urlscan.io logo urlscan.io
SecurityTrails logo

mosaic2.jerkmate.com Open in urlscan Pro
3.161.213.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.mikex.garstoutnu.com/
Effective URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&...
Submission: On May 06 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 3 countries across 20 domains to perform 38 HTTP transactions. The main IP is 3.161.213.11, located in United States and belongs to AMAZON-02, US. The main domain is mosaic2.jerkmate.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on April 12th 2024. Valid for: a year.
This is the only time mosaic2.jerkmate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 149.56.221.90 16276 (OVH)
2 2 18.67.76.52 16509 (AMAZON-02)
5 3.161.213.11 16509 (AMAZON-02)
2 172.253.115.95 15169 (GOOGLE)
2 3.161.213.66 16509 (AMAZON-02)
2 142.251.111.97 15169 (GOOGLE)
2 192.184.67.143 16509 (AMAZON-02)
6 104.19.147.8 13335 (CLOUDFLAR...)
1 64.88.254.162 30361 (SWIFTWILL2)
1 104.108.101.154 16625 (AKAMAI-AS)
2 2 174.137.133.32 27257 (WEBAIR-IN...)
2 213.174.157.105 39572 (ADVANCEDH...)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
1 2 54.213.71.210 16509 (AMAZON-02)
1 1 172.67.69.73 13335 (CLOUDFLAR...)
2 2 54.208.206.211 14618 (AMAZON-AES)
1 1 104.26.9.50 13335 (CLOUDFLAR...)
1 216.239.32.178 15169 (GOOGLE)
1 66.254.114.154 29789 (REFLECTED)
1 13.32.151.56 16509 (AMAZON-02)
1 18.165.98.104 16509 (AMAZON-02)
1 3.162.3.28 16509 (AMAZON-02)
1 18.220.54.224 16509 (AMAZON-02)
5 104.17.111.223 ()
1 104.16.160.145 ()
38 19
1    149.56.221.90 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: clarkweb.whc.ca
www.mikex.garstoutnu.com
2    18.67.76.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-76-52.iad89.r.cloudfront.net
t.acam-2.com
5    3.161.213.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-11.yul62.r.cloudfront.net
mosaic2.jerkmate.com
2    172.253.115.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f95.1e100.net
fonts.googleapis.com
2    3.161.213.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-66.yul62.r.cloudfront.net
gateway.jerkmate.com
2    142.251.111.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net
www.googletagmanager.com
2    192.184.67.143 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
6    104.19.147.8 (None, )

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
1    64.88.254.162 (United States)

ASN30361 (SWIFTWILL2, US)
static.trafficjunky.com
1    104.108.101.154 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-101-154.deploy.static.akamaitechnologies.com
cdn-4.convertexperiments.com
2    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
2    213.174.157.105 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
tsyndicate.com
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.afkwa.com
dsp.adkernel.com
2    54.213.71.210 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-71-210.us-west-2.compute.amazonaws.com
a.usbrowserspeed.com
1    172.67.69.73 (United States)

ASN13335 (CLOUDFLARENET, US)
a.remarketstats.com
2    54.208.206.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-208-206-211.compute-1.amazonaws.com
i.liadm.com
1    104.26.9.50 (None, )

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
1    216.239.32.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    66.254.114.154 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net
ads.trafficjunky.net
1    13.32.151.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-151-56.iad66.r.cloudfront.net
rules.quantcount.com
1    18.165.98.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-98-104.iad55.r.cloudfront.net
pagestates-tracking.crazyegg.com
1    3.162.3.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-28.yul62.r.cloudfront.net
assets-tracking.crazyegg.com
1    18.220.54.224 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-220-54-224.us-east-2.compute.amazonaws.com
tracking.crazyegg.com
5    104.17.111.223 (None, )

ASN- ()
cdn.onesignal.com
onesignal.com
img.onesignal.com
1    104.16.160.145 (None, )

ASN- ()
onesignal.com
Apex Domain
Subdomains		 Transfer
9 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2400
pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 7454
assets-tracking.crazyegg.com — Cisco Umbrella Rank: 7566
tracking.crazyegg.com — Cisco Umbrella Rank: 4579
77 KB
7 jerkmate.com
mosaic2.jerkmate.com
gateway.jerkmate.com — Cisco Umbrella Rank: 304665
1 MB
6 onesignal.com
cdn.onesignal.com
onesignal.com
img.onesignal.com
93 KB
3 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1651
dsp.adkernel.com — Cisco Umbrella Rank: 6504
1 KB
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 569
1 KB
2 usbrowserspeed.com
a.usbrowserspeed.com — Cisco Umbrella Rank: 5754
353 B
2 afkwa.com
rtb2-useast.afkwa.com — Cisco Umbrella Rank: 202599
932 B
2 tsyndicate.com
tsyndicate.com — Cisco Umbrella Rank: 8924
866 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1387
pixel.quantserve.com — Cisco Umbrella Rank: 1107
10 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
204 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
2 KB
2 acam-2.com
t.acam-2.com — Cisco Umbrella Rank: 403076
3 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1410
1 KB
1 trafficjunky.net
ads.trafficjunky.net — Cisco Umbrella Rank: 42233
584 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
257 B
1 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 5348
625 B
1 remarketstats.com
a.remarketstats.com — Cisco Umbrella Rank: 5960
761 B
1 convertexperiments.com
cdn-4.convertexperiments.com — Cisco Umbrella Rank: 8530
50 KB
1 trafficjunky.com
static.trafficjunky.com — Cisco Umbrella Rank: 16460
4 KB
1 garstoutnu.com
www.mikex.garstoutnu.com
288 B
38 20
Domain Requested by
6 script.crazyegg.com www.googletagmanager.com
script.crazyegg.com
5 mosaic2.jerkmate.com mosaic2.jerkmate.com
3 onesignal.com cdn.onesignal.com
2 cdn.onesignal.com www.googletagmanager.com
cdn.onesignal.com
2 i.liadm.com 2 redirects
2 a.usbrowserspeed.com 1 redirects mosaic2.jerkmate.com
2 rtb2-useast.afkwa.com 2 redirects
2 tsyndicate.com mosaic2.jerkmate.com
2 sync.adkernel.com 2 redirects
2 www.googletagmanager.com mosaic2.jerkmate.com
www.googletagmanager.com
2 gateway.jerkmate.com mosaic2.jerkmate.com
gateway.jerkmate.com
2 fonts.googleapis.com mosaic2.jerkmate.com
2 t.acam-2.com 2 redirects
1 img.onesignal.com
1 tracking.crazyegg.com script.crazyegg.com
1 assets-tracking.crazyegg.com script.crazyegg.com
1 pagestates-tracking.crazyegg.com script.crazyegg.com
1 pixel.quantserve.com mosaic2.jerkmate.com
1 rules.quantcount.com secure.quantserve.com
1 ads.trafficjunky.net mosaic2.jerkmate.com
1 www.google-analytics.com www.googletagmanager.com
1 a.clickcertain.com 1 redirects
1 a.remarketstats.com 1 redirects
1 dsp.adkernel.com 1 redirects
1 cdn-4.convertexperiments.com www.googletagmanager.com
1 static.trafficjunky.com mosaic2.jerkmate.com
1 secure.quantserve.com www.googletagmanager.com
1 www.mikex.garstoutnu.com 1 redirects
38 28

