp6qgHwkUoTJLpyaIUURFrKidy9gqA7tFoTuJPLY6-l1JTwYDAvhcCPtzPQ-8krAlnI5MQIAw9w5J_4u9ai2FAXCxzztCzMAOvcVfmZlSpCgCSKNhZMLu8oQ95AFC1qho74_9jqopeR6umJN23jxo_wUi4c1HE7iDbI9fu3UNkmp9g3SzfW1vtCLEtO93tqTBVoqNxgn3GVfaQzX1P6-e8zJn0NjF6eF-cbHuDLVNncGLXIo7QBeSUO2FmyS9xIYC2H1abxj5ecVF23LSVbMlafkmK39rrdmD5zJ47AVYR6hNDvz9Pjm58Ef96ZDHhYiwiWvFhRDgaisdWUtrQ9EVPpLj8JqLjnZ8InmA2Ea1Dq-rNMPt92RGtCmai6GuwSgk-oyNVLTPNo9p-NU0q5vc-2ibVjBpvUG3jBEiJoGLJOapr1u_GMwCODscNH5db_mvRk5JONYmDoLo2OlW3FcQoc3CvivdJrvmcnnR7NIGrZwivni47jv90QSBKABKrcDTpiqDZSzkBTb670r9DPTx37ukp8ap3bE1aeO8rr8i1CRw3cePU_5A2Y90WMFhoA4icFnlWj8c5oU5OzcXRYQZA6lJuphea88ajZ40fVxMNU2z9YceR8o9wIzTkvD--bGlEgx9Wt0we4NrliJ0RAt1JP22aanyOnkHFPzmTgUT-u8SLic51SJ8Hds9ZKIXgp4Smz6EEOtxf76dpOJdcBWbOeCUXof6WcfoOH62hABYFgoiZJA&sai=AMfl-YR6U6cCzb5SFeRvk4DGyInaLHYQN4nFYYnfewiUi4ww7kX9_Kq3lWLGlLsVrmHvtfOpBeKCudHkiCBKbyoAjY_xG6ptd-Rn1hMABVsBx5dgRvi2dyWjvHvUkbFYAymKMFZQQ9RDEwR1mVOUa0IzurGGPp0j-sRA0pRdAHk0p6wKxlsyMaByQlhfLeubPhzb-qWQEdcXqCFHfK7mfRqBTzaWaW3lX99XUoyvyuvkcjLTtm6Boa7OJbI8rXftuAmtLmnyrx8&sig=Cg0ArKJSzFWFCbCD-8VjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1990&vt=11&dtpt=1484&dett=3&cstd=496&cisv=r20230213.69408&arae=0&ftch=1&adurl= HTTP/2.0
host: googleads4.g.doubleclick.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E

chrome.exe

Remote address:

184.30.24.22:443

Request

GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP/2.0
host: hbx.media.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: Apache
content-length: 154
content-type: text/html
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
set-cookie: data-pbs=setstatuscode~~1;Expires=Fri, 16 Feb 2024 08:16:14 GMT;path=/;domain=.media.net; sameSite=none; secure=true
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=86400 ; includeSubDomains
strict-transport-security: max-age=604800
x-mnet-hl2: E
expires: Thu, 16 Feb 2023 08:16:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Thu, 16 Feb 2023 08:16:14 GMT
GET

https://a.tribalfusion.com/i.match?p=b6&u=&google_push=Aa02lx8K9HoakswN1lMDwRLy9Z9oIdmIciTomMZmUs24WJjkeUGmtnGo8s4NG-TjpwCGsuN1E0QSOoWSjQLEwhtAY5bGeoc8U-6H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8K9HoakswN1lMDwRLy9Z9oIdmIciTomMZmUs24WJjkeUGmtnGo8s4NG-TjpwCGsuN1E0QSOoWSjQLEwhtAY5bGeoc8U-6H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

chrome.exe

Remote address:

104.18.24.173:443

Request

GET /i.match?p=b6&u=&google_push=Aa02lx8K9HoakswN1lMDwRLy9Z9oIdmIciTomMZmUs24WJjkeUGmtnGo8s4NG-TjpwCGsuN1E0QSOoWSjQLEwhtAY5bGeoc8U-6H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8K9HoakswN1lMDwRLy9Z9oIdmIciTomMZmUs24WJjkeUGmtnGo8s4NG-TjpwCGsuN1E0QSOoWSjQLEwhtAY5bGeoc8U-6H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/2.0
host: a.tribalfusion.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 16 Feb 2023 08:16:14 GMT
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=&google_push=Aa02lx8K9HoakswN1lMDwRLy9Z9oIdmIciTomMZmUs24WJjkeUGmtnGo8s4NG-TjpwCGsuN1E0QSOoWSjQLEwhtAY5bGeoc8U-6H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8K9HoakswN1lMDwRLy9Z9oIdmIciTomMZmUs24WJjkeUGmtnGo8s4NG-TjpwCGsuN1E0QSOoWSjQLEwhtAY5bGeoc8U-6H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 84
cache-control: no-cache
cache-control: private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aynoeURwEfUS2QVqq9ZcByFFrvZbSpaLUGpqNfjVim; path=/; domain=.tribalfusion.com; expires=Wed, 17-May-2023 08:16:14 GMT; SameSite=None; Secure;
set-cookie: ANON_ID_old=aynoeURwEfUS2QVqq9ZcByFFrvZbSpaLUGpqNfjVim; path=/; domain=.tribalfusion.com; expires=Wed, 17-May-2023 08:16:14 GMT;
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d7099fbcb962-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://s.tribalfusion.com/z/i.match?p=b6&u=&google_push=Aa02lx8K9HoakswN1lMDwRLy9Z9oIdmIciTomMZmUs24WJjkeUGmtnGo8s4NG-TjpwCGsuN1E0QSOoWSjQLEwhtAY5bGeoc8U-6H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8K9HoakswN1lMDwRLy9Z9oIdmIciTomMZmUs24WJjkeUGmtnGo8s4NG-TjpwCGsuN1E0QSOoWSjQLEwhtAY5bGeoc8U-6H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

chrome.exe

Remote address:

104.18.24.173:443

Request

GET /z/i.match?p=b6&u=&google_push=Aa02lx8K9HoakswN1lMDwRLy9Z9oIdmIciTomMZmUs24WJjkeUGmtnGo8s4NG-TjpwCGsuN1E0QSOoWSjQLEwhtAY5bGeoc8U-6H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8K9HoakswN1lMDwRLy9Z9oIdmIciTomMZmUs24WJjkeUGmtnGo8s4NG-TjpwCGsuN1E0QSOoWSjQLEwhtAY5bGeoc8U-6H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/2.0
host: s.tribalfusion.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: ANON_ID=aynoeURwEfUS2QVqq9ZcByFFrvZbSpaLUGpqNfjVim

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:15 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache
cache-control: private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aknsuBtlix88qyTAZbCqMTRNZcUkHlLyZcPAdtHjbMGgAVLvlNhE0mjiF8r70ZbkRNBaiFBDQuKcvOyXh6ZdG; path=/; domain=.tribalfusion.com; expires=Wed, 17-May-2023 08:16:15 GMT; SameSite=None; Secure;
set-cookie: ANON_ID_old=aknsuBtlix88qyTAZbCqMTRNZcUkHlLyZcPAdtHjbMGgAVLvlNhE0mjiF8r70ZbkRNBaiFBDQuKcvOyXh6ZdG; path=/; domain=.tribalfusion.com; expires=Wed, 17-May-2023 08:16:15 GMT;
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d70e4eb7b962-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

chrome.exe

Remote address:

104.18.24.173:443

Request

GET /i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP/2.0
host: a.tribalfusion.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: ANON_ID=aknsuBtlix88qyTAZbCqMTRNZcUkHlLyZcPAdtHjbMGgAVLvlNhE0mjiF8r70ZbkRNBaiFBDQuKcvOyXh6ZdG

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:17 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache
cache-control: private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=apnuBsRkP6j6eCno7bTeIjVZanegytQZbmiT0a6Sxpklov7pVjE7SZbvAtTrkhj6vFaelU8oClKZbZaHfJa9mQxkBLaS6yTCyMJWgYarGQunRAhIo; path=/; domain=.tribalfusion.com; expires=Wed, 17-May-2023 08:16:17 GMT; SameSite=None; Secure;
set-cookie: ANON_ID_old=apnuBsRkP6j6eCno7bTeIjVZanegytQZbmiT0a6Sxpklov7pVjE7SZbvAtTrkhj6vFaelU8oClKZbZaHfJa9mQxkBLaS6yTCyMJWgYarGQunRAhIo; path=/; domain=.tribalfusion.com; expires=Wed, 17-May-2023 08:16:17 GMT;
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d71a9f04b962-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET

https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID

chrome.exe

Remote address:

108.156.60.46:443

Request

GET /c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP/2.0
host: s.ad.smaato.net
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://sync.quantumdex.io/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

server: CloudFront
date: Thu, 16 Feb 2023 08:16:14 GMT
content-length: 0
cache-control: no-cache, must-revalidate
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.quantumdex.io/setuid?bidder=smaato&uid=dd5e0fca
set-cookie: SCM=dd5e0fca; Expires=Thu, 09 Mar 2023 08:16:14 GMT; Domain=.smaato.net; SameSite=None; Path=/; Secure
set-cookie: SCMp=dd5e0fca; Expires=Sun, 26 Feb 2023 20:16:14 GMT; Domain=.smaato.net; Path=/; SameSite=None; Secure
x-cache: GeneratedResponse from cloudfront
via: 1.1 db3ad39d2b444e5c9e38affc6638a5cc.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-amz-cf-id: y_dVWqlcjTrYho7ujjvjhYOyKqPTfii6pmdljY3OFZ9we2W0sWOikw==
GET

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

chrome.exe

Remote address:

213.155.156.164:443

Request

GET /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP/2.0
host: d5p.de17a.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

chrome.exe

Remote address:

178.250.0.163:443

Request

GET /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP/2.0
host: dis.criteo.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=b283464d-57ab-4fcd-911d-e1507851678b

Response

HTTP/2.0 302

date: Thu, 16 Feb 2023 08:16:14 GMT
server: Kestrel
content-length: 0
location: https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
server-processing-duration-in-ticks: 100291
strict-transport-security: max-age=31536000; preload;
GET

https://pixel.onaudience.com/?partner=214&mapped=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&gdpr=0&gdpr_consent=

chrome.exe

Remote address:

141.94.171.213:443

Request

GET /?partner=214&mapped=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&gdpr=0&gdpr_consent= HTTP/1.1
Host: pixel.onaudience.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

set-cookie: cookie=bb97073075a6d23c; Max-Age=31536000; Expires=Fri, 16 Feb 2024 08:16:14 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
set-cookie: done_redirects219=1; Max-Age=86400; Expires=Fri, 17 Feb 2023 08:16:14 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
location: https://spl.zeotap.com?zdid=1332&zcluid=bb97073075a6d23c
content-length: 0
GET

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&gdpr=

chrome.exe

Remote address:

35.201.96.126:443

Request

GET /p.gif?ev=sync&p=pm&pm_uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&gdpr= HTTP/2.0
host: visitor.fiftyt.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&gdpr=&fbounce=1

chrome.exe

Remote address:

35.201.96.126:443

Request

GET /p.gif?ev=sync&p=pm&pm_uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&gdpr=&fbounce=1 HTTP/2.0
host: visitor.fiftyt.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: fifid=2e38dfd6-cd30-4208-517a-3df144ce8fb3
cookie: cs=MTY3NjUzNTM3NHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fKHlxqf2WWKgd00hFjOQd-2FZuhDc3Ow0usDzPHJUDUc
GET

https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

chrome.exe

Remote address:

23.206.96.118:443

Request

GET /usync.html?p=pbs-valueimpression&endpoint=us-east HTTP/1.1
Host: eus.rubiconproject.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Feb 2023 08:16:15 GMT
Connection: keep-alive
Vary: Accept-Encoding
GET

https://eus.rubiconproject.com/usync.js

chrome.exe

Remote address:

23.206.96.118:443

Request

GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 16 Feb 2023 07:33:07 GMT
Content-Encoding: gzip
Content-Length: 10007
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=83808
Expires: Fri, 17 Feb 2023 07:33:04 GMT
Date: Thu, 16 Feb 2023 08:16:16 GMT
Connection: keep-alive
Vary: Accept-Encoding
GET

https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

chrome.exe

Remote address:

182.161.73.146:443

Request

GET /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP/2.0
host: widget.as.criteo.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=b283464d-57ab-4fcd-911d-e1507851678b

Response

HTTP/2.0 302

date: Thu, 16 Feb 2023 08:16:15 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
expires: Thu, 16 Feb 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2345009
strict-transport-security: max-age=31536000; preload;
GET

https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js

chrome.exe

Remote address:

212.77.98.32:443

Request

GET /wpjslib6/wpjslib-sync.js HTTP/2.0
host: std.wpcdn.pl
origin: https://ssp.wp.pl
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://ssp.wp.pl/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=ua-04d6f459-8757-3f03-ba4d-9194c24780dd&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wNGQ2ZjQ1OS04NzU3LTNmMDMtYmE0ZC05MTk0YzI0NzgwZGQQ____________ASpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtMDRkNmY0NTktODc1Ny0zZjAzLWJhNGQtOTE5NGMyNDc4MGRkMgIaBjgB

chrome.exe

Remote address:

8.2.111.13:443

Request

GET /a6da5bf591376177b08e1eb90117169d.gif?puid=ua-04d6f459-8757-3f03-ba4d-9194c24780dd&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wNGQ2ZjQ1OS04NzU3LTNmMDMtYmE0ZC05MTk0YzI0NzgwZGQQ____________ASpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtMDRkNmY0NTktODc1Ny0zZjAzLWJhNGQtOTE5NGMyNDc4MGRkMgIaBjgB HTTP/1.1
Host: cs.iqzone.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://sync.quantumdex.io/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 400 Bad Request

Server: nginx
Date: Thu, 16 Feb 2023 08:16:16 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
GET

https://spl.zeotap.com/?zdid=1332&zcluid=bb97073075a6d23c

chrome.exe

Remote address:

172.67.13.182:443

Request

GET /?zdid=1332&zcluid=bb97073075a6d23c HTTP/2.0
host: spl.zeotap.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Thu, 16 Feb 2023 08:16:16 GMT
content-type: text/html; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3bd2438-86d4-4ee4-5dc0-45c9e3f9fe7d&reqId=72051f62-78b7-47dd-669f-5ee3a2d88bd0&zcluid=bb97073075a6d23c&zdid=1332
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.pubmatic.com
set-cookie: zc=c3bd2438-86d4-4ee4-5dc0-45c9e3f9fe7d; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
set-cookie: zsc=%BC%CF8%0A%24%07%5D%DB%8E%11E%03%F8%83%7B%40%97~%29k%861%CF%9B%EA%E3%7B%88%7C%1F%97%24NpH%3E%AE%25%A1%9A%7B%8C7K2%8D%A4%2A%F9%EB%29%C6X%1B%E7%DDtv%EA%B0%EE%80%1Cy%EC%C2%1Dx%EE%D3M%FF%9APs%FAkId4%88i9; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d71549c60a48-AMS
GET

https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3bd2438-86d4-4ee4-5dc0-45c9e3f9fe7d&reqId=72051f62-78b7-47dd-669f-5ee3a2d88bd0&zcluid=bb97073075a6d23c&zdid=1332&google_error=15

chrome.exe

Remote address:

172.67.13.182:443

Request

GET /mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3bd2438-86d4-4ee4-5dc0-45c9e3f9fe7d&reqId=72051f62-78b7-47dd-669f-5ee3a2d88bd0&zcluid=bb97073075a6d23c&zdid=1332&google_error=15 HTTP/2.0
host: mwzeom.zeotap.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: zc=c3bd2438-86d4-4ee4-5dc0-45c9e3f9fe7d
cookie: zsc=%BC%CF8%0A%24%07%5D%DB%8E%11E%03%F8%83%7B%40%97~%29k%861%CF%9B%EA%E3%7B%88%7C%1F%97%24NpH%3E%AE%25%A1%9A%7B%8C7K2%8D%A4%2A%F9%EB%29%C6X%1B%E7%DDtv%EA%B0%EE%80%1Cy%EC%C2%1Dx%EE%D3M%FF%9APs%FAkId4%88i9

