webhostingtips.club/safe.php?link=Kattakushthi_1080p_HD
157.90.71.190200 OK 462 B URL HTTP/1.1 webhostingtips.club/safe.php?link=Kattakushthi_1080p_HD
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 47fccf6296a1760be4e2134848edcbf8
b607b4d273ddc1512d44bc975a2e885757476cde
6eb5943a3d0e0e3523189c9fc96c8348ddcabfe791545cd98e253e45cd69f462
Analyzer Verdict Alert fortinet Malware
GET /safe.php?link=Kattakushthi_1080p_HD HTTP/1.1
Host: webhostingtips.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: tp=Kattakushthi_1080p_HD; expires=Sat, 31-Dec-2022 14:22:30 GMT; Max-Age=180
content-type: text/html; charset=UTF-8
content-length: 462
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 31 Dec 2022 14:19:30 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e93d32de9bcebd3483b40a8fed30718
7e1fe5db1f08b75a079780717e4f18ad76767212
4f0aaacfefd27c89225a1a0d2fbe778ec4f3369b5e4e1599255bf12866196cd4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F0AAACFEFD27C89225A1A0D2FBE778EC4F3369B5E4E1599255BF12866196CD4"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8452
Expires: Sat, 31 Dec 2022 16:40:22 GMT
Date: Sat, 31 Dec 2022 14:19:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d3098a490e8d38d4150d961624aa7b64
6ecbca59302d0ac5436f1723137d42523f629ea1
158e277ba0220577b59b15e4017b6c27f59295bcd7e5d0e52d027dc7c4309f0b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "158E277BA0220577B59B15E4017B6C27F59295BCD7E5D0E52D027DC7C4309F0B"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5712
Expires: Sat, 31 Dec 2022 15:54:42 GMT
Date: Sat, 31 Dec 2022 14:19:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b0a4b7e28ad3a91135d52c7457790b5
075f22ab45d169766252467ae44903250e480f9b
312744aeb6fcc4296025205bc70c40316dd3c8a4b626669ac43e32c33104473a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "312744AEB6FCC4296025205BC70C40316DD3C8A4B626669AC43E32C33104473A"
Last-Modified: Sat, 31 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16410
Expires: Sat, 31 Dec 2022 18:53:00 GMT
Date: Sat, 31 Dec 2022 14:19:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 31 Dec 2022 13:47:10 GMT
content-type: application/json
age: 1940
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rJy7CcJz9ewuxM8dXaF0O+T80JDnltSLb84Pdyq0/PvrL1JdtBRPXulcDKC0lfSjpGrAoAaSzPk=
x-amz-request-id: M2W5XYCNEPP86ZHS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 31 Dec 2022 13:59:40 GMT
age: 1190
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 31 Dec 2022 14:19:30 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3e81af3903c1ab8d3ca86e884ed4911f
8f6603230b3a178c101515a7d9c26c60c59085bb
b35d6540fc5a01ad99b53d222ee3977a6cf544d481f162431a9dd28f590c66bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webhostingtips.club/favicon.ico
157.90.71.190404 Not Found 708 B URL HTTP/1.1 webhostingtips.club/favicon.ico
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
GET /favicon.ico HTTP/1.1
Host: webhostingtips.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: tp=Kattakushthi_1080p_HD
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sat, 31 Dec 2022 14:19:30 GMT
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee3578369e7f711b440d7bfcb6f612ef
53b4e4113472c355154f1be36918952a8ae56f14
a5784782a853d49a26231d16b5254c9641cbd5c324265e4ec6019c1ba1c856da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webhostingtips.club/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
157.90.71.190200 OK 12 kB URL HTTP/2 webhostingtips.club/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (47826)
Hash c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: webhostingtips.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/2022/07/23/simple-one-electric-scooter-test-ride-begin/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 07 Jan 2023 14:19:31 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 00:24:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Sat, 31 Dec 2022 14:19:31 GMT
X-Firefox-Spdy: h2
webhostingtips.club/wp-includes/css/classic-themes.min.css?ver=1
157.90.71.190200 OK 144 B URL HTTP/2 webhostingtips.club/wp-includes/css/classic-themes.min.css?ver=1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
Hash fcbd239f30d9a6dd1f3637f291143d37
2871bf7d98af3f43e42f7fa32808048e7134fabf
c2f98e9d71f782b7a3266cd337c61ae6c8dcbb7203669c07852aa2ab65ab6144
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: webhostingtips.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/2022/07/23/simple-one-electric-scooter-test-ride-begin/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 07 Jan 2023 14:19:31 GMT
content-type: text/css
last-modified: Wed, 02 Nov 2022 12:24:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 144
date: Sat, 31 Dec 2022 14:19:31 GMT
X-Firefox-Spdy: h2
webhostingtips.club/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2
157.90.71.190200 OK 8.8 kB URL HTTP/2 webhostingtips.club/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (739)
Hash b4588be584fdfc6f3c8997ce49940a0f
f1b50682d29aa349889fea0469a12ed31deb25cb
c609f96251492512f62d975430d7d977a812b78031dad2797d12dbdf34d562db
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2 HTTP/1.1
Host: webhostingtips.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/2022/07/23/simple-one-electric-scooter-test-ride-begin/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 07 Jan 2023 14:19:31 GMT
content-type: text/css
last-modified: Sat, 23 Jul 2022 12:25:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8842
date: Sat, 31 Dec 2022 14:19:31 GMT
X-Firefox-Spdy: h2
webhostingtips.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
157.90.71.190200 OK 6.7 kB URL HTTP/2 webhostingtips.club/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (30837)
Hash 97c6ce9b4936f66aa388ad33c39aba2d
3f14a7e78fbb4935cf35c20779dc2035531849a9
1eea453c424793fc56ef14093c10b373e3ca8388a70e847394e8084048c5ce38
GET /wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css HTTP/1.1
Host: webhostingtips.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/2022/07/23/simple-one-electric-scooter-test-ride-begin/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 07 Jan 2023 14:19:31 GMT
content-type: text/css
last-modified: Sat, 23 Jul 2022 12:25:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6658
date: Sat, 31 Dec 2022 14:19:31 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 069c09a74c8f7ae8409e60844b2cf07d
6ce866430b7e0b579378a7f10c1dbbd45ec95cdf
12bfafd537a26be5b4fe158a347c0e59477be02a9440c0e67b66fc81fe9b96a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webhostingtips.club/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
157.90.71.190200 OK 32 kB URL HTTP/2 webhostingtips.club/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65447)
Hash e65dfa1e32c25c7b8e1c845944480092
c0cdb2fe9ecab74701e458f4c1b3f0238d423e39
5d84f39f78dacf0b1acc7570fe7779716005e8856a8580540d1aadeeba782232
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: webhostingtips.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/2022/07/23/simple-one-electric-scooter-test-ride-begin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 07 Jan 2023 14:19:31 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 12:24:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 31503
date: Sat, 31 Dec 2022 14:19:31 GMT
X-Firefox-Spdy: h2
webhostingtips.club/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
157.90.71.190200 OK 5.2 kB URL HTTP/2 webhostingtips.club/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11126)
Hash e88a71cca21f72e291a73fc075ae056c
506084c71cc222d7751299b8d7f962488105ceea
eba29868da8420aff21de955e17766e7f437ab2519fc3902f16914532b2fb2e9
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: webhostingtips.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/2022/07/23/simple-one-electric-scooter-test-ride-begin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 07 Jan 2023 14:19:31 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 12:24:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5176
date: Sat, 31 Dec 2022 14:19:31 GMT
X-Firefox-Spdy: h2
webhostingtips.club/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2
157.90.71.190200 OK 12 kB URL HTTP/2 webhostingtips.club/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (21960)
Hash 977ae21121305df6fcf52352b8fba6f3
5aa05cac11a9f779e42a309930e7d67061072193
1c2382bc32d5f9643628ceca42ade5fe625872c1108a011d968db141eda6f6fc
GET /wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2 HTTP/1.1
Host: webhostingtips.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/2022/07/23/simple-one-electric-scooter-test-ride-begin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 07 Jan 2023 14:19:31 GMT
content-type: application/javascript
last-modified: Sat, 23 Jul 2022 12:25:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12458
date: Sat, 31 Dec 2022 14:19:31 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8098ec5bc268563798520f34d5bc69d3
1ecdc288dacfbaec9b80908c3f00bc28ad2c2e88
70c92bedc1a3c06d0f190b46c6fa35ddfdb5e5cbdaa7cac2568ab519fe7f18ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5612
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Last-Modified: Sat, 31 Dec 2022 12:45:59 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
webhostingtips.club/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
157.90.71.190200 OK 5.8 kB URL HTTP/2 webhostingtips.club/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (15660)
Hash 55316058b0c66c3894b4f773f269f71e
a6db41134378c8f09a24a8453d5c9e60ed3aced8
053503817f6f28ded2fb98811cbf9964c068fd841f899badd93d504b6a214317
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: webhostingtips.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/2022/07/23/simple-one-electric-scooter-test-ride-begin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 07 Jan 2023 14:19:31 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 12:24:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5785
date: Sat, 31 Dec 2022 14:19:31 GMT
X-Firefox-Spdy: h2
webhostingtips.club/wp-includes/js/comment-reply.min.js?ver=6.1.1
157.90.71.190200 OK 2.4 kB URL HTTP/2 webhostingtips.club/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (5183)
Hash 2d2abb2de75b185e67d329adaf164240
49f05c5a7e5037177c699fe93b65632129e14f17
345ef5f45bc5270863683a524b369185ecab3568a9e81aed4ed0716ff92cafbe
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: webhostingtips.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/2022/07/23/simple-one-electric-scooter-test-ride-begin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 07 Jan 2023 14:19:31 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 12:24:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2396
date: Sat, 31 Dec 2022 14:19:31 GMT
X-Firefox-Spdy: h2
webhostingtips.club/wp-content/uploads/2022/07/simple_one_scooter_2_524b9a9518-1.jpeg
157.90.71.190200 OK 98 kB URL HTTP/2 webhostingtips.club/wp-content/uploads/2022/07/simple_one_scooter_2_524b9a9518-1.jpeg
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, baseline, precision 8, 1280x720, components 3\012- data
Hash 2722ce9a26c510ecae4df203daff6458
6ba45f512b4a75abe9768c9f24b0e9462d8ef527
6f297c4fb7ad2f1333ad1c9a2e345e5d56a56369a7d14a81913e15ee22e83e07
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/07/simple_one_scooter_2_524b9a9518-1.jpeg HTTP/1.1
Host: webhostingtips.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/2022/07/23/simple-one-electric-scooter-test-ride-begin/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 07 Jan 2023 14:17:19 GMT
content-type: image/jpeg
last-modified: Sat, 23 Jul 2022 12:25:21 GMT
accept-ranges: bytes
content-length: 97674
date: Sat, 31 Dec 2022 14:17:19 GMT
X-Firefox-Spdy: h2
webhostingtips.club/wp-content/uploads/2022/07/imagem_2022-05-27_123734554-1200x675-1-1-300x169.jpg
157.90.71.190200 OK 6.8 kB URL HTTP/2 webhostingtips.club/wp-content/uploads/2022/07/imagem_2022-05-27_123734554-1200x675-1-1-300x169.jpg
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 300x169, components 3\012- data
Hash 82c2630c54131e6830719939984ccf4f
4cec4d7f6a054f65c6d6f9b79e2d4fe2dc8c17d8
db529c917ed50387f58bac57f20924141a2a200b67831aa0103f36286d543020
GET /wp-content/uploads/2022/07/imagem_2022-05-27_123734554-1200x675-1-1-300x169.jpg HTTP/1.1