This site contains links to these domains. Also see Links.

Domain
google.com
www.crakrevenue.com
Subject Issuer Validity Valid
*.jerkmate.com
Sectigo RSA Organization Validation Secure Server CA		 2024-04-12 -
2025-05-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
quantserve.com
R3		 2024-04-25 -
2024-07-24		 3 months crt.sh
script.crazyegg.com
E1		 2024-04-05 -
2024-07-04		 3 months crt.sh
*.trafficjunky.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-11-02		 a year crt.sh
*.convertexperiments.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-11-09 -
2024-11-09		 a year crt.sh
*.trafficjunky.net
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-11-14 -
2024-12-14		 a year crt.sh
crazyegg.com
Amazon RSA 2048 M02		 2024-04-28 -
2025-05-27		 a year crt.sh
onesignal.com
GTS CA 1P5		 2024-04-01 -
2024-06-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Frame ID: 97B703B09F7092D0308F5C50D8B0C6C4
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Jerkmate | Never jerk off alone again

Page URL History Show full URLs

  1. https://www.mikex.garstoutnu.com/ HTTP 301
    https://t.acam-2.com/593/8865/33285?aff_sub=mikex&bo=2779,2778,2777,2776,2775&po=6533&aff_sub5=SF... HTTP 303
    https://t.acam-2.com/289177/6263?aff_sub=mikex&aff_sub4=593&aff_click_id=10224dcf7f37a4a1701e9001... HTTP 303
    https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

38
Requests

87 %
HTTPS

0 %
IPv6

20
Domains

28
Subdomains

19
IPs

3
Countries

1639 kB
Transfer

2809 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.mikex.garstoutnu.com/ HTTP 301
    https://t.acam-2.com/593/8865/33285?aff_sub=mikex&bo=2779,2778,2777,2776,2775&po=6533&aff_sub5=SF_006OG000004lmDN HTTP 303
    https://t.acam-2.com/289177/6263?aff_sub=mikex&aff_sub4=593&aff_click_id=10224dcf7f37a4a1701e900123f306&po=6533&bo=2779%2C2778%2C2777%2C2776%2C2775 HTTP 303
    https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://sync.adkernel.com/user-sync?zone=175496&t=image&r=https%3A%2F%2Ftsyndicate.com%2Fapi%2Fv2%2Fssp%2Fset-client-id%2F9UgQn1seYcRqz7WjaV4ufu8Hwoz4fbnf%3Fid%3D%7BUID%7D HTTP 302
  • https://tsyndicate.com/api/v2/ssp/set-client-id/9UgQn1seYcRqz7WjaV4ufu8Hwoz4fbnf?id=A3357333024399726935
Request Chain 14
  • https://sync.adkernel.com/user-sync?zone=175496&t=image&r=https%3A%2F%2Ftsyndicate.com%2Fapi%2Fv2%2Fssp%2Fset-client-id%2FXIV5qGp4phAwU8njKOOxrSZrBUQOqc2c%3Fid%3D%7BUID%7D HTTP 302
  • https://tsyndicate.com/api/v2/ssp/set-client-id/XIV5qGp4phAwU8njKOOxrSZrBUQOqc2c?id=A658844344641588705
Request Chain 15
  • https://rtb2-useast.afkwa.com/universalPixel?account=53338 HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.afkwa.com%2FuniversalPixel%3Faccount%3D53338 HTTP 302
  • https://rtb2-useast.afkwa.com/universalPixel?adkuid=A3357333024399726935&account=53338 HTTP 302
  • https://a.usbrowserspeed.com/cs?pid=6d6c790680363540538d004c7415d5160f7e3d2aa6d7904e6fd976273560db52&puid=A3357333024399726935 HTTP 302
  • https://a.remarketstats.com/px/li-co/ HTTP 302
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=11418bd5-c461-4c89-aff8-689d1ceb718a&ccid=11418bd5-c461-4c89-aff8-689d1ceb718a&redir=https%253a%252f%252fa%252eusbrowserspeed%252ecom%252fcs%253fpid%253dlc2%2526puid%253d57c98278%252d6212%252d5599%252db09a%252d9acc1071f917 HTTP 303
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fa%252eusbrowserspeed%252ecom%252fcs%253fpid%253dlc2%2526puid%253d57c98278%252d6212%252d5599%252db09a%252d9acc1071f917&bidder_id=200441&bidder_uuid=11418bd5-c461-4c89-aff8-689d1ceb718a&_li_chk=true&ccid=11418bd5-c461-4c89-aff8-689d1ceb718a&previous_uuid=2b6dfe4470204d9fbc692c6e0db8b428 HTTP 303
  • https://a.clickcertain.com/px/li/?redir=https%253a%252f%252fa%252eusbrowserspeed%252ecom%252fcs%253fpid%253dlc2%2526puid%253d57c98278%252d6212%252d5599%252db09a%252d9acc1071f917&ccid=11418bd5-c461-4c89-aff8-689d1ceb718a HTTP 302
  • https://a.usbrowserspeed.com/cs?pid=lc2&puid=57c98278-6212-5599-b09a-9acc1071f917