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:16 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.pubmatic.com
set-cookie: zc=c3bd2438-86d4-4ee4-5dc0-45c9e3f9fe7d; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d71a08310a48-AMS
GET

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B

chrome.exe

Remote address:

172.67.13.182:443

Request

GET /mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B HTTP/2.0
host: mwzeom.zeotap.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: zsc=%BC%CF8%0A%24%07%5D%DB%8E%11E%03%F8%83%7B%40%97~%29k%861%CF%9B%EA%E3%7B%88%7C%1F%97%24NpH%3E%AE%25%A1%9A%7B%8C7K2%8D%A4%2A%F9%EB%29%C6X%1B%E7%DDtv%EA%B0%EE%80%1Cy%EC%C2%1Dx%EE%D3M%FF%9APs%FAkId4%88i9
cookie: zc=c3bd2438-86d4-4ee4-5dc0-45c9e3f9fe7d

Response

HTTP/2.0 200

date: Thu, 16 Feb 2023 08:16:17 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.pubmatic.com
set-cookie: zc=c3bd2438-86d4-4ee4-5dc0-45c9e3f9fe7d; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 79a4d71dcd590a48-AMS
GET

https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEYuE7H280AACADXh_osw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0

chrome.exe

Remote address:

185.86.138.151:443

Request

GET /redir?partnerid=127&partneruserid=AAEYuE7H280AACADXh_osw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP/1.1
Host: rtb-csync.smartadserver.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Thu, 16 Feb 2023 08:16:15 GMT
cache-control: no-cache,no-store
location: https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1694303751891431627&gdpr=0&gdpr_consent=
pragma: no-cache
set-cookie: pid=1694303751891431627; expires=Sat, 16 Mar 2024 08:16:16 GMT; domain=smartadserver.com; path=/; SameSite=None; secure
set-cookie: TestIfCookieP=ok; expires=Sat, 16 Mar 2024 08:16:16 GMT; domain=smartadserver.com; path=/; SameSite=None; secure
set-cookie: csync=127:AAEYuE7H280AACADXh_osw; expires=Fri, 16 Feb 2024 08:16:16 GMT; domain=smartadserver.com; path=/; SameSite=None; secure
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D

chrome.exe

Remote address:

185.80.39.216:443

Request

GET /rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP/1.1
Host: dsum-sec.casalemedia.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ssum-sec.casalemedia.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: CMPS=1161; CMPRO=1161; CMID=Y.3mTaZpbrcFP0dlQKNcNQAA

Response

HTTP/1.1 302 Found

Date: Thu, 16 Feb 2023 08:16:16 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y.3mTaZpbrcFP0dlQKNcNQAA
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=Y.3mTaZpbrcFP0dlQKNcNQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 16 Feb 2024 08:16:16 GMT; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: CMPRO=1161; Path=/; Domain=casalemedia.com; Expires=Wed, 17 May 2023 08:16:16 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
GET

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1908b1f7-6545-4cef-89d1-a9641efa1e87&expiration=1679127376&gdpr=0&gdpr_consent=

chrome.exe

Remote address:

185.80.39.216:443

Request

GET /rum?cm_dsp_id=39&external_user_id=1908b1f7-6545-4cef-89d1-a9641efa1e87&expiration=1679127376&gdpr=0&gdpr_consent= HTTP/1.1
Host: dsum-sec.casalemedia.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ssum-sec.casalemedia.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: CMPS=1161; CMPRO=1161; CMID=Y.3mTaZpbrcFP0dlQKNcNQAA

Response

HTTP/1.1 200 OK

Date: Thu, 16 Feb 2023 08:16:16 GMT
Server: Apache
Cache-Control: no-cache
Content-Type: image/gif
Expires: 0
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 43
Set-Cookie: CMID=Y.3mTaZpbrcFP0dlQKNcNQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 16 Feb 2024 08:16:16 GMT; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: CMPRO=1161; Path=/; Domain=casalemedia.com; Expires=Wed, 17 May 2023 08:16:16 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=499
Connection: Keep-Alive
GET

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_3mTwAHg5b91QA_

chrome.exe

Remote address:

185.80.39.216:443

Request

GET /rum?cm_dsp_id=88&external_user_id=Y_3mTwAHg5b91QA_ HTTP/1.1
Host: dsum-sec.casalemedia.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ssum-sec.casalemedia.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: CMPS=1161; CMPRO=1161; CMID=Y.3mTaZpbrcFP0dlQKNcNQAA

Response

HTTP/1.1 200 OK

Date: Thu, 16 Feb 2023 08:16:16 GMT
Server: Apache
Cache-Control: no-cache
Content-Type: image/gif
Expires: 0
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 43
Set-Cookie: CMID=Y.3mTaZpbrcFP0dlQKNcNQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 16 Feb 2024 08:16:16 GMT; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: CMPRO=1161; Path=/; Domain=casalemedia.com; Expires=Wed, 17 May 2023 08:16:16 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
GET

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=94LPvqNcSaJ8Ot5wQvZY8Jo9Rw0

chrome.exe

Remote address:

185.80.39.216:443

Request

GET /rum?cm_dsp_id=123&external_user_id=94LPvqNcSaJ8Ot5wQvZY8Jo9Rw0 HTTP/1.1
Host: dsum-sec.casalemedia.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ssum-sec.casalemedia.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: CMPS=1161; CMPRO=1161; CMID=Y.3mTaZpbrcFP0dlQKNcNQAA

Response

HTTP/1.1 200 OK

Date: Thu, 16 Feb 2023 08:16:16 GMT
Server: Apache
Cache-Control: no-cache
Content-Type: image/gif
Expires: 0
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 43
Set-Cookie: CMID=Y.3mTaZpbrcFP0dlQKNcNQAA; Path=/; Domain=casalemedia.com; Expires=Fri, 16 Feb 2024 08:16:16 GMT; Max-Age=31536000; Secure; SameSite=None
Set-Cookie: CMPRO=1161; Path=/; Domain=casalemedia.com; Expires=Wed, 17 May 2023 08:16:16 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
GET

https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEYuE7H280AACADXh_osw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1694303751891431627%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0

chrome.exe

Remote address:

74.214.196.131:443

Request

GET /bh/rtset?do=add&pid=558502&ev=AAEYuE7H280AACADXh_osw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1694303751891431627%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP/2.0
host: bh.contextweb.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ff947cffd-7jf9z
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: V=3Vu64hdKgGL5;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 11-Feb-2024 08:16:17 GMT;Max-Age=31104000;SameSite=None
set-cookie: pb_rtb_ev=3-1iyr|7dN.0.AAEYuE7H280AACADXh_osw;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Fri, 16-Feb-2024 08:16:17 GMT;Max-Age=31536000;SameSite=None
location: https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1694303751891431627&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEYuE7H280AACADXh_osw&pid=558502&do=add&gdpr=0
server: Jetty(9.4.50.v20221201)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=393219ad53295ae2; path=/; HttpOnly; Secure; SameSite=None
GET

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

chrome.exe

Remote address:

35.214.223.115:443

Request

GET /?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP/2.0
host: csync.loopme.me
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

set-cookie: viewer_token=997396f7-d51b-4adc-bc50-b3b4508ff02c; path=/; domain=csync.loopme.me; secure; HttpOnly; Expires=Tue, 16-May-2023 08:16:17 GMT; SameSite=None
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
content-length: 0
date: Thu, 16 Feb 2023 08:16:17 GMT
server: _
GET

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]

chrome.exe

Remote address:

35.186.193.173:443

Request

GET /int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id] HTTP/2.0
host: ipac.ctnsnet.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=

chrome.exe

Remote address:

141.94.161.190:443

Request

GET /pubmatic/cm?gdpr=0&gdpr_consent= HTTP/1.1
Host: green.erne.co
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

server: envoy
date: Thu, 16 Feb 2023 08:16:17 GMT
content-type: text/html
content-length: 145
location: https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent
x-envoy-upstream-service-time: 0
GET

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&sInitiator=external&gdpr=0&gdpr_consent=

chrome.exe

Remote address:

77.243.60.138:443

Request

GET /pubmatic/1/info?sType=sync&sExtCookieId=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&sInitiator=external&gdpr=0&gdpr_consent= HTTP/1.1
Host: uipglob.semasio.net
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

location: https://uipus.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&sInitiator=external&gdpr=0&gdpr_consent=
date: Thu, 16 Feb 2023 08:16:23 GMT
content-length: 0
routing-server-id: -1
access-control-allow-origin: *
GET

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=

chrome.exe

Remote address:

46.228.164.11:443

Request

GET /r/cs?pid=1&gdpr=0&gdpr_consent= HTTP/2.0
host: ad.turn.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=8483595377066198732; Domain=.turn.com; Expires=Tue, 15-Aug-2023 08:16:17 GMT; Path=/; Secure; SameSite=None
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8483595377066198732&gdpr=0&gdpr_consent=&us_privacy=
content-length: 0
date: Thu, 16 Feb 2023 08:16:16 GMT
GET

https://ad.turn.com/r/cs?pid=45&rndcb=8784340716

chrome.exe

Remote address:

46.228.164.11:443

Request

GET /r/cs?pid=45&rndcb=8784340716 HTTP/2.0
host: ad.turn.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=8483595377066198732

Response

HTTP/2.0 302

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=8483595377066198732; Domain=.turn.com; Expires=Tue, 15-Aug-2023 08:16:18 GMT; Path=/; Secure; SameSite=None
location: https://sync.1rx.io/usersync/turn/8483595377066198732?dspret=1&gdpr=&gdpr_consent=&us_privacy=
content-length: 0
date: Thu, 16 Feb 2023 08:16:17 GMT
GET

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

chrome.exe

Remote address:

178.62.202.251:443

Request

GET /pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP/1.1
Host: match.adsby.bidtheatre.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 302

Date: Thu, 16 Feb 2023 08:16:17 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Set-Cookie: __kuid=0520f04a-0a1a-4215-87e4-0fb2c607ffaa.445749377; Max-Age=604800; Domain=.adsby.bidtheatre.com; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:0520f04a-0a1a-4215-87e4-0fb2c607ffaa&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Content-Length: 0
Keep-Alive: timeout=5, max=3000
Connection: Keep-Alive
GET

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

chrome.exe

Remote address:

34.102.253.54:443

Request

GET /usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP/2.0
host: ads.playground.xyz
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=

chrome.exe

Remote address:

34.111.129.221:443

Request

GET /cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP/2.0
host: cr.frontend.weborama.fr
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=644991552

chrome.exe

Remote address:

34.111.129.221:443

Request

GET /cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=644991552 HTTP/2.0
host: cr.frontend.weborama.fr
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AFFICHE_W=LIksEWUsnRgs47
GET

https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent

chrome.exe

Remote address:

146.59.148.16:443

Request

GET /?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP/1.1
Host: pixel-eu.onaudience.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: cookie=bb97073075a6d23c; done_redirects219=1

Response

HTTP/1.1 302 Found

set-cookie: cookie=bb97073075a6d23c; Max-Age=31536000; Expires=Fri, 16 Feb 2024 08:16:17 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
set-cookie: done_redirects104=1; Max-Age=86400; Expires=Fri, 17 Feb 2023 08:16:17 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
location: https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=bb97073075a6d23c/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhhRTaTYaTVgUQXYj%2526gdpr%253D0%2526gdpr_consent%253D
content-length: 0
GET

https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=a368a3a75e4fb9c949f104432f9d214d&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhhRTaTYaTVgUQXYj%26gdpr%3D0%26gdpr_consent%3D

chrome.exe

Remote address:

146.59.148.16:443

Request

GET /?partner=104&icm&cver&mapped=a368a3a75e4fb9c949f104432f9d214d&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhhRTaTYaTVgUQXYj%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1
Host: pixel-eu.onaudience.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: done_redirects219=1; cookie=bb97073075a6d23c; done_redirects104=1

Response

HTTP/1.1 302 Found

set-cookie: cookie=bb97073075a6d23c; Max-Age=31536000; Expires=Fri, 16 Feb 2024 08:16:18 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhhRTaTYaTVgUQXYj&gdpr=0&gdpr_consent=
content-length: 0
GET

https://vast.sunmedia.tv/8d915b72-4b0e-4789-9301-0943304f5827?rnd=7507099092715093&gdpr=0&gdpr_consent=&referrerurl=https://www.letrasboom.com/&rw=350&rh=196.875

chrome.exe

Remote address:

51.89.67.82:443

Request

GET /8d915b72-4b0e-4789-9301-0943304f5827?rnd=7507099092715093&gdpr=0&gdpr_consent=&referrerurl=https://www.letrasboom.com/&rw=350&rh=196.875 HTTP/1.1
Host: vast.sunmedia.tv
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Origin: https://www.letrasboom.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.letrasboom.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Feb 2023 08:16:20 GMT
Content-Type: text/xml
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.letrasboom.com
Cache-Control: no-cache
X-Device: desktop
Content-Encoding: gzip
Age: 0
TP-Cache: MISS
Access-Control-Allow-Methods: GET
GET

https://static.sunmedia.tv/sdks/invpaid/invpaid.js?it=8d915b72-4b0e-4789-9301-0943304f5827&rnd=7507099092715093&gdpr=0&gdpr_consent=&referrerurl=https://www.letrasboom.com/&rw=350&rh=196.875

chrome.exe

Remote address:

54.38.37.49:443

Request

GET /sdks/invpaid/invpaid.js?it=8d915b72-4b0e-4789-9301-0943304f5827&rnd=7507099092715093&gdpr=0&gdpr_consent=&referrerurl=https://www.letrasboom.com/&rw=350&rh=196.875 HTTP/1.1
Host: static.sunmedia.tv
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://www.letrasboom.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Feb 2023 08:16:20 GMT
Content-Type: application/javascript
Content-Length: 56517
Connection: keep-alive
Last-Modified: Thu, 09 Feb 2023 14:04:26 GMT
Content-Encoding: gzip
Cache-control: max-age=0, s-maxage=31536000
X-Device: desktop
Accept-Ranges: bytes
Age: 0
TP-Cache: MISS
Vary: Accept-Encoding
GET

https://services.sunmedia.tv/geotarget/geocity.php

chrome.exe

Remote address:

51.91.154.17:443

Request

GET /geotarget/geocity.php HTTP/1.1
Host: services.sunmedia.tv
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Origin: https://www.letrasboom.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.letrasboom.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Feb 2023 08:16:23 GMT
Content-Type: application/json
Content-Length: 428
Connection: keep-alive
Cache-control: max-age=0, s-maxage=3600
X-Device: mobile
Accept-Ranges: bytes
Age: 1409
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.letrasboom.com
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://es-sunicontent.videoplaza.tv/proxy/distributor/v2?s=DigitalGreenPR/LetrasBoomDesktop&tt=p&rt=vast_2.0&rnd=7507099092715093&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent=1&ru=https://www.letrasboom.com/&vht=196.875&vwt=350&cp.schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,,&t=T28

chrome.exe

Remote address:

34.107.223.103:443

Request

GET /proxy/distributor/v2?s=DigitalGreenPR/LetrasBoomDesktop&tt=p&rt=vast_2.0&rnd=7507099092715093&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent=1&ru=https://www.letrasboom.com/&vht=196.875&vwt=350&cp.schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,,&t=T28 HTTP/2.0
host: es-sunicontent.videoplaza.tv
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
origin: https://www.letrasboom.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://es-sunicontent.videoplaza.tv/proxy/tracker/v2?pid=34ced21b-add2-11ed-97a0-bad833858bf4&t=T28&tid=34ceab0a-add2-11ed-97a0-bad833858bf4&pf=fl_11&dcid=03f060e8-4a4b-4c8d-b6fe-49bb464e4e0d&cf=short_form&s=DigitalGreenPR/LetrasBoomDesktop&loc=COQCEKgKGKHzAyCi3RUtH4WZQTVm5pFCOgV0aGFuZUIGNDAwNjA0&rbp=1&aid=0&tt=p&e=0&ua=%5Bua%5D&uc=%5Buc%5D&pf=fl_11

chrome.exe

Remote address:

