link1s.com/DsSz
151.139.128.10301 Moved Permanently 0 B IP 151.139.128.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /DsSz HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 11 Mar 2023 22:34:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Location: https://link1s.com/DsSz
X-HW: 1678574093.cds254.sk1.h2,1678574093.cds209.sk1.c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9ce33c47154f4826255fe9bbe54d72be
e10a363c007a6d15ed43eb35b4e5c246d85c5eed
cf423db1a8ad1dce1b5c25f6025d14411b4a46e95a6001288949f046e244bc24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF423DB1A8AD1DCE1B5C25F6025D14411B4A46E95A6001288949F046E244BC24"
Last-Modified: Fri, 10 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10464
Expires: Sun, 12 Mar 2023 01:29:17 GMT
Date: Sat, 11 Mar 2023 22:34:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 99824e6e553dd5649b1d199589a6dab2
00b2c24f6ef22620045c3b2ef7a63ea9ac8cc0a2
3a4695284040436fd256023da7d39bab8b16f8a2d4f7105c0f995f610dcab2d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A4695284040436FD256023DA7D39BAB8B16F8A2D4F7105C0F995F610DCAB2D2"
Last-Modified: Thu, 09 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17164
Expires: Sun, 12 Mar 2023 03:20:57 GMT
Date: Sat, 11 Mar 2023 22:34:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 11 Mar 2023 22:09:09 GMT
content-type: application/json
age: 1544
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1a564ae484daef6a82bb08116ad794eb
f75350abf28a42c16324901035889a1f3af700a1
225214187df3f50835a8aafcc4555fe47cf0b78938b71d34fb422942292b153b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "225214187DF3F50835A8AAFCC4555FE47CF0B78938B71D34FB422942292B153B"
Last-Modified: Fri, 10 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4484
Expires: Sat, 11 Mar 2023 23:49:37 GMT
Date: Sat, 11 Mar 2023 22:34:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: R53kTV3gYL62ItlU68DFPzWb9y9JWUs6QgRlSFT9e7pjhc9RM+pmvsqCTgcRQvsYemxiB375lAE=
x-amz-request-id: 8HF68EW2WXRDH028
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 11 Mar 2023 21:45:42 GMT
age: 2951
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:53 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
151.139.128.10200 OK 40 kB URL HTTP/2 link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
IP 151.139.128.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3796b62bdd0e516cfa7d3e75abd21b15
3a35fdc27fb351a15f9c35e56671405b770b0e48
3d3ba2547ac834abc8a61fffb0b8bbd7582e058d7fbb61b6e1465b5766d591b6
GET /cloud_theme/build/css/styles.min.css?ver=6.4.0 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/DsSz
Cookie: SPSI=a31d0b256b055b85d4371c5aa2ed878e; SPSE=Q4JJKt+/VEUPROgzuDOAWvhbt6O3+80B7AeXi9xMaz6V5D1irkoQocELK35L4HvbShGhXbPpojFQQZbAHgzA1A==; spcsrf=0aacabb317d6871cd7a885917887415f; UTGv2=D-h4dff5e0e4de05f25aae007f3abee587ed48; lang=en_US; AppSession=9p9pbkdnf273e3dt32lfq9ss7n; csrfToken=e5e27b792e9393f534d085e0560ee6854059d557b28d228d59b3783d837d62848975e1dc56c0096d8e1bc3f83eff331c25d5afb731c05f35a55173d3c7585093; sp_lit=8Z2+aCN3mR3wPoOFOuZLAw==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:53 GMT
content-encoding: gzip
content-length: 40374
content-type: text/css
last-modified: Wed, 23 Jun 2021 02:58:02 GMT
accept-ranges: bytes
etag: W/"60d2a33a-2fa30"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1678574093.cds253.sk1.hn,1678574093.cds249.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/logo1s.png
151.139.128.10200 OK 30 kB IP 151.139.128.10:0
File type PNG image data, 247 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash aa55ddb783a9ed3a7530dd55d848ee64
e2437805b86dc3858bea3c80567447ece8b96ec4
a1e2b0dcdc48527c85aa69b5f00854c11cb4b4554544098f2473119428c38017
GET /logo1s.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/DsSz
Cookie: SPSI=a31d0b256b055b85d4371c5aa2ed878e; SPSE=Q4JJKt+/VEUPROgzuDOAWvhbt6O3+80B7AeXi9xMaz6V5D1irkoQocELK35L4HvbShGhXbPpojFQQZbAHgzA1A==; spcsrf=0aacabb317d6871cd7a885917887415f; UTGv2=D-h4dff5e0e4de05f25aae007f3abee587ed48; lang=en_US; AppSession=9p9pbkdnf273e3dt32lfq9ss7n; csrfToken=e5e27b792e9393f534d085e0560ee6854059d557b28d228d59b3783d837d62848975e1dc56c0096d8e1bc3f83eff331c25d5afb731c05f35a55173d3c7585093; sp_lit=8Z2+aCN3mR3wPoOFOuZLAw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:53 GMT
content-length: 30338
content-type: image/png
last-modified: Sun, 28 Feb 2021 03:13:41 GMT
accept-ranges: bytes
etag: "603b0a65-7682"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1678574093.cds253.sk1.hn,1678574093.cds069.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/js/ads.js
151.139.128.10200 OK 160 B IP 151.139.128.10:0
File type ASCII text, with no line terminators
Hash b12346c7343419a37f34307fbabe7b6d
966c50b7c0472e1459b0a42f85de2072bff58dfe
5af21e03acb972cce4f742a0a10357878a449e8ec9fcebf6a208d1e452e97ca7
GET /js/ads.js HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/DsSz
Cookie: SPSI=a31d0b256b055b85d4371c5aa2ed878e; SPSE=Q4JJKt+/VEUPROgzuDOAWvhbt6O3+80B7AeXi9xMaz6V5D1irkoQocELK35L4HvbShGhXbPpojFQQZbAHgzA1A==; spcsrf=0aacabb317d6871cd7a885917887415f; UTGv2=D-h4dff5e0e4de05f25aae007f3abee587ed48; lang=en_US; AppSession=9p9pbkdnf273e3dt32lfq9ss7n; csrfToken=e5e27b792e9393f534d085e0560ee6854059d557b28d228d59b3783d837d62848975e1dc56c0096d8e1bc3f83eff331c25d5afb731c05f35a55173d3c7585093; sp_lit=8Z2+aCN3mR3wPoOFOuZLAw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:53 GMT
content-encoding: gzip
content-length: 160
content-type: application/javascript; charset=utf-8
last-modified: Tue, 03 Sep 2019 13:24:48 GMT
accept-ranges: bytes
etag: "5d6e69a0-bf"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1678574093.cds253.sk1.hn,1678574093.cds210.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/js/script.min.js?ver=6.4.0
151.139.128.10200 OK 69 kB URL HTTP/2 link1s.com/cloud_theme/build/js/script.min.js?ver=6.4.0
IP 151.139.128.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 361f27dfe223957b3cd90c42a4b006b8
7a6fb972982ba9945610500c567d0baf27573c0c
a41b7e569b2251ebc720aee925901d970874795d9f918fe6a3ee6cb0da8907bf
GET /cloud_theme/build/js/script.min.js?ver=6.4.0 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/DsSz
Cookie: SPSI=a31d0b256b055b85d4371c5aa2ed878e; SPSE=Q4JJKt+/VEUPROgzuDOAWvhbt6O3+80B7AeXi9xMaz6V5D1irkoQocELK35L4HvbShGhXbPpojFQQZbAHgzA1A==; spcsrf=0aacabb317d6871cd7a885917887415f; UTGv2=D-h4dff5e0e4de05f25aae007f3abee587ed48; lang=en_US; AppSession=9p9pbkdnf273e3dt32lfq9ss7n; csrfToken=e5e27b792e9393f534d085e0560ee6854059d557b28d228d59b3783d837d62848975e1dc56c0096d8e1bc3f83eff331c25d5afb731c05f35a55173d3c7585093; sp_lit=8Z2+aCN3mR3wPoOFOuZLAw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:53 GMT
content-encoding: gzip
content-length: 69405
content-type: application/javascript; charset=utf-8
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: W/"5d6e69a2-32956"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1678574093.cds253.sk1.hn,1678574093.cds227.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.mediafire.com/images/filetype/download/zip.jpg
104.16.53.48200 OK 17 kB URL HTTP/2 static.mediafire.com/images/filetype/download/zip.jpg
IP 104.16.53.48:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x250, components 3\012- data
Hash e7264350b903e1b556a0e57c22ad4860
07cbb6514befbe81232f6793d6290156ac774030
04eca9b6d8a3935f49494c9d30749fdfbd81ad69bb66c1c279dd5ce2e9595c94
GET /images/filetype/download/zip.jpg HTTP/1.1
Host: static.mediafire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:53 GMT
content-type: image/jpeg
content-length: 17150
access-control-allow-origin: *
cache-control: max-age=2592000
cf-bgj: h2pri
etag: "62deda56-42fe"
expires: Mon, 10 Apr 2023 19:16:54 GMT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
cf-cache-status: HIT
age: 3781
accept-ranges: bytes
set-cookie: __cf_bm=jqlP7YxyIQbBz2V1fTsH1H1PCBv3YZt9J8zDCDdYoa4-1678574093-0-AWzSlXDKPsfTjsmVfq/Zolw75U/9DN6TkVLq/NYz8XvAJN/WlbryxPBLLL2OYnooqIfVWrd8+qgzs+pcn86vM3M=; path=/; expires=Sat, 11-Mar-23 23:04:53 GMT; domain=.mediafire.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a674475fe2a069b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3c5612c5131d59819b60bcd3123fbe1e
86f82bfa3a20987ac256d2efd06dc95c0df285e8
00fc14cc05fb85329d10ee97f1c959244f274c67d56a37f4eb8006acd0e867bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash f400ce71f7bcba5802fd1f9382ea6645
0abb4a603c84d51aa6825854717b99d7f4e7fe17
1f694fda1949c4f68e042dec8b3e688c97473e805668b206574954ed1439450a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9350a4cec393bc0af184305326533b0f
39b0bd31178efb971497fd8c8001ad18779bfec4
5e0136b38ab7e98cc4649bf804e751e9e8c8f819f1aa98cd848ca7e43d157b59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E0136B38AB7E98CC4649BF804E751E9E8C8F819F1AA98CD848CA7E43D157B59"
Last-Modified: Thu, 09 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6243
Expires: Sun, 12 Mar 2023 00:18:56 GMT
Date: Sat, 11 Mar 2023 22:34:53 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-129758818-7
142.250.74.40200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-129758818-7
IP 142.250.74.40:0
File type ASCII text, with very long lines (2206)
Hash 5151b2d1113219c33785ef34faa94c17
ada27f75cad15d7de3a69c4cc54c3b6b3492fb8c
08a6658cc9b512ef2827fa09caaed97c52b419a344135463b569eb4e38dfe2fd
GET /gtag/js?id=UA-129758818-7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 11 Mar 2023 22:34:53 GMT
expires: Sat, 11 Mar 2023 22:34:53 GMT
cache-control: private, max-age=900
last-modified: Sat, 11 Mar 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44819
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3c5612c5131d59819b60bcd3123fbe1e
86f82bfa3a20987ac256d2efd06dc95c0df285e8
00fc14cc05fb85329d10ee97f1c959244f274c67d56a37f4eb8006acd0e867bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.themoneytizer.com/s/gen.js?type=5
185.76.9.14200 OK 2.8 kB URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=5
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
Hash 7fca1254c42800253d5c21bbe6014c5e
3d1c57883bdf76d80adbfd9ae1d97693c5d0e1b0
56dfaaab935077bf9ad8c297f6ae3f31520fa739bcfe7c1595706053f09a9f0f
GET /s/gen.js?type=5 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
x-accel-expires: @1679029845
server: CDN77-Turbo
x-77-nzt: AblMCQ3EC5P/OEYCAA
x-77-nzt-ray: c0a4cc28966e24c60d020d64eb5cf831
x-cache: HIT
x-age: 149048
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.buypass.com/
23.36.76.129200 OK 1.7 kB IP 23.36.76.129:0
ASN #20940 Akamai International B.V.
Hash 96bfe5fc88c8c199132449bb814f213d
eaedc85a471c48f88540711998f3699d4aa31935
7b6230a49ac3695a86d3012e769b00d02222c437bf5a758eae48dd3a0073a0b4
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: 51245b8e-791d-4f59-a474-fad58454cc9c
Content-Length: 1701
Date: Sat, 11 Mar 2023 22:34:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 06dab1769162306a31e0b0322d07cbbf
0269a4049ce6babc8938cf7f69b9fae980162422
e063ab04702d2a78a6fa114c5ea6415f41f7810c189257f052716a4650051f0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E063AB04702D2A78A6FA114C5EA6415F41F7810C189257F052716A4650051F0B"
Last-Modified: Thu, 09 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6522
Expires: Sun, 12 Mar 2023 00:23:35 GMT
Date: Sat, 11 Mar 2023 22:34:53 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 281 B IP 104.18.32.68:0
Hash 8cc58fe02f2e931f112f406b91fd0d29
2e339379175d5f6b348806066ed60407483c3a3b
00d107efe456878d913f04b037a52fb6075fdb1387a3a9493959e716e8d4a417
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 11 Mar 2023 22:34:54 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Sat, 11 Mar 2023 00:29:43 GMT
Expires: Sat, 18 Mar 2023 00:29:42 GMT
Etag: "2e339379175d5f6b348806066ed60407483c3a3b"
Cache-Control: max-age=524688,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a6744768ab2b4eb-OSL
lv.adocean.pl/files/js/aomini.js
51.75.47.150200 OK 2.9 kB URL HTTP/2 lv.adocean.pl/files/js/aomini.js
IP 51.75.47.150:0
File type ASCII text, with very long lines (8143), with no line terminators
Hash 6d88292b5d2dc0e179308c005788cae3
4e336e2025f315c756c30639053858c47ebc1a0c
e6a1a749eb63c4673374fbcd495adc1220207c8a102724a5115d4a5b614109a4
GET /files/js/aomini.js HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GAD
date: Sat, 11 Mar 2023 22:34:54 GMT
cache-control: public, must-revalidate, max-age=432000
last-modified: Thu, 02 Dec 2021 08:20:55 GMT
etag: "61A881E700001FCFAF20B624"
expires: Thu, 16 Mar 2023 22:34:54 GMT
accept-ranges: bytes
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 2905
content-encoding: gzip
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, ETag, Backoff, Expires, Alert, Pragma, Cache-Control, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 11 Mar 2023 22:06:46 GMT
age: 1688
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
lv.adocean.pl/_1678574094910/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
51.75.47.150301 Moved Permanently 0 B URL HTTP/2 lv.adocean.pl/_1678574094910/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
IP 51.75.47.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_1678574094910/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024 HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: GAD
date: Sat, 11 Mar 2023 22:34:54 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Fri, 10 Mar 2023 22:34:54 GMT
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: GAD=KlxC3MMGQMQGUuyBKPXsoGMUssGMXP8cFRySssX6Sssa; Domain=lv.adocean.pl; Path=/; SameSite=None; Secure; Expires=Tue, 09 Apr 2024 22:34:54 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1678574094910/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
content-length: 0
X-Firefox-Spdy: h2
lv.adocean.pl/__/_1678574094910/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
51.75.47.150200 OK 18 kB URL HTTP/2 lv.adocean.pl/__/_1678574094910/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
IP 51.75.47.150:0
File type ASCII text, with very long lines (53947)
Hash cc554f24c043b18f1eaa34e103c0030f
4f0d6203c7051ae7f538ee72daaf815d52d93139
d5ccc0eaff80f7b7543abe73a519c64d8e195a7e5e26a7936191d6b0451cf015
GET /__/_1678574094910/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024 HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GAD
date: Sat, 11 Mar 2023 22:34:54 GMT
pragma: no-cache
cache-control: no-cache, must-revalidate, max-age=0
expires: Fri, 10 Mar 2023 22:34:54 GMT
accept-ranges: none
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 17783
content-encoding: gzip
X-Firefox-Spdy: h2
upgulpinon.com/1?z=4506159
139.45.197.242200 OK 15 kB URL HTTP/2 upgulpinon.com/1?z=4506159
IP 139.45.197.242:0
Hash 49563e6d9a574caa2ef99c45d32bd615
a141b0521f082ab3f4eac9c8f64f4437859d3e22
746151da6a73766bf3602ca674c43c03954309f562351038d81ec5fca9165d8d
GET /1?z=4506159 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:53 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 584874f8f9b0be898f65ec0edaa0a9ab
access-control-expose-headers: X-Sc
x-sc: GJocgE00eS3ddGmbvsPVZ2eGmUCvGBTP2YkkNvZfcK35vQt64alyuCneGI9A9OKn75J3rD2Iiy-MqiwxQ8U4a2Jq1So=
set-cookie: scm=1; expires=Sun, 10 Mar 2024 22:34:53 GMT; secure; SameSite=None
OAID=29cd645101684d09953bd86aa5ab6570; expires=Sun, 10 Mar 2024 22:34:53 GMT; secure; SameSite=None
oaidts=1678574093; expires=Sun, 10 Mar 2024 22:34:53 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 282 B IP 104.18.32.68:0
Hash e215572a6616b8e0bc3daac3daaca717
2aa2067d6d2b51bc6aae61f6f2de0637c123a944
c03bbd0e6d89673adbec06d24ad91fea3621d4766a6ba2b73d39882dd9200589
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 11 Mar 2023 22:34:54 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Fri, 10 Mar 2023 06:32:38 GMT
Expires: Fri, 17 Mar 2023 06:32:37 GMT
Etag: "2aa2067d6d2b51bc6aae61f6f2de0637c123a944"
Cache-Control: max-age=460062,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a67447a4fc1b4eb-OSL
push.services.mozilla.com/
35.160.122.190101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.122.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: T2jbHpzRfx/SnoiypPcOIg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: r7RISYNkNHwBr9Ni/Q9tNpNFbZQ=
adlv.hit.gemius.pl/gdejs/xgde.js
54.38.193.68200 OK 20 kB URL HTTP/2 adlv.hit.gemius.pl/gdejs/xgde.js
IP 54.38.193.68:0
File type ASCII text, with very long lines (1202)
Hash ba0c31a88d186b9bf37f038600a30ce0
263bf7796d6c092a27c3af812b318487b9065ef2
200026d61c313f864938c246085a8e66a4146bc26f08b8d55aa0d1517b181bb5
GET /gdejs/xgde.js HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:54 GMT
expires: Sun, 12 Mar 2023 22:34:54 GMT
server: GHC
accept-ranges: none
cache-control: public, max-age=86400
last-modified: Mon, 30 Jan 2023 07:57:30 GMT
etag: "63D7786A0000E1021FE82885"
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 20061
content-encoding: gzip
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/img/header.jpg
151.139.128.10200 OK 32 kB URL HTTP/2 link1s.com/cloud_theme/build/img/header.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2020:06:15 13:00:39], baseline, precision 8, 1921x900, components 3\012- data
Hash cfb50952d88e992695dddecdc3cf3998
59ce92345516d98f1f688933e6aa3ce72c7226c9
fb6ea9089178b18c66e8110965f05a461c772ce16debb14c3e61d4bae3e6c3ca
GET /cloud_theme/build/img/header.jpg HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Cookie: SPSI=a31d0b256b055b85d4371c5aa2ed878e; SPSE=Q4JJKt+/VEUPROgzuDOAWvhbt6O3+80B7AeXi9xMaz6V5D1irkoQocELK35L4HvbShGhXbPpojFQQZbAHgzA1A==; spcsrf=0aacabb317d6871cd7a885917887415f; UTGv2=h4dff5e0e4de05f25aae007f3abee587ed48; lang=en_US; AppSession=9p9pbkdnf273e3dt32lfq9ss7n; csrfToken=e5e27b792e9393f534d085e0560ee6854059d557b28d228d59b3783d837d62848975e1dc56c0096d8e1bc3f83eff331c25d5afb731c05f35a55173d3c7585093; sp_lit=8Z2+aCN3mR3wPoOFOuZLAw==; PRLST=IG
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:54 GMT
content-length: 32352
content-type: image/jpeg
last-modified: Mon, 15 Jun 2020 06:00:41 GMT
accept-ranges: bytes
etag: "5ee70e89-7e60"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1678574094.cds253.sk1.hn,1678574094.cds069.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/fonts/fontawesome-webfont.woff2
151.139.128.10200 OK 77 kB URL HTTP/2 link1s.com/cloud_theme/build/fonts/fontawesome-webfont.woff2
IP 151.139.128.10:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /cloud_theme/build/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Cookie: SPSI=a31d0b256b055b85d4371c5aa2ed878e; SPSE=Q4JJKt+/VEUPROgzuDOAWvhbt6O3+80B7AeXi9xMaz6V5D1irkoQocELK35L4HvbShGhXbPpojFQQZbAHgzA1A==; spcsrf=0aacabb317d6871cd7a885917887415f; UTGv2=h4dff5e0e4de05f25aae007f3abee587ed48; lang=en_US; AppSession=9p9pbkdnf273e3dt32lfq9ss7n; csrfToken=e5e27b792e9393f534d085e0560ee6854059d557b28d228d59b3783d837d62848975e1dc56c0096d8e1bc3f83eff331c25d5afb731c05f35a55173d3c7585093; sp_lit=8Z2+aCN3mR3wPoOFOuZLAw==; PRLST=IG
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:54 GMT
content-length: 77160
content-type: font/woff2
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: "5d6e69a2-12d68"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1678574094.cds253.sk1.hn,1678574094.cds015.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c11248ad196c57fdf878000b4591a416
f86236c890bcceaf313e5021bf8ef6669688ea77
550e8187d0a76ef1d3127e200c20ab609ee72a44bc05c040bf178f4c8ec5eebc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c11248ad196c57fdf878000b4591a416
f86236c890bcceaf313e5021bf8ef6669688ea77
550e8187d0a76ef1d3127e200c20ab609ee72a44bc05c040bf178f4c8ec5eebc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link1s.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Mar 2023 04:29:09 GMT
expires: Wed, 06 Mar 2024 04:29:09 GMT
cache-control: public, max-age=31536000
age: 410745
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
link1s.com/sbbi/?sbbpg=utMedia&vii=ah341ddf0fb52e506eb40d5e50b58f52d54a3a7e10c057afa32aebde8e7588e7werdq4y8
151.139.128.10200 OK 22 kB URL HTTP/2 link1s.com/sbbi/?sbbpg=utMedia&vii=ah341ddf0fb52e506eb40d5e50b58f52d54a3a7e10c057afa32aebde8e7588e7werdq4y8
IP 151.139.128.10:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 93001d731cd07bcc161cdf85073df689
b8c848ed06b1f74c2aa6936c7bc7fc2734593edb
edebae81787e12ccfdd1d404438930da3e1554ae2a0277805f22eefab8a2a065