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mosaic2.jerkmate.com/
Redirect Chain
  • https://www.mikex.garstoutnu.com/
  • https://t.acam-2.com/593/8865/33285?aff_sub=mikex&bo=2779,2778,2777,2776,2775&po=6533&aff_sub5=SF_006OG000004lmDN
  • https://t.acam-2.com/289177/6263?aff_sub=mikex&aff_sub4=593&aff_click_id=10224dcf7f37a4a1701e900123f306&po=6533&bo=2779%2C2778%2C2777%2C2776%2C2775
  • https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=277...
94 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-11.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4085560d671ee7d2553f5bc4b0343c23f49fd587b0591c000ecab3b399a6308d

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
6802
content-encoding
gzip
content-language
html
content-type
text/html
date
Mon, 06 May 2024 08:04:21 GMT
etag
W/"7f2947ca389c58be264a976f24b97121"
last-modified
Fri, 26 Apr 2024 19:49:42 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 96785766955873d794428d65e568cb5c.cloudfront.net (CloudFront)
x-amz-cf-id
zH5NdjZ22Qc4wiMMPYgAs_835HAMqlZX2dLoPWAB2HKROicdBloCFQ==
x-amz-cf-pop
YUL62-P1
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=86400
content-length
580
content-type
text/html; charset=utf-8
date
Mon, 06 May 2024 09:55:15 GMT
location
https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
server
nginx/1.19.0
strict-transport-security
max-age=15724800; includeSubDomains
tracking_id
102f7c576c04a33efbc52c3dccb49b
vary
Accept
via
1.1 8aaf07807b640d113c47df1d50eca064.cloudfront.net (CloudFront)
x-amz-cf-id
MwOIuD3joVFIbxGd4hLartmxLa3kvyHiZtV4vnSL9In1AFUgpHY0Nw==
x-amz-cf-pop
IAD89-P2
x-cache
Miss from cloudfront
style.dotsass
mosaic2.jerkmate.com/templates/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mosaic2.jerkmate.com/templates/css/style.dotsass?v=2
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-11.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c97bd2f243bb66d54288af597bc39a71e7d5fa3b359dd303fcba8dde80f7ccee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 10:06:50 GMT
content-encoding
gzip
via
1.1 96785766955873d794428d65e568cb5c.cloudfront.net (CloudFront)
last-modified
Fri, 26 Apr 2024 19:49:42 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
85706
etag
W/"f93941b68341a0096803bfc1dd4dcf07"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
5ikKsgouS7H3XneI9XOAQ7vTD43NLlueoALBydszbemdHCaoh-BhPQ==
css2
fonts.googleapis.com/ 		2 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@300&display=swap
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
9992412bb27e6f7246168320dd4efece61b87f8cdc3cb10bb568c5f5ebc4afa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 May 2024 09:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 May 2024 09:25:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 May 2024 09:55:15 GMT
jerkmate_logo.jpg
mosaic2.jerkmate.com/asset/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mosaic2.jerkmate.com/asset/img/jerkmate_logo.jpg
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-11.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc5e16fac006ede6734eeec64317886bef58e46cc7f4c7137e0bcc27164881dc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 13:12:17 GMT
via
1.1 96785766955873d794428d65e568cb5c.cloudfront.net (CloudFront)
last-modified
Fri, 17 Mar 2023 20:56:22 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
74627
etag
"f00248272efbe80d90832442ba8cdcb5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
content-length
12113
x-amz-cf-id
EG8yu4-cY9T9XGdnomsQeQTeJOiL1I4BLsGq-emGFL3YSwa1TxabKg==
ws-session-widget.min.js
gateway.jerkmate.com//wswidget/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gateway.jerkmate.com//wswidget/ws-session-widget.min.js
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-66.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
346b3833037d4e86d3550777bff38014df6db67f0f0daa3839352d59c8d18720

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:54:45 GMT
content-encoding
br
via
1.1 19298b403c16e472e8e1bf4122960db4.cloudfront.net (CloudFront)
last-modified
Mon, 08 Jan 2024 18:21:02 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
30
x-amz-server-side-encryption
AES256
etag
W/"079b0627b80064bc7b897a7232a4cb7d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=300
x-amz-cf-id
qnJ2b4HD88tOWub1LYUOM26x8PfJf_sgiF2f8psTjjO1Zkl9WtOW4w==
apigw-requestid
XV9T8gYDIAMEZ3Q=
css2
fonts.googleapis.com/ 		2 KB
645 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400&display=swap
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
1e37b616b4dfba2c95070068b1f9811becb1f042c5eb0199ed38dcfd1f0960cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 06 May 2024 09:55:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 06 May 2024 08:57:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 06 May 2024 09:55:15 GMT
gtm.js
www.googletagmanager.com/ 		374 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8XR2C2
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
299add7898b03a7d2d48f85d538f9cc96c4de26250b2e93d40bac9838f915449
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114372
x-xss-protection
0
last-modified
Mon, 06 May 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 06 May 2024 09:55:15 GMT
ws-session
gateway.jerkmate.com/session-api/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gateway.jerkmate.com/session-api/ws-session?referer=
Requested by
Host: gateway.jerkmate.com
URL: https://gateway.jerkmate.com//wswidget/ws-session-widget.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-66.yul62.r.cloudfront.net
Software
/
Resource Hash
ef58223d0f6f618374b0e3f99d3b96c39e887c2217bfab4e62c1a126a944b7ca
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 06 May 2024 09:55:15 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
via
1.1 fbdc01f132101cb05310363b09502a86.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
YUL62-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-frame-options
SAMEORIGIN
x-amz-cf-id
ki3-8S67pEpyF_9TfV1ZWvAJOQGVTo5sHQ9C164FqY85HL8d4O1o7A==
apigw-requestid
XV9YpjU-oAMEaXw=
x-xss-protection
1; mode=block
1920x1080-bg-gay.jpg
mosaic2.jerkmate.com/dA/71126eca79/image/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mosaic2.jerkmate.com/dA/71126eca79/image/1920x1080-bg-gay.jpg
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-11.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae7673e0e9fccf11268d6730010989c7747f6279531489cfbff2b1007532bf12