34.107.223.103:443

Request

GET /proxy/tracker/v2?pid=34ced21b-add2-11ed-97a0-bad833858bf4&t=T28&tid=34ceab0a-add2-11ed-97a0-bad833858bf4&pf=fl_11&dcid=03f060e8-4a4b-4c8d-b6fe-49bb464e4e0d&cf=short_form&s=DigitalGreenPR/LetrasBoomDesktop&loc=COQCEKgKGKHzAyCi3RUtH4WZQTVm5pFCOgV0aGFuZUIGNDAwNjA0&rbp=1&aid=0&tt=p&e=0&ua=%5Bua%5D&uc=%5Buc%5D&pf=fl_11 HTTP/2.0
host: es-sunicontent.videoplaza.tv
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.letrasboom.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: pid=34ced21b-add2-11ed-97a0-bad833858bf4
cookie: VP-DMP=
GET

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkvOQ-8yZ_QIVYNERCB1UOQxdEAAYACCzjqVZQhMIzN3a-syZ_QIVHKD9Bx05ng2V;met=1;&timestamp=1676538984260;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

chrome.exe

Remote address:

216.58.214.2:443

Request

GET /ddm/activity/dc_oe=ChMIkvOQ-8yZ_QIVYNERCB1UOQxdEAAYACCzjqVZQhMIzN3a-syZ_QIVHKD9Bx05ng2V;met=1;&timestamp=1676538984260;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10; HTTP/2.0
host: ade.googlesyndication.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://track.sunmedia.tv/?ap=smptf&it=8d915b72-4b0e-4789-9301-0943304f5827&tp=req&pb=1&pos=0&loop=1

chrome.exe

Remote address:

51.89.67.82:443

Request

GET /?ap=smptf&it=8d915b72-4b0e-4789-9301-0943304f5827&tp=req&pb=1&pos=0&loop=1 HTTP/1.1
Host: track.sunmedia.tv
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.letrasboom.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Feb 2023 08:16:25 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 15 Nov 2018 09:59:07 GMT
Cache-control: max-age=0, s-maxage=31536000
X-Device: mobile
Accept-Ranges: bytes
Age: 10888
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
GET

https://track.sunmedia.tv/?ap=smptf&it=8d915b72-4b0e-4789-9301-0943304f5827&tp=unf&pb=1&pos=0&loop=1

chrome.exe

Remote address:

51.89.67.82:443

Request

GET /?ap=smptf&it=8d915b72-4b0e-4789-9301-0943304f5827&tp=unf&pb=1&pos=0&loop=1 HTTP/1.1
Host: track.sunmedia.tv
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.letrasboom.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Feb 2023 08:16:27 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 15 Nov 2018 09:59:07 GMT
Cache-control: max-age=0, s-maxage=31536000
X-Device: mobile
Accept-Ranges: bytes
Age: 10889
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
GET

https://track.sunmedia.tv/?ap=smptf&it=8d915b72-4b0e-4789-9301-0943304f5827&tp=op&pb=1&pos=0&loop=1

chrome.exe

Remote address:

51.89.67.82:443

Request

GET /?ap=smptf&it=8d915b72-4b0e-4789-9301-0943304f5827&tp=op&pb=1&pos=0&loop=1 HTTP/1.1
Host: track.sunmedia.tv
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.letrasboom.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: nginx
Date: Thu, 16 Feb 2023 08:16:25 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 15 Nov 2018 09:59:07 GMT
Cache-control: max-age=0, s-maxage=31536000
X-Device: mobile
Accept-Ranges: bytes
Age: 10888
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
GET

https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=-477876532&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,,

chrome.exe

Remote address:

217.182.178.225:443

Request

GET /ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=-477876532&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,, HTTP/1.1
Host: www8.smartadserver.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Origin: https://www.letrasboom.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.letrasboom.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: pid=1694303751891431627; TestIfCookieP=ok; csync=127:AAEYuE7H280AACADXh_osw

Response

HTTP/1.1 200 OK

content-type: text/xml; charset=UTF-8
date: Thu, 16 Feb 2023 08:16:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.letrasboom.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: vs=134551=5325616; domain=.smartadserver.com; path=/; secure; samesite=none
set-cookie: pid=1694303751891431627; expires=Fri, 16 Feb 2024 08:16:26 GMT; domain=.smartadserver.com; path=/; secure; samesite=none
set-cookie: sasd2=q=%24qc%3D1307002411%3B%24ql%3DHigh%3B%24qpc%3D1101%3B%24qt%3D212_914_28045t%3B%24dma%3D0&c=1&l=1251548209&lo=558070541&lt=638121321861291655&o=1; expires=Fri, 17 Feb 2023 08:16:26 GMT; domain=.smartadserver.com; path=/; secure; samesite=none
set-cookie: sasd=%24qc%3D1307002411%3B%24ql%3DHigh%3B%24qpc%3D1101%3B%24qt%3D212_914_28045t%3B%24dma%3D0; expires=Fri, 17 Feb 2023 08:16:26 GMT; domain=.smartadserver.com; path=/; secure; samesite=none
transfer-encoding: chunked
vary: Accept-Encoding
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET

https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=-536736847&vph=196.875&vpw=350&pgDomain=https://www.letrasboom.com/&vpaidt=js&vpaidv=1,2&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,,

chrome.exe

Remote address:

217.182.178.225:443

Request

GET /ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=-536736847&vph=196.875&vpw=350&pgDomain=https://www.letrasboom.com/&vpaidt=js&vpaidv=1,2&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,, HTTP/1.1
Host: www8.smartadserver.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Origin: https://www.letrasboom.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.letrasboom.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: TestIfCookieP=ok; csync=127:AAEYuE7H280AACADXh_osw; pid=1694303751891431627; vs=134551=5325616; sasd2=q=%24qc%3D1307002411%3B%24ql%3DHigh%3B%24qpc%3D1101%3B%24qt%3D212_914_28045t%3B%24dma%3D0&c=1&l=1251548209&lo=558070541&lt=638121321861291655&o=1; sasd=%24qc%3D1307002411%3B%24ql%3DHigh%3B%24qpc%3D1101%3B%24qt%3D212_914_28045t%3B%24dma%3D0

Response

HTTP/1.1 200 OK

content-type: text/xml; charset=UTF-8
date: Thu, 16 Feb 2023 08:16:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.letrasboom.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: vs=134551=5325616; domain=.smartadserver.com; path=/; secure; samesite=none
set-cookie: pid=1694303751891431627; expires=Fri, 16 Feb 2024 08:16:26 GMT; domain=.smartadserver.com; path=/; secure; samesite=none
transfer-encoding: chunked
vary: Accept-Encoding
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET

https://creatives.sascdn.com/shim.gif

chrome.exe

Remote address:

23.72.252.144:443

Request

GET /shim.gif HTTP/1.1
Host: creatives.sascdn.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://www.letrasboom.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Type: image/gif
ETag: "221d8352905f2c38b3cb2bd191d630b0:1534508580"
Last-Modified: Fri, 17 Aug 2018 12:23:00 GMT
Server: AkamaiNetStorage
Content-Length: 43
Cache-Control: max-age=31536000
Expires: Fri, 16 Feb 2024 08:16:26 GMT
Date: Thu, 16 Feb 2023 08:16:26 GMT
Connection: keep-alive
GET

https://ww2951.smartadserver.com/ac?siteid=310175&pgid=1121103&fmtid=61639&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1835602738&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,,

chrome.exe

Remote address:

178.32.210.226:443

Request

GET /ac?siteid=310175&pgid=1121103&fmtid=61639&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1835602738&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,, HTTP/1.1
Host: ww2951.smartadserver.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Origin: https://www.letrasboom.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.letrasboom.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: TestIfCookieP=ok; csync=127:AAEYuE7H280AACADXh_osw; pid=1694303751891431627; sasd2=q=%24qc%3D1307002411%3B%24ql%3DHigh%3B%24qpc%3D1101%3B%24qt%3D212_914_28045t%3B%24dma%3D0&c=1&l=1251548209&lo=558070541&lt=638121321861291655&o=1; sasd=%24qc%3D1307002411%3B%24ql%3DHigh%3B%24qpc%3D1101%3B%24qt%3D212_914_28045t%3B%24dma%3D0; vs=134551=5325616

Response

HTTP/1.1 200 OK

content-type: text/xml; charset=UTF-8
date: Thu, 16 Feb 2023 08:16:26 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.letrasboom.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: vs=134551=5325616&310175=5325616; domain=.smartadserver.com; path=/; secure; samesite=none
set-cookie: pid=1694303751891431627; expires=Fri, 16 Feb 2024 08:16:26 GMT; domain=.smartadserver.com; path=/; secure; samesite=none
transfer-encoding: chunked
vary: Accept-Encoding
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET

https://www14.smartadserver.com/ac?siteid=295430&pgid=1083836&fmtid=76623&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=817976039&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,,

chrome.exe

Remote address:

185.86.138.16:443

Request

GET /ac?siteid=295430&pgid=1083836&fmtid=76623&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=817976039&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,, HTTP/1.1
Host: www14.smartadserver.com
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Origin: https://www.letrasboom.com
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://www.letrasboom.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: TestIfCookieP=ok; csync=127:AAEYuE7H280AACADXh_osw; pid=1694303751891431627; sasd2=q=%24qc%3D1307002411%3B%24ql%3DHigh%3B%24qpc%3D1101%3B%24qt%3D212_914_28045t%3B%24dma%3D0&c=1&l=1251548209&lo=558070541&lt=638121321861291655&o=1; sasd=%24qc%3D1307002411%3B%24ql%3DHigh%3B%24qpc%3D1101%3B%24qt%3D212_914_28045t%3B%24dma%3D0; vs=134551=5325616&310175=5325616

Response

HTTP/1.1 200 OK

content-type: text/xml; charset=UTF-8
date: Thu, 16 Feb 2023 08:16:26 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.letrasboom.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: vs=134551=5325616&310175=5325616&295430=5325616; domain=.smartadserver.com; path=/; secure; samesite=none
set-cookie: pid=1694303751891431627; expires=Fri, 16 Feb 2024 08:16:26 GMT; domain=.smartadserver.com; path=/; secure; samesite=none
transfer-encoding: chunked
vary: Accept-Encoding
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

142.251.36.45:443

https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard

tls, http2

chrome.exe

1.7kB
7.2kB
15
15

HTTP Request

POST https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
172.217.168.238:443

https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D188%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D188%2526e%253D1

tls, http2

chrome.exe

2.0kB
9.3kB
14
16

HTTP Request

GET https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D188%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D188%2526e%253D1
172.67.190.73:80

http://www.letrasboom.com/

http

chrome.exe

667 B
1.6kB
5
5

HTTP Request

GET http://www.letrasboom.com/

HTTP Response

301
172.67.190.73:80

www.letrasboom.com

chrome.exe

190 B
132 B
4
3
34.104.35.123:80

http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crx

http

chrome.exe

4.8kB
256.6kB
96
187

HTTP Request

GET http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvNzI0QUFXNV9zT2RvdUwyMERESEZGVmJnQQ/1.0.0.6_nmmhkkegccagdldgiimedpiccmgmieda.crx

HTTP Response

200
172.67.190.73:443

https://www.letrasboom.com/thumbs/artistas/50_1654230387.jpg

tls, http2

chrome.exe

29.8kB
879.3kB
454
760

HTTP Request

GET https://www.letrasboom.com/

HTTP Response

200

HTTP Request

GET https://www.letrasboom.com/css/AdminLTE.css

HTTP Request

GET https://www.letrasboom.com/css/front.css

HTTP Request

GET https://www.letrasboom.com/css/skins/skin-red.css

HTTP Request

GET https://www.letrasboom.com/css/noty.css

HTTP Request

GET https://www.letrasboom.com/css/player.css

HTTP Request

GET https://www.letrasboom.com/css/playeraudio.css

HTTP Request

GET https://www.letrasboom.com/css/responsive.css

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/195_1631760609.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/195_1538607003.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/195_1539837574.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/195_1585893489.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/195_1635476248.jpg

HTTP Response

200

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/195_1649946229.jpg

HTTP Request

GET https://www.letrasboom.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.letrasboom.com/js/radiotitle.js

HTTP Request

GET https://www.letrasboom.com/js/jquery.cleanaudioplayer.min.js

HTTP Request

GET https://www.letrasboom.com/js/jquery.cleanvideoplayer.min.js

HTTP Request

GET https://www.letrasboom.com/plugins/noty/layouts/top.js

HTTP Request

GET https://www.letrasboom.com/plugins/noty/themes/default.js

HTTP Request

GET https://www.letrasboom.com/plugins/noty/jquery.noty.js

HTTP Request

GET https://www.letrasboom.com/js/main.js

HTTP Request

GET https://www.letrasboom.com/js/percircle.min.js

HTTP Request

GET https://www.letrasboom.com/img/logo.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.letrasboom.com/img/favicon.ico

HTTP Response

200

HTTP Request

GET https://www.letrasboom.com/img/load.gif

HTTP Response

200

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1649886344.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1622525503.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1675443376.jpg

HTTP Request

GET https://www.letrasboom.com/adslb.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.letrasboom.com/live/song

HTTP Response

200

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1541829084.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1665017211.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1541020194.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1657751802.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1538607003.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1541544354.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1628718389.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1670904712.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1650745049.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1541180013.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1630589139.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1494790867.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1661803835.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1624327988.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1539901328.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1539494917.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1674412547.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1538618196.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1639444377.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1661925755.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1620917277.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1634888987.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://www.letrasboom.com/live/song

HTTP Response

200

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1539385605.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1631678751.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1539144058.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1625462930.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1538941819.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1662035189.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1629823689.jpeg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1653029389.jpg

HTTP Request

GET https://www.letrasboom.com/thumbs/artistas/50_1654230387.jpg

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200
104.18.11.207:443

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

tls, http2

chrome.exe

2.0kB
20.2kB
20
24

HTTP Request

GET https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

HTTP Request

GET https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js

HTTP Response

200

HTTP Response

200
104.17.24.14:443

https://cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js

tls, http2

chrome.exe

2.3kB
22.3kB
27
27

HTTP Request

GET https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css

HTTP Request

GET https://cdnjs.cloudflare.com/ajax/libs/jquery_lazyload/1.9.7/jquery.lazyload.min.js

HTTP Response

200

HTTP Response

200
157.240.201.35:443

www.facebook.com

tls

chrome.exe

1.8kB
11.9kB
13
16
142.251.36.10:443

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

tls, http2

chrome.exe

2.4kB
37.9kB
31
33

HTTP Request

GET https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
18.65.39.84:443

https://cmp.optad360.io/items/35ee166a-3201-4cc7-a239-4fac6cf8bbf4.min.js

tls, http2

chrome.exe

1.6kB
7.7kB
13
16

HTTP Request

GET https://cmp.optad360.io/items/35ee166a-3201-4cc7-a239-4fac6cf8bbf4.min.js

HTTP Response

200
104.22.75.85:443

https://static.videoo.tv/videootv-player/videootv-player.min.1.0.8.js

tls, http2

chrome.exe

40.7kB
2.2MB
836
1589

HTTP Request

GET https://static.videoo.tv/b07559121e9d14312fc97f12ac8f4551b04a17099bd8725c53bd2d3b8133a4ae.js

HTTP Response

200

HTTP Request

GET https://static.videoo.tv/videootv-player/videootv-player.min.1.0.8.js

HTTP Response

200
108.156.60.9:443

https://get.optad360.io/sf/prebid7.17.0.js

tls, http2

chrome.exe

11.9kB
587.8kB
236
434

HTTP Request

GET https://get.optad360.io/sf/f8916de8-8bef-4e56-a4e1-3640ebc1adb7/plugin.min.js