GET /sbbi/?sbbpg=utMedia&vii=ah341ddf0fb52e506eb40d5e50b58f52d54a3a7e10c057afa32aebde8e7588e7werdq4y8 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/DsSz
Cookie: SPSI=a31d0b256b055b85d4371c5aa2ed878e; SPSE=Q4JJKt+/VEUPROgzuDOAWvhbt6O3+80B7AeXi9xMaz6V5D1irkoQocELK35L4HvbShGhXbPpojFQQZbAHgzA1A==; spcsrf=0aacabb317d6871cd7a885917887415f; UTGv2=h4dff5e0e4de05f25aae007f3abee587ed48; lang=en_US; AppSession=9p9pbkdnf273e3dt32lfq9ss7n; csrfToken=e5e27b792e9393f534d085e0560ee6854059d557b28d228d59b3783d837d62848975e1dc56c0096d8e1bc3f83eff331c25d5afb731c05f35a55173d3c7585093; sp_lit=8Z2+aCN3mR3wPoOFOuZLAw==; PRLST=IG
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:54 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-type: image/gif
server: fbs
x-accel-expires: 0
x-hw: 1678574094.cds253.sk1.hn,1678574094.cds065.sk1.sc,1678574094.cdn2-wafbe03-arn1.stackpath.systems.-.i,1678574094.cds065.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link1s.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Mar 2023 10:25:03 GMT
expires: Mon, 04 Mar 2024 10:25:03 GMT
cache-control: public, max-age=31536000
age: 562191
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lv.adocean.pl/_1678574095610/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
51.75.47.150301 Moved Permanently 0 B URL HTTP/2 lv.adocean.pl/_1678574095610/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
IP 51.75.47.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_1678574095610/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024 HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: GAD
date: Sat, 11 Mar 2023 22:34:54 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Fri, 10 Mar 2023 22:34:54 GMT
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: GAD=KlSI3MMGQMQGPRqOZWGsoGMUssGMXP8cFRySssX6Sssa; Domain=lv.adocean.pl; Path=/; SameSite=None; Secure; Expires=Tue, 09 Apr 2024 22:34:54 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1678574095610/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash c11248ad196c57fdf878000b4591a416
f86236c890bcceaf313e5021bf8ef6669688ea77
550e8187d0a76ef1d3127e200c20ab609ee72a44bc05c040bf178f4c8ec5eebc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lv.adocean.pl/__/_1678574095610/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
51.75.47.150200 OK 18 kB URL HTTP/2 lv.adocean.pl/__/_1678574095610/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
IP 51.75.47.150:0
File type ASCII text, with very long lines (53995)
Hash a1b6e4ab4a6d1ff79b9f3318460eb1b8
74339fd5f6057c3025716e65743d62e25545e1e1
612aa4e2c08387fc3fbd5d3b76869c68faa862d646744cd189eeef6a3cb73287
GET /__/_1678574095610/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024 HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GAD
date: Sat, 11 Mar 2023 22:34:55 GMT
pragma: no-cache
cache-control: no-cache, must-revalidate, max-age=0
expires: Fri, 10 Mar 2023 22:34:55 GMT
accept-ranges: none
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 17785
content-encoding: gzip
X-Firefox-Spdy: h2
boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
104.22.0.93204 No Content 0 B URL HTTP/2 boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
IP 104.22.0.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d HTTP/1.1
Host: boot.pbstck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 11 Mar 2023 22:34:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a67447f3f29b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/img/footer.jpg
151.139.128.10200 OK 19 kB URL HTTP/2 link1s.com/cloud_theme/build/img/footer.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2020:06:15 13:02:54], baseline, precision 8, 1920x321, components 3\012- data
Hash 3fa1e91dd1aa28e99f307af4ed2105bd
43f48e0120f36b533465250967e8b225d797f485
4490d0650e3dfb1cbad3fff7bd9d56e557e3894956c4ba05900723803fab21ff
GET /cloud_theme/build/img/footer.jpg HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Cookie: SPSI=a31d0b256b055b85d4371c5aa2ed878e; SPSE=Q4JJKt+/VEUPROgzuDOAWvhbt6O3+80B7AeXi9xMaz6V5D1irkoQocELK35L4HvbShGhXbPpojFQQZbAHgzA1A==; spcsrf=0aacabb317d6871cd7a885917887415f; UTGv2=h4dff5e0e4de05f25aae007f3abee587ed48; lang=en_US; AppSession=9p9pbkdnf273e3dt32lfq9ss7n; csrfToken=e5e27b792e9393f534d085e0560ee6854059d557b28d228d59b3783d837d62848975e1dc56c0096d8e1bc3f83eff331c25d5afb731c05f35a55173d3c7585093; sp_lit=8Z2+aCN3mR3wPoOFOuZLAw==; PRLST=IG; adOtr=0d3ba51620b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
content-length: 18564
content-type: image/jpeg
last-modified: Mon, 15 Jun 2020 06:02:55 GMT
accept-ranges: bytes
etag: "5ee70f0f-4884"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1678574095.cds253.sk1.hn,1678574095.cds226.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
4hfchest5kdnfnut.com/solid.gif?z=1752377&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 4hfchest5kdnfnut.com/solid.gif?z=1752377&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
POST /solid.gif?z=1752377&abvar=0 HTTP/1.1
Host: 4hfchest5kdnfnut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
adlv.hit.gemius.pl/gdejs/xgde.html
54.38.193.68200 OK 215 B URL HTTP/2 adlv.hit.gemius.pl/gdejs/xgde.html
IP 54.38.193.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 55e60b35e679aae2decd8d7b37c2c310
cc934f43ee3d226c5f8f040e42343bfc26b26f01
72796c74c2c95fe9d62ecc1ea25b00b824c095fd955b5c67e82eb2dd0b50600f
GET /gdejs/xgde.html HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
expires: Sun, 12 Mar 2023 22:34:55 GMT
server: GHC
accept-ranges: none
cache-control: public, max-age=86400
last-modified: Fri, 18 Aug 2017 12:03:49 GMT
etag: "5996D7A50000012F9178E011"
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 215
content-encoding: gzip
X-Firefox-Spdy: h2
adlv.hit.gemius.pl/_1678574095528/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC;/inner=%7C;/extra=;
54.38.193.68301 Moved Permanently 0 B URL HTTP/2 adlv.hit.gemius.pl/_1678574095528/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC;/inner=%7C;/extra=;
IP 54.38.193.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /_1678574095528/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC;/inner=%7C;/extra=; HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 11 Mar 2023 22:34:55 GMT
expires: Fri, 10 Mar 2023 22:34:55 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlQxQMMGQMGGH68v8PFsoGMUssGMXP8cFRbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sat, 18 Mar 2023 22:34:55 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1678574095528/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC;/inner=%7C;/extra=;
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash 940f9191b3e3f4a85ac83749532b3218
9ae02e68d8ae3b265db839d9b6254dcd2b5c0a25
639afcebdd5d6606b2db51065adc9168a6f3d7f4cb1babde2f013366a6bb653e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2844
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:55 GMT
Last-Modified: Sat, 11 Mar 2023 21:47:31 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 313
yonhelioliskor.com/zone?pub=0&zone_id=4506167&is_mobile=false&domain=link1s.com&var=&ymid=&var_3=
139.45.197.251200 OK 911 B URL HTTP/2 yonhelioliskor.com/zone?pub=0&zone_id=4506167&is_mobile=false&domain=link1s.com&var=&ymid=&var_3=
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (910)
Hash 94ee2746c235f3e6eb76bd588a0f3b72
67dde700e2510093c70e1ee6780b23f7eb58ea52
3fe7b3935eb23f2af9015291e92efb0aff431979a783f5362047a974345dcb6c
GET /zone?pub=0&zone_id=4506167&is_mobile=false&domain=link1s.com&var=&ymid=&var_3= HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: application/json; charset=utf-8
content-length: 911
x-trace-id: 650ef6e50d3ad7fed1e9cd4f46b326c8
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678574096086
51.89.9.251204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678574096086
IP 51.89.9.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2a897e3f18e6769&cb=1678574096086 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b16274bff20aca8b9c82366288fc79bd
eba03f9b74b8f084247271fe33410d64a29174be
0d0c41f0985e9b094b17c9f8ce379dbabb1fbb07274113c2ceb51deb398f9573
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D0C41F0985E9B094B17C9F8CE379DBABB1FBB07274113C2CEB51DEB398F9573"
Last-Modified: Thu, 09 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5903
Expires: Sun, 12 Mar 2023 00:13:18 GMT
Date: Sat, 11 Mar 2023 22:34:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 16a1b1c4a9432e4ecc4acb338fc2a074
2aed3e56b9ff29d7ca640885334eac7ebaf50ca1
fa723dd7c78e2f779f62f10582a02032c1ea2a6bd995ff56be8259ec2fd79f1b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FA723DD7C78E2F779F62F10582A02032C1EA2A6BD995FF56BE8259EC2FD79F1B"
Last-Modified: Thu, 09 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11909
Expires: Sun, 12 Mar 2023 01:53:24 GMT
Date: Sat, 11 Mar 2023 22:34:55 GMT
Connection: keep-alive
ocsp.digicert.com/
192.229.221.95200 OK 280 B IP 192.229.221.95:0
Hash 757dbda74b11cc219422034edcd7ff7f
4f71a09ce6e27ee7e32ab533046e0316dd77b526
7154c09af60bcce844297a62f1eeb13de7e8098bc61bad455e35bfddeceba265
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5068
Cache-Control: max-age=91237
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:55 GMT
Etag: "640bafa8-118"
Expires: Sun, 12 Mar 2023 23:55:32 GMT
Last-Modified: Fri, 10 Mar 2023 22:31:04 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 280
upgulpinon.com/27/d6b5fedd5e91a087f5ebccbd91c30bb5
139.45.197.242200 OK 130 kB URL HTTP/2 upgulpinon.com/27/d6b5fedd5e91a087f5ebccbd91c30bb5
IP 139.45.197.242:0
Size 130 kB (130355 bytes)
Hash 7d47850bfa946ee23d2beb3ab6e3e44f
2b891e94de464cc2d5ce76a44ef1149f0784ff68
5c285fef9fc64fbf53a125f38ce0c01b89a3ddf1b94ee55599f1e92004dd1562
GET /27/d6b5fedd5e91a087f5ebccbd91c30bb5 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: scm=1; OAID=29cd645101684d09953bd86aa5ab6570; oaidts=1678574093
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Wed, 08 Mar 2023 09:33:38 GMT
expires: Wed, 07 Apr 2083 09:33:38 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
4hfchest5kdnfnut.com/get/1752377?zoneid=1752377&jp=_clnuebgzgxgc0cq43sh26r&nojs=0&ix=0&abvar=0&febuild=1.0.75&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1235906938845413
62.122.171.6200 OK 1.8 kB URL HTTP/2 4hfchest5kdnfnut.com/get/1752377?zoneid=1752377&jp=_clnuebgzgxgc0cq43sh26r&nojs=0&ix=0&abvar=0&febuild=1.0.75&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1235906938845413
IP 62.122.171.6:0
File type ASCII text, with very long lines (4161), with no line terminators
Hash 202d0bb912b9d89e79e04440b0888610
424f189e7f258b2cd2cb18b928de2949e0886420
6614336bfd5f300e6610916a58b518f11b30f01516eb11432cd893ba2cda0fb2
GET /get/1752377?zoneid=1752377&jp=_clnuebgzgxgc0cq43sh26r&nojs=0&ix=0&abvar=0&febuild=1.0.75&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=1235906938845413 HTTP/1.1
Host: 4hfchest5kdnfnut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=230311173446aaa9b18cdb44c39048070f08; Path=/; Expires=Sun, 10 Mar 2024 22:34:55 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 47fc9c16cdc71e7ede642ec9dea44bb5
22ca235d1df67acdfd1b10e0eb3bebad2ef40b79
bc4c8db1f9c14f072f075d832fad0307e65c46be8bbccbf1f0baa84c35a52895
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BC4C8DB1F9C14F072F075D832FAD0307E65C46BE8BBCCBF1F0BAA84C35A52895"
Last-Modified: Thu, 09 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15469
Expires: Sun, 12 Mar 2023 02:52:44 GMT
Date: Sat, 11 Mar 2023 22:34:55 GMT
Connection: keep-alive
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 5a11a860155ba046fd14c574ed14c336
ce79324c02dd1d402bbd47ff5c7683b2d57108df
a67c6976a365ac636c8ee75b3b144787cd9d3a5887f8c4f6da817da65208e962
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6547
Cache-Control: max-age=155720
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:55 GMT
Etag: "640ca5c4-1d7"
Expires: Mon, 13 Mar 2023 17:50:15 GMT
Last-Modified: Sat, 11 Mar 2023 16:01:08 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
id5-sync.com/g/v2/481.json
141.95.98.65200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 141.95.98.65:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 96f5ee64e21ce7ea6b4249dfff6981fa
4fe8065000f813a894570d9727dd808bcf20030b
b14753cabb2370b6bc7549fd7b05156b9e8e9aad33af4b447147985c8a3789a3
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 127
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 11 Mar 2023 22:34:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 5a11a860155ba046fd14c574ed14c336
ce79324c02dd1d402bbd47ff5c7683b2d57108df
a67c6976a365ac636c8ee75b3b144787cd9d3a5887f8c4f6da817da65208e962
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6547
Cache-Control: max-age=155720
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:55 GMT
Etag: "640ca5c4-1d7"
Expires: Mon, 13 Mar 2023 17:50:15 GMT
Last-Modified: Sat, 11 Mar 2023 16:01:08 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
185.76.9.14200 OK 191 kB URL HTTP/2 ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
Size 191 kB (190674 bytes)
Hash 4d7724d4c5e06c663bfac00cc830895d
25015a52dc1e2a03724c77739016858e8bd451ba
f5d658ccf482c0a5a8df109761b8336333e0954bf1b621993ec4e548473f09d4
GET /moneybid7_35/build/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 06 Feb 2023 22:21:08 GMT
expires: Sat, 11 Mar 2023 05:05:42 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1678597543
server: CDN77-Turbo
x-77-nzt: AblMCQ1sj/H/6PUAAA
x-77-nzt-ray: c0a4cc28966e24c60f020d64085cc213
x-cache: HIT
x-age: 62952
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
stpd.cloud/assets/postbid/stpd220112.js
104.18.31.49200 OK 147 kB URL HTTP/2 stpd.cloud/assets/postbid/stpd220112.js
IP 104.18.31.49:0
File type ASCII text, with very long lines (58930)
Size 147 kB (146578 bytes)
Hash d9cca5782c38f0b4a794af81147af7d8
9c67c11b7c9e5a96563d5f45ee5edd9a00fa0346
e36e189837986b5dcee726403aa722923f5faaf64f83d26942e427fed6777a1a
GET /assets/postbid/stpd220112.js HTTP/1.1
Host: stpd.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: application/javascript
content-md5: HjfY42wqSWw306GoqTYOLw==
last-modified: Thu, 09 Mar 2023 12:29:32 GMT
vary: Origin, Accept-Encoding
x-ms-request-id: 9a794d71-c01e-002c-3682-521338000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
age: 7002
expires: Sun, 12 Mar 2023 02:34:55 GMT
cache-control: public, max-age=14400
access-control-allow-origin: *
server: cloudflare
cf-ray: 7a67447f4f4fb4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=pbs-setupad&endpoint=eu HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 11 Mar 2023 22:34:55 GMT
Connection: keep-alive
Vary: Accept-Encoding
limurol.com/ssp/req/1752377/?pb=736bfa5533eef2ee016daacc0a4576591678581295&psp=h3OhPq1Thmi9Er-EQ5bzSn-2n6XLJFK-MQSM5xheQs3Qk13-BWatk7XuGYsRRHfjsKgw6G6XD0iq1UIadwP6BsUWBclQGKP4UHoPKLiPd-twHYrvfwk49Q6KszcrM_UxmOJOppByIAaSiPiyursfv8QXRaKjrDtS55edJCeJQBKeVoKObLO2nv6Q31Yxs6d84ksAvbnajDLIGEwu5jhSWli4Ip26RRaz_cd4yPkI_qIgCbrhuxT29Dk5Rt_fmk_3sy0-5WLqbFyie2IrqK_HHVAGjDAZep649yt6Mz3qcR0lM2s1z0663bVYSXuIdJjwj8gAo5QkHE_hN0_SAoNBTuXU0PDLXARVLpPbx7niGd9nk9T6kfUMFTG3WQbISvKpVzGvOzYf350f3g3d8MPog1Ctgueg-ehz2uiAAqN8TEiai0MK3hRLXnRVKoZfX9Cu4oPUGdXr_Uc5-T_BsiASxUNl41cJnhQXvhS3s2qiqf0bBHw1IigjVcJ-fPS52IaFHZP_vsovrsn_7kydw9piT907Z9v9hxgppwWCo-fj7RJeBIHXdXwBgoC2HLhCuTwEVSw8F5pbypA9FXK6-MBU7e97zYNpkY2rPE7RVgkCG9Ltcth3XtKwUDfyfPiEkcaP4-T-sgyfoB5AJzFtl4hDykvJZ7fMrPHFQ_NN1IlTE3fD7UQIwoQ1XTKMWflWD4yIhmuDulu5qgLM-lcrrWRJHfHvAA_hl9mGn6eWfV2GeFmsWluRUfKI56X6HXzS4IulIAcgW-HXiYXzcejDu4RsRJewWWv23i4TZo8oSGYFP0Xnmh-DDs7kqt5W1CgMjka4S7WQffymxC-Ya_6ioGY-uE6ADTqeejH9cknDttRT-iLkDl3tvdfx0EyAAejaHf4kKryzIAGnpyFLFIeZXEdKB9rYJ72xgjfgkDqc-c-wo6THntT5liTkchATxIYhFnReBFmYTqlvubBGAJtVdtHKHEnVu2hRS1r8fHbUY7_a6s0=&cb=_clrqhzip2kdte8pr5f6gfl&nojs=0&ix=0&abvar=0&febuild=1.0.75&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1752377/?pb=736bfa5533eef2ee016daacc0a4576591678581295&psp=h3OhPq1Thmi9Er-EQ5bzSn-2n6XLJFK-MQSM5xheQs3Qk13-BWatk7XuGYsRRHfjsKgw6G6XD0iq1UIadwP6BsUWBclQGKP4UHoPKLiPd-twHYrvfwk49Q6KszcrM_UxmOJOppByIAaSiPiyursfv8QXRaKjrDtS55edJCeJQBKeVoKObLO2nv6Q31Yxs6d84ksAvbnajDLIGEwu5jhSWli4Ip26RRaz_cd4yPkI_qIgCbrhuxT29Dk5Rt_fmk_3sy0-5WLqbFyie2IrqK_HHVAGjDAZep649yt6Mz3qcR0lM2s1z0663bVYSXuIdJjwj8gAo5QkHE_hN0_SAoNBTuXU0PDLXARVLpPbx7niGd9nk9T6kfUMFTG3WQbISvKpVzGvOzYf350f3g3d8MPog1Ctgueg-ehz2uiAAqN8TEiai0MK3hRLXnRVKoZfX9Cu4oPUGdXr_Uc5-T_BsiASxUNl41cJnhQXvhS3s2qiqf0bBHw1IigjVcJ-fPS52IaFHZP_vsovrsn_7kydw9piT907Z9v9hxgppwWCo-fj7RJeBIHXdXwBgoC2HLhCuTwEVSw8F5pbypA9FXK6-MBU7e97zYNpkY2rPE7RVgkCG9Ltcth3XtKwUDfyfPiEkcaP4-T-sgyfoB5AJzFtl4hDykvJZ7fMrPHFQ_NN1IlTE3fD7UQIwoQ1XTKMWflWD4yIhmuDulu5qgLM-lcrrWRJHfHvAA_hl9mGn6eWfV2GeFmsWluRUfKI56X6HXzS4IulIAcgW-HXiYXzcejDu4RsRJewWWv23i4TZo8oSGYFP0Xnmh-DDs7kqt5W1CgMjka4S7WQffymxC-Ya_6ioGY-uE6ADTqeejH9cknDttRT-iLkDl3tvdfx0EyAAejaHf4kKryzIAGnpyFLFIeZXEdKB9rYJ72xgjfgkDqc-c-wo6THntT5liTkchATxIYhFnReBFmYTqlvubBGAJtVdtHKHEnVu2hRS1r8fHbUY7_a6s0=&cb=_clrqhzip2kdte8pr5f6gfl&nojs=0&ix=0&abvar=0&febuild=1.0.75&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1752377/?pb=736bfa5533eef2ee016daacc0a4576591678581295&psp=h3OhPq1Thmi9Er-EQ5bzSn-2n6XLJFK-MQSM5xheQs3Qk13-BWatk7XuGYsRRHfjsKgw6G6XD0iq1UIadwP6BsUWBclQGKP4UHoPKLiPd-twHYrvfwk49Q6KszcrM_UxmOJOppByIAaSiPiyursfv8QXRaKjrDtS55edJCeJQBKeVoKObLO2nv6Q31Yxs6d84ksAvbnajDLIGEwu5jhSWli4Ip26RRaz_cd4yPkI_qIgCbrhuxT29Dk5Rt_fmk_3sy0-5WLqbFyie2IrqK_HHVAGjDAZep649yt6Mz3qcR0lM2s1z0663bVYSXuIdJjwj8gAo5QkHE_hN0_SAoNBTuXU0PDLXARVLpPbx7niGd9nk9T6kfUMFTG3WQbISvKpVzGvOzYf350f3g3d8MPog1Ctgueg-ehz2uiAAqN8TEiai0MK3hRLXnRVKoZfX9Cu4oPUGdXr_Uc5-T_BsiASxUNl41cJnhQXvhS3s2qiqf0bBHw1IigjVcJ-fPS52IaFHZP_vsovrsn_7kydw9piT907Z9v9hxgppwWCo-fj7RJeBIHXdXwBgoC2HLhCuTwEVSw8F5pbypA9FXK6-MBU7e97zYNpkY2rPE7RVgkCG9Ltcth3XtKwUDfyfPiEkcaP4-T-sgyfoB5AJzFtl4hDykvJZ7fMrPHFQ_NN1IlTE3fD7UQIwoQ1XTKMWflWD4yIhmuDulu5qgLM-lcrrWRJHfHvAA_hl9mGn6eWfV2GeFmsWluRUfKI56X6HXzS4IulIAcgW-HXiYXzcejDu4RsRJewWWv23i4TZo8oSGYFP0Xnmh-DDs7kqt5W1CgMjka4S7WQffymxC-Ya_6ioGY-uE6ADTqeejH9cknDttRT-iLkDl3tvdfx0EyAAejaHf4kKryzIAGnpyFLFIeZXEdKB9rYJ72xgjfgkDqc-c-wo6THntT5liTkchATxIYhFnReBFmYTqlvubBGAJtVdtHKHEnVu2hRS1r8fHbUY7_a6s0=&cb=_clrqhzip2kdte8pr5f6gfl&nojs=0&ix=0&abvar=0&febuild=1.0.75&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2303111734d10d8a02fd3a4d61a94b7cbc2f; Path=/; Expires=Sun, 10 Mar 2024 22:34:55 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
172.67.75.241200 OK 23 kB IP 172.67.75.241:0
File type ASCII text, with very long lines (65354)
Hash 532a99fc0eb7b2c50a6bb0e5238b8dbb
d84157eb7e55c39d52ba5dde6e5bd4666f596e71
e6fa5d38f82f6bebf5dba12f2e84db1383827936fe077374593c6285f94e784c
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 11 Mar 2023 22:34:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: LUZWsTkO7tndKHEUAypIYoYECZDqiFKRPqFYcwBmgsZi1o5jCuowifq3VKDNdpIpyW7MjsdBhRg=
x-amz-request-id: 0P2J7B52ZX2ZH1EQ
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1383519
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FyxmZyT47qq5PSwIEFRZWJtikPM%2FIAQhZNIozTp8D7z%2BUPW93qmYVnk%2FTQKQsxuJx4m9NUkXIb%2BzjDhlBamQskFc%2FLrFDzMxOMD0Pa2qID7a9usM1pQK2gc8S5fsx2%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a674481a8abb50f-OSL
Content-Encoding: br
boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
104.22.0.93200 OK 664 B URL HTTP/2 boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
IP 104.22.0.93:0
File type ASCII text, with very long lines (629)
Hash 54ebb646c6a638352c07b73b0fc653a8
976bf626e49291a6fbba3f4eef2d0baec0e45442
9c884916a0c8b4c45ea68ec8bdb5cd0ef424a76e5285544956f30ed9faab1dfc
GET /v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 HTTP/1.1
Host: boot.pbstck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a67447f3f2eb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
id5-sync.com/api/config/prebid
141.95.98.65200 134 B URL HTTP/1.1 id5-sync.com/api/config/prebid
IP 141.95.98.65:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99be75395b3c89cdd6781761e5a85ad2
225a8b587c3545be2581aa9ac2b630b51679d7be
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
POST /api/config/prebid HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 95
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 11 Mar 2023 22:34:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
adlv.hit.gemius.pl/__/_1678574095528/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC;/inner=%7C;/extra=;