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 10:03:35 GMT
via
1.1 96785766955873d794428d65e568cb5c.cloudfront.net (CloudFront)
last-modified
Fri, 26 Apr 2024 19:49:38 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
85901
etag
"a485afdfc1ec2833b8a2bb210b55540c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
content-length
1171476
x-amz-cf-id
3jhW6PlqnYg2v_L6Vc56cS0XbUITK0lkvTetPdmNlpQIQuoltkTY9w==
js
www.googletagmanager.com/gtag/ 		280 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S6XTBZ5V47&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8XR2C2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
effc56285517bc2d36ebde0585b286d0f9889b59c8a2c19aa2d1773ac1853204
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93925
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 06 May 2024 09:55:16 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8XR2C2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.67.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:16 GMT
content-encoding
gzip
etag
"bvEECQq4Zy6gU9J/qv1O6Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 13 May 2024 09:55:16 GMT
2536.js
script.crazyegg.com/pages/scripts/0116/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0116/2536.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8XR2C2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e80b3357f16f95b3f565d764f6fd207cfb5b1403b463c29b9a1d14f3e593a17

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
9152
cf-polished
origSize=6112
ce-version
11.5.202
cf-bgj
minify
last-modified
Mon, 06 May 2024 07:22:44 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
87f817f9ef07ab33-YYZ
mp.min.js
static.trafficjunky.com/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.trafficjunky.com/js/mp.min.js
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.88.254.162 , United States, ASN30361 (SWIFTWILL2, US),
Reverse DNS
Software
/
Resource Hash
c0b418148076b3e8cfdae771ed19d95a5c31b73654e0b3b47d36557e8a649d84

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:16 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 19:46:07 GMT
etag
W/"6f013ad69-29bb-600dc485b1dc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1710111531
x-cdn-diag
jfk4-2092-3-2047565-h-0-0---;2051-42-45415----0-0-0
expires
Sun, 10 Mar 2024 22:58:51 GMT
10047751-10049032.js
cdn-4.convertexperiments.com/v1/js/ 		189 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-4.convertexperiments.com/v1/js/10047751-10049032.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8XR2C2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.108.101.154 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-101-154.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
07de9d094f303b179c4b69b2fe014cb55a44c90cc90fa209a85e77d0becc69be

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:16 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
content-length
50570
expires
Mon, 06 May 2024 10:00:16 GMT
9UgQn1seYcRqz7WjaV4ufu8Hwoz4fbnf
tsyndicate.com/api/v2/ssp/set-client-id/
Redirect Chain
  • https://sync.adkernel.com/user-sync?zone=175496&t=image&r=https%3A%2F%2Ftsyndicate.com%2Fapi%2Fv2%2Fssp%2Fset-client-id%2F9UgQn1seYcRqz7WjaV4ufu8Hwoz4fbnf%3Fid%3D%7BUID%7D
  • https://tsyndicate.com/api/v2/ssp/set-client-id/9UgQn1seYcRqz7WjaV4ufu8Hwoz4fbnf?id=A3357333024399726935
43 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsyndicate.com/api/v2/ssp/set-client-id/9UgQn1seYcRqz7WjaV4ufu8Hwoz4fbnf?id=A3357333024399726935
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
H2
Server
213.174.157.105 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2024 09:55:16 GMT
server
nginx
x-api-version
2
vary
*
report-to
{ "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type
image/gif
cache-control
no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag
none, noindex, nofollow
content-length
43
x-request-id
c4ed10aa9a76c3f2
expires
0

Redirect headers

Location
https://tsyndicate.com/api/v2/ssp/set-client-id/9UgQn1seYcRqz7WjaV4ufu8Hwoz4fbnf?id=A3357333024399726935
Date
Mon, 06 May 2024 09:55:16 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
0
XIV5qGp4phAwU8njKOOxrSZrBUQOqc2c
tsyndicate.com/api/v2/ssp/set-client-id/
Redirect Chain
  • https://sync.adkernel.com/user-sync?zone=175496&t=image&r=https%3A%2F%2Ftsyndicate.com%2Fapi%2Fv2%2Fssp%2Fset-client-id%2FXIV5qGp4phAwU8njKOOxrSZrBUQOqc2c%3Fid%3D%7BUID%7D
  • https://tsyndicate.com/api/v2/ssp/set-client-id/XIV5qGp4phAwU8njKOOxrSZrBUQOqc2c?id=A658844344641588705
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tsyndicate.com/api/v2/ssp/set-client-id/XIV5qGp4phAwU8njKOOxrSZrBUQOqc2c?id=A658844344641588705
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
H2
Server
213.174.157.105 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 May 2024 09:55:16 GMT
server
nginx
x-api-version
2
vary
*
report-to
{ "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type
image/gif
cache-control
no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag
none, noindex, nofollow
content-length
43
x-request-id
6073b4077102fec0
expires
0