HTTP Response

200

HTTP Request

GET https://get.optad360.io/sf/prebid7.17.0.js

HTTP Response

200
142.251.36.42:443

https://translate.googleapis.com/translate_a/l?client=chrome&hl=en&key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw

tls, http2

chrome.exe

1.6kB
8.1kB
14
14

HTTP Request

GET https://translate.googleapis.com/translate_a/l?client=chrome&hl=en&key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
104.18.11.207:443

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

tls, http2

chrome.exe

2.6kB
62.9kB
33
51

HTTP Request

GET https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

HTTP Response

200
157.240.247.8:443

connect.facebook.net

tls

chrome.exe

1.5kB
5.8kB
11
12
142.250.179.130:443

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

tls, http2

chrome.exe

15.1kB
112.8kB
88
137

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/html/r20230213/r20190131/zrt_lookup.html

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8529738176339949&output=html&adk=1812271804&adf=3025194257&lmt=1676538969&plat=1%3A1024%2C2%3A16778240%2C3%3A2097152%2C4%3A2097152%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.letrasboom.com%2F&ea=0&pra=5&wgl=1&dt=1676538967127&bpp=6&bdt=1205&idt=2018&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3590571353406&frm=20&pv=2&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=1&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&adx=-12245933&ady=-12245933&biw=1263&bih=561&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072408%2C44774606%2C44779794&oid=2&pvsid=314466341267225&tmod=1711111623&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C561&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2058

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8529738176339949&output=html&h=280&slotname=7258792395&adk=447111016&adf=4043329827&pi=t.ma~as.7258792395&w=1170&fwrn=4&fwrnh=100&lmt=1676538969&rafmt=1&format=1170x280&url=https%3A%2F%2Fwww.letrasboom.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1676538967133&bpp=3&bdt=1211&idt=2074&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3590571353406&frm=20&pv=1&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=1&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&adx=47&ady=110&biw=1263&bih=561&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31072408%2C44774606%2C44779794&oid=2&pvsid=314466341267225&tmod=1711111623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C561&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=YUHFxK7TJK&p=https%3A//www.letrasboom.com&dtd=2079

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8529738176339949&output=html&h=280&adk=4256748862&adf=2426917324&pi=t.aa~a.2301765837~rp.3&w=545&fwrn=4&fwrnh=100&lmt=1676538971&rafmt=1&to=qs&pwprc=1767027533&format=545x280&url=https%3A%2F%2Fwww.letrasboom.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1676538971647&bpp=10&bdt=5725&idt=-M&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280&nras=2&correlator=3590571353406&frm=20&pv=1&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=1&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&adx=647&ady=2516&biw=1263&bih=561&scr_x=0&scr_y=799&eid=44759876%2C44759927%2C44759837%2C31072408%2C44774606%2C44779794&oid=2&pvsid=314466341267225&tmod=1711111623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C561&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=2XDUw83Bot&p=https%3A//www.letrasboom.com&dtd=15

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/id

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8529738176339949&output=html&h=280&adk=4256748862&adf=3901308243&pi=t.aa~a.2301765486~rp.2&w=545&fwrn=4&fwrnh=100&lmt=1676538971&rafmt=1&to=qs&pwprc=1767027533&format=545x280&url=https%3A%2F%2Fwww.letrasboom.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1676538971647&bpp=2&bdt=5725&idt=2&shv=r20230213&mjsv=m202302090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1170x280%2C545x280&nras=3&correlator=3590571353406&frm=20&pv=1&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=1&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&adx=62&ady=2536&biw=1263&bih=561&scr_x=0&scr_y=799&eid=44759876%2C44759927%2C44759837%2C31072408%2C44774606%2C44779794&oid=2&pvsid=314466341267225&tmod=1711111623&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C561&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=5oQhVLRX16&p=https%3A//www.letrasboom.com&dtd=33

HTTP Request

GET https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDK5HkYpP2O4QEwAQ&v=APEucNUd2xRkABmVaNf1oZi3MCqphgNuAY98twXOJx-pDAzHIPFnROh2ULP_aSuWWbYg-0lVt6gIGMhsGqcxv1Y-k0b-NDiR8g

HTTP Request

GET https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CVMMLUkvUrDGODbd11cqh4Ygpyf30o5xB7eeB1EPC6tuLIaGuEJY7L_T1oLoGZUj1mqCdRf2n_L0wFXo2CpE6Kvihm_w&cry=1&dbm_d=AKAmf-C32NWT3mtrPmEpbjqgLPI_OqXQsw74CyEN6Cj4V7ymCEa_DE1i6UDITYadsuS8KVMQ7r3YSIEWlr52QSJlY3xtycO8JyWbZpGGO8dwlBBgwyza3poUkTuIsPqxaPji1czMh4l81Q06Jv0S7kO276STi7De-WdWJB59tIfVCXjhs1DLfds6p-VrgVwILq28DJ4CL4IWtES8pd2LdRzek35LIsY8D5onKzJzfgGH5ZPyYlyKdBNAkeYep4YvS0hjlgEU3657-UGkG5QFnbTUiaG47TQVmJKzyIi6P1eBcAPwVZBEQLE0eiDkt8NzUNRrHKUc1vD__aGGB3kF7xZvhlh8hvR8BWWw9bZJIWaA1F-Vw8mKxBsbVPOLYwb8IZ0nQMHrbEWgght9skgv9GGTqBqUZNLP1ekfQnpHnnIw81bqtVn5EClCkBrOFzkdIduA5hOufWb5goXJgcJE4-rM5fWiyNxd2F_YqvTGAsVx4fPAJTkzIgjXA-hmNKvx9dRRkwrySQYbyoEUy8IgHPFj5AjEnn-4s_Zyvw_-Is8jW_Ej0BPW5GhhkowqkCAmHpcX87-zs5FPtAPXbOknG18WHhfuqfAwYyWjK5KRA_KP8FFTmBzpRUmDIyijvhawswp2lDktPpWVRrj1dCwExqo2Y77kdwzqzq-iB_BFqOxnePNXH6_I5wc-t6NZdoQOgU7CaO12c1A6deREHyE-f-VyLBiIYh2qq8uzAIJ8deoubfXTZKZNfz4i0YjUe59q9LK4Q-MK0whYIOiUCmpaugTxKTK_ouIdk4lNxs-ihLn3gvG5zV8j64nUkphZuzMWTIoDsdLZFCqJmGJF6WBNZ8-IhpYvNPBQFgoOskWS2MkecNPvVQxlS2jIEnQz4CZIfd_7dNDYko0ZeylxvEoAmtc4sIMWSZaQxbz4cRVkgqa3hRDPDX9h4dw2JayWgj93TAMUe6z9Ygi9a3UxR1HKHt2iWDYgpe5Wn55QwEU9SI_szHa8h8p8Sl77-ECq2cM-4xlzbLOJY7plpgbfK6hqNiM60DJKUKQsF4ROd8vA33Drn386Z9mdBR1eaPL2d7iMIp25wk6mlk05wGpThQt8zyX-zWuJ1Yy4ER7_03FbtRMzj8GhPd7dBzDNPu6qStr2Yfj40AoJgtiauJlbtK0kKBVKyslUhUS3tvw-TwhAirnnOYL9BKkIb6FNIpFloAMVFqVN6p_dHNq5RKV_u6m2m9cFanVXYoXdjejRhRxF_TVd8kjLGoAvqs0z3vghlMrTfqgRJVU2_MGn9OhBZH2VOB7Tz3oieebGTSXM9YTqaPknlk1Iw7H24g8AlpERWkkYhft4RqX_QsoB-7veAYUJTC8wGCzgkRb41nRlSh1H-rKcJpMVw3OFNR_ydZVmCRjvj_tyD7oDy-3_jhKbWOsr1SfGvwWqo0xuCR6I4hjK6vjde6MHpzsTqNP3K5tk3VSDtFigw2_iJDFOeUFE3iLu1DK7A1bV38nIkNVqR5C1cc4JWlsRgVvZj9zKdrbj2U2-uZhZ_y2IVB3uCuiNNnLiO8Sl4ppT9N1_XxvlHe_wLd9KYr6yKWjKJgcMW5L4VzDDaKnTk8eLFfM-ypuJNUXAED6X77pNWKFQ2sF_tQ5PMdzgGPaNbAqHL7E2QGPUUAhLd8_SFsr-y-jixHCHZiJDQdzls0Me8yBDnJdpcWgL3lbejno4cdft450-OsFXc62IMxOvXmmGRLFr_1rFmaCqHNnmHSLyNxhEhF6QUuu3ntTCfQHIGwveKJAbWtlHIeUhvtGTSARMb65UUKp72S47CK0dWHLyudRisQI8KBV4So3Nc_LrdRG7J-1FKG8rKLcyTrKoz6E4vZf2_AvwIr9k-1Z_6YrFOedOg5xbP84gXvF7DBjq0rPwqSKge009YpF3oxrcIOIRaS3D-_Ojr3zDJqjfZi3ShWfQQo5Oo0V_cg6rCih3UjYekqnE0Adtvgj97A2PLWzgV-0DQZQ2HFiG-Fzo2F_lGJ4cGKixTAiUBnYSujXleu3heS0LQ4GV941Jf46Pz8MhbWJa_DqPKK79aaEVkile3kAXCJSRDBmZ96A9rJFrzZ-xW7DVEFI_AgVHRWSX9sO5nDibKKbKi-BF9mWWUURbWIcLuQQpXv3jmH76ORyHJ79pXw7GkdaS9bCYYRYet7z17fSA12p1VF2gkz0ICvHtM8cFFRaccO8JXB8jnlmjoov2DGjGXfbHBtuUqo4HDjxzXtDJO3lLLPuSY_gG3UDzxqtZwkrDp8aTVR9ep2xwlewtiXjUKPLLDBahQ3DZh1VVinHF33D-K2LP20iSXrwbpYQgwgrQRzq8flhJeNjwwpddI2MEhdgcC3qKnieg3m3rhraknClL4QOg579i6lhQ9Nqe-VE6vz3vQxz83zRdzdGKDVjC6DwrHniRYzMQboEHH11TO7LxfP3wfV2rJtd8V5GyfAtd1LGsLEYH3rEd1MGoZEALbxbKPZoIyYfFvwEpi5HRp2ZNLBxFRq_fjqiVcWAJM0VmuhO9AnenNta0vYdfb5C9BfX264QUYgwxQUQLzycpheS-wYn3dE6l3xuBBsoSswsi7PPTqqhwauqyQrj8ICt-hBkrepYXkbRGyUrXU1AtQvxVo9AdhYRRpvpi0Ljy8BF_l_CLAKIYDUrWwQm6kxCxltLZXixqz_gcxDD23NhBw7kkzDCCsZyGfaHjyJYs3xaPo9HQF2_R0LsUkXv8tUQrqU5KGXjUtUnvd8UMClLG1CabTYtPwEUnD-gXb2TZ6iTt3wfTVl-oYcnPwgxQLTlLv9hjRCnGv8pZsalz0NNYeFwNSAc92gp2FVJS5bI_tlc98wf6h2nrfwkaQGLRIvdxEPQJZT8S19cSMNrNMKOfbWaKCjT8lhlbRhluMSo2P4gVK_ubBN_e2sllkp_9dYacTx9zF4AfJ3ExQPdiu1BLXFuS63r7acfG8_E1uw7oJdo4dKbCFEtJtFYjK-8OiiXBTcGQyBB4VvN7915-TMXJlBoHcNY6BNhIDi-rSRF9uZ0vjA8pqbwh3XeSTfA7iujFvyqzLfjiKZXCeZeBiC3V5DCAEU-zSSBTkpNgzrmhJPnxzjjLeB3I-ZTPw6rkzVufvhgLAw9v1n8AdlczTrlyE_vs3koVBj5uqpVLZY6CORPjiTTvbouaCeO4scGZC1kqTn5_PmY5SnARJrUwTT6fOxYofLZECTh4w3f2QdBxFsA3R_R32EyxaRyYlr2p14E&cid=CAQSPADUE5ymhpU1v_ENhhV0SWBCy2xcHTC6xxoUCsKyr8L3HuVIYORQCpwVZhxx0fGmHO4RVc1Ak9FWNDGODxgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.letrasboom.com%2F&ds=l&xdt=1&iif=1&cor=3918056682965084700&adk=3690638929&idt=90&cac=0&dtd=9

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/html/r20230213/r20110914/zrt_lookup.html?fsb=1

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
157.240.247.8:443

connect.facebook.net

tls

chrome.exe

3.0kB
95.4kB
43
75
216.58.208.98:443

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=314466341267225&correlator=2044187490518723&eid=31071362%2C31072020&output=ldjh&gdfp_req=1&vrg=2023021301&ptt=17&impl=fif&iu_parts=121764058%3A21820527814%2Cletrasboom.com%2Cletrasboom.com_o3b_display_SF_o3b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&ifi=4&adks=983911378&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1676538971208&lmt=1676538971&dlt=1676538965922&idt=5060&adxs=282&adys=561&biw=1263&bih=561&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&bc=31&nvt=1&url=https%3A%2F%2Fwww.letrasboom.com%2F&frm=20&vis=1&psz=0x-1&msz=700x-1&fws=644&ohw=1263&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=true

tls, http2

chrome.exe

5.8kB
183.7kB
87
144

HTTP Request

GET https://securepubads.g.doubleclick.net/tag/js/gpt.js

HTTP Request

GET https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021301.js

HTTP Request

GET https://securepubads.g.doubleclick.net/gampad/ads?pvsid=314466341267225&correlator=2044187490518723&eid=31071362%2C31072020&output=ldjh&gdfp_req=1&vrg=2023021301&ptt=17&impl=fif&iu_parts=121764058%3A21820527814%2Cletrasboom.com%2Cletrasboom.com_o3b_display_SF_o3b&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&ifi=4&adks=983911378&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1676538971208&lmt=1676538971&dlt=1676538965922&idt=5060&adxs=282&adys=561&biw=1263&bih=561&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=4&bc=31&nvt=1&url=https%3A%2F%2Fwww.letrasboom.com%2F&frm=20&vis=1&psz=0x-1&msz=700x-1&fws=644&ohw=1263&ga_vid=924694017.1676538969&ga_sid=1676538969&ga_hid=2018624219&ga_fc=true
104.16.86.20:443