54.38.193.68200 OK 2 B URL HTTP/2 adlv.hit.gemius.pl/__/_1678574095528/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC;/inner=%7C;/extra=;
IP 54.38.193.68:0
Hash e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
GET /__/_1678574095528/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC;/inner=%7C;/extra=; HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
expires: Fri, 10 Mar 2023 22:34:55 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlQYGMXGQMQGP1zlkPosoGMUssGMXP8cFRbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sat, 18 Mar 2023 22:34:55 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 2
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 6de910741b2246325c45f5e5b07aa462
f5f98c1471ce67569b12c1a35db585fb6a257e91
9f436d0b0492d791e3d1bb41282f32098618b48acc5955e54b85a36162fffd80
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 11 Mar 2023 22:34:55 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 08 Mar 2023 20:45:42 GMT
Expires: Wed, 15 Mar 2023 20:45:41 GMT
Etag: "f5f98c1471ce67569b12c1a35db585fb6a257e91"
Cache-Control: max-age=338445,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a674480dff8b4eb-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11721
Expires: Sun, 12 Mar 2023 01:50:16 GMT
Date: Sat, 11 Mar 2023 22:34:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11721
Expires: Sun, 12 Mar 2023 01:50:16 GMT
Date: Sat, 11 Mar 2023 22:34:55 GMT
Connection: keep-alive
iclickcdn.com/tag.min.js
104.26.12.118200 OK 43 kB IP 104.26.12.118:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ca092d159566848fcff05d2c12657f80
402965f90b78cf5c66a8647a41ca03a561709b5d
d4632bee7053eaac8a17b570b69c5469444946d8018e853b5ca6d33362eeba3a
GET /tag.min.js HTTP/1.1
Host: iclickcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 25e0b03795f75553f3b823ada24197c1
cache-control: max-age=86400
last-modified: Fri, 10 Mar 2023 13:58:05 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Sun, 12 Mar 2023 07:46:49 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 53286
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWBrcMXGzceSZ1sXcAAlKNVuvMn%2FudmIIFy1ue5Qd9YVXDIyb42vYstA7V9KZTdJleyCH4QnpaTWd68Av5yDUjCBfuLJOLXZVzYSg68UaEXzZF56cHkKPhG%2FtUcaniU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a67447f9dbd0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash be71491cee9b47dc3ffb23b4fdff25b3
79c7d22c8df6d305f46c5779ccb9f25169d4d111
e785896e5840fb901ddd0118bef3ccad6b59a96d8eef0e8ccd9c95a3c261ba45
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87df4bcd-c6cd-4a0c-a9f5-dffb7f36d2e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8487
x-amzn-requestid: 92381f1a-0140-47e9-a971-594a7de36c3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BkEcBGizoAMFgOA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640b1ab3-1a54b65a5d7083e62dcb85ab;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 11:55:31 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Nn4eV-UeuWZ02ANOxzTUSgE4UODtaZxeIjp8UJfU8PgUny2shFaDjQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:42:55 GMT
age: 3120
etag: "79c7d22c8df6d305f46c5779ccb9f25169d4d111"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedc49a5-9047-4466-b51e-ae8afb13738b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedc49a5-9047-4466-b51e-ae8afb13738b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash de951e42b95ce5c955a0a0159862698b
c9105f3c8d60173d59a051b676591757061cd077
04d1a0975ee2cf8a2ab2ac6c79fc0f37209b42dbe03e1d5bf9f7db79a30abc35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faedc49a5-9047-4466-b51e-ae8afb13738b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11489
x-amzn-requestid: ce3101f5-13ed-442e-b351-b09a165da752
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BjaHhFyfIAMFRQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640ad6fc-1792e71b3be8b06d12c4ca14;Sampled=0
x-amzn-remapped-date: Fri, 10 Mar 2023 07:06:36 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Ed-KGMLvXsrNj-thFevQVezcrUhs83sKyUIk0DKH1VVxCeZ25vjqew==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 07:14:28 GMT
age: 55227
etag: "c9105f3c8d60173d59a051b676591757061cd077"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26033b42139d27c847cf9881a17e0332
b196fbef36c2a5242abfc5d7115f1efd39499453
028dd1c86eaab6b991ad3dcb7fda21cdcfe8f9b22155c6bcb9363fbe379096ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0217c8c-9f5f-43b3-9d27-0f8eaac36f26.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4512
x-amzn-requestid: e9ba0dc3-3e1a-4ff5-8d0d-57386ced2fb1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BotIeGZ-IAMFmBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf569-1a45fa73148fb01f3822ee29;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:40:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 5dasHBaMZCENF6r8miupz4Jzeqy_tuotsvkcSRgs6AtsrWexauN6SQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:42:45 GMT
age: 3130
etag: "b196fbef36c2a5242abfc5d7115f1efd39499453"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F610d32c6-de03-41c8-a59b-12faf1f650e3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F610d32c6-de03-41c8-a59b-12faf1f650e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8f9226a7abb93a9f1800ef4baab9efd
2b4899d5c5a5e2af78e0a1af1494730be5c8137f
e15c82d8db45ada38b658768bc1ac9bc83ba50a503a36bf38640b084a19386f8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F610d32c6-de03-41c8-a59b-12faf1f650e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10845
x-amzn-requestid: 1a5ca885-9b0c-4c7e-b58c-4180a1af0ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bosb9FCyoAMFV8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf44c-2783848806177b71066c67fc;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: tY2LcY-hEm9NHReTyC5Rf7bEgVD4KVD5p7jhdLMKw34vpXcAdk34lw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 58b8655e3ea662bad02cac6b9d4c88ba.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:45:40 GMT
etag: "2b4899d5c5a5e2af78e0a1af1494730be5c8137f"
content-type: image/jpeg
age: 2955
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
link1s.com/favicon.ico
151.139.128.10200 OK 1.2 kB IP 151.139.128.10:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 03ab1dfddb257dcdfd97fec99d8a657b
52a797db29d8c765b51ed8aea361c4d52f80346e
f00b1e46b99dc5c05a6bdb89b442da969bf90c7dc59f43e798b2f8ebc2bdbfff
GET /favicon.ico HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/DsSz
Cookie: SPSI=a31d0b256b055b85d4371c5aa2ed878e; SPSE=Q4JJKt+/VEUPROgzuDOAWvhbt6O3+80B7AeXi9xMaz6V5D1irkoQocELK35L4HvbShGhXbPpojFQQZbAHgzA1A==; spcsrf=0aacabb317d6871cd7a885917887415f; UTGv2=h4dff5e0e4de05f25aae007f3abee587ed48; lang=en_US; AppSession=9p9pbkdnf273e3dt32lfq9ss7n; csrfToken=e5e27b792e9393f534d085e0560ee6854059d557b28d228d59b3783d837d62848975e1dc56c0096d8e1bc3f83eff331c25d5afb731c05f35a55173d3c7585093; sp_lit=8Z2+aCN3mR3wPoOFOuZLAw==; PRLST=IG; adOtr=0d3ba51620b; ab=2; stpdOrigin={"origin":"direct"}; __PPU___PPU_SESSION_URL=%2FDsSz; _pbjs_userid_consent_data=3524755945110770; sharedid=84b1f37f-3516-4d4e-a0b3-f8c7fcc0dd32
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
cache-control: max-age=1159
content-length: 1150
content-type: image/x-icon
last-modified: Mon, 15 Jun 2020 09:56:40 GMT
accept-ranges: bytes
etag: "5ee745d8-47e"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1678574095.cds253.sk1.hn,1678574095.cds018.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64218a7e-0a7f-4603-96b2-0537460a98f4.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64218a7e-0a7f-4603-96b2-0537460a98f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46321826c6cedf530893b10799a1587c
232c8366b1201c7d707528ac8a9d1cc48798ed8a
19bbe67fe3aa8d006f7b08ee0c6c390191967a88073dabe21ac57e17ef077220
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64218a7e-0a7f-4603-96b2-0537460a98f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6398
x-amzn-requestid: 486cd313-c9f3-4ed2-b1ca-8d45e2e1e84c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BotmEEcWIAMF2kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf626-1053a1d3415dcdd65d269a94;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:44:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: MuPLbdSuw6ewMrMTLsut5NgkkVQ35LG-hzPe3ddqxVyh1zUIvt4U_A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:55:22 GMT
age: 2373
etag: "232c8366b1201c7d707528ac8a9d1cc48798ed8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c260ad4-885a-4ad8-a245-3ded21665f3f.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c260ad4-885a-4ad8-a245-3ded21665f3f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 833fb535ad19fbd95e1537dcdca7612f
62be242982208db65057d62485650e31cc0a7cad
32c115c98dfa0679479abe6bf8cc895fc5d40136436fc7d712be913be192a95b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c260ad4-885a-4ad8-a245-3ded21665f3f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6207
x-amzn-requestid: 92e0c283-b9de-4cae-a43e-f9d628ecf17f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bosb-G5LIAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640cf44c-4930abfe5b1a4b5d6f346c78;Sampled=0
x-amzn-remapped-date: Sat, 11 Mar 2023 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 2upC-78TSSjVWzW6E5J12CiYyMe2r2yrZMgIgWYEUUI-NnmpP0mpig==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 74ab105148338444981d1b2277ffd9c4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 11 Mar 2023 21:42:45 GMT
etag: "62be242982208db65057d62485650e31cc0a7cad"
content-type: image/jpeg
age: 3130
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
141.95.98.65200 43 B URL HTTP/1.1 id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
IP 141.95.98.65:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/12/9.gif?gdpr=&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sat, 11-Mar-2023 22:39:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sat, 11-Mar-2023 22:39:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sat, 11-Mar-2023 22:39:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sat, 11-Mar-2023 22:39:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sat, 11-Mar-2023 22:39:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sat, 11-Mar-2023 22:39:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sat, 11 Mar 2023 22:34:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
143.204.42.64200 OK 26 kB URL HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP 143.204.42.64:0
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Sat, 11 Mar 2023 04:20:53 GMT
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CBi4r-tTW7AHc9ABh-J_whr5xbJ6FI_EtYqTxc-AkIaEHnntJ9tDpA==
Age: 65642
ced.sascdn.com/tag/1097/smart.js
95.101.11.24200 OK 34 kB URL HTTP/1.1 ced.sascdn.com/tag/1097/smart.js
IP 95.101.11.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7c3967264e6f47aebd77f5cb9999daf0
9d0664bb4d97093c8386479865aa5e7707e18271
75c2b1c0be30b8a091487b4583436613eadb1cab2761d1a8e8243ac84470138c
GET /tag/1097/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 33481
Cache-Control: public, max-age=7200
Expires: Sun, 12 Mar 2023 00:34:55 GMT
Date: Sat, 11 Mar 2023 22:34:55 GMT
Connection: keep-alive
tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flink1s.com%2FDsSz&id=MTIZ
145.239.192.166200 OK 0 B URL HTTP/1.1 tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flink1s.com%2FDsSz&id=MTIZ
IP 145.239.192.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wckr.php?ref=https%3A%2F%2Flink1s.com%2FDsSz&id=MTIZ HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 11 Mar 2023 22:34:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: 5B5A2A9A:DB2D_91EFC0A6:01BB_640D020F_8792F326:603E
X-IPLB-Instance: 30196
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (18419)
Hash 3d52228b738691316b9e8c6cf0a1fef4
c1584f8ab0d61b74483b432784615cbee6594381
b4e26bb435393287ca466eb5df8980362cca403e087ddbf32438fd8cc9ba28c4
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Sat, 11 Mar 2023 04:13:58 GMT
Content-Encoding: gzip
Content-Length: 9995
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=20284
Expires: Sun, 12 Mar 2023 04:12:59 GMT
Date: Sat, 11 Mar 2023 22:34:55 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash cea70cd92f3f863b76facf9ef93149fa
05761090c7ff21d014d3f0d93925a0e66c925b99
dfaeabf18b09f39e3a75c6efe37f52fdb6d4056cf0a4c66ba0d8ac74539c96a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.142200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 11 Mar 2023 21:53:25 GMT
expires: Sat, 11 Mar 2023 23:53:25 GMT
cache-control: public, max-age=7200
age: 2490
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 97360b41281820019461926c6dfcbb4f
ed2a42a4a2b6d3c9b24ffe0068e39a5134a4de23
ca5e32ad21bf7858b34a8ec8f9ecceeb4df808bec76290b5020fb5a090b5413f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2670
Cache-Control: max-age=159394
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:55 GMT
Etag: "640cc343-1d7"
Expires: Mon, 13 Mar 2023 18:51:29 GMT
Last-Modified: Sat, 11 Mar 2023 18:06:59 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8dab302e9d697a5c282117dfc2ff7c93
320e0270e1642e6dcc3e67a7e3a9a5809f544dbf
7c9b549df6a4f478cc7fb4a73baed83ba4469af4e0b6fce992b9fb4671cbcecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.131200 OK 583 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.131:0
File type ASCII text, with very long lines (921), with no line terminators
Hash 0763b84e570544af18a584bf94129949
0068829158155c7dc6407b47eb471e5131c3b6d3
ad3565d339a6c614b115480bceb1c62a8092d76138f1c17168969011b9974eae
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 11 Mar 2023 22:34:55 GMT
date: Sat, 11 Mar 2023 22:34:55 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 852a32464bcfceec2b113d4bcafa4fa6
a3875f2a62cb0af49edc026762ca07eee321910f
c533a348806cc888c263a9c3454120b5d0ea29d7e97839e8166b2c22af94b52e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C533A348806CC888C263A9C3454120B5D0EA29D7E97839E8166B2C22AF94B52E"
Last-Modified: Thu, 09 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15200
Expires: Sun, 12 Mar 2023 02:48:15 GMT
Date: Sat, 11 Mar 2023 22:34:55 GMT
Connection: keep-alive
adlv.hit.gemius.pl/_1678574096043/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
54.38.193.68301 Moved Permanently 0 B URL HTTP/2 adlv.hit.gemius.pl/_1678574096043/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
IP 54.38.193.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /_1678574096043/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=; HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 11 Mar 2023 22:34:55 GMT
expires: Fri, 10 Mar 2023 22:34:55 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlGUZMaGQMQG1ANovPosoGMUssGMXP8cFRbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sat, 18 Mar 2023 22:34:55 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1678574096043/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
content-length: 0
X-Firefox-Spdy: h2
cdn.pbstck.com/index-monitoring-301583c.js
172.67.25.151200 OK 100 kB URL HTTP/2 cdn.pbstck.com/index-monitoring-301583c.js
IP 172.67.25.151:0
Hash 6780c2f054ab0b32f0486be5932085c7
094a81c74c813ab9a51837e106f0f2800ba8402a
057a62bfa5c58bc11617bb18f42cf8fe24c98f7727da520a262e07dd0fa9e8cb
GET /index-monitoring-301583c.js HTTP/1.1
Host: cdn.pbstck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycduYzpOirRYTJkPVFrEXZz1R1EfwPcp-mV2g8LWBnD6d3j5pHi0wwi9tX2CI3l52kGrfUO70gbfL0RA-rizISUxOjQ
x-goog-generation: 1670862125732888
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 50705
x-goog-hash: crc32c=K58Y6w==, md5=J5Ko9RAqKOo1ZwtMEdZrfQ==
x-goog-storage-class: STANDARD
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Wed, 15 Mar 2023 11:13:35 GMT
cache-control: public, max-age=604800, immutable
last-modified: Mon, 12 Dec 2022 16:22:05 GMT
etag: W/"2792a8f5102a28ea35670b4c11d66b7d"
age: 298283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 7a6744801801b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
id5-sync.com/g/v2/102.json
141.95.98.65200 216 B URL HTTP/1.1 id5-sync.com/g/v2/102.json
IP 141.95.98.65:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7b433c2f95b72060c7c6b84874a8e0ce
4b37e15ff455a022bbf61380d6ea0748d53d04d6
64f28e35f3098749f4b78ccfa999637a93c7d9acd9bb30181ada2d3d2ad90411
POST /g/v2/102.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 159
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 11 Mar 2023 22:34:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 8dab302e9d697a5c282117dfc2ff7c93
320e0270e1642e6dcc3e67a7e3a9a5809f544dbf
7c9b549df6a4f478cc7fb4a73baed83ba4469af4e0b6fce992b9fb4671cbcecb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 8c4a1c1945ef3e61a31cce9c7056961a
3b25cc53c87d9aa85e082d5db8c51979f7e4f558
b55a36fb14e15b915b98f39bf47484391cc8f39fb25dc8ef4719c9b69d00690d
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://link1s.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=eced287a6ece4ab694396e2b02931706; expires=Sun, 10 Mar 2024 22:34:55 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.166200 OK 9.6 kB URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.166:0
Hash e9c70b2ab2eb7b023ffc3067eee4ca4f
32437dcda4a8062167e718a8a1885854c1e5645c
c718456c58b317c191b47332fd9cd1beac93fd1f2c4b26595a655572db9f8562
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "sCsI4IX19r4ykIX4lYSZTA=="
expires: Sat, 18 Mar 2023 22:34:55 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
onetag-sys.com/prebid-request
51.89.9.251200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.251:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 974
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://link1s.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.3.114204 No Content 0 B IP 104.18.3.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1650
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 11 Mar 2023 22:34:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. adstxt lines or seller entries are incomplete
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a6744842c19b511-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash ca5168adfa9c87951ad87e8712c3ed8f
82880af91ad66bd953dc4192b22c9a0be2314a85
aa4fffd2d72a6bacc309a157c787347b0d77b72294ae86f28d28e17bd1b3ba0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2836
Cache-Control: max-age=128929
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:56 GMT
Etag: "640c4b9d-1d7"
Expires: Mon, 13 Mar 2023 10:23:45 GMT
Last-Modified: Sat, 11 Mar 2023 09:36:29 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5e17d24a7488c17a4f9fea7ce0f7a96a
265ce30dcee641ace62b305be993ff8a64102991
269b867048a63fb70a8b753d0ba666326f0b202be2923b05b5127fd46c67cf36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "269B867048A63FB70A8B753D0BA666326F0B202BE2923B05B5127FD46C67CF36"
Last-Modified: Fri, 10 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14962
Expires: Sun, 12 Mar 2023 02:44:18 GMT
Date: Sat, 11 Mar 2023 22:34:56 GMT
Connection: keep-alive