Redirect headers

Location
https://tsyndicate.com/api/v2/ssp/set-client-id/XIV5qGp4phAwU8njKOOxrSZrBUQOqc2c?id=A658844344641588705
Date
Mon, 06 May 2024 09:55:16 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Content-Length
0
cs
a.usbrowserspeed.com/
Redirect Chain
  • https://rtb2-useast.afkwa.com/universalPixel?account=53338
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.afkwa.com%2FuniversalPixel%3Faccount%3D53338
  • https://rtb2-useast.afkwa.com/universalPixel?adkuid=A3357333024399726935&account=53338
  • https://a.usbrowserspeed.com/cs?pid=6d6c790680363540538d004c7415d5160f7e3d2aa6d7904e6fd976273560db52&puid=A3357333024399726935
  • https://a.remarketstats.com/px/li-co/
  • https://i.liadm.com/s/56408?bidder_id=200441&bidder_uuid=11418bd5-c461-4c89-aff8-689d1ceb718a&ccid=11418bd5-c461-4c89-aff8-689d1ceb718a&redir=https%253a%252f%252fa%252eusbrowserspeed%252ecom%252fcs...
  • https://i.liadm.com/s/56408?redir=https%253a%252f%252fa%252eusbrowserspeed%252ecom%252fcs%253fpid%253dlc2%2526puid%253d57c98278%252d6212%252d5599%252db09a%252d9acc1071f917&bidder_id=200441&bidder_u...
  • https://a.clickcertain.com/px/li/?redir=https%253a%252f%252fa%252eusbrowserspeed%252ecom%252fcs%253fpid%253dlc2%2526puid%253d57c98278%252d6212%252d5599%252db09a%252d9acc1071f917&ccid=11418bd5-c461-...
  • https://a.usbrowserspeed.com/cs?pid=lc2&puid=57c98278-6212-5599-b09a-9acc1071f917
0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.usbrowserspeed.com/cs?pid=lc2&puid=57c98278-6212-5599-b09a-9acc1071f917
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
H2
Server
54.213.71.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-213-71-210.us-west-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://mosaic2.jerkmate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Mon, 06 May 2024 09:55:17 GMT
server
awselb/2.0

Redirect headers

date
Mon, 06 May 2024 09:55:17 GMT
x-frontend
cc-nginx-67cd96f68-n6sx5:cc-nginx-67cd96f68-n6sx5
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-requestid
a260335a-760f-4e82-ba12-bb761dd9630f
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xt0nxl%2BGIxmrD8x2ttvn3fjQ6wOU86CcNe6Bc%2Bh6GG1DPu%2FKeD7vRCVI6F96XvYVh9l8JHE%2BA7CCitv1LqWPhB%2B6etaiQaQTc2W0y3IJ8TsIlvhQJCtf528%2Bz0gi540oO2b1rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://a.usbrowserspeed.com/cs?pid=lc2&puid=57c98278-6212-5599-b09a-9acc1071f917
cf-ray
87f81802bebb36aa-YYZ
collect
www.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-S6XTBZ5V47&gtm=45je4510v880543691z8811010754za200&_p=1714989315772&gcd=13l3l3l3l1&npa=0&dma=0&cid=1101003776.1714989316&ul=en-ca&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1714989316&sct=1&seg=0&dl=https%3A%2F%2Fmosaic2.jerkmate.com%2F%3Ftransaction_id%3D102f7c576c04a33efbc52c3dccb49b%253A8699%26aff_id%3D593%26source%3D%26bg%3D171%26intro%3D0%26ov%3Dhide%26imgfrm%3D59%26xid%3Djm-hpf-8699-gay-jmlcom%26landing_id%3D32384%26textset%3Dgay%26bo%3D2779%252C2778%252C2777%252C2776%252C2775&dt=Jerkmate%20%7C%20Never%20jerk%20off%20alone%20again&en=page_view&_fv=1&_nsi=1&_ss=1&up.transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&up.aff_id=593&up.aff_sub=&up.aff_sub2=&up.aff_sub3=&up.aff_sub4=&up.aff_sub5=&up.offer_id=5643&up.url_id=25959&up.bg=171&up.intro=0&up.promocode=&up.imgfrm=59&up.landing_id=32384&up.param_textset=gay&up.param_source=&tfd=1275
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S6XTBZ5V47&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 06 May 2024 09:55:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mosaic2.jerkmate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mosaic2.jerkmate.com.json
script.crazyegg.com/pages/data-scripts/0116/2536/site/ 		28 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0116/2536/site/mosaic2.jerkmate.com.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/2536.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6fe4739a2416496b941eb3f6504f69f916188ecd92e7efa68faab0a716404e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
9093
ce-version
11.5.202
content-length
3908
last-modified
Mon, 06 May 2024 07:23:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87f817fc3f7faab0-YYZ
rt
ads.trafficjunky.net/ 		35 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.trafficjunky.net/rt?action=list&type=add&id=0&context=www.jerkmate.com&cookiename=Jerkmate-Slut2&maxcookiecount=525600
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.154 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
openresty /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://mosaic2.jerkmate.com/
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 06 May 2024 09:55:16 GMT
server
openresty
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET,POST
p3p
CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
35
expires
Sun, 22 Jan 1984 03:00:00 GMT
rules-p-jsYst-Cd4uWwY.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-jsYst-Cd4uWwY.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.151.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-151-56.iad66.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1dc87506c37ec064801b8854f90c49c41ceb92393b0384e4ef6d80751ae10e23

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:24:21 GMT
content-encoding
gzip
via
1.1 de76d1656e59021109584b73dc63d3aa.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD66-C2
age
1856
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 14 Oct 2022 00:29:49 GMT
server
AmazonS3
etag
W/"b72059cf34592ef9e449769014eb91e6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
I2Gtkqskf7uqsL0OtXBTsa-Z5Yef4763ik66x68O2snWtp6s_CoVZQ==
6735f9594d6bb8a4f1fe56c6b3e21cf5.js
script.crazyegg.com/pages/versioned/common-scripts/ 		94 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/2536.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d69e3303757e223cc0fd92ec05e7f0eb6ca17c61c857cf273f19d181ad2afd47