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230216

tls, http2

chrome.exe

1.6kB
4.7kB
12
11

HTTP Request

GET https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230216

HTTP Response

200
8.8.8.8:443

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

tls, http2

chrome.exe

1.5kB
6.9kB
13
14

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
8.8.8.8:443

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXd3dzE0DXNtYXJ0YWRzZXJ2ZXIDY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

tls, http2

chrome.exe

40.8kB
98.6kB
381
533

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2FwaQtkYWlseW1vdGlvbgNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCWFkc2VydmljZQZnb29nbGUDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABDHNlY3VyZXB1YmFkcwFnC2RvdWJsZWNsaWNrA25ldAAAAQABAAApEAAAAAAAAEUADABBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABC3N0YXRpYy1mZWVkBnZpZGVvbwJ0dgAAAQABAAApEAAAAAAAAE4ADABKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3NzcAJ3cAJwbAAAAQABAAApEAAAAAAAAFoADABWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAWMGdmlkZW9vAnR2AAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABB3BhcnRuZXIQZ29vZ2xlYWRzZXJ2aWNlcwNjb20AAAEAAQAAKRAAAAAAAABHAAwAQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAzF4MQRhLW1vA25ldAAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnN0YXRpYwZjcml0ZW8DbmV0AAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBTIwMTMzBGxpdmUOc3RyZWFtdGhld29ybGQDY29tAAABAAEAACkQAAAAAAAARgAMAEIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXN0YXRzAWcLZG91YmxlY2xpY2sDbmV0AAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3RwYxFnb29nbGVzeW5kaWNhdGlvbgNjb20AAAEAAQAAKRAAAAAAAABKAAwARgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABIDVjM2Q4ZmRiZmI1ZjdjOWI4ZmI5ZTZiNDkxYmU5NTgzCXNhZmVmcmFtZRFnb29nbGVzeW5kaWNhdGlvbgNjb20AAAEAAQAAKRAAAAAAAAAjAAwAHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnN0YXRpYwtkb3VibGVjbGljawNuZXQAAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBmpubi1wYQpnb29nbGVhcGlzA2NvbQAAAQABAAApEAAAAAAAAE4ADABKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2d1bQZjcml0ZW8DY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwZnb29nbGUDY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dxFnb29nbGV0YWdzZXJ2aWNlcwNjb20AAAEAAQAAKRAAAAAAAABKAAwARgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmNtAWcLZG91YmxlY2xpY2sDbmV0AAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCGRzdW0tc2VjC2Nhc2FsZW1lZGlhA2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmliBWFkbnhzA2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBW1hdGNoBmFkc3J2cgNvcmcAAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2FkcwhwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHN5bmMKcXVhbnR1bWRleAJpbwAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAnMwBDJtZG4DbmV0AAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBmltYWdlNghwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCHNzdW0tc2VjC2Nhc2FsZW1lZGlhA2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCm9uZXRhZy1zeXMDY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABDXNlY3VyZS1hc3NldHMOcnViaWNvbnByb2plY3QDY29tAAABAAEAACkQAAAAAAAAQwAMAD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCXVzZXJtYXRjaAl0YXJnZXRpbmcLdW5ydWx5bWVkaWEDY29tAAABAAEAACkQAAAAAAAAQAAMADwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2Fkcw5iZXR3ZWVuZGlnaXRhbANjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBW1hdGNoDHNoYXJldGhyb3VnaANjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3VwcwlhbmFseXRpY3MFeWFob28DY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCGlkNS1zeW5jA2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAXMCYWQGc21hYXRvA25ldAAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmFwBWxpaml0A2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3NzcAZkaXNxdXMDY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2hieAVtZWRpYQNuZXQAAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2NtcwpxdWFudHNlcnZlA2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAWEMdHJpYmFsZnVzaW9uA2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXByLWJoA3licAV5YWhvbwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmMxBmFkZm9ybQNuZXQAAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmNzEWNob2NvbGF0ZXBsYXRmb3JtA2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnNlY3VyZQVhZG54cwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3NzbAdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCmdvb2dsZWFkczQBZwtkb3VibGVjbGljawNuZXQAAAEAAQAAKRAAAAAAAABHAAwAQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHN5bmMHbWF0aHRhZwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2Q1cAVkZTE3YQNjb20AAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2RpcwZjcml0ZW8DY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBmFheC1ldQ9hbWF6b24tYWRzeXN0ZW0DY29tAAABAAEAACkQAAAAAAAASQAMAEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2RzcAdhZGZhcm0xB2FkaXRpb24DY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHN5bmMDc3J2CnN0YWNrYWRhcHQDY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBW1hdGNoBHByb2QEYmlkcgJpbwAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABB3N5bmMtdG0LZXZlcmVzdHRlY2gDbmV0AAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXBpeGVsCm9uYXVkaWVuY2UDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABB3Zpc2l0b3IGZmlmdHl0A2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAnVtBnNpbXBsaQJmaQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAXgJYmlkc3dpdGNoA25ldAAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABDnB1Ym1hdGljLW1hdGNoBmRvdG9taQNjb20AAAEAAQAAKRAAAAAAAABKAAwARgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCnBpeGVsLXN5bmMJc2l0ZXNjb3V0A2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBWZvbnRzB2dzdGF0aWMDY29tAAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABB3NpbWFnZTIIcHVibWF0aWMDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2V1cw5ydWJpY29ucHJvamVjdANjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBndpZGdldAJhcwZjcml0ZW8DY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAXMMdHJpYmFsZnVzaW9uA2NvbQAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBGNvZGUIY3JlYXRlanMDY29tAAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBmltYWdlMghwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3N0ZAV3cGNkbgJwbAAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmNzBmlxem9uZQNjb20AAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3NwbAZ6ZW90YXADY29tAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCXJ0Yi1jc3luYw1zbWFydGFkc2VydmVyA2NvbQAAAQABAAApEAAAAAAAAEgADABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAXMPYW1hem9uLWFkc3lzdGVtA2NvbQAAAQABAAApEAAAAAAAAE4ADABKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAWQGYWRyb2xsA2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABFHNvbmF0YS1ub3RpZmljYXRpb25zDnRhcHRhcG5ldHdvcmtzA2NvbQAAAQABAAApEAAAAAAAADwADAA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBmltYWdlNAhwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2F1ZAhwdWJtYXRpYwNjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmJoCmNvbnRleHR3ZWIDY29tAAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXRva2VuDnJ1Ymljb25wcm9qZWN0A2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABB3NpbWFnZTQIcHVibWF0aWMDY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBm13emVvbQZ6ZW90YXADY29tAAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBWNzeW5jBmxvb3BtZQJtZQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBGNvcmUFaXByb20DbmV0AAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHN5bmMDMXJ4AmlvAAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCG1hdGNoaW5nB3RydWZmbGUDYmlkAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBGlwYWMHY3Ruc25ldANjb20AAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABDXBpeGVsLXVzLWVhc3QOcnViaWNvbnByb2plY3QDY29tAAABAAEAACkQAAAAAAAAQwAMAD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBWdyZWVuBGVybmUCY28AAAEAAQAAKRAAAAAAAABWAAwAUgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABB3VpcGdsb2IHc2VtYXNpbwNuZXQAAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAWEGYXVkcnRlA2NvbQAAAQABAAApEAAAAAAAAFcADABTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmNyCGZyb250ZW5kCHdlYm9yYW1hAmZyAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAmFkBHR1cm4DY29tAAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBW1hdGNoBWFkc2J5CmJpZHRoZWF0cmUDY29tAAABAAEAACkQAAAAAAAASQAMAEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2FkcwpwbGF5Z3JvdW5kA3h5egAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCHBpeGVsLWV1Cm9uYXVkaWVuY2UDY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXBpeGVsDnJ1Ymljb25wcm9qZWN0A2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAnB4A2FkcwhsaW5rZWRpbgNjb20AAAEAAQAAKRAAAAAAAABQAAwATAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXVpcHVzB3NlbWFzaW8DbmV0AAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHN5bmMJY3J3ZGNudHJsA25ldAAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnNzLXBicwpxdWFudHVtZGV4AmlvAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHN5bmMJdGFyZ2V0aW5nC3VucnVseW1lZGlhA2NvbQAAAQABAAApEAAAAAAAAEUADABBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABAXQGdmlkZW9vAnR2AAABAAEAACkQAAAAAAAAWAAMAFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHZhc3QIc3VubWVkaWECdHYAAAEAAQAAKRAAAAAAAABTAAwATwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnN0YXRpYwhzdW5tZWRpYQJ0dgAAAQABAAApEAAAAAAAAFEADABNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCHNlcnZpY2VzCHN1bm1lZGlhAnR2AAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABDmVzLXN1bmljb250ZW50CnZpZGVvcGxhemECdHYAAAEAAQAAKRAAAAAAAABHAAwAQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXRyYWNrCHN1bm1lZGlhAnR2AAABAAEAACkQAAAAAAAAUgAMAE4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA2FkZRFnb29nbGVzeW5kaWNhdGlvbgNjb20AAAEAAQAAKRAAAAAAAABKAAwARgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBHd3dzgNc21hcnRhZHNlcnZlcgNjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCWNyZWF0aXZlcwZzYXNjZG4DY29tAAABAAEAACkQAAAAAAAATwAMAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnd3Mjk1MQ1zbWFydGFkc2VydmVyA2NvbQAAAQABAAApEAAAAAAAAEsADABHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnNlYXJjaAtzcG90eGNoYW5nZQNjb20AAAEAAQAAKRAAAAAAAABNAAwASQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBXd3dzE0DXNtYXJ0YWRzZXJ2ZXIDY29tAAABAAEAACkQAAAAAAAATAAMAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
185.184.8.90:443

https://prebid-eu.creativecdn.com/bidder/prebid/bids

tls, http2

chrome.exe

2.2kB
6.0kB
12
13

HTTP Request

POST https://prebid-eu.creativecdn.com/bidder/prebid/bids

HTTP Response

204
185.64.189.112:443

hbopenbid.pubmatic.com

tls

chrome.exe

2.7kB
5.3kB
13
16
37.157.6.233:443

adx.adform.net

tls

chrome.exe

2.4kB
6.1kB
13
12
104.22.37.96:443

https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=&f=&uid=LE6TVK0W-1D-GVS3

tls, http2

chrome.exe

4.7kB
7.7kB
34
45

HTTP Request

POST https://useast.quantumdex.io/auction/pbjs

HTTP Response

204

HTTP Request

GET https://sync.quantumdex.io/usersync/pbjs

HTTP Response

200

HTTP Request

GET https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

HTTP Request

GET https://sync.quantumdex.io/setuid?bidder=smaato&uid=dd5e0fca

HTTP Request

GET https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=481445b5-026b-438d-8979-31c73dd24cca

HTTP Request

GET https://sync.quantumdex.io/setuid?bidder=between&uid=c4facd13-fa64-522f-884f-0690eba2e0de

HTTP Request

GET https://sync.quantumdex.io/setuid?bidder=sovrn&uid=GKkwsLZHbGXWDkqKTAKQ75GR

HTTP Request

GET https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-YaRZyfFE2uHP9bnHxvTtHLEHBtYpe_hSV2zA.90-~A

HTTP Request

GET https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-d75cwl_EIS4BtmlWQ-ItZFlWDpifj4pGtm5vClEy3w

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://sync.quantumdex.io/setuid?bidder=ix&uid=Y-3mTaZpbrcFP0dlQKNcNQAABIkAAAAB

HTTP Response

200

HTTP Request

GET https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B

HTTP Response

200

HTTP Request

GET https://sync.quantumdex.io/setuid?bidder=rubicon&uid=LE6TVK0W-1D-GVS3

HTTP Response

302

HTTP Request

GET https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=&f=&uid=LE6TVK0W-1D-GVS3

HTTP Response

200
178.250.1.8:443

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=14483891437&lsavail=0

tls, http2

chrome.exe

2.1kB
4.5kB
13
15

HTTP Request

POST https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.17.0&cb=14483891437&lsavail=0

HTTP Response

204
212.77.99.29:443

https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=13298436275084868000&sn=undefined

tls, http2

chrome.exe

2.9kB
6.1kB
15
16

HTTP Request

POST https://ssp.wp.pl/bidder/?bdver=5.7&pbver=7.17.0&inver=0

HTTP Request

GET https://ssp.wp.pl/bidder/usersync?tcf=2&pvid=13298436275084868000&sn=undefined
145.40.89.200:443

https://prebid.a-mo.net/a/c

tls, http2

chrome.exe

2.4kB
5.9kB
11
13

HTTP Request

POST https://prebid.a-mo.net/a/c

HTTP Response

204
185.106.140.18:443

https://rtb.adxpremium.services/openrtb2/auction

tls, http

chrome.exe

2.3kB
7.4kB
10
13

HTTP Request

POST https://rtb.adxpremium.services/openrtb2/auction

HTTP Response

400
144.76.196.237:443

t.videoo.tv

tls

chrome.exe

5.6kB
6.5kB
15
14
35.244.47.206:443

https://api.dailymotion.com/playlist/x6fc42/videos?fields=id&page=1&limit=100

tls, http

chrome.exe

1.4kB
5.3kB
8
9

HTTP Request

GET https://api.dailymotion.com/playlist/x6fc42/videos?fields=id&page=1&limit=100

HTTP Response

200
35.244.47.206:443

api.dailymotion.com

tls

chrome.exe

805 B
3.7kB
5
6
88.221.25.169:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

chrome.exe

324 B
1.6kB
4
4

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
212.77.99.29:443

https://ssp.wp.pl/bidder/notify

tls, http2

chrome.exe

2.0kB
5.6kB
14
13

HTTP Request

OPTIONS https://ssp.wp.pl/bidder/notify

HTTP Request

POST https://ssp.wp.pl/bidder/notify
208.92.53.98:443

https://20133.live.streamtheworld.com/LOS40_SC

tls, http

chrome.exe

1.6kB
7.3kB
12
14

HTTP Request

GET https://20133.live.streamtheworld.com/LOS40_SC

HTTP Response

403
178.250.1.3:443

https://static.criteo.net/js/ld/publishertag.prebid.123.js

tls, http2

chrome.exe

2.3kB
34.1kB
30
33

HTTP Request

GET https://static.criteo.net/js/ld/publishertag.prebid.123.js

HTTP Response

200
216.58.208.98:443

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.letrasboom.com

tls, http2

chrome.exe

1.6kB
6.5kB
12
15

HTTP Request

GET https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.letrasboom.com
34.224.52.67:443

1x1.a-mo.net

tls

chrome.exe

1.7kB
6.4kB
12
14
104.22.74.85:443

https://static-feed.videoo.tv/recirculation_b07559121e9d14312fc97f12ac8f4551b04a17099bd8725c53bd2d3b8133a4ae.json

tls, http2

chrome.exe

1.6kB
8.0kB
13
15

HTTP Request

GET https://static-feed.videoo.tv/recirculation_b07559121e9d14312fc97f12ac8f4551b04a17099bd8725c53bd2d3b8133a4ae.json

HTTP Response

200
144.76.196.237:443

c.videoo.tv

tls

chrome.exe

1.9kB
144 B
8
3
142.251.36.2:443

https://partner.googleadservices.com/gampad/cookie.js?domain=www.letrasboom.com&callback=_gfp_s_&client=ca-pub-8529738176339949

tls, http2

chrome.exe

1.6kB
6.5kB
12
15

HTTP Request

GET https://partner.googleadservices.com/gampad/cookie.js?domain=www.letrasboom.com&callback=_gfp_s_&client=ca-pub-8529738176339949
142.250.102.157:443

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-126554797-1&cid=924694017.1676538969&jid=1535941918&gjid=196570008&_gid=335613043.1676538969&_u=YADAAUAAAAAAACAAI~&z=1920142404

tls, http2

chrome.exe

1.7kB
6.2kB
13
14

HTTP Request

POST https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-126554797-1&cid=924694017.1676538969&jid=1535941918&gjid=196570008&_gid=335613043.1676538969&_u=YADAAUAAAAAAACAAI~&z=1920142404
142.251.36.1:443

https://tpc.googlesyndication.com/generate_204?bX3jDA

tls, http2

chrome.exe

5.4kB
84.8kB
64
95

HTTP Request

GET https://tpc.googlesyndication.com/sodar/sodar2.js

HTTP Request

GET https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

HTTP Request

GET https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

HTTP Request

GET https://tpc.googlesyndication.com/sodar/Enqz_20U.html

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/interstitial_ad_frame_fy2021.js

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/load_preloaded_resource_fy2021.js

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite_fy2021.js

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js

HTTP Request

GET https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

HTTP Request

GET https://tpc.googlesyndication.com/generate_204?bX3jDA
144.76.196.237:443

c.videoo.tv

tls

chrome.exe

759 B
92 B
5
2
142.250.179.161:443

https://5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

tls, http2

chrome.exe

1.7kB
9.0kB
13
15

HTTP Request

GET https://5c3d8fdbfb5f7c9b8fb9e6b491be9583.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.251.36.6:443

https://static.doubleclick.net/instream/ad_status.js

tls, http2

chrome.exe

1.6kB
6.2kB
11
11

HTTP Request

GET https://static.doubleclick.net/instream/ad_status.js
142.250.179.202:443

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

tls, http2

chrome.exe

4.3kB
40.7kB
35
53

HTTP Request

OPTIONS https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

HTTP Request

POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

HTTP Request

OPTIONS https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

HTTP Request

POST https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
178.250.1.3:443

https://static.criteo.net/js/ld/publishertag.prebid.js

tls, http2

chrome.exe

2.3kB
34.8kB
29
32

HTTP Request

GET https://static.criteo.net/js/ld/publishertag.prebid.js

HTTP Response

200
178.250.2.146:443

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.letrasboom.com%2F&domain=www.letrasboom.com&cw=1&pbt=1&lsw=1

tls, http2

chrome.exe

2.5kB
11.9kB
21
20

HTTP Request

GET https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.letrasboom.com

HTTP Response

200

HTTP Request

GET https://gum.criteo.com/sid/json?origin=publishertag&domain=letrasboom.com&sn=ChromeSyncframe&so=0&topUrl=www.letrasboom.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