Host: webhostingtips.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/2022/07/23/simple-one-electric-scooter-test-ride-begin/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 07 Jan 2023 14:18:03 GMT
content-type: image/jpeg
last-modified: Sat, 23 Jul 2022 12:25:21 GMT
accept-ranges: bytes
content-length: 6844
date: Sat, 31 Dec 2022 14:18:03 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4c9c74e18ba86e3b8e69e1713e6ede96
e3c81e07493e4d53f2ee04c5ae2ef52f92881155
578843d752b2f52119c24c96ccbbfc4eac43b0cb182afc2b2c5074db2c7fc8df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 97
Cache-Control: max-age=145492
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Etag: "63afd9e6-117"
Expires: Mon, 02 Jan 2023 06:44:23 GMT
Last-Modified: Sat, 31 Dec 2022 06:42:46 GMT
Server: ECS (amb/6BB8)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4c9c74e18ba86e3b8e69e1713e6ede96
e3c81e07493e4d53f2ee04c5ae2ef52f92881155
578843d752b2f52119c24c96ccbbfc4eac43b0cb182afc2b2c5074db2c7fc8df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4055
Cache-Control: max-age=149450
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Etag: "63afd9e6-117"
Expires: Mon, 02 Jan 2023 07:50:21 GMT
Last-Modified: Sat, 31 Dec 2022 06:42:46 GMT
Server: ECS (amb/6B71)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 069c09a74c8f7ae8409e60844b2cf07d
6ce866430b7e0b579378a7f10c1dbbd45ec95cdf
12bfafd537a26be5b4fe158a347c0e59477be02a9440c0e67b66fc81fe9b96a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 31 Dec 2022 13:33:31 GMT
age: 2760
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8098ec5bc268563798520f34d5bc69d3
1ecdc288dacfbaec9b80908c3f00bc28ad2c2e88
70c92bedc1a3c06d0f190b46c6fa35ddfdb5e5cbdaa7cac2568ab519fe7f18ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5612
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Last-Modified: Sat, 31 Dec 2022 12:45:59 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
cdn.adligature.com/webhostingtips.club/prod/rules.css
188.114.96.1200 OK 0 B URL HTTP/2 cdn.adligature.com/webhostingtips.club/prod/rules.css
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /webhostingtips.club/prod/rules.css HTTP/1.1
Host: cdn.adligature.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 31 Dec 2022 14:19:31 GMT
content-type: application/javascript
content-length: 0
cache-control: public, max-age=1800, s-maxage=600, must-revalidate
cf-bgj: minify
cf-polished: origSize=57
etag: "51d6497572d85ccef551f82c9ecaa553"
expires: Sat, 31 Dec 2022 14:29:31 GMT
last-modified: Wed, 14 Dec 2022 22:58:00 GMT
x-guploader-uploadid: ADPycduwQYLLchN6qyh4cSjH8UwPgkB4c6VFxkhZBljySpKutMyTiWbNWKwtjy7g90p_7thGJp7d56NbYSx2aj9XFk-t
x-goog-generation: 1671058680311069
x-goog-hash: crc32c=HgPqdw==, md5=UdZJdXLYXM71UfgsnsqlUw==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 57
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FF7F4fUJy2Oa1RLfY4DdS2Pu9bAEf%2F2%2BCtIuXVOQBareoTMpT7LWDw1pbHsWMBbM2fVcojSeE1JZjC2E7O23YR%2FU2m1QZvuvN%2FKbpCnvo7HI%2BFO%2Fvh7PrNXuvkqwXu6N1Xq0PM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7823a690f97eb4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4c9c74e18ba86e3b8e69e1713e6ede96
e3c81e07493e4d53f2ee04c5ae2ef52f92881155
578843d752b2f52119c24c96ccbbfc4eac43b0cb182afc2b2c5074db2c7fc8df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 97
Cache-Control: max-age=145492
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Etag: "63afd9e6-117"
Expires: Mon, 02 Jan 2023 06:44:23 GMT
Last-Modified: Sat, 31 Dec 2022 06:42:46 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7960c06e29c6bb861b2a8560deceba65
1df213ac01497fc2288081c6f359da436cc0db20
ef8ab653429ea1be53efd2469edb431226781ea38e77a459219a29a1dd5e8ee6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF8AB653429EA1BE53EFD2469EDB431226781EA38E77A459219A29A1DD5E8EE6"
Last-Modified: Fri, 30 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15956
Expires: Sat, 31 Dec 2022 18:45:27 GMT
Date: Sat, 31 Dec 2022 14:19:31 GMT
Connection: keep-alive
live.demand.supply/e/e.js?e=ll&d=253&cs=c&dsReferer=d2ViaG9zdGluZ3RpcHMuY2x1Yi8yMDIyLzA3LzIzL3NpbXBsZS1vbmUtZWxlY3RyaWMtc2Nvb3Rlci10ZXN0LXJpZGUtYmVnaW4v
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/e/e.js?e=ll&d=253&cs=c&dsReferer=d2ViaG9zdGluZ3RpcHMuY2x1Yi8yMDIyLzA3LzIzL3NpbXBsZS1vbmUtZWxlY3RyaWMtc2Nvb3Rlci10ZXN0LXJpZGUtYmVnaW4v
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/e.js?e=ll&d=253&cs=c&dsReferer=d2ViaG9zdGluZ3RpcHMuY2x1Yi8yMDIyLzA3LzIzL3NpbXBsZS1vbmUtZWxlY3RyaWMtc2Nvb3Rlci10ZXN0LXJpZGUtYmVnaW4v HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://webhostingtips.club
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 31 Dec 2022 14:19:31 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
x-nf-request-id: 01GNCTDFA6NRSN24K6NN9ETM5G
cf-cache-status: HIT
age: 153507
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7823a6924986b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
webhostingtips.club/2022/07/23/simple-one-electric-scooter-test-ride-begin/
157.90.71.190200 OK 12 kB URL HTTP/2 webhostingtips.club/2022/07/23/simple-one-electric-scooter-test-ride-begin/
IP 157.90.71.190:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Hash f11422afa4309104eab19c4f6530b48f
18b6fcf1fadca8ee166ae31639077790a1153569
1f094deb8f2c3eb0e76f9c0a71c9d5b302b6268c003ebcc0894f316854c097ed
Analyzer Verdict Alert fortinet Malware
GET /2022/07/23/simple-one-electric-scooter-test-ride-begin/ HTTP/1.1
Host: webhostingtips.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-pingback: https://webhostingtips.club/xmlrpc.php
link: <https://webhostingtips.club/wp-json/>; rel="https://api.w.org/", <https://webhostingtips.club/wp-json/wp/v2/posts/45>; rel="alternate"; type="application/json", <https://webhostingtips.club/?p=45>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Sat, 31 Dec 2022 14:19:31 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 756c77d7d577e0260b6e1ffc3522e77a
2b7e2dd5b3df6768d0d7d20d67988ac60dc28234
1d1598a7f732980f6376fbadd56d71b4497454939a7b9e784adaa9c3f91883d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash afc798d7819a9c19437d20a92eb6f6ec
badde0ed90ac423d5796dc35808a3cd6cec09820
f101fbf84795c278d89aafdadf23cca6c5010b372a48d39a5354555bfb961e61
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1551
Cache-Control: max-age=155590
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Etag: "63affbaa-1d7"
Expires: Mon, 02 Jan 2023 09:32:41 GMT
Last-Modified: Sat, 31 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 756c77d7d577e0260b6e1ffc3522e77a
2b7e2dd5b3df6768d0d7d20d67988ac60dc28234
1d1598a7f732980f6376fbadd56d71b4497454939a7b9e784adaa9c3f91883d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
live.demand.supply/x/e.js?ce=fs&dsReferer=d2ViaG9zdGluZ3RpcHMuY2x1Yi8yMDIyLzA3LzIzL3NpbXBsZS1vbmUtZWxlY3RyaWMtc2Nvb3Rlci10ZXN0LXJpZGUtYmVnaW4v
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/x/e.js?ce=fs&dsReferer=d2ViaG9zdGluZ3RpcHMuY2x1Yi8yMDIyLzA3LzIzL3NpbXBsZS1vbmUtZWxlY3RyaWMtc2Nvb3Rlci10ZXN0LXJpZGUtYmVnaW4v
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=fs&dsReferer=d2ViaG9zdGluZ3RpcHMuY2x1Yi8yMDIyLzA3LzIzL3NpbXBsZS1vbmUtZWxlY3RyaWMtc2Nvb3Rlci10ZXN0LXJpZGUtYmVnaW4v HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://webhostingtips.club
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 31 Dec 2022 14:19:31 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
x-nf-request-id: 01GNCTDF9HPT5T9P7WGS2PW7RG
cf-cache-status: HIT
age: 143369
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7823a692ba15b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/up.js
104.16.133.22200 OK 47 kB IP 104.16.133.22:0
File type ASCII text, with very long lines (3472)
Hash 47795c0cd1e139cb94bb22a335522357
363a0f88c6b6327beec6163099bcde14d99d4dcb
ddbacae3e67e809686012de0cf20bd6e9fa5f6cd7d79193f8449e136c7e874f4
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 31 Dec 2022 14:19:31 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 7823a690ea47b500-OSL
age: 156
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"30cd4982b290dd406327b3dd39f1ea22-ssl-df"
link: <https://live.demand.supply/impl.v16.3.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/d2ViaG9zdGluZ3RpcHMuY2x1Yi8=>; rel=preload; as=script
set-cookie: demandSupplyTi=2ddad13a-f703-490d-8815-a0704817ffdc; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=4391
timing-allow-origin: *
x-nf-request-id: 01GMX2WC7DDRK600SK19DPWQGC
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 756c77d7d577e0260b6e1ffc3522e77a
2b7e2dd5b3df6768d0d7d20d67988ac60dc28234
1d1598a7f732980f6376fbadd56d71b4497454939a7b9e784adaa9c3f91883d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
live.demand.supply/x/e.js?ce=bb&r=webhostingtips.club_auto_728x90_sticky_display_bottom&dsReferer=d2ViaG9zdGluZ3RpcHMuY2x1Yi8yMDIyLzA3LzIzL3NpbXBsZS1vbmUtZWxlY3RyaWMtc2Nvb3Rlci10ZXN0LXJpZGUtYmVnaW4v
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/x/e.js?ce=bb&r=webhostingtips.club_auto_728x90_sticky_display_bottom&dsReferer=d2ViaG9zdGluZ3RpcHMuY2x1Yi8yMDIyLzA3LzIzL3NpbXBsZS1vbmUtZWxlY3RyaWMtc2Nvb3Rlci10ZXN0LXJpZGUtYmVnaW4v
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=bb&r=webhostingtips.club_auto_728x90_sticky_display_bottom&dsReferer=d2ViaG9zdGluZ3RpcHMuY2x1Yi8yMDIyLzA3LzIzL3NpbXBsZS1vbmUtZWxlY3RyaWMtc2Nvb3Rlci10ZXN0LXJpZGUtYmVnaW4v HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://webhostingtips.club
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 31 Dec 2022 14:19:31 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
x-nf-request-id: 01GNCTDF9HPT5T9P7WGS2PW7RG
cf-cache-status: HIT
age: 143369
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7823a693db2db4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 1.0 kB IP 104.18.32.68:0
Hash d9d46b6d8c8a324944cd3fba7b4d334c
277ce923556543f8894ce2eb5b2f22446d2a6f48
8c866001a711c2512c66142a6b44a338380a307bc23c8c809e50065d61b003fa
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 14:19:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Dec 2022 10:39:20 GMT
Expires: Wed, 04 Jan 2023 10:39:19 GMT
Etag: "72385816bdc3910e27ae6e3f9c5a666af4d3b878"
Cache-Control: max-age=331787,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7823a693eecdb4ed-OSL
pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region
51.77.64.70200 OK 53 B URL HTTP/1.1 pro.ip-api.com/json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region
IP 51.77.64.70:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb962659bbcba6a7ff073653d1b9868
acd17cc76198913814219a4231967c32a9a893aa
bb22b26d14ab74890ca5067a89f75ab8b6698a298892484c96720899db5af5d5
GET /json/?key=ZxSSLwZtxrKxQbv&fields=status,countryCode,region HTTP/1.1
Host: pro.ip-api.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://webhostingtips.club
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Date: Sat, 31 Dec 2022 14:19:31 GMT
Content-Length: 53
push.services.mozilla.com/
52.35.143.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.143.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7RND1zUZT9PxsGc+2nSH5Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Xu64RUWR09JU1BFNQZcO9Uqjkok=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d9cd4e5f6bdc49c85ebb3d8d4bf2b73
7c2c25ee9ade26c78026e800f5b8c98a0b2e28d6
6dc8ed967c044852b1afc350c7c8b9263af687d06479b6bb3bcbbbdff83f1b10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d9cd4e5f6bdc49c85ebb3d8d4bf2b73
7c2c25ee9ade26c78026e800f5b8c98a0b2e28d6
6dc8ed967c044852b1afc350c7c8b9263af687d06479b6bb3bcbbbdff83f1b10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d9cd4e5f6bdc49c85ebb3d8d4bf2b73
7c2c25ee9ade26c78026e800f5b8c98a0b2e28d6
6dc8ed967c044852b1afc350c7c8b9263af687d06479b6bb3bcbbbdff83f1b10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d9cd4e5f6bdc49c85ebb3d8d4bf2b73
7c2c25ee9ade26c78026e800f5b8c98a0b2e28d6
6dc8ed967c044852b1afc350c7c8b9263af687d06479b6bb3bcbbbdff83f1b10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d9cd4e5f6bdc49c85ebb3d8d4bf2b73
7c2c25ee9ade26c78026e800f5b8c98a0b2e28d6
6dc8ed967c044852b1afc350c7c8b9263af687d06479b6bb3bcbbbdff83f1b10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (39504)
Hash f4b1121240f541b3c1ddedb46331ae2a
f020b5d741a5f2f20dd9255dd96896cfdfc59241
183c71277addf274e9777d68d4868d37471b849c946cbffb06acca2426e839a6