limurol.com/ssp/req/1752377/?pb=736bfa5533eef2ee016daacc0a4576591678581295&psp=h3OhPq1Thmi9Er-EQ5bzSn-2n6XLJFK-MQSM5xheQs3Qk13-BWatk7XuGYsRRHfjsKgw6G6XD0iq1UIadwP6BsUWBclQGKP4UHoPKLiPd-twHYrvfwk49Q6KszcrM_UxmOJOppByIAaSiPiyursfv8QXRaKjrDtS55edJCeJQBKeVoKObLO2nv6Q31Yxs6d84ksAvbnajDLIGEwu5jhSWli4Ip26RRaz_cd4yPkI_qIgCbrhuxT29Dk5Rt_fmk_3sy0-5WLqbFyie2IrqK_HHVAGjDAZep649yt6Mz3qcR0lM2s1z0663bVYSXuIdJjwj8gAo5QkHE_hN0_SAoNBTuXU0PDLXARVLpPbx7niGd9nk9T6kfUMFTG3WQbISvKpVzGvOzYf350f3g3d8MPog1Ctgueg-ehz2uiAAqN8TEiai0MK3hRLXnRVKoZfX9Cu4oPUGdXr_Uc5-T_BsiASxUNl41cJnhQXvhS3s2qiqf0bBHw1IigjVcJ-fPS52IaFHZP_vsovrsn_7kydw9piT907Z9v9hxgppwWCo-fj7RJeBIHXdXwBgoC2HLhCuTwEVSw8F5pbypA9FXK6-MBU7e97zYNpkY2rPE7RVgkCG9Ltcth3XtKwUDfyfPiEkcaP4-T-sgyfoB5AJzFtl4hDykvJZ7fMrPHFQ_NN1IlTE3fD7UQIwoQ1XTKMWflWD4yIhmuDulu5qgLM-lcrrWRJHfHvAA_hl9mGn6eWfV2GeFmsWluRUfKI56X6HXzS4IulIAcgW-HXiYXzcejDu4RsRJewWWv23i4TZo8oSGYFP0Xnmh-DDs7kqt5W1CgMjka4S7WQffymxC-Ya_6ioGY-uE6ADTqeejH9cknDttRT-iLkDl3tvdfx0EyAAejaHf4kKryzIAGnpyFLFIeZXEdKB9rYJ72xgjfgkDqc-c-wo6THntT5liTkchATxIYhFnReBFmYTqlvubBGAJtVdtHKHEnVu2hRS1r8fHbUY7_a6s0=&cb=_clrqhzip2kdte8pr5f6gfl&nojs=0&ix=0&abvar=0&febuild=1.0.75&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1752377/?pb=736bfa5533eef2ee016daacc0a4576591678581295&psp=h3OhPq1Thmi9Er-EQ5bzSn-2n6XLJFK-MQSM5xheQs3Qk13-BWatk7XuGYsRRHfjsKgw6G6XD0iq1UIadwP6BsUWBclQGKP4UHoPKLiPd-twHYrvfwk49Q6KszcrM_UxmOJOppByIAaSiPiyursfv8QXRaKjrDtS55edJCeJQBKeVoKObLO2nv6Q31Yxs6d84ksAvbnajDLIGEwu5jhSWli4Ip26RRaz_cd4yPkI_qIgCbrhuxT29Dk5Rt_fmk_3sy0-5WLqbFyie2IrqK_HHVAGjDAZep649yt6Mz3qcR0lM2s1z0663bVYSXuIdJjwj8gAo5QkHE_hN0_SAoNBTuXU0PDLXARVLpPbx7niGd9nk9T6kfUMFTG3WQbISvKpVzGvOzYf350f3g3d8MPog1Ctgueg-ehz2uiAAqN8TEiai0MK3hRLXnRVKoZfX9Cu4oPUGdXr_Uc5-T_BsiASxUNl41cJnhQXvhS3s2qiqf0bBHw1IigjVcJ-fPS52IaFHZP_vsovrsn_7kydw9piT907Z9v9hxgppwWCo-fj7RJeBIHXdXwBgoC2HLhCuTwEVSw8F5pbypA9FXK6-MBU7e97zYNpkY2rPE7RVgkCG9Ltcth3XtKwUDfyfPiEkcaP4-T-sgyfoB5AJzFtl4hDykvJZ7fMrPHFQ_NN1IlTE3fD7UQIwoQ1XTKMWflWD4yIhmuDulu5qgLM-lcrrWRJHfHvAA_hl9mGn6eWfV2GeFmsWluRUfKI56X6HXzS4IulIAcgW-HXiYXzcejDu4RsRJewWWv23i4TZo8oSGYFP0Xnmh-DDs7kqt5W1CgMjka4S7WQffymxC-Ya_6ioGY-uE6ADTqeejH9cknDttRT-iLkDl3tvdfx0EyAAejaHf4kKryzIAGnpyFLFIeZXEdKB9rYJ72xgjfgkDqc-c-wo6THntT5liTkchATxIYhFnReBFmYTqlvubBGAJtVdtHKHEnVu2hRS1r8fHbUY7_a6s0=&cb=_clrqhzip2kdte8pr5f6gfl&nojs=0&ix=0&abvar=0&febuild=1.0.75&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1752377/?pb=736bfa5533eef2ee016daacc0a4576591678581295&psp=h3OhPq1Thmi9Er-EQ5bzSn-2n6XLJFK-MQSM5xheQs3Qk13-BWatk7XuGYsRRHfjsKgw6G6XD0iq1UIadwP6BsUWBclQGKP4UHoPKLiPd-twHYrvfwk49Q6KszcrM_UxmOJOppByIAaSiPiyursfv8QXRaKjrDtS55edJCeJQBKeVoKObLO2nv6Q31Yxs6d84ksAvbnajDLIGEwu5jhSWli4Ip26RRaz_cd4yPkI_qIgCbrhuxT29Dk5Rt_fmk_3sy0-5WLqbFyie2IrqK_HHVAGjDAZep649yt6Mz3qcR0lM2s1z0663bVYSXuIdJjwj8gAo5QkHE_hN0_SAoNBTuXU0PDLXARVLpPbx7niGd9nk9T6kfUMFTG3WQbISvKpVzGvOzYf350f3g3d8MPog1Ctgueg-ehz2uiAAqN8TEiai0MK3hRLXnRVKoZfX9Cu4oPUGdXr_Uc5-T_BsiASxUNl41cJnhQXvhS3s2qiqf0bBHw1IigjVcJ-fPS52IaFHZP_vsovrsn_7kydw9piT907Z9v9hxgppwWCo-fj7RJeBIHXdXwBgoC2HLhCuTwEVSw8F5pbypA9FXK6-MBU7e97zYNpkY2rPE7RVgkCG9Ltcth3XtKwUDfyfPiEkcaP4-T-sgyfoB5AJzFtl4hDykvJZ7fMrPHFQ_NN1IlTE3fD7UQIwoQ1XTKMWflWD4yIhmuDulu5qgLM-lcrrWRJHfHvAA_hl9mGn6eWfV2GeFmsWluRUfKI56X6HXzS4IulIAcgW-HXiYXzcejDu4RsRJewWWv23i4TZo8oSGYFP0Xnmh-DDs7kqt5W1CgMjka4S7WQffymxC-Ya_6ioGY-uE6ADTqeejH9cknDttRT-iLkDl3tvdfx0EyAAejaHf4kKryzIAGnpyFLFIeZXEdKB9rYJ72xgjfgkDqc-c-wo6THntT5liTkchATxIYhFnReBFmYTqlvubBGAJtVdtHKHEnVu2hRS1r8fHbUY7_a6s0=&cb=_clrqhzip2kdte8pr5f6gfl&nojs=0&ix=0&abvar=0&febuild=1.0.75&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: UID=2303111734d10d8a02fd3a4d61a94b7cbc2f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:56 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 701
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: max-age=0, private, must-revalidate
date: Sat, 11 Mar 2023 22:34:55 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
set-cookie: X-Contour-Session-Affinity="e04fdebeebe0e92a"; Path=/; HttpOnly
X-Firefox-Spdy: h2
adlv.hit.gemius.pl/__/_1678574096043/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
54.38.193.68200 OK 2 B URL HTTP/2 adlv.hit.gemius.pl/__/_1678574096043/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
IP 54.38.193.68:0
Hash e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
GET /__/_1678574096043/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=; HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:56 GMT
expires: Fri, 10 Mar 2023 22:34:56 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlxgkMaGQMQGjCSs2aXsoGMUssGMXP8cFRbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sat, 18 Mar 2023 22:34:56 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 2
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 878
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
date: Sat, 11 Mar 2023 22:34:54 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash c2dccaaa260617dc76f73d5e40f37c31
94bd9a6e780fb512837d19988b0fcb3035141423
16d4ea3bd1a922630c2c13baca3bcb94ae05c68687b9f93885b5bc8712e80c42
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2238
Cache-Control: max-age=101741
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:56 GMT
Etag: "640be3bf-1d7"
Expires: Mon, 13 Mar 2023 02:50:37 GMT
Last-Modified: Sat, 11 Mar 2023 02:13:19 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=23732623713
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=23732623713
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=6.6.0&cb=23732623713 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 289
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 11 Mar 2023 22:34:55 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://link1s.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 36cf6c1e37e48ac1e9541f4ffd89e6f8
2afe20649cf901c84fdbc4a5e52f05082dc92fb1
b35ce3d97344c0c35acfb437f6194168469b91cae797076249d448717a57d979
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 11 Mar 2023 22:34:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 09 Mar 2023 19:14:54 GMT
Expires: Thu, 16 Mar 2023 19:14:53 GMT
Etag: "2afe20649cf901c84fdbc4a5e52f05082dc92fb1"
Cache-Control: max-age=419396,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a674483abc2b4eb-OSL
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 85fda9fc2ddfd3eb84fd2fd5c6f075a6
e80091d6638a93fe79855f2bf8abea3053f12a81
737b37571914b87a1e5cc4c879d7801bccb4688c00766cec22cd22d831e16dce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1714
Cache-Control: max-age=164542
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:56 GMT
Etag: "640cdb1c-1d7"
Expires: Mon, 13 Mar 2023 20:17:18 GMT
Last-Modified: Sat, 11 Mar 2023 19:48:44 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/zrt_lookup.html
216.58.207.226200 OK 4.5 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/zrt_lookup.html
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3205)
Hash bad17ab9662318e8927e5009c83c2ad1
53ded630f95abe04b7b77d43076bf71b9ea71c02
68da39270ebfa6d17f4b765cbe004797a736611585ff0c53213d91f78f13c260
GET /pagead/html/r20230308/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4549
x-xss-protection: 0
date: Sat, 11 Mar 2023 21:15:13 GMT
expires: Sat, 25 Mar 2023 21:15:13 GMT
cache-control: public, max-age=1209600
age: 4783
etag: 2378337311435320485
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 85fda9fc2ddfd3eb84fd2fd5c6f075a6
e80091d6638a93fe79855f2bf8abea3053f12a81
737b37571914b87a1e5cc4c879d7801bccb4688c00766cec22cd22d831e16dce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2836
Cache-Control: max-age=165664
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:56 GMT
Etag: "640cdb1c-1d7"
Expires: Mon, 13 Mar 2023 20:36:00 GMT
Last-Modified: Sat, 11 Mar 2023 19:48:44 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 526
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 11 Mar 2023 22:34:56 GMT
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3d8a7aa300174457aa18ab1ca3e2df5d
d590d2036ab4e31eb6ff4f8f8a3cdb78393f613e
0924c3f7502392b01ac73b37cd4268b72a0efe3f354dc03f20a004f86926f257
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0924C3F7502392B01AC73B37CD4268B72A0EFE3F354DC03F20A004F86926F257"
Last-Modified: Thu, 09 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1130
Expires: Sat, 11 Mar 2023 22:53:46 GMT
Date: Sat, 11 Mar 2023 22:34:56 GMT
Connection: keep-alive
adlv.hit.gemius.pl/gemius.js
54.38.193.68200 OK 17 kB URL HTTP/2 adlv.hit.gemius.pl/gemius.js
IP 54.38.193.68:0
File type ASCII text, with very long lines (417)
Hash 0164f45b0f545a81934b305626d5ae81
dc32a3a7585111d6cb0bf819280db6eddd2ae42d
eb375b5ab7ef7f9062c6bca966476cb81078754a245f15b5b1fb1f1cc6bef2b5
GET /gemius.js HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adlv.hit.gemius.pl/gdejs/xgde.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:56 GMT
expires: Sun, 12 Mar 2023 10:34:56 GMT
server: GHC
accept-ranges: none
cache-control: max-age=43200
last-modified: Fri, 03 Mar 2023 14:41:06 GMT
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 17068
content-encoding: gzip
X-Firefox-Spdy: h2
s.cpx.to/fire.js?pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2FDsSz&hn_ver=40&fid=b194deec-5a7e-46b4-8f72-335102b9cf84
52.213.174.1200 OK 650 B URL HTTP/1.1 s.cpx.to/fire.js?pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2FDsSz&hn_ver=40&fid=b194deec-5a7e-46b4-8f72-335102b9cf84
IP 52.213.174.1:0
File type ASCII text, with very long lines (650), with no line terminators
Hash fb429a0eaf914938808a3516afdf34bd
a40dffc73c6dc4738890a0bccb5596f1eb8cc2e5
f7d04993eebff5d017cf6852badcefebf0895b4c61df313c2790e1995dd77d79
GET /fire.js?pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2FDsSz&hn_ver=40&fid=b194deec-5a7e-46b4-8f72-335102b9cf84 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 11 Mar 2023 22:34:56 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 650
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
p3p: CP="NOI DEV ADM"
expires: Mon, 30 Jan 2023 15:31:44 UTC
set-cookie: cpSess=182f72124c6d8fcf; Expires=Sun, 10 Mar 2024 22:34:56 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
script.4dex.io/localstore.js
172.67.75.241304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 172.67.75.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Sat, 11 Mar 2023 22:34:56 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1993693
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYzCP042qWHz0jvsGy0XJNDVFpN3wlg5ZuHhufejDNRGZiNYx1QD8OYimDdXfHWPTxlW7h5KafQxjc4oVZ8HJ%2F77J47T3mr7uKbVD836VwXUU8%2FDYpG92rJYPvva1Za9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a67448539790afe-OSL
id5-sync.com/g/v2/481.json
141.95.98.65200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 141.95.98.65:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7536e7279cfd02ccf1068c5ac692b475
9bd825c264e1fb47a8732168ff4448ae11cdc047
2bc0f3b325aec438684160470f302e26be9643591df02daa2e0d7e9a0d2f1302
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 127
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 11 Mar 2023 22:34:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
script.4dex.io/adagio.js
172.67.75.241304 Not Modified 0 B IP 172.67.75.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Sat, 11 Mar 2023 22:34:56 GMT
Connection: keep-alive
x-amz-id-2: LUZWsTkO7tndKHEUAypIYoYECZDqiFKRPqFYcwBmgsZi1o5jCuowifq3VKDNdpIpyW7MjsdBhRg=
x-amz-request-id: 0P2J7B52ZX2ZH1EQ
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: "c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1383520
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYgMu0toy1qbN3Z%2BwQ5SgcyaLNGoUCRhx8yNs5BE27MQ7ZO7kakD8of7VvYGOgGIVc9KaAH8HJXewSmzk4pCkKfGWod%2BX8o480Hqvmpd0S8Ky5Y8YGK0J4%2BTteHTaMR3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a6744856d81b50f-OSL
adx.adform.net/adx/openrtb
37.157.6.233204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 542
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 11 Mar 2023 22:34:56 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://link1s.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.53200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.53:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 880baf2860251bf2e729e4dd401b96bd
c90175103b289927056a390460c8020231d07c56
7d381356b50e97a62af7a99ff7284a860be30b6b3826fe315dbed6f9aec1014d
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 655
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 11 Mar 2023 22:34:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://link1s.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: c0f05930-ec73-4aa1-9ae4-5b840872eb02
Set-Cookie: icu=ChgI6fZ8EAoYASABKAEwkIS0oAY4AUABSAEQkIS0oAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Jun-2023 22:34:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=858872703918919958; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Jun-2023 22:34:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d0041d132206fde914af84315afa4c6c
f627dfbbac7ac472bc243a0b1f711370a20ea0b0
3ecb3fa3ae1cbda82d33437af2ad77f7d7ac5f2c6d9218c3960ca9ef52df65b4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 11 Mar 2023 22:34:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 10 Mar 2023 12:31:20 GMT
Expires: Fri, 17 Mar 2023 12:31:19 GMT
Etag: "f627dfbbac7ac472bc243a0b1f711370a20ea0b0"
Cache-Control: max-age=481582,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a674484a967b524-OSL
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
178.250.1.11200 OK 444 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
IP 178.250.1.11:0
File type JSON data\012- , ASCII text, with very long lines (499), with no line terminators
Hash bf8c2ac4ff76445154eed76bf809456e
4453be482e6dc9be5d7d1ea94bea83cc51f6762b
8b30bcd9215bfd33330fddad61efc74683075e1f4c82cb62c1093ce7dc4eec93
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 627898
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 800
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: max-age=0, private, must-revalidate
date: Sat, 11 Mar 2023 22:34:55 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
set-cookie: X-Contour-Session-Affinity="e04fdebeebe0e92a"; Path=/; HttpOnly
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 972
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
date: Sat, 11 Mar 2023 22:34:54 GMT
X-Firefox-Spdy: h2
prebid-stag.setupad.net/openrtb2/auction
104.26.8.178200 OK 190 B URL HTTP/2 prebid-stag.setupad.net/openrtb2/auction
IP 104.26.8.178:0
File type JSON data\012- , ASCII text
Hash 8226b8a001d5e2e84a36419edce3ce28
851a69cdb1f0c5b7f8424cd65bdc6c0920e5abb7
5a47e829ee5ae676938a7786bdb42790cae81ec6d04ec6a0244c76c21831e840
POST /openrtb2/auction HTTP/1.1
Host: prebid-stag.setupad.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 947
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:56 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
x-prebid: pbs-go/0.234.0-3-gde6ed827
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3bxask%2Fdps5CbPZPFXrqG%2B4G59jVRCZdjofsiTeV%2FCTydqVqHiDt0B%2FoIRUNfCeKGhieww01%2FGk5F0UpEjfJU0RrBny2ZB3zrF2Bu6ofokAeH%2FegNV1MaRmU1x6LRBfwKbBTs6tIvv9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a6744840c74b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.3.114204 No Content 0 B IP 104.18.3.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1750
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 11 Mar 2023 22:34:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. adstxt lines or seller entries are incomplete
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a674485ddfeb511-OSL
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=22398178545
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=22398178545
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=6.6.0&cb=22398178545 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 340
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 11 Mar 2023 22:34:55 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://link1s.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
link1s.com/sbbi/?sbbpg=sbbShell&gprid=IG
151.139.128.10200 OK 345 B URL HTTP/2 link1s.com/sbbi/?sbbpg=sbbShell&gprid=IG
IP 151.139.128.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (532), with no line terminators
Hash ed18e0f9b1f6f71153b7d0058a636d51
24945eccbcee0371420686b29bfb5e75c2b9d8da
591f57e7857261880668cb20d834b386d47436e2246c5c457cac607f48be6526
POST /sbbi/?sbbpg=sbbShell&gprid=IG HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 503
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/sbbi/?sbbpg=sbbShell&gprid=IG
Cookie: SPSI=a31d0b256b055b85d4371c5aa2ed878e; SPSE=Q4JJKt+/VEUPROgzuDOAWvhbt6O3+80B7AeXi9xMaz6V5D1irkoQocELK35L4HvbShGhXbPpojFQQZbAHgzA1A==; spcsrf=0aacabb317d6871cd7a885917887415f; UTGv2=h4dff5e0e4de05f25aae007f3abee587ed48; lang=en_US; AppSession=9p9pbkdnf273e3dt32lfq9ss7n; csrfToken=e5e27b792e9393f534d085e0560ee6854059d557b28d228d59b3783d837d62848975e1dc56c0096d8e1bc3f83eff331c25d5afb731c05f35a55173d3c7585093; sp_lit=8Z2+aCN3mR3wPoOFOuZLAw==; PRLST=IG; adOtr=0d3ba51620b; ab=2; stpdOrigin={"origin":"direct"}; __PPU___PPU_SESSION_URL=%2FDsSz; _pbjs_userid_consent_data=3524755945110770; sharedid=84b1f37f-3516-4d4e-a0b3-f8c7fcc0dd32; _ga=GA1.2.427074980.1678574097; _gid=GA1.2.115047585.1678574097; _gat_gtag_UA_129758818_7=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:56 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
x-hw: 1678574096.cds253.sk1.hn,1678574096.cds003.sk1.sc,1678574096.cdn2-wafbe03-arn1.stackpath.systems.-.i,1678574096.cds003.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c086c1058b5efe686a7ff3bcbe30a364
9f86ca794928ef69e0c51b05ca05ca83a84faa73
ab5e437602f7d061398eb58e83530d3f0c175c390d2713547a13de8e92b9f2dc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 11 Mar 2023 22:34:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 11 Mar 2023 14:03:26 GMT
Expires: Sat, 18 Mar 2023 14:03:25 GMT
Etag: "9f86ca794928ef69e0c51b05ca05ca83a84faa73"
Cache-Control: max-age=573508,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a6744850de8b4eb-OSL
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js
216.58.207.227200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js
IP 216.58.207.227:0
File type ASCII text, with very long lines (554)
Size 164 kB (163842 bytes)
Hash 67145d1dd8c7201ad506c8734df41708
9f10d87858deb8ee394d47a6268494905ee9f0c0
e0ebeeb232953726660519b937e1cadaf1cb2461e8c044044ff2e9a481f085a0
GET /recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 Mar 2023 13:25:54 GMT
expires: Sat, 09 Mar 2024 13:25:54 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 119342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
prebid-stag.setupad.net/cookie_sync
104.26.8.178200 OK 341 B URL HTTP/2 prebid-stag.setupad.net/cookie_sync
IP 104.26.8.178:0
File type JSON data\012- , ASCII text
Hash 3a96e8eaffffe78e7b01cd4557b254d1
e58b31fd5486a7705ecb84ebd1d3a2be3e9758e2
174f9f33ff2ab587acf725895f4371830b0aa60382d52eea78a06770d0cceb2a
POST /cookie_sync HTTP/1.1
Host: prebid-stag.setupad.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 82
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:56 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHLI5UurkPT2ipmiIyo2WzKaiEkPAzoZ6nVZsxzU20jF4n96es0VzY7DLReQ9vgpniOe%2Bp%2FQhJm9FvNZPXunj2cKsZLWm20XQl9HJLpsmywIiJQt2UgoQPVkbIqGbwqBZ98rpRrpoD4o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a674483fc5eb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
rtb.adxpremium.services/openrtb2/auction
185.106.140.18200 OK 2.0 kB URL HTTP/1.1 rtb.adxpremium.services/openrtb2/auction
IP 185.106.140.18:0
File type JSON data\012- , ASCII text, with very long lines (1981)
Hash bd499409cab795519dfa2a33b2cf3d68
eb0775f04409fde87bd9b8b636d29eb8ae8975a2
7c2756289312bb88b3af643a4ebfdea460d35a29a0f2009c5597021cefbc6cfc
POST /openrtb2/auction HTTP/1.1
Host: rtb.adxpremium.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 656
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 11 Mar 2023 22:34:56 GMT
Content-Type: application/json
Content-Length: 1982
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Vary: Origin
X-Prebid: pbs-go/unknown