HTTP Response

200

HTTP Request

GET https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.letrasboom.com%2F&domain=www.letrasboom.com&cw=1&pbt=1&lsw=1

HTTP Response

200
142.251.36.2:443

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

tls, http2

chrome.exe

3.5kB
110.2kB
51
90

HTTP Request

GET https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

HTTP Request

GET https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
185.80.39.216:443

https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1

tls, http

chrome.exe

3.2kB
9.5kB
16
16

HTTP Request

GET https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D

HTTP Response

302

HTTP Request

GET https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

HTTP Response

302

HTTP Request

GET https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1

HTTP Response

302
37.252.171.53:443

ib.adnxs.com

tls

chrome.exe

3.2kB
7.0kB
15
16
142.250.179.194:443

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTFjODNiMDNkNWYzYzE5MWRlNjNkZGVmMDc1Njc0MmFlZGFmMGI0ZA

tls, http2

chrome.exe

7.9kB
17.6kB
78
108

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY3NzE1MDY3MDc0MzI1MDk4Ng%3D%3D

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.3mTaZpbrcFP0dlQKNcNAAA

HTTP Request

GET https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lrg58qCMhnPILba1g-2HiUEAXZbVDw5fKyCjHcs9viazH7WCLXe2j2r5yfXHB4IgIIBTaUK6Q

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=fPVB97snT9aZpTcD1MqBiw%3D%3D&gdpr=0&gdpr_consent=

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0NGNTQxRjctQkIyNy00RkQ2LTk5QTUtMzcwM0Q0Q0E4MThC&gdpr=0&gdpr_consent=

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=NTY3NzE1MDY3MDc0MzI1MDk4Ng%3D%3D&google_push=Aa02lx8nb4RCc1VMZ-InjSh9XAbwZrzzfitzpBas-GZQJrc9pazrEWYYawK4DySB578MRBJXt_qZbz2S75f4331t5Ff_twcXSB4O3A

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx86eevMnxQoqcS_cpIyJhUcqoJPzFlShf8ljqQ_fgt1YiLV_9hf8nTDQR8gd7PGWKVM6SwFWqLJQ4aV3XufJIqpGlsVr4h4&google_hm=eS0weEtpZTlORTJwSGw0dkdkUjhYWWhQY1hJOElfdmxoYn5B

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjgyODM4NDI4NDQzMDE4MzAyNw&google_push=Aa02lx_CiyijVCLwU2nA43sVXtpzYll7bC3JW5Zk9qLlXMWeNp4nfod-h6rrE2Fy7HTjf01tcDrO97A-uL2dNVCZV3DAiflViRlq

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1OaWlYZzdaRTJ1SGlRZm5sU0dtdmZGUG16alFLbndtbn5B&google_push=Aa02lx_3B0pEkiXr3WZv0E_Dsv6g_1UHSA307V9zUSEmgPM0vBZSMhwU0yxQQpEiWEjgWYygh6njaK45-bSBmthgX-Qy4BVOrEZaeA

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWXVFN0gyODBBQUNBRFhoX29zdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y-3mTaZpbrcFP0dlQKNcNQAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y.3mTaZpbrcFP0dlQKNcNQAA

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3bd2438-86d4-4ee4-5dc0-45c9e3f9fe7d&reqId=72051f62-78b7-47dd-669f-5ee3a2d88bd0&zcluid=bb97073075a6d23c&zdid=1332

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEU2VFZLMFctMUQtR1ZTMw==

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTFjODNiMDNkNWYzYzE5MWRlNjNkZGVmMDc1Njc0MmFlZGFmMGI0ZA
142.250.179.194:443

cm.g.doubleclick.net

tls, https

chrome.exe

989 B
5.5kB
9
8
178.250.2.146:443

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.letrasboom.com%2F&domain=www.letrasboom.com&cw=1&pbt=1&lsw=1

tls, http2

chrome.exe

1.7kB
4.6kB
12
13

HTTP Request

OPTIONS https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.letrasboom.com%2F&domain=www.letrasboom.com&cw=1&pbt=1&lsw=1

HTTP Response

200
185.80.39.216:443

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

tls, http

chrome.exe

2.6kB
8.3kB
16
16

HTTP Request

GET https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15&C=1

HTTP Response

200

HTTP Request

GET https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=15

HTTP Response

200
185.80.39.216:443

dsum-sec.casalemedia.com

tls

chrome.exe

1.2kB
6.9kB
10
13
52.223.40.198:443

match.adsrvr.org

tls

chrome.exe

2.7kB
8.7kB
20
20
173.223.112.191:443

ads.pubmatic.com

tls

chrome.exe

3.6kB
23.8kB
26
35
185.80.39.216:443

dsum-sec.casalemedia.com

tls

chrome.exe

1.1kB
6.9kB
10
13
142.250.179.134:443

s0.2mdn.net

tls, https

chrome.exe

2.2kB
45.9kB
25
40
185.64.189.115:443

image6.pubmatic.com

tls

chrome.exe

3.2kB
12.8kB
17
23
142.250.179.134:443

https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/sh.png?1676026655836

tls, http2

chrome.exe

6.3kB
108.4kB
79
124

HTTP Request

GET https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.html

HTTP Request

GET https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

HTTP Request

GET https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/leaderboard.js?1676026655841

HTTP Request

GET https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/bg.png?1676026655836

HTTP Request

GET https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/cta.png?1676026655836

HTTP Request

GET https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/fixed.png?1676026655836

HTTP Request

GET https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/h.png?1676026655836

HTTP Request

GET https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/l1.png?1676026655836

HTTP Request

GET https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/l2.png?1676026655836

HTTP Request

GET https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/pessoas.png?1676026655836

HTTP Request

GET https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/preco.png?1676026655836

HTTP Request

GET https://s0.2mdn.net/sadbundle/11916972404551150278/leaderboard/images/sh.png?1676026655836
23.2.211.147:443

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east

tls, http2

chrome.exe

1.7kB
5.5kB
12
15

HTTP Request

GET https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east

HTTP Response

301
51.89.9.251:443

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

tls, http2

chrome.exe

1.6kB
4.6kB
11
9

HTTP Request

GET https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

HTTP Response

200
104.18.25.185:443

https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

tls, http2

chrome.exe

1.6kB
4.3kB
10
10

HTTP Request

GET https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

HTTP Response

200
188.42.196.115:443

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1

tls, http2

chrome.exe

2.0kB
7.8kB
14
14

HTTP Request

GET https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D

HTTP Response

302

HTTP Request

GET https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1

HTTP Response

302
18.156.0.31:443

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y-3mTaZpbrcFP0dlQKNcNQAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=

tls, http2

chrome.exe

3.0kB
9.3kB
22
18

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58424/occ

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_push=Aa02lx_3B0pEkiXr3WZv0E_Dsv6g_1UHSA307V9zUSEmgPM0vBZSMhwU0yxQQpEiWEjgWYygh6njaK45-bSBmthgX-Qy4BVOrEZaeA

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&redir=true&gdpr=0&gdpr_consent=

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_push=Aa02lx_3B0pEkiXr3WZv0E_Dsv6g_1UHSA307V9zUSEmgPM0vBZSMhwU0yxQQpEiWEjgWYygh6njaK45-bSBmthgX-Qy4BVOrEZaeA&verify=true

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58424/occ?verify=true

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&redir=true&gdpr=0&gdpr_consent=&verify=true

HTTP Request

GET https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y-3mTaZpbrcFP0dlQKNcNQAABIkAAAAB&gdpr_consent=&us_privacy=&gdpr=
18.156.0.31:443

ups.analytics.yahoo.com

tls, https

chrome.exe

1.1kB
6.4kB
11
11
74.118.186.45:443

usermatch.targeting.unrulymedia.com

tls

chrome.exe

2.0kB
6.1kB
16
13
37.157.4.29:443

c1.adform.net

tls

chrome.exe

3.1kB
9.3kB
20
18
37.252.171.85:443

secure.adnxs.com

tls

chrome.exe

2.5kB
5.8kB
11
12
216.52.2.86:443

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true

tls, http

chrome.exe

2.3kB
7.9kB
12
11

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID

HTTP Response

307

HTTP Request

GET https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true

HTTP Response

307
159.203.145.121:443

chrome.exe

156 B
3
54.154.220.209:443

pr-bh.ybp.yahoo.com

tls

chrome.exe

2.4kB
8.7kB
17
18
34.195.125.85:443

ssp.disqus.com

tls

chrome.exe

1.7kB
6.9kB
13
16
216.58.208.99:443

https://ssl.gstatic.com/safebrowsing/csd/client_model_v5_variation_6.pb

tls, http2

chrome.exe

3.3kB
91.9kB
50
72

HTTP Request

GET https://ssl.gstatic.com/safebrowsing/csd/client_model_v5_variation_6.pb
162.19.138.118:443

https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=

tls, http

chrome.exe

2.7kB
7.9kB
18
17

HTTP Request

GET https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

HTTP Response

302

HTTP Request

GET https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=

HTTP Response

302
172.217.168.226:443

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuj75wiRC4kRAJbM3M6KR0oD2-PcwVZZSJWOV_jd6D9SORE-myIpfhCPp_c3Y0f1dHYh38yxc8hvMxaDC-Rsw7MgT3-GTyeYeNhOueJdjp-Ub8dINtLL8phzl3gMJHIZyAJGO6fBb6fKUSfMuHfSLVo5-HweKUxhCjfml4tnfxBYXMZPW7fdC1YDgG6bu0piNXs7v3SmwEx3e9Ox-NVCwKOKN7dmBF3bcA7yT9fXucU-8AFw4Oa7kuG4kyCfYO8X91LNuBN2asTo8yFcs97kd8fcLpCE3S9_Gqd0LjUnnKAjid2B3vfME6j5-D47Huzxkg-5mHKfi9A9PELYRE8kVbod1Km1M9yHOTfE13sJEOsiql_KhF-XcUlLyRjUyyUGOtKUhzvuWjw7KbifmmxuuTb4H2Il8u3azNe9Y8p1r5iCNqItjaF3aEtOZ2ZsDI_EMjmj6G6ZiypahYE8pkmJMPZL68YIOCALTpuwQfrtz1TG1-DRc5tuZF7YcXp6qgHwkUoTJLpyaIUURFrKidy9gqA7tFoTuJPLY6-l1JTwYDAvhcCPtzPQ-8krAlnI5MQIAw9w5J_4u9ai2FAXCxzztCzMAOvcVfmZlSpCgCSKNhZMLu8oQ95AFC1qho74_9jqopeR6umJN23jxo_wUi4c1HE7iDbI9fu3UNkmp9g3SzfW1vtCLEtO93tqTBVoqNxgn3GVfaQzX1P6-e8zJn0NjF6eF-cbHuDLVNncGLXIo7QBeSUO2FmyS9xIYC2H1abxj5ecVF23LSVbMlafkmK39rrdmD5zJ47AVYR6hNDvz9Pjm58Ef96ZDHhYiwiWvFhRDgaisdWUtrQ9EVPpLj8JqLjnZ8InmA2Ea1Dq-rNMPt92RGtCmai6GuwSgk-oyNVLTPNo9p-NU0q5vc-2ibVjBpvUG3jBEiJoGLJOapr1u_GMwCODscNH5db_mvRk5JONYmDoLo2OlW3FcQoc3CvivdJrvmcnnR7NIGrZwivni47jv90QSBKABKrcDTpiqDZSzkBTb670r9DPTx37ukp8ap3bE1aeO8rr8i1CRw3cePU_5A2Y90WMFhoA4icFnlWj8c5oU5OzcXRYQZA6lJuphea88ajZ40fVxMNU2z9YceR8o9wIzTkvD--bGlEgx9Wt0we4NrliJ0RAt1JP22aanyOnkHFPzmTgUT-u8SLic51SJ8Hds9ZKIXgp4Smz6EEOtxf76dpOJdcBWbOeCUXof6WcfoOH62hABYFgoiZJA&sai=AMfl-YR6U6cCzb5SFeRvk4DGyInaLHYQN4nFYYnfewiUi4ww7kX9_Kq3lWLGlLsVrmHvtfOpBeKCudHkiCBKbyoAjY_xG6ptd-Rn1hMABVsBx5dgRvi2dyWjvHvUkbFYAymKMFZQQ9RDEwR1mVOUa0IzurGGPp0j-sRA0pRdAHk0p6wKxlsyMaByQlhfLeubPhzb-qWQEdcXqCFHfK7mfRqBTzaWaW3lX99XUoyvyuvkcjLTtm6Boa7OJbI8rXftuAmtLmnyrx8&sig=Cg0ArKJSzFWFCbCD-8VjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1990&vt=11&dtpt=1484&dett=3&cstd=496&cisv=r20230213.69408&arae=0&ftch=1&adurl=

tls, http2

chrome.exe

6.2kB
7.1kB
17
21

HTTP Request

GET https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuj75wiRC4kRAJbM3M6KR0oD2-PcwVZZSJWOV_jd6D9SORE-myIpfhCPp_c3Y0f1dHYh38yxc8hvMxaDC-Rsw7MgT3-GTyeYeNhOueJdjp-Ub8dINtLL8phzl3gMJHIZyAJGO6fBb6fKUSfMuHfSLVo5-HweKUxhCjfml4tnfxBYXMZPW7fdC1YDgG6bu0piNXs7v3SmwEx3e9Ox-NVCwKOKN7dmBF3bcA7yT9fXucU-8AFw4Oa7kuG4kyCfYO8X91LNuBN2asTo8yFcs97kd8fcLpCE3S9_Gqd0LjUnnKAjid2B3vfME6j5-D47Huzxkg-5mHKfi9A9PELYRE8kVbod1Km1M9yHOTfE13sJEOsiql_KhF-XcUlLyRjUyyUGOtKUhzvuWjw7KbifmmxuuTb4H2Il8u3azNe9Y8p1r5iCNqItjaF3aEtOZ2ZsDI_EMjmj6G6ZiypahYE8pkmJMPZL68YIOCALTpuwQfrtz1TG1-DRc5tuZF7YcXp6qgHwkUoTJLpyaIUURFrKidy9gqA7tFoTuJPLY6-l1JTwYDAvhcCPtzPQ-8krAlnI5MQIAw9w5J_4u9ai2FAXCxzztCzMAOvcVfmZlSpCgCSKNhZMLu8oQ95AFC1qho74_9jqopeR6umJN23jxo_wUi4c1HE7iDbI9fu3UNkmp9g3SzfW1vtCLEtO93tqTBVoqNxgn3GVfaQzX1P6-e8zJn0NjF6eF-cbHuDLVNncGLXIo7QBeSUO2FmyS9xIYC2H1abxj5ecVF23LSVbMlafkmK39rrdmD5zJ47AVYR6hNDvz9Pjm58Ef96ZDHhYiwiWvFhRDgaisdWUtrQ9EVPpLj8JqLjnZ8InmA2Ea1Dq-rNMPt92RGtCmai6GuwSgk-oyNVLTPNo9p-NU0q5vc-2ibVjBpvUG3jBEiJoGLJOapr1u_GMwCODscNH5db_mvRk5JONYmDoLo2OlW3FcQoc3CvivdJrvmcnnR7NIGrZwivni47jv90QSBKABKrcDTpiqDZSzkBTb670r9DPTx37ukp8ap3bE1aeO8rr8i1CRw3cePU_5A2Y90WMFhoA4icFnlWj8c5oU5OzcXRYQZA6lJuphea88ajZ40fVxMNU2z9YceR8o9wIzTkvD--bGlEgx9Wt0we4NrliJ0RAt1JP22aanyOnkHFPzmTgUT-u8SLic51SJ8Hds9ZKIXgp4Smz6EEOtxf76dpOJdcBWbOeCUXof6WcfoOH62hABYFgoiZJA&sai=AMfl-YR6U6cCzb5SFeRvk4DGyInaLHYQN4nFYYnfewiUi4ww7kX9_Kq3lWLGlLsVrmHvtfOpBeKCudHkiCBKbyoAjY_xG6ptd-Rn1hMABVsBx5dgRvi2dyWjvHvUkbFYAymKMFZQQ9RDEwR1mVOUa0IzurGGPp0j-sRA0pRdAHk0p6wKxlsyMaByQlhfLeubPhzb-qWQEdcXqCFHfK7mfRqBTzaWaW3lX99XUoyvyuvkcjLTtm6Boa7OJbI8rXftuAmtLmnyrx8&sig=Cg0ArKJSzFWFCbCD-8VjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=506&cbvp=1&cstd=496&cisv=r20230213.69408&arae=0&ftch=1&adurl=