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27666
date: Sat, 31 Dec 2022 14:19:31 GMT
expires: Sat, 31 Dec 2022 14:19:31 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1437 / 387 of 1000 / last-modified: 1670587582"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d9cd4e5f6bdc49c85ebb3d8d4bf2b73
7c2c25ee9ade26c78026e800f5b8c98a0b2e28d6
6dc8ed967c044852b1afc350c7c8b9263af687d06479b6bb3bcbbbdff83f1b10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 01a461cc012c9ea9a905cb88529b46f5
b51d423cb49ed56d77365a99876686fd615e4332
10f36d1ce36e2ba8581a6414b74d0b0d2dedc8f2736fef072197ee32f5fcc7d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3e81af3903c1ab8d3ca86e884ed4911f
8f6603230b3a178c101515a7d9c26c60c59085bb
b35d6540fc5a01ad99b53d222ee3977a6cf544d481f162431a9dd28f590c66bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=webhostingtips.club
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=webhostingtips.club
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=webhostingtips.club HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 31 Dec 2022 14:19:32 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=webhostingtips.club
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=webhostingtips.club
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=webhostingtips.club HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 31 Dec 2022 14:19:32 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 01a461cc012c9ea9a905cb88529b46f5
b51d423cb49ed56d77365a99876686fd615e4332
10f36d1ce36e2ba8581a6414b74d0b0d2dedc8f2736fef072197ee32f5fcc7d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
216.58.207.193200 OK 2.7 kB URL HTTP/2 1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sat, 31 Dec 2022 14:19:32 GMT
expires: Sun, 31 Dec 2023 14:19:32 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env
142.250.74.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env
IP 142.250.74.162:0
File type JSON data\012- , ASCII text, with very long lines (14922), with no line terminators
Hash e4f289e8d6b8570b6212fa4ce131e878
63bbea740b59218f6eb4a8d8723ed636d1f1ccf2
df54be2957695c78f12eba5d9a96a75087d50031ce56aaa0ba0951d201893861
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://webhostingtips.club
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 31 Dec 2022 14:19:32 GMT
server: cafe
content-length: 11266
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d615edcdfd6105699ac3ddffd98cde82
9f43ed961e40e685a0855068d8d719915dad9c87
ceb19aff9f7c4170255d1bc83b8820c14e25e76cfce0c52ab9110b5e9bc6a1fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
172.217.21.161200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 31 Dec 2022 14:19:32 GMT
expires: Sat, 31 Dec 2022 14:19:32 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
172.217.21.161200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 31 Dec 2022 08:19:17 GMT
expires: Sun, 31 Dec 2023 08:19:17 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 21615
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ee3578369e7f711b440d7bfcb6f612ef
53b4e4113472c355154f1be36918952a8ae56f14
a5784782a853d49a26231d16b5254c9641cbd5c324265e4ec6019c1ba1c856da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 0745f810fed7effb529fec9d91afe244
bc8d61cef9be7970a0c7bb8b182c95a02ff16dd9
5fbfd08b66c9d86d991871933f1024adae807d65b8b652aebb4f9d38550ea9e5
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 31 Dec 2022 14:19:32 GMT
date: Sat, 31 Dec 2022 14:19:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-2z48cM7d9Qm_gvk1P4kUPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
live.demand.supply/e/e.js?gl=0.01&b=3&r=webhostingtips.club_auto_728x90_sticky_display_bottom&sy=51031f84-b7fe-4a76-be4c-579b9e7a6421&ts=93&cd=2&pud=253&pus=c&pue=442&pid=35&pis=c&pie=577&ppd=226&pps=a&ppe=769&pcl=600&ttc=803&tti=1818&ttif=0&lca=769&lcak=ppe&lct=769&lctk=ppe&mlbr=fi&mlos=wi&mlla=en&mlco=us&mldo=webhostingtips.club&mlre=www.google.com&mlin=0&mlsi=728x90&mlbw=unknown&mlcs=NaN&mltp=2ddad13a-f703-490d-8815-a0704817ffdc&e=lm&dsReferer=d2ViaG9zdGluZ3RpcHMuY2x1Yi8yMDIyLzA3LzIzL3NpbXBsZS1vbmUtZWxlY3RyaWMtc2Nvb3Rlci10ZXN0LXJpZGUtYmVnaW4v
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/e/e.js?gl=0.01&b=3&r=webhostingtips.club_auto_728x90_sticky_display_bottom&sy=51031f84-b7fe-4a76-be4c-579b9e7a6421&ts=93&cd=2&pud=253&pus=c&pue=442&pid=35&pis=c&pie=577&ppd=226&pps=a&ppe=769&pcl=600&ttc=803&tti=1818&ttif=0&lca=769&lcak=ppe&lct=769&lctk=ppe&mlbr=fi&mlos=wi&mlla=en&mlco=us&mldo=webhostingtips.club&mlre=www.google.com&mlin=0&mlsi=728x90&mlbw=unknown&mlcs=NaN&mltp=2ddad13a-f703-490d-8815-a0704817ffdc&e=lm&dsReferer=d2ViaG9zdGluZ3RpcHMuY2x1Yi8yMDIyLzA3LzIzL3NpbXBsZS1vbmUtZWxlY3RyaWMtc2Nvb3Rlci10ZXN0LXJpZGUtYmVnaW4v
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/e.js?gl=0.01&b=3&r=webhostingtips.club_auto_728x90_sticky_display_bottom&sy=51031f84-b7fe-4a76-be4c-579b9e7a6421&ts=93&cd=2&pud=253&pus=c&pue=442&pid=35&pis=c&pie=577&ppd=226&pps=a&ppe=769&pcl=600&ttc=803&tti=1818&ttif=0&lca=769&lcak=ppe&lct=769&lctk=ppe&mlbr=fi&mlos=wi&mlla=en&mlco=us&mldo=webhostingtips.club&mlre=www.google.com&mlin=0&mlsi=728x90&mlbw=unknown&mlcs=NaN&mltp=2ddad13a-f703-490d-8815-a0704817ffdc&e=lm&dsReferer=d2ViaG9zdGluZ3RpcHMuY2x1Yi8yMDIyLzA3LzIzL3NpbXBsZS1vbmUtZWxlY3RyaWMtc2Nvb3Rlci10ZXN0LXJpZGUtYmVnaW4v HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://webhostingtips.club
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 31 Dec 2022 14:19:32 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "e11f25735db9ddc62adb36e2e1846234-ssl"
x-nf-request-id: 01GNCTDFA6NRSN24K6NN9ETM5G
cf-cache-status: HIT
age: 153508
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7823a69a1aa3b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9de03f17017ba122f5920c0ed8d09bf9
c1edab7de888aaa53feffc7462f2810e4851f6c8
a50349c2ea9aee23b3c21b1121d77757f9b5c460e218b18a1d17875c78abd1f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6506
Cache-Control: max-age=86762
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:32 GMT
Etag: "63aedb74-117"
Expires: Sun, 01 Jan 2023 14:25:34 GMT
Last-Modified: Fri, 30 Dec 2022 12:37:08 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 580f697c77f3e7ced18b50ae1d3e315f
1fd85edbd2ec9ed921d61099e6898ae43d4f633e
34611a7efbe18278f12afef17f3dafa694b11a533330d66c05534a57971eb0bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 580f697c77f3e7ced18b50ae1d3e315f
1fd85edbd2ec9ed921d61099e6898ae43d4f633e
34611a7efbe18278f12afef17f3dafa694b11a533330d66c05534a57971eb0bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 580f697c77f3e7ced18b50ae1d3e315f
1fd85edbd2ec9ed921d61099e6898ae43d4f633e
34611a7efbe18278f12afef17f3dafa694b11a533330d66c05534a57971eb0bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 580f697c77f3e7ced18b50ae1d3e315f
1fd85edbd2ec9ed921d61099e6898ae43d4f633e
34611a7efbe18278f12afef17f3dafa694b11a533330d66c05534a57971eb0bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 580f697c77f3e7ced18b50ae1d3e315f
1fd85edbd2ec9ed921d61099e6898ae43d4f633e
34611a7efbe18278f12afef17f3dafa694b11a533330d66c05534a57971eb0bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://webhostingtips.club
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Dec 2022 20:35:00 GMT
expires: Thu, 28 Dec 2023 20:35:00 GMT
cache-control: public, max-age=31536000
age: 236672
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
172.217.21.161200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
IP 172.217.21.161:0
File type ASCII text, with very long lines (14697)
Hash ae1a9f090984c448deb0629cc2304ee3
e601825ccec746695f370ed68fa33325152e0d9f
6a947bfcdeea64faa6c795caea11ee09dbe00f5d4003b7b9d47e4945c05ac1e4
GET /rtv/012211060024000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webhostingtips.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5218
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Dec 2022 10:51:50 GMT
expires: Wed, 27 Dec 2023 10:51:50 GMT
cache-control: public, max-age=31536000
age: 358062
etag: "abd4378f71571d78"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
172.217.21.161200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
IP 172.217.21.161:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash 190bcb4c44fd9e0e93baa80c9b2535b8
97bda56ddc8d6a00d19e1747d63325051f3fd144
b7677f820f06329e357561f570729fe4110af4ac5fb741b97567e20a0f533301
GET /rtv/012211060024000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61592
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Dec 2022 18:08:55 GMT
expires: Tue, 26 Dec 2023 18:08:55 GMT
cache-control: public, max-age=31536000
age: 418237
etag: "a2fca7132416d151"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
172.217.21.161200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
IP 172.217.21.161:0
File type ASCII text, with very long lines (65534)
Hash c88b4e73b12307e42222d337bdd646a2
621233bf4e777b2d44b1bc143187111aca2fe718
ef6935537cd5a603b79bc98d4274b70ee5608955792523fc58e818c8ddbb7b48
GET /rtv/012211060024000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webhostingtips.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28809
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Dec 2022 17:37:12 GMT
expires: Mon, 25 Dec 2023 17:37:12 GMT
cache-control: public, max-age=31536000
age: 506541
etag: "dd6615029de85e23"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
13 kB URL cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
IP :0
Hash 2f873064835eed23708bde2a16830216
7559437b82b9b761e02549d8d51f9e3571e5ed2c
0f5d00ac674cc34652997f2e0dd7fb6eb1a5b22010989c35a81cd7a388c84fdd
GET /rtv/012211060024000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webhostingtips.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
googleads.g.doubleclick.net/xbbe/pixel?d=CNiDx-UDEJuwovYDGKrWhNgBMAE&v=APEucNWN2oea34Un05OFKxqbkj0vOTAd_4bYSWIfFv3TyI0ty8Q44jtEDrC7GMM5aLvpzlYbMun7ezX9JKanUY-J2SwUe_ODf9xJZfngJ4VO-Q_k14OPqTPYMtczHLBspwsNSvLmiItL9K3VpZILiNXI_LVXNEPINqSfDswMoJO6Y6Ilaxg2bsU
142.250.74.34200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CNiDx-UDEJuwovYDGKrWhNgBMAE&v=APEucNWN2oea34Un05OFKxqbkj0vOTAd_4bYSWIfFv3TyI0ty8Q44jtEDrC7GMM5aLvpzlYbMun7ezX9JKanUY-J2SwUe_ODf9xJZfngJ4VO-Q_k14OPqTPYMtczHLBspwsNSvLmiItL9K3VpZILiNXI_LVXNEPINqSfDswMoJO6Y6Ilaxg2bsU
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CNiDx-UDEJuwovYDGKrWhNgBMAE&v=APEucNWN2oea34Un05OFKxqbkj0vOTAd_4bYSWIfFv3TyI0ty8Q44jtEDrC7GMM5aLvpzlYbMun7ezX9JKanUY-J2SwUe_ODf9xJZfngJ4VO-Q_k14OPqTPYMtczHLBspwsNSvLmiItL9K3VpZILiNXI_LVXNEPINqSfDswMoJO6Y6Ilaxg2bsU HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 31 Dec 2022 14:19:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 31-Dec-2022 14:34:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 31 Dec 2022 14:19:33 GMT
cache-control: private
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
172.217.21.161200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
IP 172.217.21.161:0
File type ASCII text, with very long lines (5046)
Hash 669c8592ef8f63e7404e45dd6ca56b71
3f6753966361bb86594193009c9097612c361064
d174ae2c0722ab8d4bf736f0200dc5b15d288f9500a706bb161b64f5a3b74f01
GET /rtv/012211060024000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://webhostingtips.club/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1913
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Dec 2022 17:57:32 GMT
expires: Sat, 30 Dec 2023 17:57:32 GMT
cache-control: public, max-age=31536000
age: 73321
etag: "403438c4d550ee88"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ36TvAhjrqdS9ATAB&v=APEucNUdqIfcX5c76THv6-KoUS48_tzou_YKhJIKMd1_swUU4sxqplPV5Ew-fx4KgyRePQeKn-pi2If8OqbFL4_q5WHeQHsrZDvNele7tKj5KAxD0aAGGWgVwZXtz2iGHYS5Mj0T2DPgjz_iv8xtpywQ4bh-RCZqW1d6SQAK-OoDqkbhg1gJ5beozvhyzyu9JvuF0MaADfty6TaKmUiCk6y7JmbQyG3tog
142.250.74.34200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ36TvAhjrqdS9ATAB&v=APEucNUdqIfcX5c76THv6-KoUS48_tzou_YKhJIKMd1_swUU4sxqplPV5Ew-fx4KgyRePQeKn-pi2If8OqbFL4_q5WHeQHsrZDvNele7tKj5KAxD0aAGGWgVwZXtz2iGHYS5Mj0T2DPgjz_iv8xtpywQ4bh-RCZqW1d6SQAK-OoDqkbhg1gJ5beozvhyzyu9JvuF0MaADfty6TaKmUiCk6y7JmbQyG3tog