limurol.com/ssp/req/1752377/?pb=736bfa5533eef2ee016daacc0a4576591678581295&psp=h3OhPq1Thmi9Er-EQ5bzSn-2n6XLJFK-MQSM5xheQs3Qk13-BWatk7XuGYsRRHfjsKgw6G6XD0iq1UIadwP6BsUWBclQGKP4UHoPKLiPd-twHYrvfwk49Q6KszcrM_UxmOJOppByIAaSiPiyursfv8QXRaKjrDtS55edJCeJQBKeVoKObLO2nv6Q31Yxs6d84ksAvbnajDLIGEwu5jhSWli4Ip26RRaz_cd4yPkI_qIgCbrhuxT29Dk5Rt_fmk_3sy0-5WLqbFyie2IrqK_HHVAGjDAZep649yt6Mz3qcR0lM2s1z0663bVYSXuIdJjwj8gAo5QkHE_hN0_SAoNBTuXU0PDLXARVLpPbx7niGd9nk9T6kfUMFTG3WQbISvKpVzGvOzYf350f3g3d8MPog1Ctgueg-ehz2uiAAqN8TEiai0MK3hRLXnRVKoZfX9Cu4oPUGdXr_Uc5-T_BsiASxUNl41cJnhQXvhS3s2qiqf0bBHw1IigjVcJ-fPS52IaFHZP_vsovrsn_7kydw9piT907Z9v9hxgppwWCo-fj7RJeBIHXdXwBgoC2HLhCuTwEVSw8F5pbypA9FXK6-MBU7e97zYNpkY2rPE7RVgkCG9Ltcth3XtKwUDfyfPiEkcaP4-T-sgyfoB5AJzFtl4hDykvJZ7fMrPHFQ_NN1IlTE3fD7UQIwoQ1XTKMWflWD4yIhmuDulu5qgLM-lcrrWRJHfHvAA_hl9mGn6eWfV2GeFmsWluRUfKI56X6HXzS4IulIAcgW-HXiYXzcejDu4RsRJewWWv23i4TZo8oSGYFP0Xnmh-DDs7kqt5W1CgMjka4S7WQffymxC-Ya_6ioGY-uE6ADTqeejH9cknDttRT-iLkDl3tvdfx0EyAAejaHf4kKryzIAGnpyFLFIeZXEdKB9rYJ72xgjfgkDqc-c-wo6THntT5liTkchATxIYhFnReBFmYTqlvubBGAJtVdtHKHEnVu2hRS1r8fHbUY7_a6s0=&cb=_clrqhzip2kdte8pr5f6gfl&nojs=0&ix=0&abvar=0&febuild=1.0.75&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1752377/?pb=736bfa5533eef2ee016daacc0a4576591678581295&psp=h3OhPq1Thmi9Er-EQ5bzSn-2n6XLJFK-MQSM5xheQs3Qk13-BWatk7XuGYsRRHfjsKgw6G6XD0iq1UIadwP6BsUWBclQGKP4UHoPKLiPd-twHYrvfwk49Q6KszcrM_UxmOJOppByIAaSiPiyursfv8QXRaKjrDtS55edJCeJQBKeVoKObLO2nv6Q31Yxs6d84ksAvbnajDLIGEwu5jhSWli4Ip26RRaz_cd4yPkI_qIgCbrhuxT29Dk5Rt_fmk_3sy0-5WLqbFyie2IrqK_HHVAGjDAZep649yt6Mz3qcR0lM2s1z0663bVYSXuIdJjwj8gAo5QkHE_hN0_SAoNBTuXU0PDLXARVLpPbx7niGd9nk9T6kfUMFTG3WQbISvKpVzGvOzYf350f3g3d8MPog1Ctgueg-ehz2uiAAqN8TEiai0MK3hRLXnRVKoZfX9Cu4oPUGdXr_Uc5-T_BsiASxUNl41cJnhQXvhS3s2qiqf0bBHw1IigjVcJ-fPS52IaFHZP_vsovrsn_7kydw9piT907Z9v9hxgppwWCo-fj7RJeBIHXdXwBgoC2HLhCuTwEVSw8F5pbypA9FXK6-MBU7e97zYNpkY2rPE7RVgkCG9Ltcth3XtKwUDfyfPiEkcaP4-T-sgyfoB5AJzFtl4hDykvJZ7fMrPHFQ_NN1IlTE3fD7UQIwoQ1XTKMWflWD4yIhmuDulu5qgLM-lcrrWRJHfHvAA_hl9mGn6eWfV2GeFmsWluRUfKI56X6HXzS4IulIAcgW-HXiYXzcejDu4RsRJewWWv23i4TZo8oSGYFP0Xnmh-DDs7kqt5W1CgMjka4S7WQffymxC-Ya_6ioGY-uE6ADTqeejH9cknDttRT-iLkDl3tvdfx0EyAAejaHf4kKryzIAGnpyFLFIeZXEdKB9rYJ72xgjfgkDqc-c-wo6THntT5liTkchATxIYhFnReBFmYTqlvubBGAJtVdtHKHEnVu2hRS1r8fHbUY7_a6s0=&cb=_clrqhzip2kdte8pr5f6gfl&nojs=0&ix=0&abvar=0&febuild=1.0.75&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1752377/?pb=736bfa5533eef2ee016daacc0a4576591678581295&psp=h3OhPq1Thmi9Er-EQ5bzSn-2n6XLJFK-MQSM5xheQs3Qk13-BWatk7XuGYsRRHfjsKgw6G6XD0iq1UIadwP6BsUWBclQGKP4UHoPKLiPd-twHYrvfwk49Q6KszcrM_UxmOJOppByIAaSiPiyursfv8QXRaKjrDtS55edJCeJQBKeVoKObLO2nv6Q31Yxs6d84ksAvbnajDLIGEwu5jhSWli4Ip26RRaz_cd4yPkI_qIgCbrhuxT29Dk5Rt_fmk_3sy0-5WLqbFyie2IrqK_HHVAGjDAZep649yt6Mz3qcR0lM2s1z0663bVYSXuIdJjwj8gAo5QkHE_hN0_SAoNBTuXU0PDLXARVLpPbx7niGd9nk9T6kfUMFTG3WQbISvKpVzGvOzYf350f3g3d8MPog1Ctgueg-ehz2uiAAqN8TEiai0MK3hRLXnRVKoZfX9Cu4oPUGdXr_Uc5-T_BsiASxUNl41cJnhQXvhS3s2qiqf0bBHw1IigjVcJ-fPS52IaFHZP_vsovrsn_7kydw9piT907Z9v9hxgppwWCo-fj7RJeBIHXdXwBgoC2HLhCuTwEVSw8F5pbypA9FXK6-MBU7e97zYNpkY2rPE7RVgkCG9Ltcth3XtKwUDfyfPiEkcaP4-T-sgyfoB5AJzFtl4hDykvJZ7fMrPHFQ_NN1IlTE3fD7UQIwoQ1XTKMWflWD4yIhmuDulu5qgLM-lcrrWRJHfHvAA_hl9mGn6eWfV2GeFmsWluRUfKI56X6HXzS4IulIAcgW-HXiYXzcejDu4RsRJewWWv23i4TZo8oSGYFP0Xnmh-DDs7kqt5W1CgMjka4S7WQffymxC-Ya_6ioGY-uE6ADTqeejH9cknDttRT-iLkDl3tvdfx0EyAAejaHf4kKryzIAGnpyFLFIeZXEdKB9rYJ72xgjfgkDqc-c-wo6THntT5liTkchATxIYhFnReBFmYTqlvubBGAJtVdtHKHEnVu2hRS1r8fHbUY7_a6s0=&cb=_clrqhzip2kdte8pr5f6gfl&nojs=0&ix=0&abvar=0&febuild=1.0.75&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: UID=2303111734d10d8a02fd3a4d61a94b7cbc2f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:56 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
prebid-stag.setupad.net/cookie_sync
104.26.8.178200 OK 2.3 kB URL HTTP/2 prebid-stag.setupad.net/cookie_sync
IP 104.26.8.178:0
File type JSON data\012- , ASCII text
Hash 0878ec92175a5a25236a1f588420cc12
4b0b884e4f89bd4fa10c991d8ae90a00e4ff6332
51043161427c0c8edea7f62f74c542c1cc9710f36d38bf2a7d086e1b22a00205
POST /cookie_sync HTTP/1.1
Host: prebid-stag.setupad.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 82
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:56 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oFlBY91oRMyPaGtIRZm5oq9QeLQokLzj5a5ACYzNSc9VjEE7uYQfiNS9iF1Ke37Un7H4hNrLQseMxJb9SLq1z3W%2BqBwo9vJM%2FY8WW0G15g%2F%2B7eACrnBP7RvNxWXnUUQnRrbNI7c1I9oL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a674485bea6b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.6.233200 OK 2.0 kB URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.233:0
File type JSON data\012- , ASCII text, with very long lines (1981)
Hash 50d48c44cb5eec922cb4a7eb94424e58
58efa58648b6046aabe33a4c921b43bb454df634
b0032388e122bbd7c9b3e22176a96e443d1e72693c87befe4e791c80c5b631fc
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:56 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://link1s.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Flink1s.com%252FDsSz%26hn_ver%3D40%26fid%3Db194deec-5a7e-46b4-8f72-335102b9cf84
37.252.172.123307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Flink1s.com%252FDsSz%26hn_ver%3D40%26fid%3Db194deec-5a7e-46b4-8f72-335102b9cf84
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Flink1s.com%252FDsSz%26hn_ver%3D40%26fid%3Db194deec-5a7e-46b4-8f72-335102b9cf84 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 11 Mar 2023 22:34:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12762%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Flink1s.com%25252FDsSz%2526hn_ver%253D40%2526fid%253Db194deec-5a7e-46b4-8f72-335102b9cf84
AN-X-Request-Uuid: 7b4d46ef-794e-405a-a278-38a6b937ba7a
Set-Cookie: uuid2=9026225241390406849; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Jun-2023 22:34:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:56 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d5473ac0dff54b4ac665e95a0e380aac
38423b5e5cd68d5d32710383f939453532c8f505
18f0d30402cce8b9026650dd08d36b48faa6974cb57c0b70764811e0e60413cd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 11 Mar 2023 22:34:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 08 Mar 2023 15:49:38 GMT
Expires: Wed, 15 Mar 2023 15:49:37 GMT
Etag: "38423b5e5cd68d5d32710383f939453532c8f505"
Cache-Control: max-age=320680,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a6744861ac6b524-OSL
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css
216.58.207.227200 OK 25 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css
IP 216.58.207.227:0
File type ASCII text, with very long lines (56403), with no line terminators
Hash a42c6333a13e5376af95f46fd9c7b627
57a98e519a44915e39a0cb6f23812adfa6611e67
62bff9dd0379da44f9d7f739af671bb6b243c016b49c7146b431ae9e6b9cb41b
GET /recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 Mar 2023 20:15:37 GMT
expires: Sat, 09 Mar 2024 20:15:37 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
content-type: text/css
vary: Accept-Encoding
age: 94759
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js
216.58.207.227200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js
IP 216.58.207.227:0
File type ASCII text, with very long lines (554)
Size 164 kB (163842 bytes)
Hash 67145d1dd8c7201ad506c8734df41708
9f10d87858deb8ee394d47a6268494905ee9f0c0
e0ebeeb232953726660519b937e1cadaf1cb2461e8c044044ff2e9a481f085a0
GET /recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 Mar 2023 13:25:54 GMT
expires: Sat, 09 Mar 2024 13:25:54 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 119342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1158
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 11 Mar 2023 22:35:32 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://link1s.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2f97280eae3eb2c055f6bc516ab9928e
c7ff9940a6b29daf9de76d0ba4dc2144e0826fc2
4c76f8a2bb5488da045c604ae63af7e6952535a17ae5e340c0e3f04c6caba7f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C76F8A2BB5488DA045C604AE63AF7E6952535A17AE5E340C0E3F04C6CABA7F3"
Last-Modified: Fri, 10 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19056
Expires: Sun, 12 Mar 2023 03:52:32 GMT
Date: Sat, 11 Mar 2023 22:34:56 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2f97280eae3eb2c055f6bc516ab9928e
c7ff9940a6b29daf9de76d0ba4dc2144e0826fc2
4c76f8a2bb5488da045c604ae63af7e6952535a17ae5e340c0e3f04c6caba7f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C76F8A2BB5488DA045C604AE63AF7E6952535A17AE5E340C0E3F04C6CABA7F3"
Last-Modified: Fri, 10 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19056
Expires: Sun, 12 Mar 2023 03:52:32 GMT
Date: Sat, 11 Mar 2023 22:34:56 GMT
Connection: keep-alive
pixel.quantserve.com/pixel;r=1220414505;labels=Categories.personal-finance%2CMots%20Cl%C3%A9s.earn%20money%2CMots%20Cl%C3%A9s.short%20link%2CMots%20Cl%C3%A9s.get%20paid;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Flink1s.com%2FDsSz;uht=2;fpan=1;fpa=P0-1467638082-1678574096804;pbc=;ns=0;ce=1;qjs=1;qv=3e132866-20230307133952;cm=;gdpr=0;ref=;d=link1s.com;dst=0;et=1678574097216;tzo=0;ogl=image.https%3A%2F%2Fstatic%252Emediafire%252Ecom%2Fimages%2Ffiletype%2Fdownload%2Fzip%252Ejpg;ses=38c5eca9-1d1e-45e8-aa43-6b36818b4d0f
91.228.74.166200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1220414505;labels=Categories.personal-finance%2CMots%20Cl%C3%A9s.earn%20money%2CMots%20Cl%C3%A9s.short%20link%2CMots%20Cl%C3%A9s.get%20paid;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Flink1s.com%2FDsSz;uht=2;fpan=1;fpa=P0-1467638082-1678574096804;pbc=;ns=0;ce=1;qjs=1;qv=3e132866-20230307133952;cm=;gdpr=0;ref=;d=link1s.com;dst=0;et=1678574097216;tzo=0;ogl=image.https%3A%2F%2Fstatic%252Emediafire%252Ecom%2Fimages%2Ffiletype%2Fdownload%2Fzip%252Ejpg;ses=38c5eca9-1d1e-45e8-aa43-6b36818b4d0f
IP 91.228.74.166:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1220414505;labels=Categories.personal-finance%2CMots%20Cl%C3%A9s.earn%20money%2CMots%20Cl%C3%A9s.short%20link%2CMots%20Cl%C3%A9s.get%20paid;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Flink1s.com%2FDsSz;uht=2;fpan=1;fpa=P0-1467638082-1678574096804;pbc=;ns=0;ce=1;qjs=1;qv=3e132866-20230307133952;cm=;gdpr=0;ref=;d=link1s.com;dst=0;et=1678574097216;tzo=0;ogl=image.https%3A%2F%2Fstatic%252Emediafire%252Ecom%2Fimages%2Ffiletype%2Fdownload%2Fzip%252Ejpg;ses=38c5eca9-1d1e-45e8-aa43-6b36818b4d0f HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:56 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=640d0210-8aa0f-76692-8130b; expires=Wed, 10-Apr-2024 22:34:56 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12762%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Flink1s.com%25252FDsSz%2526hn_ver%253D40%2526fid%253Db194deec-5a7e-46b4-8f72-335102b9cf84
37.252.172.123302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12762%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Flink1s.com%25252FDsSz%2526hn_ver%253D40%2526fid%253Db194deec-5a7e-46b4-8f72-335102b9cf84
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12762%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Flink1s.com%25252FDsSz%2526hn_ver%253D40%2526fid%253Db194deec-5a7e-46b4-8f72-335102b9cf84 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sat, 11 Mar 2023 22:34:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://s.cpx.to/an_fire?app_nexus_uid=0&pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2FDsSz&hn_ver=40&fid=b194deec-5a7e-46b4-8f72-335102b9cf84
AN-X-Request-Uuid: cc394cac-955f-49c4-97c6-4e8139de3d68
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
bedrapiona.com/5/4506172/?oo=1&js_build=iclick-v1.505.0
139.45.197.234200 OK 4.1 kB URL HTTP/2 bedrapiona.com/5/4506172/?oo=1&js_build=iclick-v1.505.0
IP 139.45.197.234:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4902)
Hash 811e866d2094d976ad02d116fb96cee2
0f688bfe04863321c2be2434dc7175927e70f7d2
71037e76f28213a7f6115045ff6cc934e7e9eb3f05f75e1aeeb28c55a47b4681
GET /5/4506172/?oo=1&js_build=iclick-v1.505.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:56 GMT
content-type: application/json
x-trace-id: d153a680cb041230952dd18ef863b348
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=7cb5ba290fde43e69d2b2aef40a62fd7; expires=Sun, 10 Mar 2024 22:34:56 GMT; path=/; secure; SameSite=None
oaidts=1678574096; expires=Sun, 10 Mar 2024 22:34:56 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?t=prebid
188.42.196.115200 OK 113 B URL HTTP/2 ads.betweendigital.com/adjson?t=prebid
IP 188.42.196.115:0
Hash 70b59332600bcd617c2a3f59da8e050a
44c4f326b218446d506d6733c367302be2dd3a0e
34d971625721eb76f86348e28e589f9c31d340b0f1e2e5abbe16bd107dfb2ff7
POST /adjson?t=prebid HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 432
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:34:56 GMT; Path=/; Domain=.betweendigital.com
tuuid=e65db2dd-8128-5247-bc9a-ba61d897b871; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:34:56 GMT; Path=/; Domain=.betweendigital.com
ut=ZA0CEAAGDsgcO-X0Oh8iB_pFGFXOfSETLyCi6g==; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:34:56 GMT; Path=/; Domain=.betweendigital.com
unm=1; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:34:56 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
forfrogadiertor.com/500/4506165?excludes=&oaid=l5nn941115sx691862169j5b8llen124&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=9&pl=https%3A%2F%2Flink1s.com%2FDsSz&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 forfrogadiertor.com/500/4506165?excludes=&oaid=l5nn941115sx691862169j5b8llen124&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=9&pl=https%3A%2F%2Flink1s.com%2FDsSz&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/4506165?excludes=&oaid=l5nn941115sx691862169j5b8llen124&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=9&pl=https%3A%2F%2Flink1s.com%2FDsSz&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:56 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://link1s.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Mar 2023 21:48:03 GMT
expires: Fri, 08 Mar 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 175613
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
216.58.207.227200 OK 2.2 kB URL HTTP/2 www.gstatic.com/recaptcha/api2/logo_48.png
IP 216.58.207.227:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Mar 2023 18:48:55 GMT
expires: Tue, 14 Mar 2023 18:48:55 GMT
cache-control: public, max-age=604800
age: 359161
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
upgulpinon.com/9?z=4506159&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Flink1s.com%2FDsSz&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=l5nn941115sx691862169j5b8llen124
139.45.197.242200 OK 4.8 kB URL HTTP/2 upgulpinon.com/9?z=4506159&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Flink1s.com%2FDsSz&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=l5nn941115sx691862169j5b8llen124
IP 139.45.197.242:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (7763)
Hash f83bfd5acc5f721013d597399c313a71
fae2bc5db7e6ac85d948d0514ae78050b654ac46
aa70223ff925cd5f3d243bf0615b2b16a5183b8e8bc15f4641e45f92d3aad3a9
POST /9?z=4506159&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Flink1s.com%2FDsSz&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=l5nn941115sx691862169j5b8llen124 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 152
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Cookie: scm=1; OAID=29cd645101684d09953bd86aa5ab6570; oaidts=1678574093
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:56 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 6382bce8fa30ded12c228b4f7c68b717
access-control-expose-headers: X-Sc
set-cookie: OAID=l5nn941115sx691862169j5b8llen124; expires=Sun, 10 Mar 2024 22:34:56 GMT; secure; SameSite=None
oaidts=1678574093; expires=Sun, 10 Mar 2024 22:34:56 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
143.204.48.16200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash c6dfaa14355e3ea11bdbd2c179c43ae4
891488f595ac3c780fd237a25905c43243b9cb8c
0755fad80e087a26cc2b7d0dc11eb1dd25ba29419424e907970d4ef2a1380cf8
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141028
Date: Sat, 11 Mar 2023 22:34:56 GMT
Etag: "640c6ef9-1d7"
Expires: Mon, 13 Mar 2023 13:45:24 GMT
Last-Modified: Sat, 11 Mar 2023 12:07:21 GMT
Server: ECAcc (nya/7968)
X-Cache: Miss from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tphts_YULaZNU-BNbWnseNrcPNuHsMG6wPujGbvEQwo00oGOJDS6fA==
Age: 5883
adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
52.214.64.2200 OK 20 B URL HTTP/1.1 adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
IP 52.214.64.2:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Sat, 11 Mar 2023 22:34:56 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sat, 11 Mar 2023 22:34:56 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
s.cpx.to/ca.png?dsp=dbm&fid=b194deec-5a7e-46b4-8f72-335102b9cf84&google_error=3
52.213.174.1200 OK 95 B URL HTTP/1.1 s.cpx.to/ca.png?dsp=dbm&fid=b194deec-5a7e-46b4-8f72-335102b9cf84&google_error=3
IP 52.213.174.1:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /ca.png?dsp=dbm&fid=b194deec-5a7e-46b4-8f72-335102b9cf84&google_error=3 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Cookie: cpSess=182f72124c6d8fcf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 11 Mar 2023 22:34:56 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
set-cookie: cpSess=182f72124c6d8fcf; Expires=Sun, 10 Mar 2024 22:34:56 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db194deec-5a7e-46b4-8f72-335102b9cf84
185.64.190.80302 Found 137 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db194deec-5a7e-46b4-8f72-335102b9cf84
IP 185.64.190.80:0
Hash bbe2324dbdca1d5d070aac82805aaec5
fbc20a230bb5851f791743f2c9e90672d091b698
fde3b4ba116e639bc679f7caab4b537f28eb783e5e59888c019cf9489b94e22d
GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db194deec-5a7e-46b4-8f72-335102b9cf84 HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 11 Mar 2023 22:34:55 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Fri, 09-Jun-2023 22:34:55 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Db194deec-5a7e-46b4-8f72-335102b9cf84
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=6c2384af-4b1b-47f9-6cf8-90c9b3e9eef0&reqId=6d4cce72-8f7e-4e3b-62de-126a2d491eec&zdid=1258&google_error=3
172.67.13.182200 OK 95 B URL HTTP/2 mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=6c2384af-4b1b-47f9-6cf8-90c9b3e9eef0&reqId=6d4cce72-8f7e-4e3b-62de-126a2d491eec&zdid=1258&google_error=3
IP 172.67.13.182:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=6c2384af-4b1b-47f9-6cf8-90c9b3e9eef0&reqId=6d4cce72-8f7e-4e3b-62de-126a2d491eec&zdid=1258&google_error=3 HTTP/1.1
Host: mwzeom.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Cookie: zc=6c2384af-4b1b-47f9-6cf8-90c9b3e9eef0; zsc=l%A6%CC%B0%C5%B2%E7%05G%9AB%CBwnvx%84k%F4%12%1B%FC%91v%BF%C5%ECW%98%88%95%22S6%0A%BC1E%81%A3%AF-%06%FD%AAnp%21%BB%86%FDr%8C%8F%A3%BB%FD%A98%5Bl%FB%D1%25%DCE%28%EA%C7%8EG%DF%D4%F8%28%C6%94%D3%E5%D8%9C%BD%03
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://link1s.com
set-cookie: zc=6c2384af-4b1b-47f9-6cf8-90c9b3e9eef0; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a67448aae53b4f3-OSL
X-Firefox-Spdy: h2
yonhelioliskor.com/custom
139.45.197.251200 OK 0 B URL HTTP/2 yonhelioliskor.com/custom
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f6c4d89024fa78ff4d9661e90c8fa726
1c100f214248eea5156c51722ec69ba6cccaa01b
2f2bde7dc251ad42164f10e6699876d1458bc97aac56f61c49bda9ec68845c60
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F2BDE7DC251AD42164F10E6699876D1458BC97AAC56F61C49BDA9EC68845C60"
Last-Modified: Thu, 09 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8733
Expires: Sun, 12 Mar 2023 01:00:30 GMT
Date: Sat, 11 Mar 2023 22:34:57 GMT
Connection: keep-alive
my.rtmark.net/gid.js?pub=0&userId=c376bb9a59fc4aea8a969c5b71bae5a6&zoneId=4506167&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=c376bb9a59fc4aea8a969c5b71bae5a6&zoneId=4506167&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 8c4a1c1945ef3e61a31cce9c7056961a
3b25cc53c87d9aa85e082d5db8c51979f7e4f558
b55a36fb14e15b915b98f39bf47484391cc8f39fb25dc8ef4719c9b69d00690d
GET /gid.js?pub=0&userId=c376bb9a59fc4aea8a969c5b71bae5a6&zoneId=4506167&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Cookie: ID=eced287a6ece4ab694396e2b02931706
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://link1s.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=eced287a6ece4ab694396e2b02931706; expires=Sun, 10 Mar 2024 22:34:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
lb.eu-1-id5-sync.com/lb/v1
162.19.138.83200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 162.19.138.83:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8fddf26242f0fc5faecafabeb5845c30
811a3a591100a0e29b69d209945dbc77001fe81e
defaa10da3cf55c42fef999de74637ca9df55c5e841d9850c9375dcafdacee02
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 11 Mar 2023 22:34:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ads.betweendigital.com/adjson?t=prebid
188.42.196.115200 OK 67 B URL HTTP/2 ads.betweendigital.com/adjson?t=prebid
IP 188.42.196.115:0
Hash 5b59c5ddbeba5ba3d3d2420b4326fc0b
1b3551222b6bcfdd46d38b5b80c00e037089906a
995aa9043701a190e13d29fac520cf2d8d3854ec02640339f4d5e2160876e2fb
POST /adjson?t=prebid HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 483
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:34:56 GMT; Path=/; Domain=.betweendigital.com
tuuid=9c680151-f20b-5247-9dac-6ac8f9a168d8; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:34:56 GMT; Path=/; Domain=.betweendigital.com
ut=ZA0CEAAGTUj-z6gcf2iq6ACZUAP_OsGPWyWH0Q==; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:34:56 GMT; Path=/; Domain=.betweendigital.com
unm=1; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:34:56 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
yonhelioliskor.com/custom
139.45.197.251200 OK 0 B URL HTTP/2 yonhelioliskor.com/custom