HTTP Request

GET https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuj75wiRC4kRAJbM3M6KR0oD2-PcwVZZSJWOV_jd6D9SORE-myIpfhCPp_c3Y0f1dHYh38yxc8hvMxaDC-Rsw7MgT3-GTyeYeNhOueJdjp-Ub8dINtLL8phzl3gMJHIZyAJGO6fBb6fKUSfMuHfSLVo5-HweKUxhCjfml4tnfxBYXMZPW7fdC1YDgG6bu0piNXs7v3SmwEx3e9Ox-NVCwKOKN7dmBF3bcA7yT9fXucU-8AFw4Oa7kuG4kyCfYO8X91LNuBN2asTo8yFcs97kd8fcLpCE3S9_Gqd0LjUnnKAjid2B3vfME6j5-D47Huzxkg-5mHKfi9A9PELYRE8kVbod1Km1M9yHOTfE13sJEOsiql_KhF-XcUlLyRjUyyUGOtKUhzvuWjw7KbifmmxuuTb4H2Il8u3azNe9Y8p1r5iCNqItjaF3aEtOZ2ZsDI_EMjmj6G6ZiypahYE8pkmJMPZL68YIOCALTpuwQfrtz1TG1-DRc5tuZF7YcXp6qgHwkUoTJLpyaIUURFrKidy9gqA7tFoTuJPLY6-l1JTwYDAvhcCPtzPQ-8krAlnI5MQIAw9w5J_4u9ai2FAXCxzztCzMAOvcVfmZlSpCgCSKNhZMLu8oQ95AFC1qho74_9jqopeR6umJN23jxo_wUi4c1HE7iDbI9fu3UNkmp9g3SzfW1vtCLEtO93tqTBVoqNxgn3GVfaQzX1P6-e8zJn0NjF6eF-cbHuDLVNncGLXIo7QBeSUO2FmyS9xIYC2H1abxj5ecVF23LSVbMlafkmK39rrdmD5zJ47AVYR6hNDvz9Pjm58Ef96ZDHhYiwiWvFhRDgaisdWUtrQ9EVPpLj8JqLjnZ8InmA2Ea1Dq-rNMPt92RGtCmai6GuwSgk-oyNVLTPNo9p-NU0q5vc-2ibVjBpvUG3jBEiJoGLJOapr1u_GMwCODscNH5db_mvRk5JONYmDoLo2OlW3FcQoc3CvivdJrvmcnnR7NIGrZwivni47jv90QSBKABKrcDTpiqDZSzkBTb670r9DPTx37ukp8ap3bE1aeO8rr8i1CRw3cePU_5A2Y90WMFhoA4icFnlWj8c5oU5OzcXRYQZA6lJuphea88ajZ40fVxMNU2z9YceR8o9wIzTkvD--bGlEgx9Wt0we4NrliJ0RAt1JP22aanyOnkHFPzmTgUT-u8SLic51SJ8Hds9ZKIXgp4Smz6EEOtxf76dpOJdcBWbOeCUXof6WcfoOH62hABYFgoiZJA&sai=AMfl-YR6U6cCzb5SFeRvk4DGyInaLHYQN4nFYYnfewiUi4ww7kX9_Kq3lWLGlLsVrmHvtfOpBeKCudHkiCBKbyoAjY_xG6ptd-Rn1hMABVsBx5dgRvi2dyWjvHvUkbFYAymKMFZQQ9RDEwR1mVOUa0IzurGGPp0j-sRA0pRdAHk0p6wKxlsyMaByQlhfLeubPhzb-qWQEdcXqCFHfK7mfRqBTzaWaW3lX99XUoyvyuvkcjLTtm6Boa7OJbI8rXftuAmtLmnyrx8&sig=Cg0ArKJSzFWFCbCD-8VjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1990&vt=11&dtpt=1484&dett=3&cstd=496&cisv=r20230213.69408&arae=0&ftch=1&adurl=
184.30.24.22:443

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E

tls, http2

chrome.exe

1.8kB
6.0kB
14
16

HTTP Request

GET https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E

HTTP Response

302
54.255.153.148:443

match.sharethrough.com

tls

chrome.exe

1.7kB
6.4kB
11
10
104.18.24.173:443

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

tls, http2

chrome.exe

2.7kB
5.0kB
14
15

HTTP Request

GET https://a.tribalfusion.com/i.match?p=b6&u=&google_push=Aa02lx8K9HoakswN1lMDwRLy9Z9oIdmIciTomMZmUs24WJjkeUGmtnGo8s4NG-TjpwCGsuN1E0QSOoWSjQLEwhtAY5bGeoc8U-6H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8K9HoakswN1lMDwRLy9Z9oIdmIciTomMZmUs24WJjkeUGmtnGo8s4NG-TjpwCGsuN1E0QSOoWSjQLEwhtAY5bGeoc8U-6H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

HTTP Response

302

HTTP Request

GET https://s.tribalfusion.com/z/i.match?p=b6&u=&google_push=Aa02lx8K9HoakswN1lMDwRLy9Z9oIdmIciTomMZmUs24WJjkeUGmtnGo8s4NG-TjpwCGsuN1E0QSOoWSjQLEwhtAY5bGeoc8U-6H&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx8K9HoakswN1lMDwRLy9Z9oIdmIciTomMZmUs24WJjkeUGmtnGo8s4NG-TjpwCGsuN1E0QSOoWSjQLEwhtAY5bGeoc8U-6H%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

HTTP Response

200

HTTP Request

GET https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

HTTP Response

200
108.156.60.46:443

https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID

tls, http2

chrome.exe

1.6kB
7.4kB
12
15

HTTP Request

GET https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID

HTTP Response

302
103.229.10.180:443

cms.quantserve.com

tls

chrome.exe

885 B
3.7kB
8
6
37.157.4.29:443

c1.adform.net

tls

chrome.exe

931 B
5.1kB
9
7
103.229.10.180:443

cms.quantserve.com

tls

chrome.exe

1.9kB
5.4kB
11
13
37.157.4.29:443

c1.adform.net

tls

chrome.exe

931 B
5.1kB
9
7
52.223.40.198:443

match.adsrvr.org

tls

chrome.exe

1.1kB
3.7kB
9
9
54.154.220.209:443

pr-bh.ybp.yahoo.com

tls

chrome.exe

931 B
5.4kB
9
7
18.156.0.31:443

ups.analytics.yahoo.com

tls

chrome.exe

977 B
5.6kB
10
8
213.155.156.164:443

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

tls, http2

chrome.exe

1.7kB
5.4kB
12
11

HTTP Request

GET https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

HTTP Response

200
54.239.38.253:443

aax-eu.amazon-adsystem.com

tls

chrome.exe

3.9kB
10.2kB
14
15
85.114.159.93:443

dsp.adfarm1.adition.com

tls

chrome.exe

1.6kB
4.4kB
9
9
54.243.11.32:443

sync.srv.stackadapt.com

tls

chrome.exe

2.6kB
7.2kB
13
11
178.250.0.163:443

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

tls, http2

chrome.exe

1.9kB
4.5kB
14
13

HTTP Request

GET https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

HTTP Response

302
185.29.134.244:443

sync.mathtag.com

tls

chrome.exe

1.7kB
4.7kB
7
7
13.114.3.112:443

match.prod.bidr.io

tls

chrome.exe

5.1kB
8.8kB
18
15
151.101.2.49:443

sync-tm.everesttech.net

tls

chrome.exe

2.4kB
7.2kB
15
19
141.94.171.213:443

https://pixel.onaudience.com/?partner=214&mapped=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&gdpr=0&gdpr_consent=

tls, http

chrome.exe

1.6kB
6.9kB
10
13

HTTP Request

GET https://pixel.onaudience.com/?partner=214&mapped=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&gdpr=0&gdpr_consent=

HTTP Response

302
18.193.14.187:443

x.bidswitch.net

tls

chrome.exe

2.1kB
7.4kB
15
14
98.98.134.242:443

pixel-sync.sitescout.com

tls

chrome.exe

1.8kB
5.6kB
13
14
35.201.96.126:443

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&gdpr=&fbounce=1

tls, http2

chrome.exe

2.1kB
7.8kB
16
21

HTTP Request

GET https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&gdpr=

HTTP Request

GET https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&gdpr=&fbounce=1
34.91.62.186:443

um.simpli.fi

tls

chrome.exe

1.7kB
5.4kB
11
11
64.158.223.140:443

pubmatic-match.dotomi.com

tls

chrome.exe

1.7kB
4.1kB
11
9
74.118.186.45:443

usermatch.targeting.unrulymedia.com

tls

chrome.exe

1.1kB
5.7kB
9
9
54.255.153.148:443

match.sharethrough.com

tls

chrome.exe

959 B
6.1kB
7
8
103.229.10.180:443

cms.quantserve.com

tls

chrome.exe

880 B
4.1kB
6
8
159.203.145.121:443

chrome.exe

156 B
3
13.114.3.112:443

match.prod.bidr.io

tls

chrome.exe

1.1kB
6.0kB
11
12
185.64.190.80:443

simage2.pubmatic.com

tls

chrome.exe

8.1kB
14.8kB
51
70
185.64.190.80:443

simage2.pubmatic.com

tls

chrome.exe

1.1kB
4.9kB
10
11
185.64.190.80:443

simage2.pubmatic.com

tls

chrome.exe

977 B
4.7kB
10
8
23.206.96.118:443

https://eus.rubiconproject.com/usync.js

tls, http

chrome.exe

2.4kB
16.4kB
15
19

HTTP Request

GET https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

HTTP Response

200

HTTP Request

GET https://eus.rubiconproject.com/usync.js

HTTP Response

200
185.64.190.80:443

simage2.pubmatic.com

tls

chrome.exe

977 B
4.7kB
10
8
182.161.73.146:443

widget.as.criteo.com

tls

chrome.exe

989 B
3.8kB
9
7
182.161.73.146:443

https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

tls, http2

chrome.exe

1.8kB
4.6kB
12
12

HTTP Request

GET https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

HTTP Response

302
88.221.135.112:443

code.createjs.com

tls

chrome.exe

3.5kB
71.7kB
53
64
212.77.98.32:443

https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js

tls, http2

chrome.exe

1.8kB
22.6kB
18
25

HTTP Request

GET https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
8.2.111.13:443

https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=ua-04d6f459-8757-3f03-ba4d-9194c24780dd&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wNGQ2ZjQ1OS04NzU3LTNmMDMtYmE0ZC05MTk0YzI0NzgwZGQQ____________ASpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtMDRkNmY0NTktODc1Ny0zZjAzLWJhNGQtOTE5NGMyNDc4MGRkMgIaBjgB

tls, http

chrome.exe

2.0kB
7.1kB
11
15

HTTP Request

GET https://cs.iqzone.com/a6da5bf591376177b08e1eb90117169d.gif?puid=ua-04d6f459-8757-3f03-ba4d-9194c24780dd&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0wNGQ2ZjQ1OS04NzU3LTNmMDMtYmE0ZC05MTk0YzI0NzgwZGQQ____________ASpgaHR0cHM6Ly9zeW5jLnF1YW50dW1kZXguaW8vc2V0dWlkP2JpZGRlcj16ZXRhLWdsb2JhbCZ1aWQ9dWEtMDRkNmY0NTktODc1Ny0zZjAzLWJhNGQtOTE5NGMyNDc4MGRkMgIaBjgB

HTTP Response

400
172.67.13.182:443

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B

tls, http2

chrome.exe

2.2kB
4.5kB
15
14

HTTP Request

GET https://spl.zeotap.com/?zdid=1332&zcluid=bb97073075a6d23c

HTTP Response

302

HTTP Request

GET https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=c3bd2438-86d4-4ee4-5dc0-45c9e3f9fe7d&reqId=72051f62-78b7-47dd-669f-5ee3a2d88bd0&zcluid=bb97073075a6d23c&zdid=1332&google_error=15

HTTP Response

200

HTTP Request

GET https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=7CF541F7-BB27-4FD6-99A5-3703D4CA818B

HTTP Response

200
185.86.138.151:443

https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEYuE7H280AACADXh_osw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0

tls, http

chrome.exe

2.0kB
5.6kB
12
10

HTTP Request

GET https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEYuE7H280AACADXh_osw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0

HTTP Response

302
185.80.39.216:443

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1908b1f7-6545-4cef-89d1-a9641efa1e87&expiration=1679127376&gdpr=0&gdpr_consent=

tls, http

chrome.exe

2.7kB
8.3kB
15
15

HTTP Request

GET https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D

HTTP Response

302

HTTP Request

GET https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1908b1f7-6545-4cef-89d1-a9641efa1e87&expiration=1679127376&gdpr=0&gdpr_consent=

HTTP Response

200
52.46.155.104:443

s.amazon-adsystem.com

tls

chrome.exe

3.2kB
8.9kB
13
14
185.80.39.216:443

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_3mTwAHg5b91QA_

tls, http

chrome.exe

1.9kB
7.6kB
14
14

HTTP Request

GET https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_3mTwAHg5b91QA_

HTTP Response

200
79.125.31.77:443

d.adroll.com

tls

chrome.exe

1.7kB
6.6kB
12
16
185.80.39.216:443

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=94LPvqNcSaJ8Ot5wQvZY8Jo9Rw0

tls, http

chrome.exe

1.8kB
7.6kB
14
14

HTTP Request

GET https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=94LPvqNcSaJ8Ot5wQvZY8Jo9Rw0

HTTP Response

200
52.28.242.101:443

sonata-notifications.taptapnetworks.com

tls

chrome.exe

1.8kB
6.7kB
14
12
185.64.190.81:443

image4.pubmatic.com

tls

chrome.exe

2.5kB
5.5kB
12
16
185.64.189.229:443

aud.pubmatic.com

tls

chrome.exe

2.5kB
5.3kB
12
16
74.214.196.131:443

https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEYuE7H280AACADXh_osw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1694303751891431627%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0

tls, http2

chrome.exe

1.9kB
6.1kB
13
14

HTTP Request

GET https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEYuE7H280AACADXh_osw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1694303751891431627%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0

HTTP Response

302
213.19.162.80:443

token.rubiconproject.com

tls

chrome.exe

3.0kB
6.1kB
11
10
185.64.190.81:443

simage4.pubmatic.com

tls

chrome.exe

5.0kB
5.8kB
16
19
35.214.223.115:443

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

tls, http2

chrome.exe

1.8kB
6.0kB
13
13

HTTP Request

GET https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

HTTP Response

307
162.55.120.196:443

matching.truffle.bid

tls

chrome.exe

1.9kB
5.5kB
12
14
195.5.165.20:443

core.iprom.net

tls

chrome.exe

1.7kB
5.5kB
9
10
74.118.186.44:443

sync.1rx.io

tls

chrome.exe

2.3kB
8.9kB
17
16
74.118.186.44:443

sync.1rx.io

tls

chrome.exe

1.1kB
6.8kB
9
10
35.186.193.173:443

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]

tls, http2

chrome.exe

1.7kB
5.1kB
11
14

HTTP Request

GET https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
8.43.72.98:443

pixel-us-east.rubiconproject.com

tls

chrome.exe

1.7kB
4.6kB
8
8
141.94.161.190:443

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=

tls, http

chrome.exe

1.7kB
7.2kB
12
12

HTTP Request

GET https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=

HTTP Response

302
77.243.60.138:443

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&sInitiator=external&gdpr=0&gdpr_consent=

tls, http

chrome.exe

1.6kB
3.8kB
9
9

HTTP Request

GET https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=7CF541F7-BB27-4FD6-99A5-3703D4CA818B&sInitiator=external&gdpr=0&gdpr_consent=