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:16 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Apr 2024 08:41:12 GMT
server
cloudflare
age
485896
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87f817fc686aab33-YYZ
content-length
31374
pixel;r=804044485;labels=title.Jerkmate%20%7C%20Never%20jerk%20off%20alone%20again;source=gtm;rf=0;a=p-jsYst-Cd4uWwY;url=https%3A%2F%2Fmosaic2.jerkmate.com%2F%3Ftransaction_id%3D102f7c576c04a33efbc...
pixel.quantserve.com/ 		35 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=804044485;labels=title.Jerkmate%20%7C%20Never%20jerk%20off%20alone%20again;source=gtm;rf=0;a=p-jsYst-Cd4uWwY;url=https%3A%2F%2Fmosaic2.jerkmate.com%2F%3Ftransaction_id%3D102f7c576c04a33efbc52c3dccb49b%253A8699%26aff_id%3D593%26source%3D%26bg%3D171%26intro%3D0%26ov%3Dhide%26imgfrm%3D59%26xid%3Djm-hpf-8699-gay-jmlcom%26landing_id%3D32384%26textset%3Dgay%26bo%3D2779%252C2778%252C2777%252C2776%252C2775;uht=2;fpan=1;fpa=P0-1686886989-1714989316391;pbc=;ns=0;ce=1;qjs=1;qv=b70d35e8-20231208114759;cm=;gdpr=0;ref=;d=jerkmate.com;dst=1;et=1714989316541;tzo=420;ogl=site_name.jerkmate%252Ecom%2Ctitle.Jerkmate%20%7C%20Never%20jerk%20off%20alone%20again%2Cdescription.Watch%20Live%20Sex%20Cams%20with%20Hot%20Cam%20Girls%20for%20FREE%252E%20Sex%20chat%20with%20horny%20girls%252C%20guys%2Curl.https%3A%2F%2Fmosaic2%252Ejerkmate%252Ecom%2F%2Ctype.website;ses=f15c98d5-330b-4e11-9041-dd46fc077bd5;mdl=
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.184.67.143 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 06 May 2024 09:55:16 GMT
attribution-reporting-register-trigger
{"event_trigger_data":[{"filters":[{"label":["JbUQpNgloN2xi9gRRBqaUw=="],"pcode":["p-jsYst-Cd4uWwY"]}],"trigger_data":"1"}]}
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
mosaic2.jerkmate.com.json
script.crazyegg.com/pages/data-scripts/0116/2536/sampling/ 		158 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0116/2536/sampling/mosaic2.jerkmate.com.json?t=476385
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
538667d3b2996c8835a16bb5f050c98f68d2c7dadb6e045aa0fbb410b32b2199

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:16 GMT
content-encoding
gzip
cf-cache-status
HIT
age
9093
ce-version
11.5.202
content-length
148
last-modified
Mon, 06 May 2024 07:23:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87f817fccfe6aab0-YYZ
healthcheck
pagestates-tracking.crazyegg.com/ 		19 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagestates-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.98.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-98-104.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Jan 2024 01:50:31 GMT
via
1.1 e20259e84d7d881ed453b1f0e4f9a4c6.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4
age
10656286
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
9Vmf00_7cLtaa9NqrSOrQe_TkpYfiM-Zg046wFsBft4Zwu--OJ9YmQ==
healthcheck
assets-tracking.crazyegg.com/ 		19 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-tracking.crazyegg.com/healthcheck
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-28.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 17 Jul 2023 20:47:31 GMT
via
1.1 a3644f9cdea7a7e9efd1f62c9d972932.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
25362466
x-cache
Hit from cloudfront
content-length
19
last-modified
Fri, 08 Jul 2022 22:25:51 GMT
server
AmazonS3
etag
"d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age
31536000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
Y1tQBJlvqwtkgLjDgVRCoErUQYNH5z0aI5bnOFHvEH9NI73lw1L4jA==
2b33514b-ce1f-4642-8e46-d2b40af7f04b
https://mosaic2.jerkmate.com/ 		45 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mosaic2.jerkmate.com/2b33514b-ce1f-4642-8e46-d2b40af7f04b
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
45
Content-Type
text/javascript
clock
tracking.crazyegg.com/ 		39 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracking.crazyegg.com/clock?t=1714989316815&tk=94b71200664d396eb90ae28f0530c015&s=415170&p=%2F&u=1162536&v=0c005a0b375c05f458e97959b35ad79b61a9bd82&f=mosaic2.jerkmate.com&ul=https%3A%2F%2Fmosaic2.jerkmate.com%2F%3Ftransaction_id%3D102f7c576c04a33efbc52c3dccb49b%253A8699%26aff_id%3D593%26source%3D%26bg%3D171%26intro%3D0%26ov%3Dhide%26imgfrm%3D59%26xid%3Djm-hpf-8699-gay-jmlcom%26landing_id%3D32384%26textset%3Dgay%26bo%3D2779%252C2778%252C2777%252C2776%252C2775
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/6735f9594d6bb8a4f1fe56c6b3e21cf5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.220.54.224 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-220-54-224.us-east-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
bb34a200946066cdc34098fdb9b64cc1190dba05cfeb71fda7d337a8782839d0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 06 May 2024 09:55:16 GMT
cache-control
no-store
server
awselb/2.0
content-length
39
content-type
text/plain
dda53996456118190a640875fa0663b1.js
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/dda53996456118190a640875fa0663b1.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/2536.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 30 Apr 2024 18:51:06 GMT
server
cloudflare
age
485896
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87f817ff5a6bab33-YYZ
content-length
8015
af508745-19c6-47d1-a1a7-72a926c63dea
https://mosaic2.jerkmate.com/ 		241 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://mosaic2.jerkmate.com/af508745-19c6-47d1-a1a7-72a926c63dea
Requested by
Host: mosaic2.jerkmate.com
URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d02633239369d04c8812eff65b6c3fad7d08525efd85d2451de2a4bac9f0cfb

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
241
Content-Type
text/javascript
3662e64da986368bbac2da241549a35b.js
script.crazyegg.com/pages/versioned/tracking-scripts/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/tracking-scripts/3662e64da986368bbac2da241549a35b.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0116/2536.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31fc7b35533d223ce9b8820fa8f3afe418a927272c5300f3a01129e40b959365

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:17 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 28 Mar 2024 14:28:46 GMT
server
cloudflare
age
485896
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87f817ffaa97ab33-YYZ
content-length
30716
favicon.ico
mosaic2.jerkmate.com/ 		4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mosaic2.jerkmate.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.213.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-213-11.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8fc4edeb43a372f097f3b008a0f213e6dbda694c76f4b38007dc07a8cc40c131