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=l5nn941115sx691862169j5b8llen124
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=l5nn941115sx691862169j5b8llen124
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 8c4a1c1945ef3e61a31cce9c7056961a
3b25cc53c87d9aa85e082d5db8c51979f7e4f558
b55a36fb14e15b915b98f39bf47484391cc8f39fb25dc8ef4719c9b69d00690d
GET /gid.js?userId=l5nn941115sx691862169j5b8llen124 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Cookie: ID=eced287a6ece4ab694396e2b02931706
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://link1s.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=eced287a6ece4ab694396e2b02931706; expires=Sun, 10 Mar 2024 22:34:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
yonhelioliskor.com/custom
139.45.197.251200 OK 39 B URL HTTP/2 yonhelioliskor.com/custom
IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Content-Type: application/json
Origin: https://link1s.com
Content-Length: 721
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6153b8c0b96989acfcbf28e756556338
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 312 B IP 192.229.221.95:0
Hash 0095c8c3b602ba15dae1022136f0db43
14736510bef858a16f796299ac00c03c1a565f8f
984d5d68ad6c368a17a219bc35eaf7decc3f7bfb2bd1e712c242a93021c278a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2835
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:57 GMT
Last-Modified: Sat, 11 Mar 2023 21:47:42 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 312
link1s.com/sbbi/?sbbpg=sbbShell&gprid=IG&sbbgs=h4dff5e0e4de05f25aae007f3abee587ed48&ddl=3
151.139.128.10200 OK 345 B URL HTTP/2 link1s.com/sbbi/?sbbpg=sbbShell&gprid=IG&sbbgs=h4dff5e0e4de05f25aae007f3abee587ed48&ddl=3
IP 151.139.128.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (532), with no line terminators
Hash ed18e0f9b1f6f71153b7d0058a636d51
24945eccbcee0371420686b29bfb5e75c2b9d8da
591f57e7857261880668cb20d834b386d47436e2246c5c457cac607f48be6526
POST /sbbi/?sbbpg=sbbShell&gprid=IG&sbbgs=h4dff5e0e4de05f25aae007f3abee587ed48&ddl=3 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 505
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/sbbi/?sbbpg=sbbShell&gprid=IG&sbbgs=h4dff5e0e4de05f25aae007f3abee587ed48&ddl=3
Cookie: SPSI=a31d0b256b055b85d4371c5aa2ed878e; SPSE=Q4JJKt+/VEUPROgzuDOAWvhbt6O3+80B7AeXi9xMaz6V5D1irkoQocELK35L4HvbShGhXbPpojFQQZbAHgzA1A==; spcsrf=0aacabb317d6871cd7a885917887415f; UTGv2=h4dff5e0e4de05f25aae007f3abee587ed48; lang=en_US; AppSession=9p9pbkdnf273e3dt32lfq9ss7n; csrfToken=e5e27b792e9393f534d085e0560ee6854059d557b28d228d59b3783d837d62848975e1dc56c0096d8e1bc3f83eff331c25d5afb731c05f35a55173d3c7585093; sp_lit=8Z2+aCN3mR3wPoOFOuZLAw==; PRLST=IG; adOtr=0d3ba51620b
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
x-hw: 1678574095.cds253.sk1.hn,1678574095.cds214.sk1.sc,1678574095.cdn2-redis01-arn1.stackpath.systems.-.i,1678574095.cds214.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=7cb5ba290fde43e69d2b2aef40a62fd7
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=7cb5ba290fde43e69d2b2aef40a62fd7
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 8c4a1c1945ef3e61a31cce9c7056961a
3b25cc53c87d9aa85e082d5db8c51979f7e4f558
b55a36fb14e15b915b98f39bf47484391cc8f39fb25dc8ef4719c9b69d00690d
GET /gid.js?userId=7cb5ba290fde43e69d2b2aef40a62fd7 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Cookie: ID=eced287a6ece4ab694396e2b02931706
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://link1s.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=eced287a6ece4ab694396e2b02931706; expires=Sun, 10 Mar 2024 22:34:57 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 7622a75b1338ba7ec5125dc01c52daa0
3ccd5956d16c43fa9d0cbaf242d27f97f31a9f79
cc4e4f497ffd403c957982e6eb4df386ed27812bf0bb0762cbdbbdaa568c4e03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2334
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:57 GMT
Last-Modified: Sat, 11 Mar 2023 21:56:03 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
37.157.6.233200 OK 43 B URL HTTP/2 cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
IP 37.157.6.233:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
172.67.22.216200 OK 11 kB URL HTTP/2 offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
IP 172.67.22.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash c203639f459b6e675afc744dd5393fc6
c83a0142c1a7f6a07c2dd360243197a27f560932
64b4e386658d3f5764261f576a4673eb506fcad5e38e69ef085723f8dab72263
GET /www/images/c203639f459b6e675afc744dd5393fc6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: image/jpeg
content-length: 10857
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849a-2a69"
expires: Sun, 12 Mar 2023 05:38:52 GMT
last-modified: Thu, 01 Dec 2022 10:40:26 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 60965
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a67448c4c6bb50c-OSL
X-Firefox-Spdy: h2
upgulpinon.com/11?rnd=1230182390&z=4506159&b=16692475&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=eMBxVwF5fjj-yzWLT55wKtDx1mKjpeGMzWZ6fBuJK_GhNv-_hUdx9awJoL6CqrHm5m9i3qZPveKmiMpBD97gj2arhm9w1p1iedl5P6_OToNtZIn-50-3uyLdWDOsBuH3yL8uxNHCG0TWbiwh02vBgVKmT2YohqfJyJdjQ417Ow3rvurrc0cwNhM9_fmrzOXB7YxsK1H35o3HxKXTlUe_s9u7nOqfCitiaSYNn-8JTEyjJp23PvrkUXNJ_lld6MQvIGkQ1Fq1jG7wFn1d7txqZKCOt0oqbv-JllG9lI83rzJd28R2L9h3c3EtF8bFgNQWNYB_X0dqo7_zYkmSDxcN0hQBUADvuGuG0pE5KtSBQcZFPrQnboKJy4D8yrq7zKwPGAn7p0tyLphZ78BAZsMnTt4UzPrOnlFSXJRedViiFaqDk-NH3BxiARXw5vqvCYZZj7qOwWKQ_vbdWlKsyy1GGDjNPm3btdEn8in0rIr7hQZkV3-6wk-_2birruQZytGcstvszPaBTagI2Bx8n-HbuRUG90JcfbrHt6O0xkNaTubCAA_d2KQvq7WktRDZmhuuuHX3D3c_ONo2wubk33tDS_1900lQ9M-fazI9HBOqy6HtTzIXsNjyHPr2jmdJIezHHmN6CEh3WaXHGL1R1Y5j4iR9vRSH8Tkt-etpOQ==&ruid=319910de-b81f-424d-a68e-c678412dd45c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Flink1s.com%2FDsSz&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&ot=657
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/11?rnd=1230182390&z=4506159&b=16692475&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=eMBxVwF5fjj-yzWLT55wKtDx1mKjpeGMzWZ6fBuJK_GhNv-_hUdx9awJoL6CqrHm5m9i3qZPveKmiMpBD97gj2arhm9w1p1iedl5P6_OToNtZIn-50-3uyLdWDOsBuH3yL8uxNHCG0TWbiwh02vBgVKmT2YohqfJyJdjQ417Ow3rvurrc0cwNhM9_fmrzOXB7YxsK1H35o3HxKXTlUe_s9u7nOqfCitiaSYNn-8JTEyjJp23PvrkUXNJ_lld6MQvIGkQ1Fq1jG7wFn1d7txqZKCOt0oqbv-JllG9lI83rzJd28R2L9h3c3EtF8bFgNQWNYB_X0dqo7_zYkmSDxcN0hQBUADvuGuG0pE5KtSBQcZFPrQnboKJy4D8yrq7zKwPGAn7p0tyLphZ78BAZsMnTt4UzPrOnlFSXJRedViiFaqDk-NH3BxiARXw5vqvCYZZj7qOwWKQ_vbdWlKsyy1GGDjNPm3btdEn8in0rIr7hQZkV3-6wk-_2birruQZytGcstvszPaBTagI2Bx8n-HbuRUG90JcfbrHt6O0xkNaTubCAA_d2KQvq7WktRDZmhuuuHX3D3c_ONo2wubk33tDS_1900lQ9M-fazI9HBOqy6HtTzIXsNjyHPr2jmdJIezHHmN6CEh3WaXHGL1R1Y5j4iR9vRSH8Tkt-etpOQ==&ruid=319910de-b81f-424d-a68e-c678412dd45c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Flink1s.com%2FDsSz&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&ot=657
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=1230182390&z=4506159&b=16692475&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=eMBxVwF5fjj-yzWLT55wKtDx1mKjpeGMzWZ6fBuJK_GhNv-_hUdx9awJoL6CqrHm5m9i3qZPveKmiMpBD97gj2arhm9w1p1iedl5P6_OToNtZIn-50-3uyLdWDOsBuH3yL8uxNHCG0TWbiwh02vBgVKmT2YohqfJyJdjQ417Ow3rvurrc0cwNhM9_fmrzOXB7YxsK1H35o3HxKXTlUe_s9u7nOqfCitiaSYNn-8JTEyjJp23PvrkUXNJ_lld6MQvIGkQ1Fq1jG7wFn1d7txqZKCOt0oqbv-JllG9lI83rzJd28R2L9h3c3EtF8bFgNQWNYB_X0dqo7_zYkmSDxcN0hQBUADvuGuG0pE5KtSBQcZFPrQnboKJy4D8yrq7zKwPGAn7p0tyLphZ78BAZsMnTt4UzPrOnlFSXJRedViiFaqDk-NH3BxiARXw5vqvCYZZj7qOwWKQ_vbdWlKsyy1GGDjNPm3btdEn8in0rIr7hQZkV3-6wk-_2birruQZytGcstvszPaBTagI2Bx8n-HbuRUG90JcfbrHt6O0xkNaTubCAA_d2KQvq7WktRDZmhuuuHX3D3c_ONo2wubk33tDS_1900lQ9M-fazI9HBOqy6HtTzIXsNjyHPr2jmdJIezHHmN6CEh3WaXHGL1R1Y5j4iR9vRSH8Tkt-etpOQ==&ruid=319910de-b81f-424d-a68e-c678412dd45c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Flink1s.com%2FDsSz&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&ot=657 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Cookie: scm=1; OAID=l5nn941115sx691862169j5b8llen124; oaidts=1678574093
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 620e0ba72da4f2517d6022a3e148088f
access-control-expose-headers: X-Sc
set-cookie: OAID=l5nn941115sx691862169j5b8llen124; expires=Sun, 10 Mar 2024 22:34:57 GMT; secure; SameSite=None
oaidts=1678574093; expires=Sun, 10 Mar 2024 22:34:57 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 236 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
Hash 869fd32ca49d6e4754ab65b2afb60032
b87aae058b7be6fdfd667a839836596cbc4daed8
87fbef3f2fc8caec63d9aaa52a5d96b89e877c8be9ad9ce804fe141662fb9ba4
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 423
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7b13c8655c530dccec5fe37cfcc7ba0b
27629e196400de0665c8f3f4f02e8814a7f57c8a
10df5e38c3169b634a9d185c1318d0282cd2552e986795f3f8a0f66940c66dbc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10DF5E38C3169B634A9D185C1318D0282CD2552E986795F3F8A0F66940C66DBC"
Last-Modified: Fri, 10 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3028
Expires: Sat, 11 Mar 2023 23:25:25 GMT
Date: Sat, 11 Mar 2023 22:34:57 GMT
Connection: keep-alive
ocsp.digicert.com/
192.229.221.95200 OK 314 B IP 192.229.221.95:0
Hash fafe345a58f7057d38e3a9d84fd00f3d
30dadbd0ef8e20d43c07956f2c6a6cfde349711e
9d97df2d9dd04257ffca042f180f00df1f765d36e4d67bdcdffdbf6f5c19ed3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1782
Cache-Control: max-age=118528
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:57 GMT
Etag: "640c271b-13a"
Expires: Mon, 13 Mar 2023 07:30:25 GMT
Last-Modified: Sat, 11 Mar 2023 07:00:43 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
192.229.221.95200 OK 314 B IP 192.229.221.95:0
Hash fafe345a58f7057d38e3a9d84fd00f3d
30dadbd0ef8e20d43c07956f2c6a6cfde349711e
9d97df2d9dd04257ffca042f180f00df1f765d36e4d67bdcdffdbf6f5c19ed3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2432
Cache-Control: max-age=119178
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:57 GMT
Etag: "640c271b-13a"
Expires: Mon, 13 Mar 2023 07:41:15 GMT
Last-Modified: Sat, 11 Mar 2023 07:00:43 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 314
yonhelioliskor.com/custom
139.45.197.251200 OK 39 B URL HTTP/2 yonhelioliskor.com/custom
IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Content-Type: application/json
Origin: https://link1s.com
Content-Length: 358
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 9b7d96266dd796f918f976c021670cb7
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
yonhelioliskor.com/pfe/current/defaultSkin.min.js
139.45.197.251200 OK 20 kB URL HTTP/2 yonhelioliskor.com/pfe/current/defaultSkin.min.js
IP 139.45.197.251:0
Hash 5795265074ae3135e2c14ef857be5503
8c1ce732c6412c175b603aabf44a0df45d554e07
34790385cdb68e0dae5230fa6ecb437f35cd402725fc1c89cefb27f107f7b35b
GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: application/javascript
last-modified: Mon, 06 Mar 2023 15:53:11 GMT
etag: W/"64060c67-df63"
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.1.11200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.1.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:57 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 272351
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/84/41/db/7cdd020415d52bac4f03e7e7b0/0315703759395.jpeg
139.45.197.153200 OK 19 kB URL HTTP/2 interstitial-07.com/contents/s/84/41/db/7cdd020415d52bac4f03e7e7b0/0315703759395.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 256x256, components 3\012- data
Hash 8441db7cdd020415d52bac4f03e7e7b0
dd8305ab27ab5b7ba4106f4305f601c9941e1efa
d14055e7d300e4f05156c45b09ee102df80e71e58607cd441e68e99b371d3c22
GET /contents/s/84/41/db/7cdd020415d52bac4f03e7e7b0/0315703759395.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=9PwXYh0ktW70jOH&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D761452973%26z%3D4506159%26b%3D16692475%26c%3D6610460%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D958%2526key%253Df9d8f4e55eccf0daf227167a81325855%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DeMBxVwF5fjj-yzWLT55wKtDx1mKjpeGMzWZ6fBuJK_GhNv-_hUdx9awJoL6CqrHm5m9i3qZPveKmiMpBD97gj2arhm9w1p1iedl5P6_OToNtZIn-50-3uyLdWDOsBuH3yL8uxNHCG0TWbiwh02vBgVKmT2YohqfJyJdjQ417Ow3rvurrc0cwNhM9_fmrzOXB7YxsK1H35o3HxKXTlUe_s9u7nOqfCitiaSYNn-8JTEyjJp23PvrkUXNJ_lld6MQvIGkQ1Fq1jG7wFn1d7txqZKCOt0oqbv-JllG9lI83rzJd28R2L9h3c3EtF8bFgNQWNYB_X0dqo7_zYkmSDxcN0hQBUADvuGuG0pE5KtSBQcZFPrQnboKJy4D8yrq7zKwPGAn7p0tyLphZ78BAZsMnTt4UzPrOnlFSXJRedViiFaqDk-NH3BxiARXw5vqvCYZZj7qOwWKQ_vbdWlKsyy1GGDjNPm3btdEn8in0rIr7hQZkV3-6wk-_2birruQZytGcstvszPaBTagI2Bx8n-HbuRUG90JcfbrHt6O0xkNaTubCAA_d2KQvq7WktRDZmhuuuHX3D3c_ONo2wubk33tDS_1900lQ9M-fazI9HBOqy6HtTzIXsNjyHPr2jmdJIezHHmN6CEh3WaXHGL1R1Y5j4iR9vRSH8Tkt-etpOQ%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D319910de-b81f-424d-a68e-c678412dd45c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Flink1s.com%252FDsSz%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D6%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: image/jpeg
content-length: 19059
last-modified: Tue, 09 Aug 2022 07:56:56 GMT
vary: Accept-Encoding
etag: "62f21348-4a73"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 85345181e0d6b7a1dbafa95d8c2c10a2
65879c187887824248b3d51281b0f2974e1f147d
1dbfe9278ed8c026b2c94f36621b03dea2ea745cef0f23bc070ac4c707f2d337
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DBFE9278ED8C026B2C94F36621B03DEA2EA745CEF0F23BC070AC4C707F2D337"
Last-Modified: Fri, 10 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2737
Expires: Sat, 11 Mar 2023 23:20:34 GMT
Date: Sat, 11 Mar 2023 22:34:57 GMT
Connection: keep-alive
interstitial-07.com/contents/s/70/5f/88/69b97bfaaaf73fff119f88c88a/0699379061565.jpeg
139.45.197.153200 OK 46 kB URL HTTP/2 interstitial-07.com/contents/s/70/5f/88/69b97bfaaaf73fff119f88c88a/0699379061565.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 492x328, components 3\012- data
Hash 705f8869b97bfaaaf73fff119f88c88a
68635b1fa3d363472b016b8653fb4676b1a0f226
12cb0e656fef9d32c5c7090b8db69914af5a11207314cb3c5c9e7af18fbfed83
GET /contents/s/70/5f/88/69b97bfaaaf73fff119f88c88a/0699379061565.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=9PwXYh0ktW70jOH&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D761452973%26z%3D4506159%26b%3D16692475%26c%3D6610460%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D958%2526key%253Df9d8f4e55eccf0daf227167a81325855%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DeMBxVwF5fjj-yzWLT55wKtDx1mKjpeGMzWZ6fBuJK_GhNv-_hUdx9awJoL6CqrHm5m9i3qZPveKmiMpBD97gj2arhm9w1p1iedl5P6_OToNtZIn-50-3uyLdWDOsBuH3yL8uxNHCG0TWbiwh02vBgVKmT2YohqfJyJdjQ417Ow3rvurrc0cwNhM9_fmrzOXB7YxsK1H35o3HxKXTlUe_s9u7nOqfCitiaSYNn-8JTEyjJp23PvrkUXNJ_lld6MQvIGkQ1Fq1jG7wFn1d7txqZKCOt0oqbv-JllG9lI83rzJd28R2L9h3c3EtF8bFgNQWNYB_X0dqo7_zYkmSDxcN0hQBUADvuGuG0pE5KtSBQcZFPrQnboKJy4D8yrq7zKwPGAn7p0tyLphZ78BAZsMnTt4UzPrOnlFSXJRedViiFaqDk-NH3BxiARXw5vqvCYZZj7qOwWKQ_vbdWlKsyy1GGDjNPm3btdEn8in0rIr7hQZkV3-6wk-_2birruQZytGcstvszPaBTagI2Bx8n-HbuRUG90JcfbrHt6O0xkNaTubCAA_d2KQvq7WktRDZmhuuuHX3D3c_ONo2wubk33tDS_1900lQ9M-fazI9HBOqy6HtTzIXsNjyHPr2jmdJIezHHmN6CEh3WaXHGL1R1Y5j4iR9vRSH8Tkt-etpOQ%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D319910de-b81f-424d-a68e-c678412dd45c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Flink1s.com%252FDsSz%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D6%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: image/jpeg
content-length: 46345
last-modified: Tue, 09 Aug 2022 07:56:53 GMT
vary: Accept-Encoding
etag: "62f21345-b509"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=rsmaU-cF7QPXYe3Ex9-9kb_wwEUnyH4rq0-xb6lxhR9ubP4NKvdTNfgMy4JV3FlydNuCCrPg1uRJBaliwEizXZa7zSdOZt3sQ_XYYFFEw7FVrQhUqnhCeWY2QE5zrpHPMrYtGak3yWutBSnzntrWP0Ahm-0f80pVoaPE14bbFmbSsggvHEj624fAOhtKaF9yX4n0Uwg6qEWhRohOPXiy958rXaS4z2EZyuT6vA%3D%3D&request_ab2=0&zoneid=4506172&js_build=iclick-v1.505.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=12&pl=https%3A%2F%2Flink1s.com%2FDsSz&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.505.0&bs=e1675731-62e4-4115-a737-b0c6db7d3d5c&userId=eced287a6ece4ab694396e2b02931706&m=link
139.45.197.243200 OK 1.9 kB URL HTTP/2 onmarshtompor.com/?rb=rsmaU-cF7QPXYe3Ex9-9kb_wwEUnyH4rq0-xb6lxhR9ubP4NKvdTNfgMy4JV3FlydNuCCrPg1uRJBaliwEizXZa7zSdOZt3sQ_XYYFFEw7FVrQhUqnhCeWY2QE5zrpHPMrYtGak3yWutBSnzntrWP0Ahm-0f80pVoaPE14bbFmbSsggvHEj624fAOhtKaF9yX4n0Uwg6qEWhRohOPXiy958rXaS4z2EZyuT6vA%3D%3D&request_ab2=0&zoneid=4506172&js_build=iclick-v1.505.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=12&pl=https%3A%2F%2Flink1s.com%2FDsSz&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.505.0&bs=e1675731-62e4-4115-a737-b0c6db7d3d5c&userId=eced287a6ece4ab694396e2b02931706&m=link
IP 139.45.197.243:0
Hash 3aa94505480ab72dc013a2ba64e3ed78
fb4d606340f6ed70b23fe4a8d925638e1c46eb7d
76681881890beca234e3570c6b159cdaa8ccfa6b36be4f388615f80b318a870c
GET /?rb=rsmaU-cF7QPXYe3Ex9-9kb_wwEUnyH4rq0-xb6lxhR9ubP4NKvdTNfgMy4JV3FlydNuCCrPg1uRJBaliwEizXZa7zSdOZt3sQ_XYYFFEw7FVrQhUqnhCeWY2QE5zrpHPMrYtGak3yWutBSnzntrWP0Ahm-0f80pVoaPE14bbFmbSsggvHEj624fAOhtKaF9yX4n0Uwg6qEWhRohOPXiy958rXaS4z2EZyuT6vA%3D%3D&request_ab2=0&zoneid=4506172&js_build=iclick-v1.505.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=939&wiw=1280&wfc=12&pl=https%3A%2F%2Flink1s.com%2FDsSz&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.505.0&bs=e1675731-62e4-4115-a737-b0c6db7d3d5c&userId=eced287a6ece4ab694396e2b02931706&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: application/json
x-trace-id: 499f7f87a3d71ad911d4fc6a53cb7b2a
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=eced287a6ece4ab694396e2b02931706; expires=Sun, 10 Mar 2024 22:34:57 GMT; path=/; secure; SameSite=None
oaidts=1678574097; expires=Sun, 10 Mar 2024 22:34:57 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 18 Mar 2023 22:34:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 5904bd0f6a2e0588107bea0ec52425c2
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
csm.nl3.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.147.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
178.250.1.25200 OK 43 B URL HTTP/2 csm.nl3.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.147.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
IP 178.250.1.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.147.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1 HTTP/1.1
Host: csm.nl3.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:57 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
upgulpinon.com/11?rnd=1230182390&z=4506159&b=16692475&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=eMBxVwF5fjj-yzWLT55wKtDx1mKjpeGMzWZ6fBuJK_GhNv-_hUdx9awJoL6CqrHm5m9i3qZPveKmiMpBD97gj2arhm9w1p1iedl5P6_OToNtZIn-50-3uyLdWDOsBuH3yL8uxNHCG0TWbiwh02vBgVKmT2YohqfJyJdjQ417Ow3rvurrc0cwNhM9_fmrzOXB7YxsK1H35o3HxKXTlUe_s9u7nOqfCitiaSYNn-8JTEyjJp23PvrkUXNJ_lld6MQvIGkQ1Fq1jG7wFn1d7txqZKCOt0oqbv-JllG9lI83rzJd28R2L9h3c3EtF8bFgNQWNYB_X0dqo7_zYkmSDxcN0hQBUADvuGuG0pE5KtSBQcZFPrQnboKJy4D8yrq7zKwPGAn7p0tyLphZ78BAZsMnTt4UzPrOnlFSXJRedViiFaqDk-NH3BxiARXw5vqvCYZZj7qOwWKQ_vbdWlKsyy1GGDjNPm3btdEn8in0rIr7hQZkV3-6wk-_2birruQZytGcstvszPaBTagI2Bx8n-HbuRUG90JcfbrHt6O0xkNaTubCAA_d2KQvq7WktRDZmhuuuHX3D3c_ONo2wubk33tDS_1900lQ9M-fazI9HBOqy6HtTzIXsNjyHPr2jmdJIezHHmN6CEh3WaXHGL1R1Y5j4iR9vRSH8Tkt-etpOQ==&ruid=319910de-b81f-424d-a68e-c678412dd45c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Flink1s.com%2FDsSz&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/11?rnd=1230182390&z=4506159&b=16692475&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=eMBxVwF5fjj-yzWLT55wKtDx1mKjpeGMzWZ6fBuJK_GhNv-_hUdx9awJoL6CqrHm5m9i3qZPveKmiMpBD97gj2arhm9w1p1iedl5P6_OToNtZIn-50-3uyLdWDOsBuH3yL8uxNHCG0TWbiwh02vBgVKmT2YohqfJyJdjQ417Ow3rvurrc0cwNhM9_fmrzOXB7YxsK1H35o3HxKXTlUe_s9u7nOqfCitiaSYNn-8JTEyjJp23PvrkUXNJ_lld6MQvIGkQ1Fq1jG7wFn1d7txqZKCOt0oqbv-JllG9lI83rzJd28R2L9h3c3EtF8bFgNQWNYB_X0dqo7_zYkmSDxcN0hQBUADvuGuG0pE5KtSBQcZFPrQnboKJy4D8yrq7zKwPGAn7p0tyLphZ78BAZsMnTt4UzPrOnlFSXJRedViiFaqDk-NH3BxiARXw5vqvCYZZj7qOwWKQ_vbdWlKsyy1GGDjNPm3btdEn8in0rIr7hQZkV3-6wk-_2birruQZytGcstvszPaBTagI2Bx8n-HbuRUG90JcfbrHt6O0xkNaTubCAA_d2KQvq7WktRDZmhuuuHX3D3c_ONo2wubk33tDS_1900lQ9M-fazI9HBOqy6HtTzIXsNjyHPr2jmdJIezHHmN6CEh3WaXHGL1R1Y5j4iR9vRSH8Tkt-etpOQ==&ruid=319910de-b81f-424d-a68e-c678412dd45c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Flink1s.com%2FDsSz&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=1230182390&z=4506159&b=16692475&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=eMBxVwF5fjj-yzWLT55wKtDx1mKjpeGMzWZ6fBuJK_GhNv-_hUdx9awJoL6CqrHm5m9i3qZPveKmiMpBD97gj2arhm9w1p1iedl5P6_OToNtZIn-50-3uyLdWDOsBuH3yL8uxNHCG0TWbiwh02vBgVKmT2YohqfJyJdjQ417Ow3rvurrc0cwNhM9_fmrzOXB7YxsK1H35o3HxKXTlUe_s9u7nOqfCitiaSYNn-8JTEyjJp23PvrkUXNJ_lld6MQvIGkQ1Fq1jG7wFn1d7txqZKCOt0oqbv-JllG9lI83rzJd28R2L9h3c3EtF8bFgNQWNYB_X0dqo7_zYkmSDxcN0hQBUADvuGuG0pE5KtSBQcZFPrQnboKJy4D8yrq7zKwPGAn7p0tyLphZ78BAZsMnTt4UzPrOnlFSXJRedViiFaqDk-NH3BxiARXw5vqvCYZZj7qOwWKQ_vbdWlKsyy1GGDjNPm3btdEn8in0rIr7hQZkV3-6wk-_2birruQZytGcstvszPaBTagI2Bx8n-HbuRUG90JcfbrHt6O0xkNaTubCAA_d2KQvq7WktRDZmhuuuHX3D3c_ONo2wubk33tDS_1900lQ9M-fazI9HBOqy6HtTzIXsNjyHPr2jmdJIezHHmN6CEh3WaXHGL1R1Y5j4iR9vRSH8Tkt-etpOQ==&ruid=319910de-b81f-424d-a68e-c678412dd45c&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Flink1s.com%2FDsSz&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Cookie: scm=1; OAID=l5nn941115sx691862169j5b8llen124; oaidts=1678574093