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CMX_6gIQ36TvAhjrqdS9ATAB&v=APEucNUdqIfcX5c76THv6-KoUS48_tzou_YKhJIKMd1_swUU4sxqplPV5Ew-fx4KgyRePQeKn-pi2If8OqbFL4_q5WHeQHsrZDvNele7tKj5KAxD0aAGGWgVwZXtz2iGHYS5Mj0T2DPgjz_iv8xtpywQ4bh-RCZqW1d6SQAK-OoDqkbhg1gJ5beozvhyzyu9JvuF0MaADfty6TaKmUiCk6y7JmbQyG3tog HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 31 Dec 2022 14:19:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 31-Dec-2022 14:34:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 31 Dec 2022 14:19:33 GMT
cache-control: private
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfnAu5bmUNyPfXwYmFOpDGMWKrg2iTK3Vv3cy8J67FIUWLc-eev2T8ZbJaDQvEgt__fyuOky8KL-awN0UcS4Cy3if5IU52AaXcDyvbX4gDAUXYhtgkoMbee2fAlca_2T9chPmNxImihWvBQEu-W9jhTN1OYvA4RsGnYrpMgcZfKxDsLWI&cry=1&dbm_d=AKAmf-BbHvR4yUI7saf3FhKZDfC8HloOVn5J8QigG2WGANjbBMHmIEOVkbfdoW_n6tC47tkayTkN4A4jy1nr4Dw35h1zlCAkpESQttN7FxsY9bJJlcuJLUmwTQhO35p5U12MLju2QaPMLnDt7GCa6GwA2ppY6e6hqiAl7RLm-piCH7rTMHZ73JHqmbuFdiTkZp9JaFkUO5tzJ2Dhwa2OWcIZ-6wVffkdvPCPHDQgq__2m8-iViVpBab4GK7GK6xeS7XgiCCI3SPRuBSbQpmVt7hJah7LGAIio832aoQ8_mjI5dBo17u0CZLxffCCb54TYcjMMsFf48JQwFs7LGJ46TsS8zKoeHKskLieKo5nqFVySz5j_DpXAT1KcJZ_QgHHMDKYpt6MHq7-Ybclr4uyqC_D9mJNVjAdxzhJPAFXGSRLXa4PUdEGX0YZtm8TBJL-ZTUKIBfGmDlvMRyaSqpn7_zi7q2GMG24qpSgL_gwEg8j84eLiyv3iQajGYkDlhi2KVp9Nbj-SiWTqJq-oQxWYJluGaGvjPdl1IgDgq95SnO-wI8NPdxkS2EQwB9-nxXj4YqNOSnO50arQnEK1gcHg3nLVOwOWfSAdQoiAOzcgPF_JJ1cBBVvIP2KJoqCSta83el_GcBqPbCEfupFai_V0N_5oPLkrBR5sq4CpRQUZ2ojph__ze9-c_rOMHE_cXAE07MaTi0_XH1syceMfMqjMmsOXq-F524T-ZM_3LrQNahnZJbV8BxgYFr8GuBR9SlbZddFbIZfu3felunMA9RVVAAqe8q_pgB8QopZyx3wg6BgJsq641vE3ZWw0ZxlMDsk6ynOqB6l8fX8YjUEl2LM9uIG1pbc6UJwsAv5iC5jiz72HX3pN5BtaQgvHYpgjOPzNveXz6f9ud1Z_3Xi4vidW-RBk9AosuiYyBe-UqS2QICKrExr--91SMLrP9jJKUNzQDgHBPv5k3jjPwSbP8FP61VLZyEbt6FlSSgNELAxBQqr9a9RF45HJeQ5iGhD0PCu5InLSQIXoieDcMsMHbD75xJ-7WsXI4y0DMVAdRyee4NvOlN2o7FuU0i177u__GPwmIWVE9UYcksm9iUynuK0Cc9G7zrIk5KvkZBVg_d2ALJIjnrNiyYvck6d7-LepnwlZiAqKsyGHqbY7LYViVPRo5CF65fo15bd0Xbl4ITfAQBJmLegk936DQPIWZxqd5ucWIvff93jVCT-qGGhwDGEbLlgYnQX5PDoD4Y1sXs7icwzILMz8yVOUBZI3tlPHxWAdj3VW9VzMGrwmXWLYJc8fZL2kDOPnh-N_8Q5DRoSKBimDANks8MIDYMhMX5REW4LzPoYsfCi8h9FQqiO5IbTQv-Wg0ILWUQm3QpQiBs_QmR9kaoCIOArecKmXutCVQp77C_FJDC8m3e23Ah678Qu_OrTfh_RDDQvstg1I-T8aPGUxIRWO729Nnb3bDLKlw0bxFV6Ptlh-rbPWK47vZDEaygdUYe6FmepEHpKiwKTqnw8rA_TNvnzPwLTpflKKettpIG7ffAr8lFLn5r9-1F_0eadIQXpZ_-WNXYdU3Lst30-zQu9P1Gb-XVk9jSNFfipxsx0UwbSSpX6Ix4jjFRdUDyM_i_o_Xk3B4694xaySoRZBqbM837RE_MiV1RB48-G313EyZi8HRAPgEi0EDmYh0YeToLc3ANOazw8Kc-LWlbuTp7ud6p4MOKoZWdl0qa4f8ycfXV4yWVi8Xc3hXQd1hiEnHE3Oy30_YhtuvPRqW9NaGORNIqQLDVdf2XTvUYXYJ9sr9GPrGNYpXo_bUz6N6pecHHCNgbydhUDcLZS9mJuXSP-jCJUBm7mK4SWfvDtxm4oygU3whTZqYqf9ueTAOHA4LfjUod0vjxAhEg0luRLmmWv249_agXr5U1wk_WBH8ciCD0_LPUNtWV5UT-wAfZUCu3vfwB2D7_oDwmBBxThVerEGDumv51fN_j8pagEXch7VrRLCeYD1ekTKTksDqqhf8lPChi_2SBPL-m05VHtqQrE7HXetRHXclGyK86N9fVJrK-qhHQgSUzw7J9jdwM_yPRL-PYwLcXqW6ngTLBbA3AE4pYnmvQeJ3MBn4Tc_2Tzkvu2BA6MQGJSNVCCMRaGhxbjneM6cscU0jbQanMvJKWPV1mnnN43v6LIvRrdsQGjraDgKZEsygsAsW5VGnFmbtZ4CrfBZvJPznIY48i5XGAXLNwryYz_TpsMe29xWuqIKaecRCszxwEZOX7jb4-98CB9gK73W3fEzbnivhusgoHqUAyLJ-jXQytLoJ1-0mFEPV5LUJYs5AAMpP8BGACTflcoBmrFl7di8Vt99DxBTnB1FwKXlcdiIwR-at55JZobP5l43kiLxr7ekmP3toToDcNbHgwfqsJFk4daLlRQd-QynjUkKKbaI7xLQ2ntD7NmVF1vU0rfXMPopFwfyrQCpQ6t7U_2MulNkOub7UADDuevrwB7q3K3BM4vcKkOjp4Bd26gBg_tjXAXjlpXmjkRJ-0j2ylfeZggHyIUMf5RtUYYyxS4Z2Z7VldFlzt1Rqsvh15tNISPyhZ0m-p_lgZHhcZ2o-SUwzEXWZyUuaN11rg2Y7RZIDfs3autGiCl5FJ22GbVHcHDVtVMUw4m9sNnK1lmR4gET7j8IyrNywk8w82WNRsUKX6Hi6TFlVHvm5n1ba-53o2KF2TWXE6KJeIVgBp3h3xQE2hbONOt9KXqhpc1dRZ_QJErM4bvDjx5IlDm5KStM4KmEcnV3q4wX0Boa4o9BkUpKhNdHBHL0XMoCFJU1ruCmrj1UkvhJdq7qjPChIRIPxJ_nYI5indG7mn_SGj4nP3s7IJtw_21-FgTy-M25UExo38CpJyGQd6UYPJomm23UxpI5QECoNDt1LhdszxPGHt1XfVLG6ZDdDatdwG03ZoFlvrpwlZKpwjfBrVxbZ5rWQYDP9jBur_BdaKOM88j23WOhfZib3YC7sNz5QDeggLrSZ9KhkwRWhnIntjYb-9BJzS43p1jZ5So6k8EmH7dPaS5I6BlyftMB-1ggniG6Et7apT2P8gXpT10MFvP86olrPMCBrIbAAdWuf2MbzwmNIyKVKPp_0LjeGkBJSKDC4zUOAVs7dNWkfiUFCzbELQmVAfxJshERJBRgYdDV-iXUEMngfqgIxSu1RRiDx90tgb7ZoYbVdzdufs3NLVOh16P6YBzxwHR4alORTB_w9K1npNmjkqNtPZJaSu0_sh791d2grCStBv7itpbl6qR1Y2KMJ-8D5jZJlqOBeUYVGMqmtC5OadyDAf2-ZiO2wse1Pz9A0j2TvIKaMUsKwadelqcBDtvcTButj6Eibv6BanbtJGZgzuw-zD5VmUHb2nmFiTS18a0rQ5sBxQ-IsvFtD-Fb4SeIKRIGKgHCybWsxTYbLtDxYCwjBp1gnSh0DPL_8F-F7L-sfdquGbY0f4ZzFGRdmqs1bRSFpcNn3Cqp_aRewuJQw&cid=CAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM&rfl=1%2Chttps%253A%252F%252Fwebhostingtips.club%252F%240
142.250.74.34200 OK 11 kB URL HTTP/2 googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AfnAu5bmUNyPfXwYmFOpDGMWKrg2iTK3Vv3cy8J67FIUWLc-eev2T8ZbJaDQvEgt__fyuOky8KL-awN0UcS4Cy3if5IU52AaXcDyvbX4gDAUXYhtgkoMbee2fAlca_2T9chPmNxImihWvBQEu-W9jhTN1OYvA4RsGnYrpMgcZfKxDsLWI&cry=1&dbm_d=AKAmf-BbHvR4yUI7saf3FhKZDfC8HloOVn5J8QigG2WGANjbBMHmIEOVkbfdoW_n6tC47tkayTkN4A4jy1nr4Dw35h1zlCAkpESQttN7FxsY9bJJlcuJLUmwTQhO35p5U12MLju2QaPMLnDt7GCa6GwA2ppY6e6hqiAl7RLm-piCH7rTMHZ73JHqmbuFdiTkZp9JaFkUO5tzJ2Dhwa2OWcIZ-6wVffkdvPCPHDQgq__2m8-iViVpBab4GK7GK6xeS7XgiCCI3SPRuBSbQpmVt7hJah7LGAIio832aoQ8_mjI5dBo17u0CZLxffCCb54TYcjMMsFf48JQwFs7LGJ46TsS8zKoeHKskLieKo5nqFVySz5j_DpXAT1KcJZ_QgHHMDKYpt6MHq7-Ybclr4uyqC_D9mJNVjAdxzhJPAFXGSRLXa4PUdEGX0YZtm8TBJL-ZTUKIBfGmDlvMRyaSqpn7_zi7q2GMG24qpSgL_gwEg8j84eLiyv3iQajGYkDlhi2KVp9Nbj-SiWTqJq-oQxWYJluGaGvjPdl1IgDgq95SnO-wI8NPdxkS2EQwB9-nxXj4YqNOSnO50arQnEK1gcHg3nLVOwOWfSAdQoiAOzcgPF_JJ1cBBVvIP2KJoqCSta83el_GcBqPbCEfupFai_V0N_5oPLkrBR5sq4CpRQUZ2ojph__ze9-c_rOMHE_cXAE07MaTi0_XH1syceMfMqjMmsOXq-F524T-ZM_3LrQNahnZJbV8BxgYFr8GuBR9SlbZddFbIZfu3felunMA9RVVAAqe8q_pgB8QopZyx3wg6BgJsq641vE3ZWw0ZxlMDsk6ynOqB6l8fX8YjUEl2LM9uIG1pbc6UJwsAv5iC5jiz72HX3pN5BtaQgvHYpgjOPzNveXz6f9ud1Z_3Xi4vidW-RBk9AosuiYyBe-UqS2QICKrExr--91SMLrP9jJKUNzQDgHBPv5k3jjPwSbP8FP61VLZyEbt6FlSSgNELAxBQqr9a9RF45HJeQ5iGhD0PCu5InLSQIXoieDcMsMHbD75xJ-7WsXI4y0DMVAdRyee4NvOlN2o7FuU0i177u__GPwmIWVE9UYcksm9iUynuK0Cc9G7zrIk5KvkZBVg_d2ALJIjnrNiyYvck6d7-LepnwlZiAqKsyGHqbY7LYViVPRo5CF65fo15bd0Xbl4ITfAQBJmLegk936DQPIWZxqd5ucWIvff93jVCT-qGGhwDGEbLlgYnQX5PDoD4Y1sXs7icwzILMz8yVOUBZI3tlPHxWAdj3VW9VzMGrwmXWLYJc8fZL2kDOPnh-N_8Q5DRoSKBimDANks8MIDYMhMX5REW4LzPoYsfCi8h9FQqiO5IbTQv-Wg0ILWUQm3QpQiBs_QmR9kaoCIOArecKmXutCVQp77C_FJDC8m3e23Ah678Qu_OrTfh_RDDQvstg1I-T8aPGUxIRWO729Nnb3bDLKlw0bxFV6Ptlh-rbPWK47vZDEaygdUYe6FmepEHpKiwKTqnw8rA_TNvnzPwLTpflKKettpIG7ffAr8lFLn5r9-1F_0eadIQXpZ_-WNXYdU3Lst30-zQu9P1Gb-XVk9jSNFfipxsx0UwbSSpX6Ix4jjFRdUDyM_i_o_Xk3B4694xaySoRZBqbM837RE_MiV1RB48-G313EyZi8HRAPgEi0EDmYh0YeToLc3ANOazw8Kc-LWlbuTp7ud6p4MOKoZWdl0qa4f8ycfXV4yWVi8Xc3hXQd1hiEnHE3Oy30_YhtuvPRqW9NaGORNIqQLDVdf2XTvUYXYJ9sr9GPrGNYpXo_bUz6N6pecHHCNgbydhUDcLZS9mJuXSP-jCJUBm7mK4SWfvDtxm4oygU3whTZqYqf9ueTAOHA4LfjUod0vjxAhEg0luRLmmWv249_agXr5U1wk_WBH8ciCD0_LPUNtWV5UT-wAfZUCu3vfwB2D7_oDwmBBxThVerEGDumv51fN_j8pagEXch7VrRLCeYD1ekTKTksDqqhf8lPChi_2SBPL-m05VHtqQrE7HXetRHXclGyK86N9fVJrK-qhHQgSUzw7J9jdwM_yPRL-PYwLcXqW6ngTLBbA3AE4pYnmvQeJ3MBn4Tc_2Tzkvu2BA6MQGJSNVCCMRaGhxbjneM6cscU0jbQanMvJKWPV1mnnN43v6LIvRrdsQGjraDgKZEsygsAsW5VGnFmbtZ4CrfBZvJPznIY48i5XGAXLNwryYz_TpsMe29xWuqIKaecRCszxwEZOX7jb4-98CB9gK73W3fEzbnivhusgoHqUAyLJ-jXQytLoJ1-0mFEPV5LUJYs5AAMpP8BGACTflcoBmrFl7di8Vt99DxBTnB1FwKXlcdiIwR-at55JZobP5l43kiLxr7ekmP3toToDcNbHgwfqsJFk4daLlRQd-QynjUkKKbaI7xLQ2ntD7NmVF1vU0rfXMPopFwfyrQCpQ6t7U_2MulNkOub7UADDuevrwB7q3K3BM4vcKkOjp4Bd26gBg_tjXAXjlpXmjkRJ-0j2ylfeZggHyIUMf5RtUYYyxS4Z2Z7VldFlzt1Rqsvh15tNISPyhZ0m-p_lgZHhcZ2o-SUwzEXWZyUuaN11rg2Y7RZIDfs3autGiCl5FJ22GbVHcHDVtVMUw4m9sNnK1lmR4gET7j8IyrNywk8w82WNRsUKX6Hi6TFlVHvm5n1ba-53o2KF2TWXE6KJeIVgBp3h3xQE2hbONOt9KXqhpc1dRZ_QJErM4bvDjx5IlDm5KStM4KmEcnV3q4wX0Boa4o9BkUpKhNdHBHL0XMoCFJU1ruCmrj1UkvhJdq7qjPChIRIPxJ_nYI5indG7mn_SGj4nP3s7IJtw_21-FgTy-M25UExo38CpJyGQd6UYPJomm23UxpI5QECoNDt1LhdszxPGHt1XfVLG6ZDdDatdwG03ZoFlvrpwlZKpwjfBrVxbZ5rWQYDP9jBur_BdaKOM88j23WOhfZib3YC7sNz5QDeggLrSZ9KhkwRWhnIntjYb-9BJzS43p1jZ5So6k8EmH7dPaS5I6BlyftMB-1ggniG6Et7apT2P8gXpT10MFvP86olrPMCBrIbAAdWuf2MbzwmNIyKVKPp_0LjeGkBJSKDC4zUOAVs7dNWkfiUFCzbELQmVAfxJshERJBRgYdDV-iXUEMngfqgIxSu1RRiDx90tgb7ZoYbVdzdufs3NLVOh16P6YBzxwHR4alORTB_w9K1npNmjkqNtPZJaSu0_sh791d2grCStBv7itpbl6qR1Y2KMJ-8D5jZJlqOBeUYVGMqmtC5OadyDAf2-ZiO2wse1Pz9A0j2TvIKaMUsKwadelqcBDtvcTButj6Eibv6BanbtJGZgzuw-zD5VmUHb2nmFiTS18a0rQ5sBxQ-IsvFtD-Fb4SeIKRIGKgHCybWsxTYbLtDxYCwjBp1gnSh0DPL_8F-F7L-sfdquGbY0f4ZzFGRdmqs1bRSFpcNn3Cqp_aRewuJQw&cid=CAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM&rfl=1%2Chttps%253A%252F%252Fwebhostingtips.club%252F%240
IP 142.250.74.34:0
File type ASCII text, with very long lines (15220), with no line terminators
Hash ec3a11652e62a12fd63a84569102cb3a
1551a659d2ea3481c1101428484d528e3cd7d22e
cb1e6b54b20657838f0b4ec28c79909ae28f1a50569940a2a5dd6cdafdc15cb0
GET /dbm/ad?dbm_c=AKAmf-AfnAu5bmUNyPfXwYmFOpDGMWKrg2iTK3Vv3cy8J67FIUWLc-eev2T8ZbJaDQvEgt__fyuOky8KL-awN0UcS4Cy3if5IU52AaXcDyvbX4gDAUXYhtgkoMbee2fAlca_2T9chPmNxImihWvBQEu-W9jhTN1OYvA4RsGnYrpMgcZfKxDsLWI&cry=1&dbm_d=AKAmf-BbHvR4yUI7saf3FhKZDfC8HloOVn5J8QigG2WGANjbBMHmIEOVkbfdoW_n6tC47tkayTkN4A4jy1nr4Dw35h1zlCAkpESQttN7FxsY9bJJlcuJLUmwTQhO35p5U12MLju2QaPMLnDt7GCa6GwA2ppY6e6hqiAl7RLm-piCH7rTMHZ73JHqmbuFdiTkZp9JaFkUO5tzJ2Dhwa2OWcIZ-6wVffkdvPCPHDQgq__2m8-iViVpBab4GK7GK6xeS7XgiCCI3SPRuBSbQpmVt7hJah7LGAIio832aoQ8_mjI5dBo17u0CZLxffCCb54TYcjMMsFf48JQwFs7LGJ46TsS8zKoeHKskLieKo5nqFVySz5j_DpXAT1KcJZ_QgHHMDKYpt6MHq7-Ybclr4uyqC_D9mJNVjAdxzhJPAFXGSRLXa4PUdEGX0YZtm8TBJL-ZTUKIBfGmDlvMRyaSqpn7_zi7q2GMG24qpSgL_gwEg8j84eLiyv3iQajGYkDlhi2KVp9Nbj-SiWTqJq-oQxWYJluGaGvjPdl1IgDgq95SnO-wI8NPdxkS2EQwB9-nxXj4YqNOSnO50arQnEK1gcHg3nLVOwOWfSAdQoiAOzcgPF_JJ1cBBVvIP2KJoqCSta83el_GcBqPbCEfupFai_V0N_5oPLkrBR5sq4CpRQUZ2ojph__ze9-c_rOMHE_cXAE07MaTi0_XH1syceMfMqjMmsOXq-F524T-ZM_3LrQNahnZJbV8BxgYFr8GuBR9SlbZddFbIZfu3felunMA9RVVAAqe8q_pgB8QopZyx3wg6BgJsq641vE3ZWw0ZxlMDsk6ynOqB6l8fX8YjUEl2LM9uIG1pbc6UJwsAv5iC5jiz72HX3pN5BtaQgvHYpgjOPzNveXz6f9ud1Z_3Xi4vidW-RBk9AosuiYyBe-UqS2QICKrExr--91SMLrP9jJKUNzQDgHBPv5k3jjPwSbP8FP61VLZyEbt6FlSSgNELAxBQqr9a9RF45HJeQ5iGhD0PCu5InLSQIXoieDcMsMHbD75xJ-7WsXI4y0DMVAdRyee4NvOlN2o7FuU0i177u__GPwmIWVE9UYcksm9iUynuK0Cc9G7zrIk5KvkZBVg_d2ALJIjnrNiyYvck6d7-LepnwlZiAqKsyGHqbY7LYViVPRo5CF65fo15bd0Xbl4ITfAQBJmLegk936DQPIWZxqd5ucWIvff93jVCT-qGGhwDGEbLlgYnQX5PDoD4Y1sXs7icwzILMz8yVOUBZI3tlPHxWAdj3VW9VzMGrwmXWLYJc8fZL2kDOPnh-N_8Q5DRoSKBimDANks8MIDYMhMX5REW4LzPoYsfCi8h9FQqiO5IbTQv-Wg0ILWUQm3QpQiBs_QmR9kaoCIOArecKmXutCVQp77C_FJDC8m3e23Ah678Qu_OrTfh_RDDQvstg1I-T8aPGUxIRWO729Nnb3bDLKlw0bxFV6Ptlh-rbPWK47vZDEaygdUYe6FmepEHpKiwKTqnw8rA_TNvnzPwLTpflKKettpIG7ffAr8lFLn5r9-1F_0eadIQXpZ_-WNXYdU3Lst30-zQu9P1Gb-XVk9jSNFfipxsx0UwbSSpX6Ix4jjFRdUDyM_i_o_Xk3B4694xaySoRZBqbM837RE_MiV1RB48-G313EyZi8HRAPgEi0EDmYh0YeToLc3ANOazw8Kc-LWlbuTp7ud6p4MOKoZWdl0qa4f8ycfXV4yWVi8Xc3hXQd1hiEnHE3Oy30_YhtuvPRqW9NaGORNIqQLDVdf2XTvUYXYJ9sr9GPrGNYpXo_bUz6N6pecHHCNgbydhUDcLZS9mJuXSP-jCJUBm7mK4SWfvDtxm4oygU3whTZqYqf9ueTAOHA4LfjUod0vjxAhEg0luRLmmWv249_agXr5U1wk_WBH8ciCD0_LPUNtWV5UT-wAfZUCu3vfwB2D7_oDwmBBxThVerEGDumv51fN_j8pagEXch7VrRLCeYD1ekTKTksDqqhf8lPChi_2SBPL-m05VHtqQrE7HXetRHXclGyK86N9fVJrK-qhHQgSUzw7J9jdwM_yPRL-PYwLcXqW6ngTLBbA3AE4pYnmvQeJ3MBn4Tc_2Tzkvu2BA6MQGJSNVCCMRaGhxbjneM6cscU0jbQanMvJKWPV1mnnN43v6LIvRrdsQGjraDgKZEsygsAsW5VGnFmbtZ4CrfBZvJPznIY48i5XGAXLNwryYz_TpsMe29xWuqIKaecRCszxwEZOX7jb4-98CB9gK73W3fEzbnivhusgoHqUAyLJ-jXQytLoJ1-0mFEPV5LUJYs5AAMpP8BGACTflcoBmrFl7di8Vt99DxBTnB1FwKXlcdiIwR-at55JZobP5l43kiLxr7ekmP3toToDcNbHgwfqsJFk4daLlRQd-QynjUkKKbaI7xLQ2ntD7NmVF1vU0rfXMPopFwfyrQCpQ6t7U_2MulNkOub7UADDuevrwB7q3K3BM4vcKkOjp4Bd26gBg_tjXAXjlpXmjkRJ-0j2ylfeZggHyIUMf5RtUYYyxS4Z2Z7VldFlzt1Rqsvh15tNISPyhZ0m-p_lgZHhcZ2o-SUwzEXWZyUuaN11rg2Y7RZIDfs3autGiCl5FJ22GbVHcHDVtVMUw4m9sNnK1lmR4gET7j8IyrNywk8w82WNRsUKX6Hi6TFlVHvm5n1ba-53o2KF2TWXE6KJeIVgBp3h3xQE2hbONOt9KXqhpc1dRZ_QJErM4bvDjx5IlDm5KStM4KmEcnV3q4wX0Boa4o9BkUpKhNdHBHL0XMoCFJU1ruCmrj1UkvhJdq7qjPChIRIPxJ_nYI5indG7mn_SGj4nP3s7IJtw_21-FgTy-M25UExo38CpJyGQd6UYPJomm23UxpI5QECoNDt1LhdszxPGHt1XfVLG6ZDdDatdwG03ZoFlvrpwlZKpwjfBrVxbZ5rWQYDP9jBur_BdaKOM88j23WOhfZib3YC7sNz5QDeggLrSZ9KhkwRWhnIntjYb-9BJzS43p1jZ5So6k8EmH7dPaS5I6BlyftMB-1ggniG6Et7apT2P8gXpT10MFvP86olrPMCBrIbAAdWuf2MbzwmNIyKVKPp_0LjeGkBJSKDC4zUOAVs7dNWkfiUFCzbELQmVAfxJshERJBRgYdDV-iXUEMngfqgIxSu1RRiDx90tgb7ZoYbVdzdufs3NLVOh16P6YBzxwHR4alORTB_w9K1npNmjkqNtPZJaSu0_sh791d2grCStBv7itpbl6qR1Y2KMJ-8D5jZJlqOBeUYVGMqmtC5OadyDAf2-ZiO2wse1Pz9A0j2TvIKaMUsKwadelqcBDtvcTButj6Eibv6BanbtJGZgzuw-zD5VmUHb2nmFiTS18a0rQ5sBxQ-IsvFtD-Fb4SeIKRIGKgHCybWsxTYbLtDxYCwjBp1gnSh0DPL_8F-F7L-sfdquGbY0f4ZzFGRdmqs1bRSFpcNn3Cqp_aRewuJQw&cid=CAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM&rfl=1%2Chttps%253A%252F%252Fwebhostingtips.club%252F%240 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 14:19:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 11311