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-arch
"x86"
sec-ch-ua-platform-version
"10.0.0"
Referer
https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
sec-ch-ua-full-version-list
"Chromium";v="124.0.6367.118", "Google Chrome";v="124.0.6367.118", "Not-A.Brand";v="99.0.0.0"
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 07:10:34 GMT
via
1.1 96785766955873d794428d65e568cb5c.cloudfront.net (CloudFront)
last-modified
Fri, 17 Mar 2023 20:57:48 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-P1
age
9948
etag
"89eaaa24093700f7d53aa4e4563c774f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/x-icon
content-length
4286
x-amz-cf-id
ukv554Lx8-62xuURlmje-m9ZKTG55QSYuSFOIH89khk9dQm0dbY5jg==
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8XR2C2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1490
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
87f81818f922aa9d-YYZ
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 09 May 2024 09:55:21 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2583
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
87f81819494baa9d-YYZ
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Thu, 09 May 2024 09:55:21 GMT
web
onesignal.com/api/v1/sync/2e182368-4a3e-4bef-85cd-3b7719929572/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/2e182368-4a3e-4bef-85cd-3b7719929572/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a287d3431b4b7afd660b98eb0736d2a5c0c7f40c2408e2fbea7235ece4774a3a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:21 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
3320
cf-polished
origSize=5106
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
9c68595b-7679-4093-95fe-99b4996c6594
x-runtime
0.030804
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"ff7117ab3552b0b76bcca580774eeec4"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
87f81819f99baa9d-YYZ
access-control-allow-headers
SDK-Version
expires
Mon, 06 May 2024 10:55:21 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1863
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
87f8181ddbaaaa9d-YYZ
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Wed, 05 Jun 2024 09:55:21 GMT
icon
onesignal.com/api/v1/apps/2e182368-4a3e-4bef-85cd-3b7719929572/ 		184 B
760 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/2e182368-4a3e-4bef-85cd-3b7719929572/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.160.145 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
f3d2b20ffef90edaa93024f13a3aa614bfb5f4ede09419d85694102ccd0f1a61
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 06 May 2024 09:55:22 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
5260462a-4ccf-45ec-9d48-3c4120e48380
x-runtime
0.017480
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"f3d2b20ffef90edaa93024f13a3aa614"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
87f8181e5a6b36ab-YYZ
access-control-allow-headers
SDK-Version
891ec067-1799-44a1-9504-028e322b8f99
img.onesignal.com/permanent/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/891ec067-1799-44a1-9504-028e322b8f99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.111.223 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
668a3f334598ede47ce497840321fc1027071535fdeb65c3a42e69b5db4d5667
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://mosaic2.jerkmate.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Mon, 06 May 2024 09:55:22 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
HIT
age
2576
x-guploader-uploadid
ABPtcPqHq1tDqYPBwqH0dd3mYye8oLtPwWvuCHHTX_d_QnMqu7lgGqd5lpqQt0Zcsgky6Px44HLFf_eIYg
x-goog-meta-x-goog-source-etag
"1973db000a89f2b2f8ff5d009284dcc0"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
9220
pragma
no-cache
last-modified
Tue, 14 Feb 2023 03:39:20 GMT
server
cloudflare
etag
"-CNP+96uLlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676345960431443
content-type
application/octet-stream
x-goog-hash
crc32c=RUx0GA==, md5=GXPbAAqJ8rL4/10AkoTcwA==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
9220
accept-ranges
bytes
cf-ray
87f8181f5c75aa9d-YYZ
expires
Thu, 06 Jun 2024 09:55:22 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer function| submitForm function| submitEmail object| sessionWidget function| sessionWidgetLoadedCorrectly function| sessionWidgetNotLoadedCorrectly object| google_tag_manager object| google_tag_data object| _qevents object| _mpevt string| _conv_customer_id string| _conv_custom_v1 string| _conv_custom_v2 object| gaGlobal boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL function| mpAnalytics function| EtappTracker object| convert function| quantserve function| __qc object| ezt object| _qoptions string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| CE_API

27 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CgA
t.acam-2.com/ Name: aff_ran_url_8865
Value: 33285
t.acam-2.com/ Name: enc_aff_session_8865
Value: ENC03ab0300f45bc51d17cfab81bc3e521a2639acb1ea9aa7af877748c606d55aaf96f473eb783c98148cd6b56928849a54cca8da86bf4319195b8da0df4ed2b2e81b09640bc2805d93d3179bf48ef19876aa31f24acc8fb51385d21a00f9623be931c54cb829791e1c9e63573d70827fad0687e8cdafce025a3408d403722b1361ecba2f800ef9ed51dcc82f3d2041534f5a59dbe93b1d21b3498077decb562e277813e6c550
t.acam-2.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMjQiLCJtb2JpbGVfY2FycmllciI6Ij8iLCJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IFg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgTGlrZSBHZWNrbykgQ2hyb21lLzEyNC4wLjAuMCBTYWZhcmkvNTM3LjM2IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
t.acam-2.com/ Name: aff_ran_url_8699
Value: 32384
t.acam-2.com/ Name: enc_aff_session_8699
Value: ENC031a24b979ea5b2ea0a609f100a54db182f70312219020631d79f430810356fda237879456d3698a76edd93cd4cd7a5ee41df8ca17579dbd7deed7e37c42b04325c98aa42c66cddb96daaa4051ee87d30bdb002ed0c502582b19ce8796b8dcdf28236c1795598d4bc9bfa7bf3b3ec61cdc03adadd85a1e87b73d2a6ebcff4e250adb1543b6e6e43e3f3eff16b9475626f3b3248cba2df07d35b7564f308b9497db0b7c11df
.jerkmate.com/ Name: _gcl_au
Value: 1.1.906873298.1714989316
.jerkmate.com/ Name: _ga_S6XTBZ5V47
Value: GS1.1.1714989316.1.0.1714989316.0.0.0
.jerkmate.com/ Name: _ga
Value: GA1.1.1101003776.1714989316
.adkernel.com/ Name: ADKUID
Value: A3357333024399726935
.jerkmate.com/ Name: mp_u
Value: 1482384203.2751712328.1714989316.1714989316.1714989316.1714989316.1
tsyndicate.com/ Name: ccid-XIV5qGp4phAwU8njKOOxrSZrBUQOqc2c
Value: A658844344641588705
tsyndicate.com/ Name: ccid-9UgQn1seYcRqz7WjaV4ufu8Hwoz4fbnf
Value: A3357333024399726935
.afkwa.com/ Name: ADK_DP_7
Value: 1
.afkwa.com/ Name: ADKUID
Value: A3357333024399726935
.quantserve.com/ Name: mc
Value: 6638a904-91f63-36b79-0a059
.jerkmate.com/ Name: _ce.irv
Value: new
.jerkmate.com/ Name: cebs
Value: 1
.jerkmate.com/ Name: __qca
Value: P0-1686886989-1714989316391
.jerkmate.com/ Name: _ce.clock_event
Value: 1
.jerkmate.com/ Name: _ce.clock_data
Value: 35%2C149.88.16.235%2C1%2Ca16ddaab909d2cf27fce353f26dd2ff2
.jerkmate.com/ Name: cebsp_
Value: 1
.jerkmate.com/ Name: _ce.s
Value: v~0c005a0b375c05f458e97959b35ad79b61a9bd82~lcw~1714989317004~lva~1714989316654~vpv~0~v11.cs~415170~v11.s~bdd725b0-0b8e-11ef-b0ab-33f21fc048b5~lcw~1714989317005
.a.usbrowserspeed.com/ Name: tuid
Value: 5d81b86a-faf4-4f5c-947c-9e6a77e542ab
a.remarketstats.com/ Name: _ccpx_u
Value: 11418bd5%2dc461%2d4c89%2daff8%2d689d1ceb718a
.liadm.com/ Name: lidid
Value: 2b6dfe44-7020-4d9f-bc69-2c6e0db8b428
a.clickcertain.com/ Name: _ccpx_u
Value: 11418bd5%2dc461%2d4c89%2daff8%2d689d1ceb718a