HTTP Response

302
35.172.15.83:443

a.audrte.com

tls

chrome.exe

2.2kB
7.1kB
9
10
46.228.164.11:443

https://ad.turn.com/r/cs?pid=45&rndcb=8784340716

tls, http2

chrome.exe

2.0kB
6.5kB
16
17

HTTP Request

GET https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=

HTTP Response

302

HTTP Request

GET https://ad.turn.com/r/cs?pid=45&rndcb=8784340716

HTTP Response

302
178.62.202.251:443

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

tls, http

chrome.exe

1.8kB
7.6kB
14
16

HTTP Request

GET https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

HTTP Response

302
34.102.253.54:443

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID

tls, http2

chrome.exe

1.7kB
6.8kB
13
17

HTTP Request

GET https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
34.111.129.221:443

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=644991552

tls, http2

chrome.exe

1.8kB
7.5kB
13
16

HTTP Request

GET https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=

HTTP Request

GET https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=644991552
213.19.162.80:443

token.rubiconproject.com

tls

chrome.exe

1.7kB
4.5kB
8
8
213.19.162.80:443

token.rubiconproject.com

tls

chrome.exe

1.7kB
4.5kB
8
8
213.19.162.80:443

token.rubiconproject.com

tls

chrome.exe

1.2kB
3.4kB
7
7
146.59.148.16:443

https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=a368a3a75e4fb9c949f104432f9d214d&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhhRTaTYaTVgUQXYj%26gdpr%3D0%26gdpr_consent%3D

tls, http

chrome.exe

2.9kB
7.6kB
12
12

HTTP Request

GET https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent

HTTP Response

302

HTTP Request

GET https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=a368a3a75e4fb9c949f104432f9d214d&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhhRTaTYaTVgUQXYj%26gdpr%3D0%26gdpr_consent%3D

HTTP Response

302
213.19.162.90:443

pixel.rubiconproject.com

tls

chrome.exe

1.9kB
4.1kB
8
8
213.19.162.90:443

pixel.rubiconproject.com

tls

chrome.exe

2.7kB
4.9kB
9
9
213.19.162.90:443

pixel.rubiconproject.com

tls

chrome.exe

1.9kB
4.0kB
8
8
13.107.43.14:443

px.ads.linkedin.com

tls

chrome.exe

1.7kB
6.1kB
12
14
213.19.162.90:443

pixel.rubiconproject.com

tls

chrome.exe

983 B
3.8kB
7
7
52.74.224.100:443

sync.crwdcntrl.net

tls

chrome.exe

2.4kB
7.6kB
12
12
50.57.31.206:443

uipus.semasio.net

tls

chrome.exe

2.2kB
5.1kB
8
11
52.74.224.100:443

sync.crwdcntrl.net

tls

chrome.exe

959 B
6.2kB
7
9
213.19.147.45:443

sync.targeting.unrulymedia.com

tls

chrome.exe

1.9kB
6.5kB
12
12
144.76.196.237:443

t.videoo.tv

tls

chrome.exe

2.9kB
144 B
8
3
51.89.67.82:443

https://vast.sunmedia.tv/8d915b72-4b0e-4789-9301-0943304f5827?rnd=7507099092715093&gdpr=0&gdpr_consent=&referrerurl=https://www.letrasboom.com/&rw=350&rh=196.875

tls, http

chrome.exe

1.6kB
7.7kB
10
13

HTTP Request

GET https://vast.sunmedia.tv/8d915b72-4b0e-4789-9301-0943304f5827?rnd=7507099092715093&gdpr=0&gdpr_consent=&referrerurl=https://www.letrasboom.com/&rw=350&rh=196.875

HTTP Response

200
54.38.37.49:443

https://static.sunmedia.tv/sdks/invpaid/invpaid.js?it=8d915b72-4b0e-4789-9301-0943304f5827&rnd=7507099092715093&gdpr=0&gdpr_consent=&referrerurl=https://www.letrasboom.com/&rw=350&rh=196.875

tls, http

chrome.exe

2.5kB
65.0kB
30
52

HTTP Request

GET https://static.sunmedia.tv/sdks/invpaid/invpaid.js?it=8d915b72-4b0e-4789-9301-0943304f5827&rnd=7507099092715093&gdpr=0&gdpr_consent=&referrerurl=https://www.letrasboom.com/&rw=350&rh=196.875

HTTP Response

200
51.91.154.17:443

https://services.sunmedia.tv/geotarget/geocity.php

tls, http

chrome.exe

1.5kB
7.0kB
9
11

HTTP Request

GET https://services.sunmedia.tv/geotarget/geocity.php

HTTP Response

200
144.76.196.237:443

t.videoo.tv

chrome.exe

104 B
2
144.76.196.237:443

t.videoo.tv

chrome.exe

104 B
2
8.8.8.8:443

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

tls, http2

chrome.exe

1.5kB
6.9kB
13
14

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
34.107.223.103:443

https://es-sunicontent.videoplaza.tv/proxy/tracker/v2?pid=34ced21b-add2-11ed-97a0-bad833858bf4&t=T28&tid=34ceab0a-add2-11ed-97a0-bad833858bf4&pf=fl_11&dcid=03f060e8-4a4b-4c8d-b6fe-49bb464e4e0d&cf=short_form&s=DigitalGreenPR/LetrasBoomDesktop&loc=COQCEKgKGKHzAyCi3RUtH4WZQTVm5pFCOgV0aGFuZUIGNDAwNjA0&rbp=1&aid=0&tt=p&e=0&ua=%5Bua%5D&uc=%5Buc%5D&pf=fl_11

tls, http2

chrome.exe

2.4kB
11.0kB
18
21

HTTP Request

GET https://es-sunicontent.videoplaza.tv/proxy/distributor/v2?s=DigitalGreenPR/LetrasBoomDesktop&tt=p&rt=vast_2.0&rnd=7507099092715093&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent=1&ru=https://www.letrasboom.com/&vht=196.875&vwt=350&cp.schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,,&t=T28

HTTP Request

GET https://es-sunicontent.videoplaza.tv/proxy/tracker/v2?pid=34ced21b-add2-11ed-97a0-bad833858bf4&t=T28&tid=34ceab0a-add2-11ed-97a0-bad833858bf4&pf=fl_11&dcid=03f060e8-4a4b-4c8d-b6fe-49bb464e4e0d&cf=short_form&s=DigitalGreenPR/LetrasBoomDesktop&loc=COQCEKgKGKHzAyCi3RUtH4WZQTVm5pFCOgV0aGFuZUIGNDAwNjA0&rbp=1&aid=0&tt=p&e=0&ua=%5Bua%5D&uc=%5Buc%5D&pf=fl_11
216.58.214.2:443

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkvOQ-8yZ_QIVYNERCB1UOQxdEAAYACCzjqVZQhMIzN3a-syZ_QIVHKD9Bx05ng2V;met=1;&timestamp=1676538984260;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

tls, http2

chrome.exe

1.8kB
6.3kB
13
14

HTTP Request

GET https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIkvOQ-8yZ_QIVYNERCB1UOQxdEAAYACCzjqVZQhMIzN3a-syZ_QIVHKD9Bx05ng2V;met=1;&timestamp=1676538984260;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
51.89.67.82:443

https://track.sunmedia.tv/?ap=smptf&it=8d915b72-4b0e-4789-9301-0943304f5827&tp=unf&pb=1&pos=0&loop=1

tls, http

chrome.exe

2.2kB
7.1kB
11
12

HTTP Request

GET https://track.sunmedia.tv/?ap=smptf&it=8d915b72-4b0e-4789-9301-0943304f5827&tp=req&pb=1&pos=0&loop=1

HTTP Response

200

HTTP Request

GET https://track.sunmedia.tv/?ap=smptf&it=8d915b72-4b0e-4789-9301-0943304f5827&tp=unf&pb=1&pos=0&loop=1

HTTP Response

200
51.89.67.82:443

https://track.sunmedia.tv/?ap=smptf&it=8d915b72-4b0e-4789-9301-0943304f5827&tp=op&pb=1&pos=0&loop=1

tls, http

chrome.exe

1.5kB
6.6kB
9
10

HTTP Request

GET https://track.sunmedia.tv/?ap=smptf&it=8d915b72-4b0e-4789-9301-0943304f5827&tp=op&pb=1&pos=0&loop=1

HTTP Response

200
217.182.178.225:443

https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=-536736847&vph=196.875&vpw=350&pgDomain=https://www.letrasboom.com/&vpaidt=js&vpaidv=1,2&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,,

tls, http

chrome.exe

2.8kB
6.7kB
9
8

HTTP Request

GET https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=-477876532&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,,

HTTP Response

200

HTTP Request

GET https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=-536736847&vph=196.875&vpw=350&pgDomain=https://www.letrasboom.com/&vpaidt=js&vpaidv=1,2&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,,

HTTP Response

200
23.72.252.144:443

https://creatives.sascdn.com/shim.gif

tls, http

chrome.exe

1.4kB
5.0kB
8
10

HTTP Request

GET https://creatives.sascdn.com/shim.gif

HTTP Response

200
178.32.210.226:443

https://ww2951.smartadserver.com/ac?siteid=310175&pgid=1121103&fmtid=61639&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1835602738&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,,

tls, http

chrome.exe

2.0kB
6.3kB
9
9

HTTP Request

GET https://ww2951.smartadserver.com/ac?siteid=310175&pgid=1121103&fmtid=61639&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1835602738&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,,

HTTP Response

200
185.94.180.124:443

search.spotxchange.com

tls

chrome.exe

1.7kB
4.9kB
7
9
185.86.138.16:443

https://www14.smartadserver.com/ac?siteid=295430&pgid=1083836&fmtid=76623&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=817976039&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,,

tls, http

chrome.exe

2.0kB
5.4kB
8
7

HTTP Request

GET https://www14.smartadserver.com/ac?siteid=295430&pgid=1083836&fmtid=76623&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=817976039&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,6f3aa54a-261d-462d-a741-ab840b3d3b77,1,,,

HTTP Response

200

8.8.8.8:53

accounts.google.com

dns

chrome.exe

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.251.36.45
8.8.8.8:53

www.letrasboom.com

dns

chrome.exe

64 B
96 B
1
1

DNS Request

www.letrasboom.com

DNS Response

172.67.190.73

104.21.81.188
8.8.8.8:53

clients2.google.com

dns

chrome.exe

65 B
105 B
1
1

DNS Request

clients2.google.com

DNS Response

172.217.168.238
8.8.8.8:53

edgedl.me.gvt1.com

dns

chrome.exe

64 B
80 B
1
1

DNS Request

edgedl.me.gvt1.com

DNS Response

34.104.35.123
8.8.8.8:53

cdnjs.cloudflare.com

dns

chrome.exe

66 B
98 B
1
1

DNS Request

cdnjs.cloudflare.com

DNS Response

104.17.24.14

104.17.25.14
8.8.8.8:53

maxcdn.bootstrapcdn.com

dns

chrome.exe

69 B
101 B
1
1

DNS Request

maxcdn.bootstrapcdn.com

DNS Response

104.18.11.207

104.18.10.207
8.8.8.8:53

www.facebook.com

dns

chrome.exe

62 B
107 B
1
1

DNS Request

www.facebook.com

DNS Response

157.240.201.35
8.8.8.8:53

static.videoo.tv

dns

chrome.exe

62 B
110 B
1
1

DNS Request

static.videoo.tv

DNS Response

104.22.75.85

104.22.74.85

172.67.25.36
8.8.8.8:53

ajax.googleapis.com

dns

chrome.exe

65 B
81 B
1
1

DNS Request

ajax.googleapis.com

DNS Response

142.251.36.10
8.8.8.8:53

cmp.optad360.io

dns

chrome.exe

61 B
168 B
1
1

DNS Request

cmp.optad360.io

DNS Response

18.65.39.84

18.65.39.6

18.65.39.85

18.65.39.103
8.8.8.8:53

get.optad360.io

dns

chrome.exe

61 B
168 B
1
1

DNS Request

get.optad360.io

DNS Response

108.156.60.9

108.156.60.6

108.156.60.51

108.156.60.97
8.8.8.8:53

translate.googleapis.com

dns

chrome.exe

70 B
86 B
1
1

DNS Request

translate.googleapis.com

DNS Response

142.251.36.42
8.8.8.8:53

connect.facebook.net

dns

chrome.exe

66 B
114 B
1
1

DNS Request

connect.facebook.net

DNS Response

157.240.247.8
8.8.8.8:53

googleads.g.doubleclick.net

dns

chrome.exe

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

142.250.179.130
8.8.8.8:53

securepubads.g.doubleclick.net

dns

chrome.exe

76 B
121 B
1
1

DNS Request

securepubads.g.doubleclick.net

DNS Response

216.58.208.98
8.8.8.8:53

cdn.jsdelivr.net

dns

chrome.exe

62 B
188 B
1
1

DNS Request

cdn.jsdelivr.net

DNS Response

104.16.86.20

104.16.87.20

104.16.89.20

104.16.85.20

104.16.88.20
8.8.8.8:53

dns.google

dns

chrome.exe

56 B
88 B
1
1

DNS Request

dns.google

DNS Response

8.8.8.8

8.8.4.4
8.8.8.8:53

prebid-eu.creativecdn.com

dns

chrome.exe

71 B
87 B
1
1

DNS Request

prebid-eu.creativecdn.com

DNS Response

185.184.8.90
8.8.8.8:53

hbopenbid.pubmatic.com

dns

chrome.exe

68 B
146 B
1
1

DNS Request

hbopenbid.pubmatic.com

DNS Response

185.64.189.112
8.8.8.8:53

adx.adform.net

dns

chrome.exe

60 B
132 B
1
1

DNS Request

adx.adform.net

DNS Response

37.157.6.233

37.157.6.254
8.8.8.8:53

useast.quantumdex.io

dns

chrome.exe

66 B
114 B
1
1

DNS Request

useast.quantumdex.io

DNS Response

104.22.37.96

172.67.42.201

104.22.36.96
8.8.8.8:53

bidder.criteo.com

dns

chrome.exe

63 B
113 B
1
1

DNS Request

bidder.criteo.com

DNS Response

178.250.1.8
8.8.8.8:53

ssp.wp.pl

dns

chrome.exe

55 B
71 B
1
1

DNS Request

ssp.wp.pl

DNS Response

212.77.99.29
8.8.8.8:53

prebid.a-mo.net

dns

chrome.exe

61 B
77 B
1
1

DNS Request

prebid.a-mo.net

DNS Response

145.40.89.200
8.8.8.8:53

rtb.adxpremium.services

dns

chrome.exe

69 B
85 B
1
1

DNS Request

rtb.adxpremium.services

DNS Response

185.106.140.18
8.8.8.8:53

t.videoo.tv

dns

chrome.exe

57 B
73 B
1
1

DNS Request

t.videoo.tv

DNS Response

144.76.196.237
8.8.8.8:53

api.dailymotion.com

dns

chrome.exe

65 B
139 B
1
1

DNS Request

api.dailymotion.com

DNS Response

35.244.47.206
8.8.8.8:53

apps.identrust.com

dns

chrome.exe

64 B
165 B
1
1

DNS Request

apps.identrust.com

DNS Response

88.221.25.169

88.221.25.153
224.0.0.251:5353

chrome.exe

204 B
3

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request