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 31-Dec-2022 14:34:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvaqlsQhk9P-btfO8-X2YydqnmCIJ99-75FWAo5bzhkHQ7tXSvq0UxX38lsqJFGMaXI3frAPF1rJ7ekA8NNHt6oHBXVV5qCizXrRy9pDz-xtonEzEtV9pD5dMogmuZAkhwTUoeYnpOad2F0afVcwzqpZOb46usD7rmZqLIcgL81H4eTOQ&cry=1&dbm_d=AKAmf-A8Pch2r5tdQXVesoLBiMWgi_U3vCEyWu8q-zTKY1rjq5fICsH1jvPOeF5XzjcikUnQyVdUL6CujZ0i3Ye76OJTuemHj0Hqi3DFQP8pKa91DY_eQr_tk6PdKVKoYPhDMngAHOzVlUQceurAkDYNein-d2uq9ZT964Xmb4y0jrfEvOON0EgYyiJEbqdsWT2lYop6v5hv3b38FM9VasWp_wpmv0EI8AiGuF3cJ8lMDPRrsMnCPMhnuYi2Iek4izRMBmNEN0hSV8PgJ-v9oFa9BUMS3iXZGpO8I2zxc4SgL3wGj6dqDFbN80OgTP5X-vXTiUD7BwHmoeA33PVRaVxo8P1ZkzmWVtqCtmz1sEW9etxduH8EwweKDyr1LXgIUft942UaTuklGm7LhLoiC_4VFxwx8v0mQ9vFyBXFCddX5Q3YWQ77C_nsV72zw_I9hJYcpLBFKJz6uIKqiOKSiMMqZfiJ8dKQvv0jnv0gJa22OsAxbnzdaddnkI7644GQVYbZsdO87XzdkENIyy4Ol3EIj3aIcGS6FfPmz28Zx0v8JOL8BOiMEmSgtn1Ot7_31FDnk8bK7J1yNcATQl0kl89W2zQD24oVi_q4mtPH993VKCnDWCqgu7NkeBkJubsost_J4a29fonIF0UqoJcJk4OD1InqPjBMKA2uDNT1RfxGMqm-eXhtjqmTnlHf1XjlIIkVqJAJZjKXf7gEi5JAPlTSBCSernhjSjXNh6XxnbWIN1wEtxbnbhE_wgpELtNevqTVWrixPYGPRkzOgCKDKfYZT4AJAE029IUE_SSvT2Raf934J788rz8JXbZqHM0LjfscHmKAz1b2mKe7fQBO0rnJY5nwZQLmwEEaaGE-T2LW8M4kf5KljBNGNzZX9fhvwZ5LkB3cKnT3bV24DYj88SuHtYJNsKrkf6fmA_e-oWuzJ0OiOptNXWcU61hcJZqO2YfNs98LQ6xPWfozLNaSN8CWujUSxSRBpJlox3ZddZEVuTHD-kfIJPm3DPXWXviD7F2r5lpquaPh5VKCIeZvYNhvqBGYQBs7p3HbBUD17bhPQ2TPu8yJRZimRfQyFI4h75AlZT5u0hPjfFYLNfsfbVI76WFon2ojGcmFUebfeaaELFOTLDaVWGAcuJxneGuFZENTVmyECIVgRXqsnPedfqa6kfhk0_eK4aa_-t-U-VFHiA62doov3-_M24fwrq2YCAubig28YbDrWjiERM4oUd1xAc7QLfZGsJ6uP0u0I9bz-42kqIldcJK4yacs97dOtrc_KoV69ExA8PrrLmrH5cZ7m9RqtJExkjmNodiiP_paGf3fry-wkGBo9DdAymKXs1_LuHK_Vr_ZLskiHqwaOHQJBku_dIZesoKt0RL5BqMSgRq8rty4GBn0qbqI1V-BzpEq0n6qWEx6f1zDJv5uypkQ-8gmBvyLYD3-AA-CEf_tFKdS8bjRvGCM-lNiD24Es0pKijkx9dmztmONDj7rix8IC46hxxOnDpBTSvEjDDJTQNyoNy02rGyatBkNs_oztYX52lsTbO_1rZtKoGtC7KwgUM4-SHY1GSxU3fd9HhDOfGNPwMT_IXTQYVCJDYsRPWwwcruzuBmZV5f2TjO9yQI9FLOzMall-wMh4FlvrN0dWXQHIgUK3-OPdHjPVw3SYncBNtLYAgtoB7geoZ9f0VNtWMrt6E-BrEE1VKuPNUOZicie_3wlHtbK5mMfJAhMLsLkt0uOMEza9oWFWl2VGs6q8hTeyCy5uniCAKlJOpj7zoHPGJA7KGhqWpJB1lNFIP36hNuJtlTz84pOP1bXMF3nE_rwqAh4odoVNRHKVcRfqKWf61IiujZKxEScKqZCvd3zrl0DRIpgY5IOznRZ6mZpVxdI9T0X1qisOl2tKIH7Zger12O_KaVqK3wOcJBR2RIpx9EP4ftbRkR6m9zDo6cVKSJZkpef_OvXJL8IA45xQ8GzzcorbREc78u03TahPlNhq43ZvmhjxmDOY3zUINuw2BplD27-d7VNHanUiykoqPImng0Uiv7vZWgR5V5L3HTSn37yfR3LqkRqoWiiL9zBpF-kg_XBOFb3s3Ytuo19QYITyR_2CRg2XcZlp14eAUw6j2BoaV2e8cS6qp3yjs6xSNVi41dy3EXLUXylTjLumeqD8QITZJwzKR-7JYnX07H6BbwvRuf3BAkEvoVLllOYu2iS3HuG5p5X66H_ZAt8gHAdpvKQjMFP-7cAz208XZxOs8vgxRSHgU0EDXT-5HhXHwdBSfrasPr48ckjJH6_APvzaiJbzfdfST6r0l-lbHRvUaCOgZ35e271Dtj7jyITmp9xkSN3bfBzW05_mSLZcW8K4ow12pAQs6g7ZEkja9svOO31jKX_efYCKkZk6l9hRgE4Os2LE32p1ulqEMjtdQCRgHlsBC_kijUXh8fMROcmY7sYWNwDuVFaVz-ikF5P8tugHh94c_FXmJq4AcVVjbez-ThOz83nw0E0QVsFEQ7urgNp7WVK4Ymr6wt4UT5Csk0bjDc5G1ou_7Lch95tRRqk1qif2PuR9RnK4grxwJe7-4UOrvEkHZ8o5EiesZRjAhjOxBjAJxl20xP9GKFy42Nz2yo-GNqUCWPs-tzRmwoiB7lm2iq4qkm9QuLEuJqzuQU8VUFYlFOhFGgXq8KW3jQHq7d5lLl6kR1DhoIBmZuQnd1qfG0KDOEDpgzLVY4Im001M1eZiGvu5_0N9nGQKXVaTczl_v6ykYsZ2DYCJ_ToHXuuiaF3DQCIeeqrAgB_kCFe_8-bsyQjXaPJCpe0YkfpB67UqasJTsGez1M-dZi6OFHoZEvRB2aCHArdM0-AHDF8ypmw1i1kwDxVT94saDoRBQl09VKCW1ImZg_4ic-0XZPQp1agYApEUvBrtxZ2e-FK2CEjoIAd6LVKriuIs7SmcoGCZQ6ybLZc4fS_NfwVOLISqRPcpkxh2Um2LVuqc4LwrRnrJBitsRF1-K1c9m58sYlyoT33Hi7JrKDmX-Yj1gSrHcQV8E8HY35j6hUiUJolR91dWwQc4x_Yw28YVrA5_2vh6HH2sbcOA3TAWkKwZds7Z2Zb4-oV2SJvc7dHjrvDA10JOWP-j6gWfJIdRZIPGGfcythWsZctvyfgYXsdyjH90sKdOmXmgkgXg-wxgU2x_gJ5AGhsmGu0O8eKE54wGmaz7WoYfmQFuIaZpoJrduuqbY-2F4tg_MA6D2zU6SzV-6nCFBkUarGhIoaHxB_6L74Qb0rkDd5OPIety3Bs9WNuw12Ly3y8ci3lq2MJUGiTuZKU-bBmlpoNo1wYH-hnQ6jfv0c&cid=CAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM&rfl=1%2Chttps%253A%252F%252Fwebhostingtips.club%252F%240
142.250.74.34200 OK 11 kB URL HTTP/2 googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DvaqlsQhk9P-btfO8-X2YydqnmCIJ99-75FWAo5bzhkHQ7tXSvq0UxX38lsqJFGMaXI3frAPF1rJ7ekA8NNHt6oHBXVV5qCizXrRy9pDz-xtonEzEtV9pD5dMogmuZAkhwTUoeYnpOad2F0afVcwzqpZOb46usD7rmZqLIcgL81H4eTOQ&cry=1&dbm_d=AKAmf-A8Pch2r5tdQXVesoLBiMWgi_U3vCEyWu8q-zTKY1rjq5fICsH1jvPOeF5XzjcikUnQyVdUL6CujZ0i3Ye76OJTuemHj0Hqi3DFQP8pKa91DY_eQr_tk6PdKVKoYPhDMngAHOzVlUQceurAkDYNein-d2uq9ZT964Xmb4y0jrfEvOON0EgYyiJEbqdsWT2lYop6v5hv3b38FM9VasWp_wpmv0EI8AiGuF3cJ8lMDPRrsMnCPMhnuYi2Iek4izRMBmNEN0hSV8PgJ-v9oFa9BUMS3iXZGpO8I2zxc4SgL3wGj6dqDFbN80OgTP5X-vXTiUD7BwHmoeA33PVRaVxo8P1ZkzmWVtqCtmz1sEW9etxduH8EwweKDyr1LXgIUft942UaTuklGm7LhLoiC_4VFxwx8v0mQ9vFyBXFCddX5Q3YWQ77C_nsV72zw_I9hJYcpLBFKJz6uIKqiOKSiMMqZfiJ8dKQvv0jnv0gJa22OsAxbnzdaddnkI7644GQVYbZsdO87XzdkENIyy4Ol3EIj3aIcGS6FfPmz28Zx0v8JOL8BOiMEmSgtn1Ot7_31FDnk8bK7J1yNcATQl0kl89W2zQD24oVi_q4mtPH993VKCnDWCqgu7NkeBkJubsost_J4a29fonIF0UqoJcJk4OD1InqPjBMKA2uDNT1RfxGMqm-eXhtjqmTnlHf1XjlIIkVqJAJZjKXf7gEi5JAPlTSBCSernhjSjXNh6XxnbWIN1wEtxbnbhE_wgpELtNevqTVWrixPYGPRkzOgCKDKfYZT4AJAE029IUE_SSvT2Raf934J788rz8JXbZqHM0LjfscHmKAz1b2mKe7fQBO0rnJY5nwZQLmwEEaaGE-T2LW8M4kf5KljBNGNzZX9fhvwZ5LkB3cKnT3bV24DYj88SuHtYJNsKrkf6fmA_e-oWuzJ0OiOptNXWcU61hcJZqO2YfNs98LQ6xPWfozLNaSN8CWujUSxSRBpJlox3ZddZEVuTHD-kfIJPm3DPXWXviD7F2r5lpquaPh5VKCIeZvYNhvqBGYQBs7p3HbBUD17bhPQ2TPu8yJRZimRfQyFI4h75AlZT5u0hPjfFYLNfsfbVI76WFon2ojGcmFUebfeaaELFOTLDaVWGAcuJxneGuFZENTVmyECIVgRXqsnPedfqa6kfhk0_eK4aa_-t-U-VFHiA62doov3-_M24fwrq2YCAubig28YbDrWjiERM4oUd1xAc7QLfZGsJ6uP0u0I9bz-42kqIldcJK4yacs97dOtrc_KoV69ExA8PrrLmrH5cZ7m9RqtJExkjmNodiiP_paGf3fry-wkGBo9DdAymKXs1_LuHK_Vr_ZLskiHqwaOHQJBku_dIZesoKt0RL5BqMSgRq8rty4GBn0qbqI1V-BzpEq0n6qWEx6f1zDJv5uypkQ-8gmBvyLYD3-AA-CEf_tFKdS8bjRvGCM-lNiD24Es0pKijkx9dmztmONDj7rix8IC46hxxOnDpBTSvEjDDJTQNyoNy02rGyatBkNs_oztYX52lsTbO_1rZtKoGtC7KwgUM4-SHY1GSxU3fd9HhDOfGNPwMT_IXTQYVCJDYsRPWwwcruzuBmZV5f2TjO9yQI9FLOzMall-wMh4FlvrN0dWXQHIgUK3-OPdHjPVw3SYncBNtLYAgtoB7geoZ9f0VNtWMrt6E-BrEE1VKuPNUOZicie_3wlHtbK5mMfJAhMLsLkt0uOMEza9oWFWl2VGs6q8hTeyCy5uniCAKlJOpj7zoHPGJA7KGhqWpJB1lNFIP36hNuJtlTz84pOP1bXMF3nE_rwqAh4odoVNRHKVcRfqKWf61IiujZKxEScKqZCvd3zrl0DRIpgY5IOznRZ6mZpVxdI9T0X1qisOl2tKIH7Zger12O_KaVqK3wOcJBR2RIpx9EP4ftbRkR6m9zDo6cVKSJZkpef_OvXJL8IA45xQ8GzzcorbREc78u03TahPlNhq43ZvmhjxmDOY3zUINuw2BplD27-d7VNHanUiykoqPImng0Uiv7vZWgR5V5L3HTSn37yfR3LqkRqoWiiL9zBpF-kg_XBOFb3s3Ytuo19QYITyR_2CRg2XcZlp14eAUw6j2BoaV2e8cS6qp3yjs6xSNVi41dy3EXLUXylTjLumeqD8QITZJwzKR-7JYnX07H6BbwvRuf3BAkEvoVLllOYu2iS3HuG5p5X66H_ZAt8gHAdpvKQjMFP-7cAz208XZxOs8vgxRSHgU0EDXT-5HhXHwdBSfrasPr48ckjJH6_APvzaiJbzfdfST6r0l-lbHRvUaCOgZ35e271Dtj7jyITmp9xkSN3bfBzW05_mSLZcW8K4ow12pAQs6g7ZEkja9svOO31jKX_efYCKkZk6l9hRgE4Os2LE32p1ulqEMjtdQCRgHlsBC_kijUXh8fMROcmY7sYWNwDuVFaVz-ikF5P8tugHh94c_FXmJq4AcVVjbez-ThOz83nw0E0QVsFEQ7urgNp7WVK4Ymr6wt4UT5Csk0bjDc5G1ou_7Lch95tRRqk1qif2PuR9RnK4grxwJe7-4UOrvEkHZ8o5EiesZRjAhjOxBjAJxl20xP9GKFy42Nz2yo-GNqUCWPs-tzRmwoiB7lm2iq4qkm9QuLEuJqzuQU8VUFYlFOhFGgXq8KW3jQHq7d5lLl6kR1DhoIBmZuQnd1qfG0KDOEDpgzLVY4Im001M1eZiGvu5_0N9nGQKXVaTczl_v6ykYsZ2DYCJ_ToHXuuiaF3DQCIeeqrAgB_kCFe_8-bsyQjXaPJCpe0YkfpB67UqasJTsGez1M-dZi6OFHoZEvRB2aCHArdM0-AHDF8ypmw1i1kwDxVT94saDoRBQl09VKCW1ImZg_4ic-0XZPQp1agYApEUvBrtxZ2e-FK2CEjoIAd6LVKriuIs7SmcoGCZQ6ybLZc4fS_NfwVOLISqRPcpkxh2Um2LVuqc4LwrRnrJBitsRF1-K1c9m58sYlyoT33Hi7JrKDmX-Yj1gSrHcQV8E8HY35j6hUiUJolR91dWwQc4x_Yw28YVrA5_2vh6HH2sbcOA3TAWkKwZds7Z2Zb4-oV2SJvc7dHjrvDA10JOWP-j6gWfJIdRZIPGGfcythWsZctvyfgYXsdyjH90sKdOmXmgkgXg-wxgU2x_gJ5AGhsmGu0O8eKE54wGmaz7WoYfmQFuIaZpoJrduuqbY-2F4tg_MA6D2zU6SzV-6nCFBkUarGhIoaHxB_6L74Qb0rkDd5OPIety3Bs9WNuw12Ly3y8ci3lq2MJUGiTuZKU-bBmlpoNo1wYH-hnQ6jfv0c&cid=CAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM&rfl=1%2Chttps%253A%252F%252Fwebhostingtips.club%252F%240
IP 142.250.74.34:0
File type ASCII text, with very long lines (15046), with no line terminators
Hash 45f43f0e848a2622e261173b719d98a8
b93240c5b31efabedab3e343252042853277be75
8d7790acb3d6c0f9810ee80942591d20db47efdbca5fa850a7d81f92d590fe81
GET /dbm/ad?dbm_c=AKAmf-DvaqlsQhk9P-btfO8-X2YydqnmCIJ99-75FWAo5bzhkHQ7tXSvq0UxX38lsqJFGMaXI3frAPF1rJ7ekA8NNHt6oHBXVV5qCizXrRy9pDz-xtonEzEtV9pD5dMogmuZAkhwTUoeYnpOad2F0afVcwzqpZOb46usD7rmZqLIcgL81H4eTOQ&cry=1&dbm_d=AKAmf-A8Pch2r5tdQXVesoLBiMWgi_U3vCEyWu8q-zTKY1rjq5fICsH1jvPOeF5XzjcikUnQyVdUL6CujZ0i3Ye76OJTuemHj0Hqi3DFQP8pKa91DY_eQr_tk6PdKVKoYPhDMngAHOzVlUQceurAkDYNein-d2uq9ZT964Xmb4y0jrfEvOON0EgYyiJEbqdsWT2lYop6v5hv3b38FM9VasWp_wpmv0EI8AiGuF3cJ8lMDPRrsMnCPMhnuYi2Iek4izRMBmNEN0hSV8PgJ-v9oFa9BUMS3iXZGpO8I2zxc4SgL3wGj6dqDFbN80OgTP5X-vXTiUD7BwHmoeA33PVRaVxo8P1ZkzmWVtqCtmz1sEW9etxduH8EwweKDyr1LXgIUft942UaTuklGm7LhLoiC_4VFxwx8v0mQ9vFyBXFCddX5Q3YWQ77C_nsV72zw_I9hJYcpLBFKJz6uIKqiOKSiMMqZfiJ8dKQvv0jnv0gJa22OsAxbnzdaddnkI7644GQVYbZsdO87XzdkENIyy4Ol3EIj3aIcGS6FfPmz28Zx0v8JOL8BOiMEmSgtn1Ot7_31FDnk8bK7J1yNcATQl0kl89W2zQD24oVi_q4mtPH993VKCnDWCqgu7NkeBkJubsost_J4a29fonIF0UqoJcJk4OD1InqPjBMKA2uDNT1RfxGMqm-eXhtjqmTnlHf1XjlIIkVqJAJZjKXf7gEi5JAPlTSBCSernhjSjXNh6XxnbWIN1wEtxbnbhE_wgpELtNevqTVWrixPYGPRkzOgCKDKfYZT4AJAE029IUE_SSvT2Raf934J788rz8JXbZqHM0LjfscHmKAz1b2mKe7fQBO0rnJY5nwZQLmwEEaaGE-T2LW8M4kf5KljBNGNzZX9fhvwZ5LkB3cKnT3bV24DYj88SuHtYJNsKrkf6fmA_e-oWuzJ0OiOptNXWcU61hcJZqO2YfNs98LQ6xPWfozLNaSN8CWujUSxSRBpJlox3ZddZEVuTHD-kfIJPm3DPXWXviD7F2r5lpquaPh5VKCIeZvYNhvqBGYQBs7p3HbBUD17bhPQ2TPu8yJRZimRfQyFI4h75AlZT5u0hPjfFYLNfsfbVI76WFon2ojGcmFUebfeaaELFOTLDaVWGAcuJxneGuFZENTVmyECIVgRXqsnPedfqa6kfhk0_eK4aa_-t-U-VFHiA62doov3-_M24fwrq2YCAubig28YbDrWjiERM4oUd1xAc7QLfZGsJ6uP0u0I9bz-42kqIldcJK4yacs97dOtrc_KoV69ExA8PrrLmrH5cZ7m9RqtJExkjmNodiiP_paGf3fry-wkGBo9DdAymKXs1_LuHK_Vr_ZLskiHqwaOHQJBku_dIZesoKt0RL5BqMSgRq8rty4GBn0qbqI1V-BzpEq0n6qWEx6f1zDJv5uypkQ-8gmBvyLYD3-AA-CEf_tFKdS8bjRvGCM-lNiD24Es0pKijkx9dmztmONDj7rix8IC46hxxOnDpBTSvEjDDJTQNyoNy02rGyatBkNs_oztYX52lsTbO_1rZtKoGtC7KwgUM4-SHY1GSxU3fd9HhDOfGNPwMT_IXTQYVCJDYsRPWwwcruzuBmZV5f2TjO9yQI9FLOzMall-wMh4FlvrN0dWXQHIgUK3-OPdHjPVw3SYncBNtLYAgtoB7geoZ9f0VNtWMrt6E-BrEE1VKuPNUOZicie_3wlHtbK5mMfJAhMLsLkt0uOMEza9oWFWl2VGs6q8hTeyCy5uniCAKlJOpj7zoHPGJA7KGhqWpJB1lNFIP36hNuJtlTz84pOP1bXMF3nE_rwqAh4odoVNRHKVcRfqKWf61IiujZKxEScKqZCvd3zrl0DRIpgY5IOznRZ6mZpVxdI9T0X1qisOl2tKIH7Zger12O_KaVqK3wOcJBR2RIpx9EP4ftbRkR6m9zDo6cVKSJZkpef_OvXJL8IA45xQ8GzzcorbREc78u03TahPlNhq43ZvmhjxmDOY3zUINuw2BplD27-d7VNHanUiykoqPImng0Uiv7vZWgR5V5L3HTSn37yfR3LqkRqoWiiL9zBpF-kg_XBOFb3s3Ytuo19QYITyR_2CRg2XcZlp14eAUw6j2BoaV2e8cS6qp3yjs6xSNVi41dy3EXLUXylTjLumeqD8QITZJwzKR-7JYnX07H6BbwvRuf3BAkEvoVLllOYu2iS3HuG5p5X66H_ZAt8gHAdpvKQjMFP-7cAz208XZxOs8vgxRSHgU0EDXT-5HhXHwdBSfrasPr48ckjJH6_APvzaiJbzfdfST6r0l-lbHRvUaCOgZ35e271Dtj7jyITmp9xkSN3bfBzW05_mSLZcW8K4ow12pAQs6g7ZEkja9svOO31jKX_efYCKkZk6l9hRgE4Os2LE32p1ulqEMjtdQCRgHlsBC_kijUXh8fMROcmY7sYWNwDuVFaVz-ikF5P8tugHh94c_FXmJq4AcVVjbez-ThOz83nw0E0QVsFEQ7urgNp7WVK4Ymr6wt4UT5Csk0bjDc5G1ou_7Lch95tRRqk1qif2PuR9RnK4grxwJe7-4UOrvEkHZ8o5EiesZRjAhjOxBjAJxl20xP9GKFy42Nz2yo-GNqUCWPs-tzRmwoiB7lm2iq4qkm9QuLEuJqzuQU8VUFYlFOhFGgXq8KW3jQHq7d5lLl6kR1DhoIBmZuQnd1qfG0KDOEDpgzLVY4Im001M1eZiGvu5_0N9nGQKXVaTczl_v6ykYsZ2DYCJ_ToHXuuiaF3DQCIeeqrAgB_kCFe_8-bsyQjXaPJCpe0YkfpB67UqasJTsGez1M-dZi6OFHoZEvRB2aCHArdM0-AHDF8ypmw1i1kwDxVT94saDoRBQl09VKCW1ImZg_4ic-0XZPQp1agYApEUvBrtxZ2e-FK2CEjoIAd6LVKriuIs7SmcoGCZQ6ybLZc4fS_NfwVOLISqRPcpkxh2Um2LVuqc4LwrRnrJBitsRF1-K1c9m58sYlyoT33Hi7JrKDmX-Yj1gSrHcQV8E8HY35j6hUiUJolR91dWwQc4x_Yw28YVrA5_2vh6HH2sbcOA3TAWkKwZds7Z2Zb4-oV2SJvc7dHjrvDA10JOWP-j6gWfJIdRZIPGGfcythWsZctvyfgYXsdyjH90sKdOmXmgkgXg-wxgU2x_gJ5AGhsmGu0O8eKE54wGmaz7WoYfmQFuIaZpoJrduuqbY-2F4tg_MA6D2zU6SzV-6nCFBkUarGhIoaHxB_6L74Qb0rkDd5OPIety3Bs9WNuw12Ly3y8ci3lq2MJUGiTuZKU-bBmlpoNo1wYH-hnQ6jfv0c&cid=CAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM&rfl=1%2Chttps%253A%252F%252Fwebhostingtips.club%252F%240 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 14:19:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 11194
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 31-Dec-2022 14:34:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 148ec256fface1c96269846329da2972
f9bd631e30467d6b2121630b126ec103f7189f2c
d871c209eafcb5f4eadfbe2ba813e57ef3a074da9bc628e76679f15bb4f22408
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D871C209EAFCB5F4EADFBE2BA813E57EF3A074DA9BC628E76679F15BB4F22408"
Last-Modified: Fri, 30 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5244
Expires: Sat, 31 Dec 2022 15:46:57 GMT
Date: Sat, 31 Dec 2022 14:19:33 GMT
Connection: keep-alive
googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiJsY3GATAB&v=APEucNWhFfkmI1bWyXz1bztd4xnGPFM4HLKW2CjQrrdMm0o4qVfJ_KGHF4AnK1cS8ekhabm0yzG-KbmHAD0cuHXOgyDMKgrEjsnsFqE1dDerjfwoJEq3y9YMvhcv2KcwJ6-Irll1vqUpA9u1kQs0z4MfYLMKgJm_zuPPpvB3j93XnR1raXjPsJU