24 Console Messages

Source Level URL
Text
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
The keyword 'push-button' used on the 'appearance' property was deprecated and has now been removed. It will no longer have any effect.
other warning URL: https://mosaic2.jerkmate.com/?transaction_id=102f7c576c04a33efbc52c3dccb49b%3A8699&aff_id=593&source=&bg=171&intro=0&ov=hide&imgfrm=59&xid=jm-hpf-8699-gay-jmlcom&landing_id=32384&textset=gay&bo=2779%2C2778%2C2777%2C2776%2C2775
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clickcertain.com
a.remarketstats.com
a.usbrowserspeed.com
ads.trafficjunky.net
assets-tracking.crazyegg.com
cdn-4.convertexperiments.com
cdn.onesignal.com
dsp.adkernel.com
fonts.googleapis.com
gateway.jerkmate.com
i.liadm.com
img.onesignal.com
mosaic2.jerkmate.com
onesignal.com
pagestates-tracking.crazyegg.com
pixel.quantserve.com
rtb2-useast.afkwa.com
rules.quantcount.com
script.crazyegg.com
secure.quantserve.com
static.trafficjunky.com
sync.adkernel.com
t.acam-2.com
tracking.crazyegg.com
tsyndicate.com
www.google-analytics.com
www.googletagmanager.com
www.mikex.garstoutnu.com
104.108.101.154
104.16.160.145
104.17.111.223
104.19.147.8
104.26.9.50
13.32.151.56
142.251.111.97
149.56.221.90
172.253.115.95
172.67.69.73
174.137.133.32
174.137.133.49
18.165.98.104
18.220.54.224
18.67.76.52
192.184.67.143
213.174.157.105
216.239.32.178
3.161.213.11
3.161.213.66
3.162.3.28
54.208.206.211
54.213.71.210
64.88.254.162
66.254.114.154
07de9d094f303b179c4b69b2fe014cb55a44c90cc90fa209a85e77d0becc69be
1dc87506c37ec064801b8854f90c49c41ceb92393b0384e4ef6d80751ae10e23
1e37b616b4dfba2c95070068b1f9811becb1f042c5eb0199ed38dcfd1f0960cb
299add7898b03a7d2d48f85d538f9cc96c4de26250b2e93d40bac9838f915449
31fc7b35533d223ce9b8820fa8f3afe418a927272c5300f3a01129e40b959365
346b3833037d4e86d3550777bff38014df6db67f0f0daa3839352d59c8d18720
4085560d671ee7d2553f5bc4b0343c23f49fd587b0591c000ecab3b399a6308d
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb
45a4c240a17a4d5f925ef0e125b86d882c6ad7549028d9cbf6f4f06fd1dd897d
4b6fe4739a2416496b941eb3f6504f69f916188ecd92e7efa68faab0a716404e
4e80b3357f16f95b3f565d764f6fd207cfb5b1403b463c29b9a1d14f3e593a17
538667d3b2996c8835a16bb5f050c98f68d2c7dadb6e045aa0fbb410b32b2199
668a3f334598ede47ce497840321fc1027071535fdeb65c3a42e69b5db4d5667
7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30
7d02633239369d04c8812eff65b6c3fad7d08525efd85d2451de2a4bac9f0cfb
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
8fc4edeb43a372f097f3b008a0f213e6dbda694c76f4b38007dc07a8cc40c131
9992412bb27e6f7246168320dd4efece61b87f8cdc3cb10bb568c5f5ebc4afa7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a287d3431b4b7afd660b98eb0736d2a5c0c7f40c2408e2fbea7235ece4774a3a
ae7673e0e9fccf11268d6730010989c7747f6279531489cfbff2b1007532bf12
bb34a200946066cdc34098fdb9b64cc1190dba05cfeb71fda7d337a8782839d0
c0b418148076b3e8cfdae771ed19d95a5c31b73654e0b3b47d36557e8a649d84
c97bd2f243bb66d54288af597bc39a71e7d5fa3b359dd303fcba8dde80f7ccee
d69e3303757e223cc0fd92ec05e7f0eb6ca17c61c857cf273f19d181ad2afd47
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ef58223d0f6f618374b0e3f99d3b96c39e887c2217bfab4e62c1a126a944b7ca
effc56285517bc2d36ebde0585b286d0f9889b59c8a2c19aa2d1773ac1853204
f3d2b20ffef90edaa93024f13a3aa614bfb5f4ede09419d85694102ccd0f1a61
fc5e16fac006ede6734eeec64317886bef58e46cc7f4c7137e0bcc27164881dc