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: eed85d2a76249182fbba4fd08ae3a9e2
access-control-expose-headers: X-Sc
set-cookie: OAID=l5nn941115sx691862169j5b8llen124; expires=Sun, 10 Mar 2024 22:34:57 GMT; secure; SameSite=None
oaidts=1678574093; expires=Sun, 10 Mar 2024 22:34:57 GMT; secure; SameSite=None
oaidvc=1; expires=Sun, 10 Mar 2024 22:34:57 GMT; secure; SameSite=None
CNT=1_v1_-7T-AAEAAADjSwAA; expires=Sat, 11 Mar 2023 23:34:57 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=1210174301
139.45.197.236200 OK 2.2 kB URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=1210174301
IP 139.45.197.236:0
File type ASCII text, with very long lines (5213), with no line terminators
Hash 0254fb1dad74628b7ad0f97d304fac92
35f7af13a08eb87023ec7df4d3c35c21b2cde79d
47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536
GET /fv.js?t=72747&cb=1210174301 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: fc440801f6207f528cbe19fd04de8067
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
intake.pbstck.com/v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=NO
172.67.25.151204 No Content 0 B URL HTTP/2 intake.pbstck.com/v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=NO
IP 172.67.25.151:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=NO HTTP/1.1
Host: intake.pbstck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1551
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 11 Mar 2023 22:34:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a67448f78ecb4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
interstitial-07.com/?l=9PwXYh0ktW70jOH&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D761452973%26z%3D4506159%26b%3D16692475%26c%3D6610460%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D958%2526key%253Df9d8f4e55eccf0daf227167a81325855%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DeMBxVwF5fjj-yzWLT55wKtDx1mKjpeGMzWZ6fBuJK_GhNv-_hUdx9awJoL6CqrHm5m9i3qZPveKmiMpBD97gj2arhm9w1p1iedl5P6_OToNtZIn-50-3uyLdWDOsBuH3yL8uxNHCG0TWbiwh02vBgVKmT2YohqfJyJdjQ417Ow3rvurrc0cwNhM9_fmrzOXB7YxsK1H35o3HxKXTlUe_s9u7nOqfCitiaSYNn-8JTEyjJp23PvrkUXNJ_lld6MQvIGkQ1Fq1jG7wFn1d7txqZKCOt0oqbv-JllG9lI83rzJd28R2L9h3c3EtF8bFgNQWNYB_X0dqo7_zYkmSDxcN0hQBUADvuGuG0pE5KtSBQcZFPrQnboKJy4D8yrq7zKwPGAn7p0tyLphZ78BAZsMnTt4UzPrOnlFSXJRedViiFaqDk-NH3BxiARXw5vqvCYZZj7qOwWKQ_vbdWlKsyy1GGDjNPm3btdEn8in0rIr7hQZkV3-6wk-_2birruQZytGcstvszPaBTagI2Bx8n-HbuRUG90JcfbrHt6O0xkNaTubCAA_d2KQvq7WktRDZmhuuuHX3D3c_ONo2wubk33tDS_1900lQ9M-fazI9HBOqy6HtTzIXsNjyHPr2jmdJIezHHmN6CEh3WaXHGL1R1Y5j4iR9vRSH8Tkt-etpOQ%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D319910de-b81f-424d-a68e-c678412dd45c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Flink1s.com%252FDsSz%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D6%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.153200 OK 2.6 kB URL HTTP/2 interstitial-07.com/?l=9PwXYh0ktW70jOH&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D761452973%26z%3D4506159%26b%3D16692475%26c%3D6610460%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D958%2526key%253Df9d8f4e55eccf0daf227167a81325855%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DeMBxVwF5fjj-yzWLT55wKtDx1mKjpeGMzWZ6fBuJK_GhNv-_hUdx9awJoL6CqrHm5m9i3qZPveKmiMpBD97gj2arhm9w1p1iedl5P6_OToNtZIn-50-3uyLdWDOsBuH3yL8uxNHCG0TWbiwh02vBgVKmT2YohqfJyJdjQ417Ow3rvurrc0cwNhM9_fmrzOXB7YxsK1H35o3HxKXTlUe_s9u7nOqfCitiaSYNn-8JTEyjJp23PvrkUXNJ_lld6MQvIGkQ1Fq1jG7wFn1d7txqZKCOt0oqbv-JllG9lI83rzJd28R2L9h3c3EtF8bFgNQWNYB_X0dqo7_zYkmSDxcN0hQBUADvuGuG0pE5KtSBQcZFPrQnboKJy4D8yrq7zKwPGAn7p0tyLphZ78BAZsMnTt4UzPrOnlFSXJRedViiFaqDk-NH3BxiARXw5vqvCYZZj7qOwWKQ_vbdWlKsyy1GGDjNPm3btdEn8in0rIr7hQZkV3-6wk-_2birruQZytGcstvszPaBTagI2Bx8n-HbuRUG90JcfbrHt6O0xkNaTubCAA_d2KQvq7WktRDZmhuuuHX3D3c_ONo2wubk33tDS_1900lQ9M-fazI9HBOqy6HtTzIXsNjyHPr2jmdJIezHHmN6CEh3WaXHGL1R1Y5j4iR9vRSH8Tkt-etpOQ%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D319910de-b81f-424d-a68e-c678412dd45c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Flink1s.com%252FDsSz%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D6%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1497)
Hash 20d670bb44df9326ee9913b7b915ef3e
1a513c37ffcc67aa00f0c6d364aa3228bac511c7
234c83259a9a0fd22814006e55222c5850852b410ad23fed0f71ee5a47ea8aa9
GET /?l=9PwXYh0ktW70jOH&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D761452973%26z%3D4506159%26b%3D16692475%26c%3D6610460%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D958%2526key%253Df9d8f4e55eccf0daf227167a81325855%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DeMBxVwF5fjj-yzWLT55wKtDx1mKjpeGMzWZ6fBuJK_GhNv-_hUdx9awJoL6CqrHm5m9i3qZPveKmiMpBD97gj2arhm9w1p1iedl5P6_OToNtZIn-50-3uyLdWDOsBuH3yL8uxNHCG0TWbiwh02vBgVKmT2YohqfJyJdjQ417Ow3rvurrc0cwNhM9_fmrzOXB7YxsK1H35o3HxKXTlUe_s9u7nOqfCitiaSYNn-8JTEyjJp23PvrkUXNJ_lld6MQvIGkQ1Fq1jG7wFn1d7txqZKCOt0oqbv-JllG9lI83rzJd28R2L9h3c3EtF8bFgNQWNYB_X0dqo7_zYkmSDxcN0hQBUADvuGuG0pE5KtSBQcZFPrQnboKJy4D8yrq7zKwPGAn7p0tyLphZ78BAZsMnTt4UzPrOnlFSXJRedViiFaqDk-NH3BxiARXw5vqvCYZZj7qOwWKQ_vbdWlKsyy1GGDjNPm3btdEn8in0rIr7hQZkV3-6wk-_2birruQZytGcstvszPaBTagI2Bx8n-HbuRUG90JcfbrHt6O0xkNaTubCAA_d2KQvq7WktRDZmhuuuHX3D3c_ONo2wubk33tDS_1900lQ9M-fazI9HBOqy6HtTzIXsNjyHPr2jmdJIezHHmN6CEh3WaXHGL1R1Y5j4iR9vRSH8Tkt-etpOQ%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D319910de-b81f-424d-a68e-c678412dd45c%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Flink1s.com%252FDsSz%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1280%26wiw%3D1280%26wih%3D939%26wfc%3D6%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
set-cookie: reverse=Unlb17Iop817mIbcNyHz-1fV2prJLsRaOFDMJEyHReA; expires=Sat, 11-Mar-2023 23:34:57 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 312 B IP 192.229.221.95:0
Hash 2868adbcfb7294d96d351f7f9a9d73c1
e26f3b30e22f5b30fa4aafa4e61d2050d18622b7
2fc1d2af9229ab894fb2e46c33e2598eb34b6559fcff55d8502a8cd504f0ded0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2522
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:34:59 GMT
Last-Modified: Sat, 11 Mar 2023 21:52:57 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 312
onetag-sys.com/usync/?cb=1678574097910
51.89.9.251204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?cb=1678574097910
IP 51.89.9.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1678574097910 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=link1s.com
178.250.1.11200 OK 22 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=link1s.com
IP 178.250.1.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (51407)
Hash 24715cb489e9f1039cdf89a4731975ce
37815a3c20963f0c402602b23f185c82ed98c103
af1dda5eadf83c39678cd53737675977e4d3cf9a26fe95f555d815844c3eb65a
GET /syncframe?origin=rtus&topUrl=link1s.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:56 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=fdaca87a-aed2-45bd-a28e-24135bbf90d7; expires=Thu, 04 Apr 2024 22:34:56 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 366378
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=link1s.com&sn=FirefoxSyncframe&so=3&topUrl=link1s.com&bundle=wHsL119WTGRUeEhzSUwlMkZQbGs0ZmJNUWJnNEdFeDFTNkdKcGxCQkVZMmZaWndZZklWbmI3OGJTR2QzZm5qJTJGUUxuZyUyRldkJTJGOWNkUlREOTE5WllYdHNNMGdydjJQQTZqUlhFT0JZU3hHdnZwNjN0SGU0ZmcwU0lKOWFhWHhxakJKRmIzME82OXRqOWQlMkJkQ0IlMkZaYXZwS3BPbDhMTlElM0QlM0Q&info=4cu62180M0RITmhlJTJCZkMwOUJGQlhaMUN2czJGZTUxSVQ3OUlUSk1na2pKdXNrT09FcDBoMVhOVXRpTmNUQUdtalpzdEM&idsd=2144334756,-1999677896&cw=1&lsw=1
178.250.1.11200 OK 319 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=link1s.com&sn=FirefoxSyncframe&so=3&topUrl=link1s.com&bundle=wHsL119WTGRUeEhzSUwlMkZQbGs0ZmJNUWJnNEdFeDFTNkdKcGxCQkVZMmZaWndZZklWbmI3OGJTR2QzZm5qJTJGUUxuZyUyRldkJTJGOWNkUlREOTE5WllYdHNNMGdydjJQQTZqUlhFT0JZU3hHdnZwNjN0SGU0ZmcwU0lKOWFhWHhxakJKRmIzME82OXRqOWQlMkJkQ0IlMkZaYXZwS3BPbDhMTlElM0QlM0Q&info=4cu62180M0RITmhlJTJCZkMwOUJGQlhaMUN2czJGZTUxSVQ3OUlUSk1na2pKdXNrT09FcDBoMVhOVXRpTmNUQUdtalpzdEM&idsd=2144334756,-1999677896&cw=1&lsw=1
IP 178.250.1.11:0
File type JSON data\012- , ASCII text, with very long lines (390), with no line terminators
Hash 7927b56434c5d080eda7cf5bbfbe09b3
d9f75e509450a7926a80681e2e617bf64fc27da4
a4c12c574303adc240ee33a4feb96b4d3edcdbc636021654c18b3b718f17741c
GET /sid/json?origin=publishertag&domain=link1s.com&sn=FirefoxSyncframe&so=3&topUrl=link1s.com&bundle=wHsL119WTGRUeEhzSUwlMkZQbGs0ZmJNUWJnNEdFeDFTNkdKcGxCQkVZMmZaWndZZklWbmI3OGJTR2QzZm5qJTJGUUxuZyUyRldkJTJGOWNkUlREOTE5WllYdHNNMGdydjJQQTZqUlhFT0JZU3hHdnZwNjN0SGU0ZmcwU0lKOWFhWHhxakJKRmIzME82OXRqOWQlMkJkQ0IlMkZaYXZwS3BPbDhMTlElM0QlM0Q&info=4cu62180M0RITmhlJTJCZkMwOUJGQlhaMUN2czJGZTUxSVQ3OUlUSk1na2pKdXNrT09FcDBoMVhOVXRpTmNUQUdtalpzdEM&idsd=2144334756,-1999677896&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:58 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 685335
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
2.18.172.187200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 2.18.172.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Unused62: 8096267
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Sun, 12 Mar 2023 22:35:02 GMT
Date: Sat, 11 Mar 2023 22:35:00 GMT
Connection: keep-alive
Vary: Accept-Encoding
ads.betweendigital.com/sspmatch-iframe
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:35:00 GMT; Path=/; Domain=.betweendigital.com
tuuid=179f7171-9672-5247-8764-04d9e36906cd; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:35:00 GMT; Path=/; Domain=.betweendigital.com
ut=ZA0CFAAFJGj2e_EHoGhM_HA1F83XhwhUOecbQg==; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:35:00 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&p=156191 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=57983
expires: Sun, 12 Mar 2023 14:41:23 GMT
date: Sat, 11 Mar 2023 22:35:00 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&p=156191 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=57983
expires: Sun, 12 Mar 2023 14:41:23 GMT
date: Sat, 11 Mar 2023 22:35:00 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.53307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 11 Mar 2023 22:35:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 67f03a36-8207-4289-b268-6985b1b12c3b
Set-Cookie: uuid2=3104606812210026750; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Jun-2023 22:35:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ads.betweendigital.com/sspmatch-iframe
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:35:00 GMT; Path=/; Domain=.betweendigital.com
tuuid=07851a3c-3681-5247-803e-7ae8e43378fc; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:35:00 GMT; Path=/; Domain=.betweendigital.com
ut=ZA0CFAAGSWBAZZQnRaSIhjg0geq2JM8ylEEuqA==; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:35:00 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ads.betweendigital.com/sspmatch-iframe?crf=1
188.42.196.115200 OK 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe?crf=1
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe?crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:35:00 GMT; Path=/; Domain=.betweendigital.com
tuuid=9658aacb-735f-5247-8403-591be00e5b0f; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:35:00 GMT; Path=/; Domain=.betweendigital.com
ut=ZA0CFAAGVRjliCO535jRoXYIkvbR2CT4uFQmsA==; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:35:00 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ads.betweendigital.com/sspmatch-iframe?crf=1
188.42.196.115200 OK 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe?crf=1
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe?crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:35:00 GMT; Path=/; Domain=.betweendigital.com
tuuid=94fd6c48-caf1-5247-bce8-8dcbd8e58fdf; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:35:00 GMT; Path=/; Domain=.betweendigital.com
ut=ZA0CFAAG4bhKio8zmN3ogldJJYCEJ64nWOOSig==; Max-Age=31536000; Expires=Sun, 10 Mar 2024 22:35:00 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.53307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 11 Mar 2023 22:35:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: fe9c8c74-858e-4cd9-a576-51168fd8b500
Set-Cookie: uuid2=264176384045568291; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Jun-2023 22:35:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.53200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 11 Mar 2023 22:35:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 2fb3415b-0e7f-40b2-847b-ce97a8774629
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.53200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 11 Mar 2023 22:35:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: ba37836a-f08b-40e4-b3cd-d1dc02f3cd10
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
185.64.189.115200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 185.64.189.115:0
File type ASCII text, with no line terminators
Hash 73074ee403019d4691b7e10c4db0aaf0
38c17baeffb890f2defb0a111fbe4f353bf94516
a309f8c8725eb01a96de94e1b635a74e3cdde4ebcbb9307594c312c22cde1811
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Fri, 9 Jun 2023 15:31:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 11 Mar 2023 22:34:59 GMT
content-length: 60
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
143.204.48.16200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 143.204.48.16:0
Hash f63c28070b78c7dd97f876ce819ff643
2ab75b391760740680ba088275b964e3386ff802
5b227bf6a367e399d84227d3d33ac0a2b0625455df24e81f2950603e59488f5f
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115887
Date: Sat, 11 Mar 2023 22:35:00 GMT
Etag: "640c0af9-1d7"
Expires: Mon, 13 Mar 2023 06:46:27 GMT
Last-Modified: Sat, 11 Mar 2023 05:00:41 GMT
Server: ECAcc (bsa/EAE4)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G863OAigkhk8FTlV232o2SGE67ZwguFDtLs_2m4zxFLshlJyBsEGig==
Age: 6346
eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:35:00 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D9D748104-04A8-4E28-8A5B-801632B6C434%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
2.18.172.200200 OK 878 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D9D748104-04A8-4E28-8A5B-801632B6C434%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1524), with no line terminators
Hash 2d4d43862bd7f604d0034d47cb2e5549
8d3bc9e49c3823d379b92d21f11f36274a118391
700ca0b0c89a1732084acaec0f049d37cdc8c014d51db719e70fc4bb9354d685
GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D9D748104-04A8-4E28-8A5B-801632B6C434%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Feb 2023 05:37:50 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 878
content-type: text/html
cache-control: max-age=78812
expires: Sun, 12 Mar 2023 20:28:32 GMT
date: Sat, 11 Mar 2023 22:35:00 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
forfrogadiertor.com/impression/35drYai_qCtxNZlvhk-cQZiD7Ls45SJpScsE1KJdFabhIm3U7SK460Opi8Vjk35JkbLq2vBCfYl7z89qZRE3hAvg6wNZWW1LuGWjQco6dN_c0gzrS7Vs5poPXlO6bQC6Tz-6I9TG9KB4wuzZThGRzGoMavnxRj83qRFiF_oK7aFRgJMVCms7ODreJpX9Pa36VFjgeGI0pk5nkciomXlKB035-AcMUI_SMnL8LwSl-WOhxheRGHQ9rWruoHPkoAr1vDfRBMtTKpyOs-fhAtUC8sw_mhtmpySoTXfouquOMSgGeF6VLJ3mXxGijJn2y0odBqHMOlXpgLEuYKWyoDNE31KXyH39qclo0UboDCgxr5K7RD8H_II1YvEgG2ywReEZ8qXJM_KQYgVAE1qBfM1FWbNcw3AqMmInT8SyAfepAx2pnwhiDlnebFK9bskZBz_qe3VD58vlvjxRze5xmJYyhYDMXdFygNy0FnMWffQyOWgHrVqlj1FdBG21vPPgvlgyvROHqWCQtXfjWeg3pA63EJocTg8c4MWqRRsTxmI-t_6Aontu7Igolsu6yL9_F7ULP56Gs3jOAVMl42tI?_z=4506165&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=15&pl=https%3A%2F%2Flink1s.com%2FDsSz&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 forfrogadiertor.com/impression/35drYai_qCtxNZlvhk-cQZiD7Ls45SJpScsE1KJdFabhIm3U7SK460Opi8Vjk35JkbLq2vBCfYl7z89qZRE3hAvg6wNZWW1LuGWjQco6dN_c0gzrS7Vs5poPXlO6bQC6Tz-6I9TG9KB4wuzZThGRzGoMavnxRj83qRFiF_oK7aFRgJMVCms7ODreJpX9Pa36VFjgeGI0pk5nkciomXlKB035-AcMUI_SMnL8LwSl-WOhxheRGHQ9rWruoHPkoAr1vDfRBMtTKpyOs-fhAtUC8sw_mhtmpySoTXfouquOMSgGeF6VLJ3mXxGijJn2y0odBqHMOlXpgLEuYKWyoDNE31KXyH39qclo0UboDCgxr5K7RD8H_II1YvEgG2ywReEZ8qXJM_KQYgVAE1qBfM1FWbNcw3AqMmInT8SyAfepAx2pnwhiDlnebFK9bskZBz_qe3VD58vlvjxRze5xmJYyhYDMXdFygNy0FnMWffQyOWgHrVqlj1FdBG21vPPgvlgyvROHqWCQtXfjWeg3pA63EJocTg8c4MWqRRsTxmI-t_6Aontu7Igolsu6yL9_F7ULP56Gs3jOAVMl42tI?_z=4506165&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=15&pl=https%3A%2F%2Flink1s.com%2FDsSz&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/35drYai_qCtxNZlvhk-cQZiD7Ls45SJpScsE1KJdFabhIm3U7SK460Opi8Vjk35JkbLq2vBCfYl7z89qZRE3hAvg6wNZWW1LuGWjQco6dN_c0gzrS7Vs5poPXlO6bQC6Tz-6I9TG9KB4wuzZThGRzGoMavnxRj83qRFiF_oK7aFRgJMVCms7ODreJpX9Pa36VFjgeGI0pk5nkciomXlKB035-AcMUI_SMnL8LwSl-WOhxheRGHQ9rWruoHPkoAr1vDfRBMtTKpyOs-fhAtUC8sw_mhtmpySoTXfouquOMSgGeF6VLJ3mXxGijJn2y0odBqHMOlXpgLEuYKWyoDNE31KXyH39qclo0UboDCgxr5K7RD8H_II1YvEgG2ywReEZ8qXJM_KQYgVAE1qBfM1FWbNcw3AqMmInT8SyAfepAx2pnwhiDlnebFK9bskZBz_qe3VD58vlvjxRze5xmJYyhYDMXdFygNy0FnMWffQyOWgHrVqlj1FdBG21vPPgvlgyvROHqWCQtXfjWeg3pA63EJocTg8c4MWqRRsTxmI-t_6Aontu7Igolsu6yL9_F7ULP56Gs3jOAVMl42tI?_z=4506165&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=15&pl=https%3A%2F%2Flink1s.com%2FDsSz&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: OAID=l5nn941115sx691862169j5b8llen124
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:35:00 GMT
content-type: image/gif
content-length: 43
x-trace-id: 71b0be932b327ac96c4c3724753716dd
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash b64b0470fb31d553b8e5b322d4a31f84
35b94b13e1e00bd81b63ad12160c1e5d54614ab0
f7546c995744ad77457fe629d2c5c0966289d385a98997e42e5949b9a9df0e94
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 11 Mar 2023 22:35:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 11 Mar 2023 20:05:50 GMT
Expires: Sun, 12 Mar 2023 20:05:50 GMT
ETag: "35b94b13e1e00bd81b63ad12160c1e5d54614ab0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
8.2.110.113302 Found 0 B URL HTTP/1.1 as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
IP 8.2.110.113:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP/1.1
Host: as.ck-ie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Set-Cookie: CID=f81d80af9cbeb0011316fbba3da8002b32251f7a; path=/; domain=as.ck-ie.com; expires=Sat, 18 Mar 2023 22:35:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=48ff1793fdf2cd384dc3e94c3fa1cb36d68dfa19f2f161745ba63500efe7a824
Date: Sat, 11 Mar 2023 22:35:01 GMT
Connection: keep-alive
Transfer-Encoding: chunked
simage4.pubmatic.com/AdServer/SPug?o=1&p=156191&sc=1&u=9D748104-04A8-4E28-8A5B-801632B6C434&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 434 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=156191&sc=1&u=9D748104-04A8-4E28-8A5B-801632B6C434&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
Hash 4590f31650212c02cef2be424aacf646
a926da34e592b4636c0a2c4b493ac892f119a3e1
e200e7d46562de6e2f5de3263fff9d165207dbec61966b6ed767ac3c045e9acd
GET /AdServer/SPug?o=1&p=156191&sc=1&u=9D748104-04A8-4E28-8A5B-801632B6C434&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:58 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.53307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 11 Mar 2023 22:35:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 105b0863-8d75-4581-aef0-9553368c8fb1
Set-Cookie: uuid2=4552296708059904004; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Jun-2023 22:35:01 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.53200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 11 Mar 2023 22:35:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: ec7d05b7-b65a-4e74-a5f4-32dd264d71c6