142.250.74.34200 OK 942 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxiJsY3GATAB&v=APEucNWhFfkmI1bWyXz1bztd4xnGPFM4HLKW2CjQrrdMm0o4qVfJ_KGHF4AnK1cS8ekhabm0yzG-KbmHAD0cuHXOgyDMKgrEjsnsFqE1dDerjfwoJEq3y9YMvhcv2KcwJ6-Irll1vqUpA9u1kQs0z4MfYLMKgJm_zuPPpvB3j93XnR1raXjPsJU
IP 142.250.74.34:0
File type gzip compressed data, max compression\012- data
Hash 76c487fb181dc983c1a7c22af63a16ee
79ddac38718a3ec2b6c6094ec827d8322496ca47
1345b1ec46806bf785230d0d17c8da60fbd4f5563fb17503378f0340f45b052e
GET /xbbe/pixel?d=CN-KGhDw3uOiAxiJsY3GATAB&v=APEucNWhFfkmI1bWyXz1bztd4xnGPFM4HLKW2CjQrrdMm0o4qVfJ_KGHF4AnK1cS8ekhabm0yzG-KbmHAD0cuHXOgyDMKgrEjsnsFqE1dDerjfwoJEq3y9YMvhcv2KcwJ6-Irll1vqUpA9u1kQs0z4MfYLMKgJm_zuPPpvB3j93XnR1raXjPsJU HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 31 Dec 2022 14:19:33 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 31-Dec-2022 14:34:33 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 31 Dec 2022 14:19:33 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 580f697c77f3e7ced18b50ae1d3e315f
1fd85edbd2ec9ed921d61099e6898ae43d4f633e
34611a7efbe18278f12afef17f3dafa694b11a533330d66c05534a57971eb0bc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id5-sync.com/api/esp/increment?counter=no-config
141.95.98.65204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 141.95.98.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://webhostingtips.club
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://webhostingtips.club
access-control-allow-credentials: true
date: Sat, 31 Dec 2022 14:19:33 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6952
Expires: Sat, 31 Dec 2022 16:15:25 GMT
Date: Sat, 31 Dec 2022 14:19:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6952
Expires: Sat, 31 Dec 2022 16:15:25 GMT
Date: Sat, 31 Dec 2022 14:19:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6952
Expires: Sat, 31 Dec 2022 16:15:25 GMT
Date: Sat, 31 Dec 2022 14:19:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6952
Expires: Sat, 31 Dec 2022 16:15:25 GMT
Date: Sat, 31 Dec 2022 14:19:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2156f5045eb474b5c02d0c6f64f02c4e
5cc884658ca6b9b357478137cb431f694e773bd8
3e7eb661f6a47c44f20915b8384799874b0f0a69fcedd1d90caaed93f8fce4bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3E7EB661F6A47C44F20915B8384799874B0F0A69FCEDD1D90CAAED93F8FCE4BB"
Last-Modified: Fri, 30 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6952
Expires: Sat, 31 Dec 2022 16:15:25 GMT
Date: Sat, 31 Dec 2022 14:19:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc62c3ca8bc387a91c7d4711b5bc2409
7a984b459227e11984faa2539569a90875a58d29
e14a0e22b58fc1f3f392b842573e3abff7b24eb66db6b351046a186acc3b2954
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6c2763-3047-4d8a-adab-82148ff57727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7660
x-amzn-requestid: 9338abf2-1191-47da-95ff-0a201604fbc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sKCEDhoAMFZ4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a40-433f4ba9780dbc7a485ccbe9;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZCKSB-MwWwP2KTj7XMSHOZZcse5xmPE0JtkkBSLGnWqJdNyr-5oQzQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:51:37 GMT
age: 59276
etag: "7a984b459227e11984faa2539569a90875a58d29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bc8a7ce-e487-4001-9bab-2d25955322df.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bc8a7ce-e487-4001-9bab-2d25955322df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a353c18ba212595aecc2545eab8d351
f7bc83ddda7d7bae7f9668808f8a93c0403b7f37
c8cb7049ad48bf1dd92f6554b8b7dbaf0ed9be42ca8ef8502b99fd3b30eec913
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bc8a7ce-e487-4001-9bab-2d25955322df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5660
x-amzn-requestid: 908b9319-de03-450a-a56b-925290ec2b8b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dsFQjGqXIAMF48A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a7e8d0-0a7f9b7059903d534300455b;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 06:08:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oeGNSAyvvpguHBFTHuvrcZOfQ5unIRQk9tdYJAwsdvZLdxhKU3UcmA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 13:23:13 GMT
age: 3380
etag: "f7bc83ddda7d7bae7f9668808f8a93c0403b7f37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6e3dd3e-163b-404d-a10f-230f060e85c7.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6e3dd3e-163b-404d-a10f-230f060e85c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba629c9334582ac5e37a14fceb073b43
54adf501819f973ada947a82bf1d28c7de76ef72
9fd8cbe35dc6051926698405e2d9eac24a903148ac425d6cf314eb77b14fbc76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6e3dd3e-163b-404d-a10f-230f060e85c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8187
x-amzn-requestid: b8361016-7ee1-4b38-890f-974dd59af52f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: duG4vHgRIAMFumw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a8b837-4015e5af561982565986d4ce;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 20:53:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: __JIavuxqqq1LH93pl8fOY9Azg6Fy0xntTWYEXgGWPvuHjbdUzdv0g==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 22:03:43 GMT
age: 58550
etag: "54adf501819f973ada947a82bf1d28c7de76ef72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b6e468-b326-4a07-bba9-a72a27faad13.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b6e468-b326-4a07-bba9-a72a27faad13.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2fa24c59bb43fabddf42a52287526fe
e42b083e19343a3b56a9e23cc6c252e7732fc32f
2cda84f01fff3d089f57d72b87a15ce3563b9ab910347dfb6127aa75bf0bda10
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b6e468-b326-4a07-bba9-a72a27faad13.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7467
x-amzn-requestid: 6325461d-410b-42b4-8d81-035653355e92
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dy1NjEJCoAMFpMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63aa9bf0-6105344224b67fa26f55ff4b;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 07:17:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: idtfF_Z2fC-i6B-4MhRdNUocQeolo8hWyM_sGSOMXmlb73hffm9TTw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 12:22:59 GMT
age: 6994
etag: "e42b083e19343a3b56a9e23cc6c252e7732fc32f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40dc263f-68b0-4655-93e6-3c506845ba5d.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40dc263f-68b0-4655-93e6-3c506845ba5d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f964589a563304970c0be9354c542fe4
09d7db3bba00ca08d2664e6a73c8d4182d0214cb
abec859403f136b9b18a11511ae6ceda25763983bdaa609b1c693957624070fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40dc263f-68b0-4655-93e6-3c506845ba5d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7590
x-amzn-requestid: bd50dbea-3f16-4e44-8028-330baef8d9dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d4UejFTEIAMFWKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63accdf6-14e587096726420f1ff5f423;Sampled=0
x-amzn-remapped-date: Wed, 28 Dec 2022 23:15:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T0wOBMWWbjdtl13jhOI0IyrUHKOFhqD8tXkPA-lIut6HaJgsn4pIzw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 31 Dec 2022 00:28:32 GMT
age: 49861
etag: "09d7db3bba00ca08d2664e6a73c8d4182d0214cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90ce2d9e-60b4-4010-9026-a4f7c9573dfa.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90ce2d9e-60b4-4010-9026-a4f7c9573dfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a747e4ba9f713788d8d9c13ba12d253
58726a734bd0c049ed38b760c8f235c918ac1dc4
8be489aafe2c6e61bdd234a28d9d9e0de96e9d04549e2c6638a6343112c29f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90ce2d9e-60b4-4010-9026-a4f7c9573dfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9173
x-amzn-requestid: 36af4d98-e328-44ac-abdc-58f8bb3dec9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d-sLQEh0IAMF5wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63af5a47-6ea74b1133d81bf312e5bdb2;Sampled=0
x-amzn-remapped-date: Fri, 30 Dec 2022 21:38:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tKpR59fNzipFgXDMQYvBmO5-MSCxMDExr8eUqOlguUW7Zu6K3zXnpw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Dec 2022 21:52:18 GMT
age: 59235
etag: "58726a734bd0c049ed38b760c8f235c918ac1dc4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 75bfe11bd74b1892d74aeb8833187a61
e126f34d51206e5f04e95ad55af0f91330d02bd6
4aa6d166e65b8dd5733e9d7ef67e70de9d367402d5db842fc23bac33ae840ae7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AA6D166E65B8DD5733E9D7EF67E70DE9D367402D5DB842FC23BAC33AE840AE7"
Last-Modified: Fri, 30 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17078
Expires: Sat, 31 Dec 2022 19:04:11 GMT
Date: Sat, 31 Dec 2022 14:19:33 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 439277cc1e42203191328465d2ce4855
d7e1fc11e0d19e2afb1be08ce5964a6d06ddf6fc
3da14aa8e57e607688ddf02c6e117fa157b83b14c968f02dd11616e85602ec26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
142.250.74.70200 OK 38 kB URL HTTP/2 s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
IP 142.250.74.70:0
File type ASCII text, with very long lines (3095)
Hash 4f9b890a6c4cfbbfd0fb7eff98bf4dde
2db204fb0ee448842b40f84463234ea496763130
8e0d4c67a688228e1ba10b1e1dc367c078edf7e9bc35be0bd4ae8c0ce980647c
GET /879366/express_html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 31 Dec 2022 13:33:10 GMT
expires: Sun, 01 Jan 2023 13:33:10 GMT
cache-control: public, max-age=86400
age: 2783
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal9000.redintelligence.net/zone/p4vicekg7740?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQVzy9ESwY8yvG7ysiQbk5YDIDMm5opxpzLzNztUP8C4QASCxn5eWAWDDhICAmBjIAQmpAiqsz0j59bE-qAMBqgT5AU_QQLKSNXa9XlwJJFqQxkWHKOibh8mxCkoqqtJ4K89R_3jRt3L3uer5JnfmKccm-spZ65VXB7kW342ShIcuxZyfNbwf3gBXW9w4BMLtYbpje9-AHHDJgQLilr1TFURPINx52kpPfxq7JvzVCSLrAw0YDR280knQpr9USo2TqlteuWfW6jXLnnJvQbH0VuIUOigw3sGp1MWKSTfmGhObRSbKpsiCJwIH8ToBj2NHB0lZ8EPQ30WQAfQDwOTct6CPSHN5bWIdpxg64-8S1YmwSBKioG8_HkbtyKSRmHspJ03IHduBvKVUpXES53zbY8qPAayc2mztnbiO8cAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM%26sig%3DAOD64_2twJZoco39N7m5w4XPiIBFiwhT2w%26client%3Dca-pub-9665351610288016%26dbm_c%3DAKAmf-AmSJptQtGa3lZVC1IipLSfI8GIysVjHjZGath-wZtivcoAPSoXpIf-pTxG-WVL4eo30yF7dhjLRONPL14e7s6ksx4wsZT5LnVIeNnBn75D0I0xwQBW2vJdheM_P7tmoY10hO42AIQgmANPAhcHytHL_G6dAU24wLVDgy68EPnOmgiVVfk%26cry%3D1%26dbm_d%3DAKAmf-DnJPj2F2zfbMQWpzYVIfxnddok8AKtxXqYr4OgDeQM2PDzDD0vXMBVpR_-Jsq3NV462Qt3a0R5X_dGea8rIYKLFOHhsScQyHeOfk1r_IfEi3T9wYJLaProcnqgvGalzDRtabdyLzHZWxTKUSJ-3pyMqqnn0R7YlYSJFGWW7MxSlroa0MrXbEvqqbOc1nrpmK8kqDnB9Cuw61b-XeegGL5TlZZLS11DlEnO3EJ0UA_SGQ93Qu-6EXNL1Qhlu2kXDcySNSZsh4x3-MLkd3xpm6omxiqe_5222dl2byQxwzdZEgRlBKB2sw_mbyYjZlg1GQXgH2ykj4uKIKpsbog98C6rEnsYxRXl91WH624iZ1kkNxy7TOlLXImQUyOSEAnbsFxNxK62U3KVBY0kYM40OaQ-OJoewPmvhThZB2PgH7KIrv2V8flvrwRmrPBMRAoDlN2AgM5ZezqnHl0JQT-nWxr2cbRAPxbMlYkdFgXia3UNesMC5S7fDdXmNywLGPN1Q51k3RLPVbFrmtnJSjt3iAo3u6bUOzKF1tWyuKa7LljPFFP2u0Q%26adurl%3D
138.201.63.117200 OK 4.1 kB URL HTTP/1.1 hal9000.redintelligence.net/zone/p4vicekg7740?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQVzy9ESwY8yvG7ysiQbk5YDIDMm5opxpzLzNztUP8C4QASCxn5eWAWDDhICAmBjIAQmpAiqsz0j59bE-qAMBqgT5AU_QQLKSNXa9XlwJJFqQxkWHKOibh8mxCkoqqtJ4K89R_3jRt3L3uer5JnfmKccm-spZ65VXB7kW342ShIcuxZyfNbwf3gBXW9w4BMLtYbpje9-AHHDJgQLilr1TFURPINx52kpPfxq7JvzVCSLrAw0YDR280knQpr9USo2TqlteuWfW6jXLnnJvQbH0VuIUOigw3sGp1MWKSTfmGhObRSbKpsiCJwIH8ToBj2NHB0lZ8EPQ30WQAfQDwOTct6CPSHN5bWIdpxg64-8S1YmwSBKioG8_HkbtyKSRmHspJ03IHduBvKVUpXES53zbY8qPAayc2mztnbiO8cAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM%26sig%3DAOD64_2twJZoco39N7m5w4XPiIBFiwhT2w%26client%3Dca-pub-9665351610288016%26dbm_c%3DAKAmf-AmSJptQtGa3lZVC1IipLSfI8GIysVjHjZGath-wZtivcoAPSoXpIf-pTxG-WVL4eo30yF7dhjLRONPL14e7s6ksx4wsZT5LnVIeNnBn75D0I0xwQBW2vJdheM_P7tmoY10hO42AIQgmANPAhcHytHL_G6dAU24wLVDgy68EPnOmgiVVfk%26cry%3D1%26dbm_d%3DAKAmf-DnJPj2F2zfbMQWpzYVIfxnddok8AKtxXqYr4OgDeQM2PDzDD0vXMBVpR_-Jsq3NV462Qt3a0R5X_dGea8rIYKLFOHhsScQyHeOfk1r_IfEi3T9wYJLaProcnqgvGalzDRtabdyLzHZWxTKUSJ-3pyMqqnn0R7YlYSJFGWW7MxSlroa0MrXbEvqqbOc1nrpmK8kqDnB9Cuw61b-XeegGL5TlZZLS11DlEnO3EJ0UA_SGQ93Qu-6EXNL1Qhlu2kXDcySNSZsh4x3-MLkd3xpm6omxiqe_5222dl2byQxwzdZEgRlBKB2sw_mbyYjZlg1GQXgH2ykj4uKIKpsbog98C6rEnsYxRXl91WH624iZ1kkNxy7TOlLXImQUyOSEAnbsFxNxK62U3KVBY0kYM40OaQ-OJoewPmvhThZB2PgH7KIrv2V8flvrwRmrPBMRAoDlN2AgM5ZezqnHl0JQT-nWxr2cbRAPxbMlYkdFgXia3UNesMC5S7fDdXmNywLGPN1Q51k3RLPVbFrmtnJSjt3iAo3u6bUOzKF1tWyuKa7LljPFFP2u0Q%26adurl%3D