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.53307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 11 Mar 2023 22:35:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 7a664841-8259-4c7d-aed1-b4d6a8bd26c7
Set-Cookie: uuid2=4529767883060351762; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Jun-2023 22:35:01 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.53200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 11 Mar 2023 22:35:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: d7682ff6-a34b-414d-8f59-eef0c97807a4
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 56a5ac04303385e309d561368d969819
b0027830d0147ecaace82ab43b4f535c02b70102
31316542c44a9975ba3685abd71ff75867d1363eadd1a3a60990cc8854bb8ce9
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 11 Mar 2023 22:35:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 11 Mar 2023 21:30:59 GMT
Expires: Sun, 12 Mar 2023 21:30:59 GMT
ETag: "b0027830d0147ecaace82ab43b4f535c02b70102"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
185.80.36.245302 Found 0 B URL HTTP/1.1 ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
IP 185.80.36.245:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP/1.1
Host: ssum.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sat, 11 Mar 2023 22:35:01 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: /usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Content-Length: 0
Set-Cookie: CMID=ZA0CFcEWb6e16ZD3-AuuHwAA; Path=/; Domain=casalemedia.com; Expires=Sun, 10 Mar 2024 22:35:01 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4376; Path=/; Domain=casalemedia.com; Expires=Fri, 09 Jun 2023 22:35:01 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4376; Path=/; Domain=casalemedia.com; Expires=Fri, 09 Jun 2023 22:35:01 GMT; Max-Age=7776000; Secure; SameSite=None
Keep-Alive: timeout=1, max=500
Connection: Keep-Alive
ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1
185.80.36.245302 Found 0 B URL HTTP/1.1 ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1
IP 185.80.36.245:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatchredir?cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D&limit=50&s=194962&C=1 HTTP/1.1
Host: ssum.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adxbid.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sat, 11 Mar 2023 22:35:01 GMT
Server: Apache
Cache-Control: no-cache
Expires: 0
Location: https://user-sync.adxpremium.services/setuid?bidder=ix&uid=0
Pragma: no-cache
Content-Length: 0
Keep-Alive: timeout=1, max=499
Connection: Keep-Alive
user-sync.adxpremium.services/setuid?bidder=ix&uid=0
135.125.163.79200 OK 86 B URL HTTP/1.1 user-sync.adxpremium.services/setuid?bidder=ix&uid=0
IP 135.125.163.79:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c6641b08f4be6f479f1588af08054b3
8da28b3146834c48fd843b108749191516d2a65d
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
GET /setuid?bidder=ix&uid=0 HTTP/1.1
Host: user-sync.adxpremium.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adxbid.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 86
content-type: image/png
set-cookie: uids=eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiIwIiwiZXhwaXJlcyI6IjIwMjMtMDMtMjVUMjM6MzU6MDEuODc4NjQ0ODA0KzAxOjAwIn19LCJiZGF5IjoiMjAyMy0wMy0xMVQyMzozNTowMS44Nzg2NDQ0MTYrMDE6MDAifQ==; Path=/; Domain=adxpremium.services; Expires=Fri, 09 Jun 2023 22:35:01 GMT
date: Sat, 11 Mar 2023 22:35:01 GMT
vpaid.vidoomy.com/sync/urlsvid.json
185.76.9.24200 OK 5.9 kB URL HTTP/2 vpaid.vidoomy.com/sync/urlsvid.json
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (15890)
Hash 9e62292985438666196093a7b9429ea9
780fc91113e8803730723ead362010e1bb36dab9
0996f661753e4ecdddf781fe30cb6c6ae4bcf63f6243b7246e11144b53cf8318
GET /sync/urlsvid.json HTTP/1.1
Host: vpaid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vid.vidoomy.com
Connection: keep-alive
Referer: https://vid.vidoomy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:35:01 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 09 Feb 2023 09:51:05 GMT
etag: W/"63e4c209-42e"
access-control-allow-credentials: true
access-control-allow-origin: *
x-accel-expires: @1678893674
server: CDN77-Turbo
x-77-nzt: AblMCRTJnGD/q/EKAA
x-77-nzt-ray: af58563004f4d46c15020d646151dd2b
x-cache: HIT
x-age: 717227
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=57982
expires: Sun, 12 Mar 2023 14:41:23 GMT
date: Sat, 11 Mar 2023 22:35:01 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash e9755960b4986fb7e0658fc4c9f5b8d5
f01e21257d2d3646453ef7f87a85fbf8bb012db4
71c05783f3a08f19c6bec4e6fdc9e47b40933c5440e19b715ce366db759e4f11
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 11 Mar 2023 22:35:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 11 Mar 2023 20:40:40 GMT
Expires: Sun, 12 Mar 2023 20:40:40 GMT
ETag: "f01e21257d2d3646453ef7f87a85fbf8bb012db4"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
216.52.2.6204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
IP 216.52.2.6:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 11 Mar 2023 22:35:02 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap2ams1
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash d7159c09c469778ca2cd6d53078c994f
c802d61deace3346efa25738335508bf1fd371c8
8ac820d4d5f9b814267326eba2ebf54cd03ffb31a3b6f7d62ed415e421840f43
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4706
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 11 Mar 2023 22:35:02 GMT
Last-Modified: Sat, 11 Mar 2023 21:16:36 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-lupon&limit=50 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: deb9f124eecce7a554c70ca983265c95
Content-Type: image/gif
cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
37.157.6.233200 OK 43 B URL HTTP/2 cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
IP 37.157.6.233:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:35:02 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
yonhelioliskor.com/pfe/current/tag.min.js?z=4506167
139.45.197.251200 OK 0 B URL HTTP/2 yonhelioliskor.com/pfe/current/tag.min.js?z=4506167
IP 139.45.197.251:0
GET /pfe/current/tag.min.js?z=4506167 HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:53 GMT
content-type: application/javascript
last-modified: Mon, 06 Mar 2023 15:53:11 GMT
etag: W/"64060c67-392b"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=DKYb2F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJGZTUxSVQ3OUlUSk1na2pKdXNrT052czRXSCUyRnc1bVE5NUgzbW41andtdg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=OAXYoV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJGZTUxSVQ3OUlUSk1na2pKdXNrT05WUEhERHJOZmZkTFliTlViYXBnbDY; expires=Thu, 04 Apr 2024 22:34:57 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 339003
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.141.224200 OK 0 B IP 172.67.141.224:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: application/javascript
last-modified: Mon, 06 Mar 2023 09:50:04 GMT
etag: W/"6405b74c-4417"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6353
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=paxL8OcRKvEloxsb%2Ff7MoSjEH1pPvglc%2BaFCeCfQv9%2FZ5u9HXootWoItwX7ACg0iNFGEii%2FsmX4Hk%2FZMGoq7QEt3xoQGpkTIhz2OmcXnqLFOZg8N7s6Mmv7VocvcJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7a6744821b18b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
prebid-stag.setupad.net/openrtb2/auction
104.26.8.178200 OK 0 B URL HTTP/2 prebid-stag.setupad.net/openrtb2/auction
IP 104.26.8.178:0
POST /openrtb2/auction HTTP/1.1
Host: prebid-stag.setupad.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1038
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:56 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
x-prebid: pbs-go/0.234.0-3-gde6ed827
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kg5VCAGPWgFlOLPcdYz4WepYJJbXPKh07ym4dFVJdET%2F3reRKb7ut4b%2BbBERrg%2FxzqtFN6E2dSFN6VbuSdsJTseDyocQk7zix8kaXXoiGurenSotf7fORbyKWunDehJSGjPM6z5VP9zK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a674485bea8b50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
185.76.9.14200 OK 0 B URL HTTP/2 vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D HTTP/1.1
Host: vid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:35:01 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 07 Feb 2023 16:45:57 GMT
etag: W/"63e28045-c234"
access-control-allow-origin: *
x-accel-expires: @1678899125
server: CDN77-Turbo
x-77-nzt: AblMCQ1ewB//YNwKAA
x-77-nzt-ray: c0a4cc28b865b90115020d647a55c41a
x-cache: HIT
x-age: 711776
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
link1s.com/sbbi/?sbbpg=sbbShell&gprid=IG&sbbgs=h4dff5e0e4de05f25aae007f3abee587ed48&ddl=3
151.139.128.10200 OK 0 B URL HTTP/2 link1s.com/sbbi/?sbbpg=sbbShell&gprid=IG&sbbgs=h4dff5e0e4de05f25aae007f3abee587ed48&ddl=3
IP 151.139.128.10:0
GET /sbbi/?sbbpg=sbbShell&gprid=IG&sbbgs=h4dff5e0e4de05f25aae007f3abee587ed48&ddl=3 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/DsSz
Cookie: SPSI=a31d0b256b055b85d4371c5aa2ed878e; SPSE=Q4JJKt+/VEUPROgzuDOAWvhbt6O3+80B7AeXi9xMaz6V5D1irkoQocELK35L4HvbShGhXbPpojFQQZbAHgzA1A==; spcsrf=0aacabb317d6871cd7a885917887415f; UTGv2=h4dff5e0e4de05f25aae007f3abee587ed48; lang=en_US; AppSession=9p9pbkdnf273e3dt32lfq9ss7n; csrfToken=e5e27b792e9393f534d085e0560ee6854059d557b28d228d59b3783d837d62848975e1dc56c0096d8e1bc3f83eff331c25d5afb731c05f35a55173d3c7585093; sp_lit=8Z2+aCN3mR3wPoOFOuZLAw==; PRLST=IG
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:54 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
x-hw: 1678574094.cds253.sk1.hn,1678574094.cds247.sk1.sc,1678574094.cdn2-redis01-arn1.stackpath.systems.-.i,1678574094.cds247.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/sbbi/?sbbpg=sbbShell&gprid=IG
151.139.128.10200 OK 0 B URL HTTP/2 link1s.com/sbbi/?sbbpg=sbbShell&gprid=IG
IP 151.139.128.10:0
GET /sbbi/?sbbpg=sbbShell&gprid=IG HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/sbbi/?sbbpg=sbbShell&gprid=IG&sbbgs=h4dff5e0e4de05f25aae007f3abee587ed48&ddl=3
Cookie: SPSI=a31d0b256b055b85d4371c5aa2ed878e; SPSE=Q4JJKt+/VEUPROgzuDOAWvhbt6O3+80B7AeXi9xMaz6V5D1irkoQocELK35L4HvbShGhXbPpojFQQZbAHgzA1A==; spcsrf=0aacabb317d6871cd7a885917887415f; UTGv2=h4dff5e0e4de05f25aae007f3abee587ed48; lang=en_US; AppSession=9p9pbkdnf273e3dt32lfq9ss7n; csrfToken=e5e27b792e9393f534d085e0560ee6854059d557b28d228d59b3783d837d62848975e1dc56c0096d8e1bc3f83eff331c25d5afb731c05f35a55173d3c7585093; sp_lit=8Z2+aCN3mR3wPoOFOuZLAw==; PRLST=IG; adOtr=0d3ba51620b; ab=2; stpdOrigin={"origin":"direct"}; __PPU___PPU_SESSION_URL=%2FDsSz; _pbjs_userid_consent_data=3524755945110770; sharedid=84b1f37f-3516-4d4e-a0b3-f8c7fcc0dd32
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
x-hw: 1678574095.cds253.sk1.hn,1678574095.cds261.sk1.sc,1678574095.cdn2-wafbe04-arn1.stackpath.systems.-.i,1678574095.cds261.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5
185.76.9.14200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=79438&formatId=5 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
x-accel-expires: @1679031153
server: CDN77-Turbo
x-77-nzt: AblMCQ3Hmgz/HEECAA
x-77-nzt-ray: c0a4cc28966e24c60d020d64bdb3d031
x-cache: HIT
x-age: 147740
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.243200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.243:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:59 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 133126
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
185.76.9.14200 OK 0 B URL HTTP/2 vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D HTTP/1.1
Host: vid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:35:01 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 07 Feb 2023 16:45:57 GMT
etag: W/"63e28045-c234"
access-control-allow-origin: *
x-accel-expires: @1678899125
server: CDN77-Turbo
x-77-nzt: AblMCQ2dgw7/YNwKAA
x-77-nzt-ray: c0a4cc28b865b90115020d64b8d4b71b
x-cache: HIT
x-age: 711776
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
178.250.1.11200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
IP 178.250.1.11:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:54 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 648561
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
forfrogadiertor.com/400/4506165
139.45.197.239200 OK 0 B URL HTTP/2 forfrogadiertor.com/400/4506165
IP 139.45.197.239:0
GET /400/4506165 HTTP/1.1
Host: forfrogadiertor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: application/javascript
x-trace-id: 88a1f76a08e3f1f182c8acb1b3e2f86f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=0610c134577646b6aa7bec9158bf0a69; expires=Sun, 10 Mar 2024 22:34:55 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
104.21.93.210200 OK 0 B URL HTTP/2 adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
IP 104.21.93.210:0
GET /sync-all.html?gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: adxbid.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:35:00 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxaRSTnETKMBfradTetDuHc4Gt7DGk2KdhzYOBNOGQBklJl0w8%2FvHo5WHhf6xWLObmiQ4oZNTRnpvBUFe%2FN88wX9n8uS9MRkvM3P3CmfIsixEEdGOaN8Vm8e1oNAmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a67449fadce0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
178.250.1.11200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
IP 178.250.1.11:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:54 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 245922
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.1.11200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.1.11:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
x-crto-bundle: wHsL119WTGRUeEhzSUwlMkZQbGs0ZmJNUWJnNEdFeDFTNkdKcGxCQkVZMmZaWndZZklWbmI3OGJTR2QzZm5qJTJGUUxuZyUyRldkJTJGOWNkUlREOTE5WllYdHNNMGdydjJQQTZqUlhFT0JZU3hHdnZwNjN0SGU0ZmcwU0lKOWFhWHhxakJKRmIzME82OXRqOWQlMkJkQ0IlMkZaYXZwS3BPbDhMTlElM0QlM0Q
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 1715632
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
4hfchest5kdnfnut.com/t/9/fret/meow4/1752377/brt.js
62.122.171.6200 OK 0 B URL HTTP/2 4hfchest5kdnfnut.com/t/9/fret/meow4/1752377/brt.js
IP 62.122.171.6:0
Analyzer Verdict Alert fortinet Malware
GET /t/9/fret/meow4/1752377/brt.js HTTP/1.1
Host: 4hfchest5kdnfnut.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:53 GMT
content-type: application/javascript
last-modified: Thu, 09 Mar 2023 12:09:33 GMT
vary: Accept-Encoding
etag: W/"6409cc7d-12286"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=link1s.com&sn=FirefoxSyncframe&so=3&topUrl=link1s.com&bundle=swqwmV9rSk9iTVNHYiUyRnNWa0tjNXdJclVpdGpXc282aW5iOFdmbXdFcVElMkZtbDh4WUE5bFdZaWpuRDY4MVZNSDNIN1VsbGdtVW1wTyUyRk5hVk1GQSUyQlo1YjBSJTJGMzY1VUJQYWxUSTZoaHZYTzhDZmtTb1IyajBPUkIlMkY0V1VEOEw5TmV6QkZPdA&info=OAXYoV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJGZTUxSVQ3OUlUSk1na2pKdXNrT05WUEhERHJOZmZkTFliTlViYXBnbDY&idsd=2144334756,-1999677896&cw=1&rtusCallerId=147&lsw=1
178.250.1.11200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=link1s.com&sn=FirefoxSyncframe&so=3&topUrl=link1s.com&bundle=swqwmV9rSk9iTVNHYiUyRnNWa0tjNXdJclVpdGpXc282aW5iOFdmbXdFcVElMkZtbDh4WUE5bFdZaWpuRDY4MVZNSDNIN1VsbGdtVW1wTyUyRk5hVk1GQSUyQlo1YjBSJTJGMzY1VUJQYWxUSTZoaHZYTzhDZmtTb1IyajBPUkIlMkY0V1VEOEw5TmV6QkZPdA&info=OAXYoV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJGZTUxSVQ3OUlUSk1na2pKdXNrT05WUEhERHJOZmZkTFliTlViYXBnbDY&idsd=2144334756,-1999677896&cw=1&rtusCallerId=147&lsw=1
IP 178.250.1.11:0
GET /sid/json?origin=rtus&domain=link1s.com&sn=FirefoxSyncframe&so=3&topUrl=link1s.com&bundle=swqwmV9rSk9iTVNHYiUyRnNWa0tjNXdJclVpdGpXc282aW5iOFdmbXdFcVElMkZtbDh4WUE5bFdZaWpuRDY4MVZNSDNIN1VsbGdtVW1wTyUyRk5hVk1GQSUyQlo1YjBSJTJGMzY1VUJQYWxUSTZoaHZYTzhDZmtTb1IyajBPUkIlMkY0V1VEOEw5TmV6QkZPdA&info=OAXYoV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJGZTUxSVQ3OUlUSk1na2pKdXNrT05WUEhERHJOZmZkTFliTlViYXBnbDY&idsd=2144334756,-1999677896&cw=1&rtusCallerId=147&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:56 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 754496
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
172.67.13.182200 OK 0 B URL HTTP/2 spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
IP 172.67.13.182:0
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: application/javascript
cache-control: public, max-age=3600
cf-bgj: minify
cf-polished: origSize=62056
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.shoppinglifestyle.com
expires: Sat, 11 Mar 2023 23:12:53 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 1322
last-modified: Sat, 11 Mar 2023 22:12:53 GMT
server: cloudflare
cf-ray: 7a67447fe8f1b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.1.11200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.1.11:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 353552
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:59 GMT
content-type: text/javascript
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
etag: W/"63f86dec-16386"
expires: Sun, 12 Mar 2023 22:34:59 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
link1s.com/DsSz
151.139.128.10200 OK 0 B IP 151.139.128.10:0
GET /DsSz HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:53 GMT
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
set-cookie: SPSI=a31d0b256b055b85d4371c5aa2ed878e; path=/; HttpOnly; SameSite=Lax;
SPSE=Q4JJKt+/VEUPROgzuDOAWvhbt6O3+80B7AeXi9xMaz6V5D1irkoQocELK35L4HvbShGhXbPpojFQQZbAHgzA1A==; path=/; HttpOnly; SameSite=Lax;
spcsrf=0aacabb317d6871cd7a885917887415f; path=/; SameSite=Strict; HttpOnly; expires=Sun, 12-Mar-23 00:34:53 GMT
adOtr=obsvl; path=/; SameSite=Lax; expires=Thu, 2 Aug 2001 20:47:11 UTC
UTGv2=D-h4dff5e0e4de05f25aae007f3abee587ed48; path=/; SameSite=Lax; expires=Thu, 07-Sep-23 22:34:53 GMT
lang=en_US; expires=Tue, 05-Mar-2024 22:34:53 GMT; Max-Age=31104000; path=/
AppSession=9p9pbkdnf273e3dt32lfq9ss7n; path=/; HttpOnly
csrfToken=e5e27b792e9393f534d085e0560ee6854059d557b28d228d59b3783d837d62848975e1dc56c0096d8e1bc3f83eff331c25d5afb731c05f35a55173d3c7585093; path=/; HttpOnly
sp_lit=8Z2+aCN3mR3wPoOFOuZLAw==; path=/; SameSite=Strict; HttpOnly; expires=Sat, 11-Mar-23 22:39:53 GMT
x-hw: 1678574093.cds253.sk1.hn,1678574093.cds209.sk1.sc,1678574093.cdn2-wafbe02-arn1.stackpath.systems.-.wx,1678574093.cds209.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 0 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 423
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 11 Mar 2023 22:34:57 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
yonhelioliskor.com/pfe/current/universal.min.js?v=3.1.422
139.45.197.251200 OK 0 B URL HTTP/2 yonhelioliskor.com/pfe/current/universal.min.js?v=3.1.422
IP 139.45.197.251:0
GET /pfe/current/universal.min.js?v=3.1.422 HTTP/1.1
Host: yonhelioliskor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: application/javascript
last-modified: Mon, 06 Mar 2023 15:53:11 GMT
etag: W/"64060c67-19090"
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
178.250.1.11200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
IP 178.250.1.11:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 287150
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.117.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.117.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.117.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 11 Mar 2023 22:34:59 GMT
content-type: text/javascript
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
etag: W/"61cc54f6-15c19"
expires: Sun, 12 Mar 2023 22:34:59 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.243200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.243:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:56 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 76175
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=OAXYoV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJGZTUxSVQ3OUlUSk1na2pKdXNrT05WUEhERHJOZmZkTFliTlViYXBnbDY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 11 Mar 2023 22:34:58 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=4cu62180M0RITmhlJTJCZkMwOUJGQlhaMUN2czJGZTUxSVQ3OUlUSk1na2pKdXNrT09FcDBoMVhOVXRpTmNUQUdtalpzdEM; expires=Thu, 04 Apr 2024 22:34:59 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 365299
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2