IP 138.201.63.117:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1689), with CRLF line terminators
Hash 0577dcb970fd2f9345e9a767dfe43a6e
35efc56d895d9840301d8c11100dd3ddb96a47cf
c3fbe9c5a39886c203bba5765f68bd4f2def1f638770a4365991f029e14aa91c
GET /zone/p4vicekg7740?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQVzy9ESwY8yvG7ysiQbk5YDIDMm5opxpzLzNztUP8C4QASCxn5eWAWDDhICAmBjIAQmpAiqsz0j59bE-qAMBqgT5AU_QQLKSNXa9XlwJJFqQxkWHKOibh8mxCkoqqtJ4K89R_3jRt3L3uer5JnfmKccm-spZ65VXB7kW342ShIcuxZyfNbwf3gBXW9w4BMLtYbpje9-AHHDJgQLilr1TFURPINx52kpPfxq7JvzVCSLrAw0YDR280knQpr9USo2TqlteuWfW6jXLnnJvQbH0VuIUOigw3sGp1MWKSTfmGhObRSbKpsiCJwIH8ToBj2NHB0lZ8EPQ30WQAfQDwOTct6CPSHN5bWIdpxg64-8S1YmwSBKioG8_HkbtyKSRmHspJ03IHduBvKVUpXES53zbY8qPAayc2mztnbiO8cAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM%26sig%3DAOD64_2twJZoco39N7m5w4XPiIBFiwhT2w%26client%3Dca-pub-9665351610288016%26dbm_c%3DAKAmf-AmSJptQtGa3lZVC1IipLSfI8GIysVjHjZGath-wZtivcoAPSoXpIf-pTxG-WVL4eo30yF7dhjLRONPL14e7s6ksx4wsZT5LnVIeNnBn75D0I0xwQBW2vJdheM_P7tmoY10hO42AIQgmANPAhcHytHL_G6dAU24wLVDgy68EPnOmgiVVfk%26cry%3D1%26dbm_d%3DAKAmf-DnJPj2F2zfbMQWpzYVIfxnddok8AKtxXqYr4OgDeQM2PDzDD0vXMBVpR_-Jsq3NV462Qt3a0R5X_dGea8rIYKLFOHhsScQyHeOfk1r_IfEi3T9wYJLaProcnqgvGalzDRtabdyLzHZWxTKUSJ-3pyMqqnn0R7YlYSJFGWW7MxSlroa0MrXbEvqqbOc1nrpmK8kqDnB9Cuw61b-XeegGL5TlZZLS11DlEnO3EJ0UA_SGQ93Qu-6EXNL1Qhlu2kXDcySNSZsh4x3-MLkd3xpm6omxiqe_5222dl2byQxwzdZEgRlBKB2sw_mbyYjZlg1GQXgH2ykj4uKIKpsbog98C6rEnsYxRXl91WH624iZ1kkNxy7TOlLXImQUyOSEAnbsFxNxK62U3KVBY0kYM40OaQ-OJoewPmvhThZB2PgH7KIrv2V8flvrwRmrPBMRAoDlN2AgM5ZezqnHl0JQT-nWxr2cbRAPxbMlYkdFgXia3UNesMC5S7fDdXmNywLGPN1Q51k3RLPVbFrmtnJSjt3iAo3u6bUOzKF1tWyuKa7LljPFFP2u0Q%26adurl%3D HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 14:19:33 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4104
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 439277cc1e42203191328465d2ce4855
d7e1fc11e0d19e2afb1be08ce5964a6d06ddf6fc
3da14aa8e57e607688ddf02c6e117fa157b83b14c968f02dd11616e85602ec26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:33 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/ddm/adj/N1886848.4610251DV360-SST-NO/B28607193.346487781;dc_ver=92.271;sz=120x600;u_sd=1;lineid=18638605647;dc_adk=1964084974;ord=lheia1;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKzn49ESwY82vG7ysiQbk5YDIDLypxIluncvl6MIQ-6ay0esBEAEgsZ-XlgFgw4SAgJgYoAGK2KHxKMgBCakCKqzPSPn1sT6oAwGqBP0BT9DSr9JRyjdDRkGpA83NwS4W9Cn5kmAceXHrTbbAkekD_0SNIp-oVWZGZ59loEaNBrBt16fu_4EiI5pXxXzX0gGYU-UghkhWBFBwbb9258FYQjxssdyzFBQKc2Xg3jToEIx8jbBwYEFCE7i-62dI9XdLdSz_xNRFFQk8Oet4Ev4eOEZIWuLle0rFUUA4_zOoOG47-ETKCR1b6rlxZz294luIyPYE8Z2I4pA5zrNF07krPq7Xl7INn3Mpp1Yr-E3o9lINpNQ7nfcCr88Mz78CHXuz6KgLxGPN1eG7SsPhCFJpurb0eU_9CXC4EzKtefCEAjsONdfGkbDtZZJVMMAE_YmdopME4AQDkAYBoAZNgAeKkPLQA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATsdn2ENATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM%26sig%3DAOD64_1olLb1A2pG4M78z76CAHfK8UD9xw%26client%3Dca-pub-9665351610288016%26dbm_c%3DAKAmf-ApAgJokhUQwJoXtgD3Nqc1TTVVpRF84t_A-Q6lRbAuyMTPmKzMHxkaUAX1wXDfP5MApGl4eaTvKCdANDrLQKHleHyIAcWPTiynP0IMXDg1WWOcJLQPYLpTBrtqwsa6_4vVJEWy96sVga-YCk30rVi_rg8M3plv4DOA3oYF8DdioubctgQ%26cry%3D1%26dbm_d%3DAKAmf-CN7LCP50IsWPdaKryEELsinAOTR0HgkylXdqjSxKx0_IiEqqnZNujy9_1Is_3AS2jyDBEPkorCWMwDMpxqQR6T6qwiC6sMMK1UhMER-gAtk_QdsYYNinq4hpdwOZYf7MphhDoQktxj_HtyJD39Hi2JJU5L3tNX5p4f0ZXK5_3a75u6qjEAbf0thpsCEnjGiIANtgQxrjQRfDD5xBstEc2WUGBO2tjsoKOFLjYrofhMBqEh5QJie9tN4_3Hb0fuc7Xh9XjY8DVPjvUDDuttxp68ZdaQWAX_nyYW2ragyChSIqn4HluBrGHnOgMajbRSVEyliicHUK8ye2vUWkRu9dG8JWMr8_JYkxXg42t76gROeQKbDwOYOhuym0ANedJiqXLJ2UwxmuhaQR7Mxz8HXAoOJzUOKnyawpJW8W_JLcqvQEK751XAaXWUwDRN2B4f8MjC_BPIK9oEmt9k1ijFUr0h2bCgXy70CoKH-cywNLJzLgraZ0WP8PzZl3FXdhG7MaIA0vhfxo2eKkOZE-0BEbgo9745HCqhqndWrRUEeCet1RIcDtg%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwebhostingtips.club%2F$0;xdt=1;crlt=.3)!Gzvfu';stc=1;sttr=97;prcl=s
216.58.207.230200 OK 29 kB URL HTTP/2 ad.doubleclick.net/ddm/adj/N1886848.4610251DV360-SST-NO/B28607193.346487781;dc_ver=92.271;sz=120x600;u_sd=1;lineid=18638605647;dc_adk=1964084974;ord=lheia1;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKzn49ESwY82vG7ysiQbk5YDIDLypxIluncvl6MIQ-6ay0esBEAEgsZ-XlgFgw4SAgJgYoAGK2KHxKMgBCakCKqzPSPn1sT6oAwGqBP0BT9DSr9JRyjdDRkGpA83NwS4W9Cn5kmAceXHrTbbAkekD_0SNIp-oVWZGZ59loEaNBrBt16fu_4EiI5pXxXzX0gGYU-UghkhWBFBwbb9258FYQjxssdyzFBQKc2Xg3jToEIx8jbBwYEFCE7i-62dI9XdLdSz_xNRFFQk8Oet4Ev4eOEZIWuLle0rFUUA4_zOoOG47-ETKCR1b6rlxZz294luIyPYE8Z2I4pA5zrNF07krPq7Xl7INn3Mpp1Yr-E3o9lINpNQ7nfcCr88Mz78CHXuz6KgLxGPN1eG7SsPhCFJpurb0eU_9CXC4EzKtefCEAjsONdfGkbDtZZJVMMAE_YmdopME4AQDkAYBoAZNgAeKkPLQA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATsdn2ENATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM%26sig%3DAOD64_1olLb1A2pG4M78z76CAHfK8UD9xw%26client%3Dca-pub-9665351610288016%26dbm_c%3DAKAmf-ApAgJokhUQwJoXtgD3Nqc1TTVVpRF84t_A-Q6lRbAuyMTPmKzMHxkaUAX1wXDfP5MApGl4eaTvKCdANDrLQKHleHyIAcWPTiynP0IMXDg1WWOcJLQPYLpTBrtqwsa6_4vVJEWy96sVga-YCk30rVi_rg8M3plv4DOA3oYF8DdioubctgQ%26cry%3D1%26dbm_d%3DAKAmf-CN7LCP50IsWPdaKryEELsinAOTR0HgkylXdqjSxKx0_IiEqqnZNujy9_1Is_3AS2jyDBEPkorCWMwDMpxqQR6T6qwiC6sMMK1UhMER-gAtk_QdsYYNinq4hpdwOZYf7MphhDoQktxj_HtyJD39Hi2JJU5L3tNX5p4f0ZXK5_3a75u6qjEAbf0thpsCEnjGiIANtgQxrjQRfDD5xBstEc2WUGBO2tjsoKOFLjYrofhMBqEh5QJie9tN4_3Hb0fuc7Xh9XjY8DVPjvUDDuttxp68ZdaQWAX_nyYW2ragyChSIqn4HluBrGHnOgMajbRSVEyliicHUK8ye2vUWkRu9dG8JWMr8_JYkxXg42t76gROeQKbDwOYOhuym0ANedJiqXLJ2UwxmuhaQR7Mxz8HXAoOJzUOKnyawpJW8W_JLcqvQEK751XAaXWUwDRN2B4f8MjC_BPIK9oEmt9k1ijFUr0h2bCgXy70CoKH-cywNLJzLgraZ0WP8PzZl3FXdhG7MaIA0vhfxo2eKkOZE-0BEbgo9745HCqhqndWrRUEeCet1RIcDtg%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwebhostingtips.club%2F$0;xdt=1;crlt=.3)!Gzvfu';stc=1;sttr=97;prcl=s
IP 216.58.207.230:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ab746777fd048a89e4f4321b76bb30ae
ebe7cae79896275da7e715cec1cb1689c05cab7a
9ade635b0a8f0c9c45dbf3d31aaf6ce00943bf89f0ee073f6c3751abc7d32d3b
GET /ddm/adj/N1886848.4610251DV360-SST-NO/B28607193.346487781;dc_ver=92.271;sz=120x600;u_sd=1;lineid=18638605647;dc_adk=1964084974;ord=lheia1;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCKzn49ESwY82vG7ysiQbk5YDIDLypxIluncvl6MIQ-6ay0esBEAEgsZ-XlgFgw4SAgJgYoAGK2KHxKMgBCakCKqzPSPn1sT6oAwGqBP0BT9DSr9JRyjdDRkGpA83NwS4W9Cn5kmAceXHrTbbAkekD_0SNIp-oVWZGZ59loEaNBrBt16fu_4EiI5pXxXzX0gGYU-UghkhWBFBwbb9258FYQjxssdyzFBQKc2Xg3jToEIx8jbBwYEFCE7i-62dI9XdLdSz_xNRFFQk8Oet4Ev4eOEZIWuLle0rFUUA4_zOoOG47-ETKCR1b6rlxZz294luIyPYE8Z2I4pA5zrNF07krPq7Xl7INn3Mpp1Yr-E3o9lINpNQ7nfcCr88Mz78CHXuz6KgLxGPN1eG7SsPhCFJpurb0eU_9CXC4EzKtefCEAjsONdfGkbDtZZJVMMAE_YmdopME4AQDkAYBoAZNgAeKkPLQA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATsdn2ENATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM%26sig%3DAOD64_1olLb1A2pG4M78z76CAHfK8UD9xw%26client%3Dca-pub-9665351610288016%26dbm_c%3DAKAmf-ApAgJokhUQwJoXtgD3Nqc1TTVVpRF84t_A-Q6lRbAuyMTPmKzMHxkaUAX1wXDfP5MApGl4eaTvKCdANDrLQKHleHyIAcWPTiynP0IMXDg1WWOcJLQPYLpTBrtqwsa6_4vVJEWy96sVga-YCk30rVi_rg8M3plv4DOA3oYF8DdioubctgQ%26cry%3D1%26dbm_d%3DAKAmf-CN7LCP50IsWPdaKryEELsinAOTR0HgkylXdqjSxKx0_IiEqqnZNujy9_1Is_3AS2jyDBEPkorCWMwDMpxqQR6T6qwiC6sMMK1UhMER-gAtk_QdsYYNinq4hpdwOZYf7MphhDoQktxj_HtyJD39Hi2JJU5L3tNX5p4f0ZXK5_3a75u6qjEAbf0thpsCEnjGiIANtgQxrjQRfDD5xBstEc2WUGBO2tjsoKOFLjYrofhMBqEh5QJie9tN4_3Hb0fuc7Xh9XjY8DVPjvUDDuttxp68ZdaQWAX_nyYW2ragyChSIqn4HluBrGHnOgMajbRSVEyliicHUK8ye2vUWkRu9dG8JWMr8_JYkxXg42t76gROeQKbDwOYOhuym0ANedJiqXLJ2UwxmuhaQR7Mxz8HXAoOJzUOKnyawpJW8W_JLcqvQEK751XAaXWUwDRN2B4f8MjC_BPIK9oEmt9k1ijFUr0h2bCgXy70CoKH-cywNLJzLgraZ0WP8PzZl3FXdhG7MaIA0vhfxo2eKkOZE-0BEbgo9745HCqhqndWrRUEeCet1RIcDtg%26adurl%3D;dc_rfl=1,https%3A%2F%2Fwebhostingtips.club%2F$0;xdt=1;crlt=.3)!Gzvfu';stc=1;sttr=97;prcl=s HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 31 Dec 2022 14:19:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 29443
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 31-Dec-2022 14:34:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal900019.redintelligence.net/request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=73c2136b0c&subid=&uid=ba63ced7184b5301&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQVzy9ESwY8yvG7ysiQbk5YDIDMm5opxpzLzNztUP8C4QASCxn5eWAWDDhICAmBjIAQmpAiqsz0j59bE-qAMBqgT5AU_QQLKSNXa9XlwJJFqQxkWHKOibh8mxCkoqqtJ4K89R_3jRt3L3uer5JnfmKccm-spZ65VXB7kW342ShIcuxZyfNbwf3gBXW9w4BMLtYbpje9-AHHDJgQLilr1TFURPINx52kpPfxq7JvzVCSLrAw0YDR280knQpr9USo2TqlteuWfW6jXLnnJvQbH0VuIUOigw3sGp1MWKSTfmGhObRSbKpsiCJwIH8ToBj2NHB0lZ8EPQ30WQAfQDwOTct6CPSHN5bWIdpxg64-8S1YmwSBKioG8_HkbtyKSRmHspJ03IHduBvKVUpXES53zbY8qPAayc2mztnbiO8cAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM%26sig%3DAOD64_2twJZoco39N7m5w4XPiIBFiwhT2w%26client%3Dca-pub-9665351610288016%26dbm_c%3DAKAmf-AmSJptQtGa3lZVC1IipLSfI8GIysVjHjZGath-wZtivcoAPSoXpIf-pTxG-WVL4eo30yF7dhjLRONPL14e7s6ksx4wsZT5LnVIeNnBn75D0I0xwQBW2vJdheM_P7tmoY10hO42AIQgmANPAhcHytHL_G6dAU24wLVDgy68EPnOmgiVVfk%26cry%3D1%26dbm_d%3DAKAmf-DnJPj2F2zfbMQWpzYVIfxnddok8AKtxXqYr4OgDeQM2PDzDD0vXMBVpR_-Jsq3NV462Qt3a0R5X_dGea8rIYKLFOHhsScQyHeOfk1r_IfEi3T9wYJLaProcnqgvGalzDRtabdyLzHZWxTKUSJ-3pyMqqnn0R7YlYSJFGWW7MxSlroa0MrXbEvqqbOc1nrpmK8kqDnB9Cuw61b-XeegGL5TlZZLS11DlEnO3EJ0UA_SGQ93Qu-6EXNL1Qhlu2kXDcySNSZsh4x3-MLkd3xpm6omxiqe_5222dl2byQxwzdZEgRlBKB2sw_mbyYjZlg1GQXgH2ykj4uKIKpsbog98C6rEnsYxRXl91WH624iZ1kkNxy7TOlLXImQUyOSEAnbsFxNxK62U3KVBY0kYM40OaQ-OJoewPmvhThZB2PgH7KIrv2V8flvrwRmrPBMRAoDlN2AgM5ZezqnHl0JQT-nWxr2cbRAPxbMlYkdFgXia3UNesMC5S7fDdXmNywLGPN1Q51k3RLPVbFrmtnJSjt3iAo3u6bUOzKF1tWyuKa7LljPFFP2u0Q%26adurl%3D&documentReferer=https%3A%2F%2Fwebhostingtips.club%2F&ancestorOrigins=null&random=8089860926052&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
78.46.90.238302 Found 0 B URL HTTP/1.1 hal900019.redintelligence.net/request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=73c2136b0c&subid=&uid=ba63ced7184b5301&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQVzy9ESwY8yvG7ysiQbk5YDIDMm5opxpzLzNztUP8C4QASCxn5eWAWDDhICAmBjIAQmpAiqsz0j59bE-qAMBqgT5AU_QQLKSNXa9XlwJJFqQxkWHKOibh8mxCkoqqtJ4K89R_3jRt3L3uer5JnfmKccm-spZ65VXB7kW342ShIcuxZyfNbwf3gBXW9w4BMLtYbpje9-AHHDJgQLilr1TFURPINx52kpPfxq7JvzVCSLrAw0YDR280knQpr9USo2TqlteuWfW6jXLnnJvQbH0VuIUOigw3sGp1MWKSTfmGhObRSbKpsiCJwIH8ToBj2NHB0lZ8EPQ30WQAfQDwOTct6CPSHN5bWIdpxg64-8S1YmwSBKioG8_HkbtyKSRmHspJ03IHduBvKVUpXES53zbY8qPAayc2mztnbiO8cAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM%26sig%3DAOD64_2twJZoco39N7m5w4XPiIBFiwhT2w%26client%3Dca-pub-9665351610288016%26dbm_c%3DAKAmf-AmSJptQtGa3lZVC1IipLSfI8GIysVjHjZGath-wZtivcoAPSoXpIf-pTxG-WVL4eo30yF7dhjLRONPL14e7s6ksx4wsZT5LnVIeNnBn75D0I0xwQBW2vJdheM_P7tmoY10hO42AIQgmANPAhcHytHL_G6dAU24wLVDgy68EPnOmgiVVfk%26cry%3D1%26dbm_d%3DAKAmf-DnJPj2F2zfbMQWpzYVIfxnddok8AKtxXqYr4OgDeQM2PDzDD0vXMBVpR_-Jsq3NV462Qt3a0R5X_dGea8rIYKLFOHhsScQyHeOfk1r_IfEi3T9wYJLaProcnqgvGalzDRtabdyLzHZWxTKUSJ-3pyMqqnn0R7YlYSJFGWW7MxSlroa0MrXbEvqqbOc1nrpmK8kqDnB9Cuw61b-XeegGL5TlZZLS11DlEnO3EJ0UA_SGQ93Qu-6EXNL1Qhlu2kXDcySNSZsh4x3-MLkd3xpm6omxiqe_5222dl2byQxwzdZEgRlBKB2sw_mbyYjZlg1GQXgH2ykj4uKIKpsbog98C6rEnsYxRXl91WH624iZ1kkNxy7TOlLXImQUyOSEAnbsFxNxK62U3KVBY0kYM40OaQ-OJoewPmvhThZB2PgH7KIrv2V8flvrwRmrPBMRAoDlN2AgM5ZezqnHl0JQT-nWxr2cbRAPxbMlYkdFgXia3UNesMC5S7fDdXmNywLGPN1Q51k3RLPVbFrmtnJSjt3iAo3u6bUOzKF1tWyuKa7LljPFFP2u0Q%26adurl%3D&documentReferer=https%3A%2F%2Fwebhostingtips.club%2F&ancestorOrigins=null&random=8089860926052&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
IP 78.46.90.238:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=73c2136b0c&subid=&uid=ba63ced7184b5301&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQVzy9ESwY8yvG7ysiQbk5YDIDMm5opxpzLzNztUP8C4QASCxn5eWAWDDhICAmBjIAQmpAiqsz0j59bE-qAMBqgT5AU_QQLKSNXa9XlwJJFqQxkWHKOibh8mxCkoqqtJ4K89R_3jRt3L3uer5JnfmKccm-spZ65VXB7kW342ShIcuxZyfNbwf3gBXW9w4BMLtYbpje9-AHHDJgQLilr1TFURPINx52kpPfxq7JvzVCSLrAw0YDR280knQpr9USo2TqlteuWfW6jXLnnJvQbH0VuIUOigw3sGp1MWKSTfmGhObRSbKpsiCJwIH8ToBj2NHB0lZ8EPQ30WQAfQDwOTct6CPSHN5bWIdpxg64-8S1YmwSBKioG8_HkbtyKSRmHspJ03IHduBvKVUpXES53zbY8qPAayc2mztnbiO8cAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM%26sig%3DAOD64_2twJZoco39N7m5w4XPiIBFiwhT2w%26client%3Dca-pub-9665351610288016%26dbm_c%3DAKAmf-AmSJptQtGa3lZVC1IipLSfI8GIysVjHjZGath-wZtivcoAPSoXpIf-pTxG-WVL4eo30yF7dhjLRONPL14e7s6ksx4wsZT5LnVIeNnBn75D0I0xwQBW2vJdheM_P7tmoY10hO42AIQgmANPAhcHytHL_G6dAU24wLVDgy68EPnOmgiVVfk%26cry%3D1%26dbm_d%3DAKAmf-DnJPj2F2zfbMQWpzYVIfxnddok8AKtxXqYr4OgDeQM2PDzDD0vXMBVpR_-Jsq3NV462Qt3a0R5X_dGea8rIYKLFOHhsScQyHeOfk1r_IfEi3T9wYJLaProcnqgvGalzDRtabdyLzHZWxTKUSJ-3pyMqqnn0R7YlYSJFGWW7MxSlroa0MrXbEvqqbOc1nrpmK8kqDnB9Cuw61b-XeegGL5TlZZLS11DlEnO3EJ0UA_SGQ93Qu-6EXNL1Qhlu2kXDcySNSZsh4x3-MLkd3xpm6omxiqe_5222dl2byQxwzdZEgRlBKB2sw_mbyYjZlg1GQXgH2ykj4uKIKpsbog98C6rEnsYxRXl91WH624iZ1kkNxy7TOlLXImQUyOSEAnbsFxNxK62U3KVBY0kYM40OaQ-OJoewPmvhThZB2PgH7KIrv2V8flvrwRmrPBMRAoDlN2AgM5ZezqnHl0JQT-nWxr2cbRAPxbMlYkdFgXia3UNesMC5S7fDdXmNywLGPN1Q51k3RLPVbFrmtnJSjt3iAo3u6bUOzKF1tWyuKa7LljPFFP2u0Q%26adurl%3D&documentReferer=https%3A%2F%2Fwebhostingtips.club%2F&ancestorOrigins=null&random=8089860926052&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP/1.1
Host: hal900019.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sat, 31 Dec 2022 14:19:34 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 31 Dec 2022 14:19:34 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=27bac0f2ad421221; expires=Fri, 31-Mar-2023 14:19:34 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=73c2136b0c&subid=&uid=ba63ced7184b5301&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQVzy9ESwY8yvG7ysiQbk5YDIDMm5opxpzLzNztUP8C4QASCxn5eWAWDDhICAmBjIAQmpAiqsz0j59bE-qAMBqgT5AU_QQLKSNXa9XlwJJFqQxkWHKOibh8mxCkoqqtJ4K89R_3jRt3L3uer5JnfmKccm-spZ65VXB7kW342ShIcuxZyfNbwf3gBXW9w4BMLtYbpje9-AHHDJgQLilr1TFURPINx52kpPfxq7JvzVCSLrAw0YDR280knQpr9USo2TqlteuWfW6jXLnnJvQbH0VuIUOigw3sGp1MWKSTfmGhObRSbKpsiCJwIH8ToBj2NHB0lZ8EPQ30WQAfQDwOTct6CPSHN5bWIdpxg64-8S1YmwSBKioG8_HkbtyKSRmHspJ03IHduBvKVUpXES53zbY8qPAayc2mztnbiO8cAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM%26sig%3DAOD64_2twJZoco39N7m5w4XPiIBFiwhT2w%26client%3Dca-pub-9665351610288016%26dbm_c%3DAKAmf-AmSJptQtGa3lZVC1IipLSfI8GIysVjHjZGath-wZtivcoAPSoXpIf-pTxG-WVL4eo30yF7dhjLRONPL14e7s6ksx4wsZT5LnVIeNnBn75D0I0xwQBW2vJdheM_P7tmoY10hO42AIQgmANPAhcHytHL_G6dAU24wLVDgy68EPnOmgiVVfk%26cry%3D1%26dbm_d%3DAKAmf-DnJPj2F2zfbMQWpzYVIfxnddok8AKtxXqYr4OgDeQM2PDzDD0vXMBVpR_-Jsq3NV462Qt3a0R5X_dGea8rIYKLFOHhsScQyHeOfk1r_IfEi3T9wYJLaProcnqgvGalzDRtabdyLzHZWxTKUSJ-3pyMqqnn0R7YlYSJFGWW7MxSlroa0MrXbEvqqbOc1nrpmK8kqDnB9Cuw61b-XeegGL5TlZZLS11DlEnO3EJ0UA_SGQ93Qu-6EXNL1Qhlu2kXDcySNSZsh4x3-MLkd3xpm6omxiqe_5222dl2byQxwzdZEgRlBKB2sw_mbyYjZlg1GQXgH2ykj4uKIKpsbog98C6rEnsYxRXl91WH624iZ1kkNxy7TOlLXImQUyOSEAnbsFxNxK62U3KVBY0kYM40OaQ-OJoewPmvhThZB2PgH7KIrv2V8flvrwRmrPBMRAoDlN2AgM5ZezqnHl0JQT-nWxr2cbRAPxbMlYkdFgXia3UNesMC5S7fDdXmNywLGPN1Q51k3RLPVbFrmtnJSjt3iAo3u6bUOzKF1tWyuKa7LljPFFP2u0Q%26adurl%3D&documentReferer=https%3A%2F%2Fwebhostingtips.club%2F&ancestorOrigins=null&random=8089860926052&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
cdn.doubleverify.com/dvtp_src.js?ctx=26236599&cmp=28607193&sid=8271975&plc=346487781&num=&adid=&advid=12369155&adsrv=1&btreg=539216154&btadsrv=doubleclick&crt=179120825&crtname=&chnl=&unit=&pid=&uid=&tagtype=&auevent=&dvtagver=6.1.src
95.101.11.115200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=26236599&cmp=28607193&sid=8271975&plc=346487781&num=&adid=&advid=12369155&adsrv=1&btreg=539216154&btadsrv=doubleclick&crt=179120825&crtname=&chnl=&unit=&pid=&uid=&tagtype=&auevent=&dvtagver=6.1.src
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (7951)
Hash b6bc09df5f44832484990b3fd82601f2
b26fdb62018c4a325f316135c8e1239a09e0bff7
99bb95029f07f4b17e520696f648c9963870723d8cb2c92fa7f40a602560cf9f
GET /dvtp_src.js?ctx=26236599&cmp=28607193&sid=8271975&plc=346487781&num=&adid=&advid=12369155&adsrv=1&btreg=539216154&btadsrv=doubleclick&crt=179120825&crtname=&chnl=&unit=&pid=&uid=&tagtype=&auevent=&dvtagver=6.1.src HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 25 Dec 2022 11:57:36 GMT
Accept-Ranges: bytes
ETag: "0f83e145818d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3313
Date: Sat, 31 Dec 2022 14:19:34 GMT
Connection: keep-alive
cdn.doubleverify.com/dv-measurements3345.js
95.101.11.115200 OK 108 kB URL HTTP/1.1 cdn.doubleverify.com/dv-measurements3345.js
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 108 kB (108422 bytes)
Hash bcf42629b06db55a5b3eaa052db7d321
f26ad272dd2ded77d8df03ee56fc1d4235948e57
56be98ff5af6b04ca878fea7b5ef28e6ec0e82fba833bd9d63f27a6b3a10dae1
GET /dv-measurements3345.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 25 Dec 2022 09:47:14 GMT
Accept-Ranges: bytes
ETag: "07df8dd4518d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 108422
Date: Sat, 31 Dec 2022 14:19:34 GMT
Connection: keep-alive
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhYkiY9qclEtZEYbU7TstgFwQLE3hjgJlPeVd1vkOish7RjUJxA-Ugznrctwo7mWvLlxeEF0lt3MHwuiNCFDlRWdzfie7AZiiXlDVkuGx2M61VsGw8iAntb3-Mwlx9c5BOgKDC_tmeLqnPhPqFejFlv5Z1MQ69rRlMROlNXRrWgNFoJb1LKmiOpGzAMDIId8WmP16gOfLL5NJlIhT3ivrldtHzVC_1NBUG18BcqDkos6ybdU0V_dcX9DtYf62OD6owdPWlltTiIBCnnFaGGIWr8Lfw3XkHgeREsqn6RbMTpvcFYfiua_FEN-yCB1b7pbjMRP6Fc4rXLnPsphKE0qyAWt_PnEoxRwnjgf1KOKZZZ3vh8-6MOLh1nbCfigM2p7R_xNXhyCldkWEyjUPsmzdTtBCp6mk_HYTdQOGOqHDc_sLqISGJJX6_0Ga3Kv5w8Yj-6mUhJJmgeGa4PIKqOmtv_cLopC3jmXcETp7Exa8a16ec1xG7eZ7KXhbKMt7uZqAVv48kLv0WmbAGJ03H3C7BpvdA7KeJUMgWOI3a_GRtADQGfbVLZz6zPW2vRtApeIIT2KJUKAib44d9ujbJ6WLRwvLz6Kclij4oaS7aGA9kVSjW8ttYu6ZzJkm7bCCclXITA4p26OvNTGSPVjfILuqxGST7xhP5F6PrRmPZ8dZ7tacRqIm4moqlChcMrK6uKZhxrJfy6sUPpmZlA_KdqTnmJrhY9HVHfmqdZpvHcFRehBDVT_eTrO4yemj6GJC8wav0Y9lfyo6xGngDly2RJnDj3s9SNGjW_VWcfurCVuj0wqvboaTfSaTK_yc8GhhySQrtM5Yyj9q_aJtkz7XlNO52-1uhMbkPxbYYNshJ2LP1mtMIZMsFwHUT-SqGhx4rtoDimVOJcyOUpJGy4G6rgAp-JaU9YpL33O_YDaVDljS043mp6VdWBNZ5mt1u9ISaE8fKokSiZTP-pGCNXhnG3MH_5wVNUQYjJj7Byq8_JJemaZhCWoWgJGOz7CIlI4TLIygPESu64J8NP9NZFqEIyDM0qxUDowMuAiesGl-fcTmkncCH7dOQpsN_GD5sCTN1H9wmN3CWj32PSlBe1kiM1a7cFG12LqEkAJAY3EgTmZqmJrB5EqxHUZeKvXoiVSJX0x7CsoNlmDpyIIsZWcYXU3oLIj5Jq5Dq5O8fy1BHPyz1g_AtamJ-Fo95AuGXlBXQ3QN944kibW62g3__sXETcj-skAdnbDtr2VQESD6qCelq8Xeg5WK_USW2FEG-Sb7Z2Lsd9q2LhdtS&sai=AMfl-YSgBmH4BWuAlkkA0-4YVZ5PzViHrocn38fkph599dbWGAuXWj3sp5766YoSb4a4vcADle-5knNPO_UDlS6LPrtSppHqGFMNeTa1VZKjWKUSFYy8imTJSKtXY5COAoayE4WuuhGZJtXtWZdlidDLLtnWHXqr7rfUwh5j3Dd_LIV55rR_9gWK_8r7r9TMMPJ26gYdb2VaqyE7YdKjaLxYeAopJIHhfmmC_7CWDWP9IiThwKhhjWRxBdnAJvzE4C8frTxBzFASV0epRWRPkL7FdZUpqxTpycbkO_6OOAH40svn0gO0&sig=Cg0ArKJSzLBJNW4D8kjwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=182&cbvp=1&cstd=179&cisv=r20221207.41724&arae=0&ftch=1&adurl=
142.250.74.162200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhYkiY9qclEtZEYbU7TstgFwQLE3hjgJlPeVd1vkOish7RjUJxA-Ugznrctwo7mWvLlxeEF0lt3MHwuiNCFDlRWdzfie7AZiiXlDVkuGx2M61VsGw8iAntb3-Mwlx9c5BOgKDC_tmeLqnPhPqFejFlv5Z1MQ69rRlMROlNXRrWgNFoJb1LKmiOpGzAMDIId8WmP16gOfLL5NJlIhT3ivrldtHzVC_1NBUG18BcqDkos6ybdU0V_dcX9DtYf62OD6owdPWlltTiIBCnnFaGGIWr8Lfw3XkHgeREsqn6RbMTpvcFYfiua_FEN-yCB1b7pbjMRP6Fc4rXLnPsphKE0qyAWt_PnEoxRwnjgf1KOKZZZ3vh8-6MOLh1nbCfigM2p7R_xNXhyCldkWEyjUPsmzdTtBCp6mk_HYTdQOGOqHDc_sLqISGJJX6_0Ga3Kv5w8Yj-6mUhJJmgeGa4PIKqOmtv_cLopC3jmXcETp7Exa8a16ec1xG7eZ7KXhbKMt7uZqAVv48kLv0WmbAGJ03H3C7BpvdA7KeJUMgWOI3a_GRtADQGfbVLZz6zPW2vRtApeIIT2KJUKAib44d9ujbJ6WLRwvLz6Kclij4oaS7aGA9kVSjW8ttYu6ZzJkm7bCCclXITA4p26OvNTGSPVjfILuqxGST7xhP5F6PrRmPZ8dZ7tacRqIm4moqlChcMrK6uKZhxrJfy6sUPpmZlA_KdqTnmJrhY9HVHfmqdZpvHcFRehBDVT_eTrO4yemj6GJC8wav0Y9lfyo6xGngDly2RJnDj3s9SNGjW_VWcfurCVuj0wqvboaTfSaTK_yc8GhhySQrtM5Yyj9q_aJtkz7XlNO52-1uhMbkPxbYYNshJ2LP1mtMIZMsFwHUT-SqGhx4rtoDimVOJcyOUpJGy4G6rgAp-JaU9YpL33O_YDaVDljS043mp6VdWBNZ5mt1u9ISaE8fKokSiZTP-pGCNXhnG3MH_5wVNUQYjJj7Byq8_JJemaZhCWoWgJGOz7CIlI4TLIygPESu64J8NP9NZFqEIyDM0qxUDowMuAiesGl-fcTmkncCH7dOQpsN_GD5sCTN1H9wmN3CWj32PSlBe1kiM1a7cFG12LqEkAJAY3EgTmZqmJrB5EqxHUZeKvXoiVSJX0x7CsoNlmDpyIIsZWcYXU3oLIj5Jq5Dq5O8fy1BHPyz1g_AtamJ-Fo95AuGXlBXQ3QN944kibW62g3__sXETcj-skAdnbDtr2VQESD6qCelq8Xeg5WK_USW2FEG-Sb7Z2Lsd9q2LhdtS&sai=AMfl-YSgBmH4BWuAlkkA0-4YVZ5PzViHrocn38fkph599dbWGAuXWj3sp5766YoSb4a4vcADle-5knNPO_UDlS6LPrtSppHqGFMNeTa1VZKjWKUSFYy8imTJSKtXY5COAoayE4WuuhGZJtXtWZdlidDLLtnWHXqr7rfUwh5j3Dd_LIV55rR_9gWK_8r7r9TMMPJ26gYdb2VaqyE7YdKjaLxYeAopJIHhfmmC_7CWDWP9IiThwKhhjWRxBdnAJvzE4C8frTxBzFASV0epRWRPkL7FdZUpqxTpycbkO_6OOAH40svn0gO0&sig=Cg0ArKJSzLBJNW4D8kjwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=182&cbvp=1&cstd=179&cisv=r20221207.41724&arae=0&ftch=1&adurl=
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsvhYkiY9qclEtZEYbU7TstgFwQLE3hjgJlPeVd1vkOish7RjUJxA-Ugznrctwo7mWvLlxeEF0lt3MHwuiNCFDlRWdzfie7AZiiXlDVkuGx2M61VsGw8iAntb3-Mwlx9c5BOgKDC_tmeLqnPhPqFejFlv5Z1MQ69rRlMROlNXRrWgNFoJb1LKmiOpGzAMDIId8WmP16gOfLL5NJlIhT3ivrldtHzVC_1NBUG18BcqDkos6ybdU0V_dcX9DtYf62OD6owdPWlltTiIBCnnFaGGIWr8Lfw3XkHgeREsqn6RbMTpvcFYfiua_FEN-yCB1b7pbjMRP6Fc4rXLnPsphKE0qyAWt_PnEoxRwnjgf1KOKZZZ3vh8-6MOLh1nbCfigM2p7R_xNXhyCldkWEyjUPsmzdTtBCp6mk_HYTdQOGOqHDc_sLqISGJJX6_0Ga3Kv5w8Yj-6mUhJJmgeGa4PIKqOmtv_cLopC3jmXcETp7Exa8a16ec1xG7eZ7KXhbKMt7uZqAVv48kLv0WmbAGJ03H3C7BpvdA7KeJUMgWOI3a_GRtADQGfbVLZz6zPW2vRtApeIIT2KJUKAib44d9ujbJ6WLRwvLz6Kclij4oaS7aGA9kVSjW8ttYu6ZzJkm7bCCclXITA4p26OvNTGSPVjfILuqxGST7xhP5F6PrRmPZ8dZ7tacRqIm4moqlChcMrK6uKZhxrJfy6sUPpmZlA_KdqTnmJrhY9HVHfmqdZpvHcFRehBDVT_eTrO4yemj6GJC8wav0Y9lfyo6xGngDly2RJnDj3s9SNGjW_VWcfurCVuj0wqvboaTfSaTK_yc8GhhySQrtM5Yyj9q_aJtkz7XlNO52-1uhMbkPxbYYNshJ2LP1mtMIZMsFwHUT-SqGhx4rtoDimVOJcyOUpJGy4G6rgAp-JaU9YpL33O_YDaVDljS043mp6VdWBNZ5mt1u9ISaE8fKokSiZTP-pGCNXhnG3MH_5wVNUQYjJj7Byq8_JJemaZhCWoWgJGOz7CIlI4TLIygPESu64J8NP9NZFqEIyDM0qxUDowMuAiesGl-fcTmkncCH7dOQpsN_GD5sCTN1H9wmN3CWj32PSlBe1kiM1a7cFG12LqEkAJAY3EgTmZqmJrB5EqxHUZeKvXoiVSJX0x7CsoNlmDpyIIsZWcYXU3oLIj5Jq5Dq5O8fy1BHPyz1g_AtamJ-Fo95AuGXlBXQ3QN944kibW62g3__sXETcj-skAdnbDtr2VQESD6qCelq8Xeg5WK_USW2FEG-Sb7Z2Lsd9q2LhdtS&sai=AMfl-YSgBmH4BWuAlkkA0-4YVZ5PzViHrocn38fkph599dbWGAuXWj3sp5766YoSb4a4vcADle-5knNPO_UDlS6LPrtSppHqGFMNeTa1VZKjWKUSFYy8imTJSKtXY5COAoayE4WuuhGZJtXtWZdlidDLLtnWHXqr7rfUwh5j3Dd_LIV55rR_9gWK_8r7r9TMMPJ26gYdb2VaqyE7YdKjaLxYeAopJIHhfmmC_7CWDWP9IiThwKhhjWRxBdnAJvzE4C8frTxBzFASV0epRWRPkL7FdZUpqxTpycbkO_6OOAH40svn0gO0&sig=Cg0ArKJSzLBJNW4D8kjwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=182&cbvp=1&cstd=179&cisv=r20221207.41724&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sat, 31 Dec 2022 14:19:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 31-Dec-2022 14:34:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 31 Dec 2022 14:19:34 GMT
X-Firefox-Spdy: h2
hal900019.redintelligence.net/request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=73c2136b0c&subid=&uid=ba63ced7184b5301&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQVzy9ESwY8yvG7ysiQbk5YDIDMm5opxpzLzNztUP8C4QASCxn5eWAWDDhICAmBjIAQmpAiqsz0j59bE-qAMBqgT5AU_QQLKSNXa9XlwJJFqQxkWHKOibh8mxCkoqqtJ4K89R_3jRt3L3uer5JnfmKccm-spZ65VXB7kW342ShIcuxZyfNbwf3gBXW9w4BMLtYbpje9-AHHDJgQLilr1TFURPINx52kpPfxq7JvzVCSLrAw0YDR280knQpr9USo2TqlteuWfW6jXLnnJvQbH0VuIUOigw3sGp1MWKSTfmGhObRSbKpsiCJwIH8ToBj2NHB0lZ8EPQ30WQAfQDwOTct6CPSHN5bWIdpxg64-8S1YmwSBKioG8_HkbtyKSRmHspJ03IHduBvKVUpXES53zbY8qPAayc2mztnbiO8cAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM%26sig%3DAOD64_2twJZoco39N7m5w4XPiIBFiwhT2w%26client%3Dca-pub-9665351610288016%26dbm_c%3DAKAmf-AmSJptQtGa3lZVC1IipLSfI8GIysVjHjZGath-wZtivcoAPSoXpIf-pTxG-WVL4eo30yF7dhjLRONPL14e7s6ksx4wsZT5LnVIeNnBn75D0I0xwQBW2vJdheM_P7tmoY10hO42AIQgmANPAhcHytHL_G6dAU24wLVDgy68EPnOmgiVVfk%26cry%3D1%26dbm_d%3DAKAmf-DnJPj2F2zfbMQWpzYVIfxnddok8AKtxXqYr4OgDeQM2PDzDD0vXMBVpR_-Jsq3NV462Qt3a0R5X_dGea8rIYKLFOHhsScQyHeOfk1r_IfEi3T9wYJLaProcnqgvGalzDRtabdyLzHZWxTKUSJ-3pyMqqnn0R7YlYSJFGWW7MxSlroa0MrXbEvqqbOc1nrpmK8kqDnB9Cuw61b-XeegGL5TlZZLS11DlEnO3EJ0UA_SGQ93Qu-6EXNL1Qhlu2kXDcySNSZsh4x3-MLkd3xpm6omxiqe_5222dl2byQxwzdZEgRlBKB2sw_mbyYjZlg1GQXgH2ykj4uKIKpsbog98C6rEnsYxRXl91WH624iZ1kkNxy7TOlLXImQUyOSEAnbsFxNxK62U3KVBY0kYM40OaQ-OJoewPmvhThZB2PgH7KIrv2V8flvrwRmrPBMRAoDlN2AgM5ZezqnHl0JQT-nWxr2cbRAPxbMlYkdFgXia3UNesMC5S7fDdXmNywLGPN1Q51k3RLPVbFrmtnJSjt3iAo3u6bUOzKF1tWyuKa7LljPFFP2u0Q%26adurl%3D&documentReferer=https%3A%2F%2Fwebhostingtips.club%2F&ancestorOrigins=null&random=8089860926052&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
78.46.90.238200 OK 513 B URL HTTP/1.1 hal900019.redintelligence.net/request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=73c2136b0c&subid=&uid=ba63ced7184b5301&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQVzy9ESwY8yvG7ysiQbk5YDIDMm5opxpzLzNztUP8C4QASCxn5eWAWDDhICAmBjIAQmpAiqsz0j59bE-qAMBqgT5AU_QQLKSNXa9XlwJJFqQxkWHKOibh8mxCkoqqtJ4K89R_3jRt3L3uer5JnfmKccm-spZ65VXB7kW342ShIcuxZyfNbwf3gBXW9w4BMLtYbpje9-AHHDJgQLilr1TFURPINx52kpPfxq7JvzVCSLrAw0YDR280knQpr9USo2TqlteuWfW6jXLnnJvQbH0VuIUOigw3sGp1MWKSTfmGhObRSbKpsiCJwIH8ToBj2NHB0lZ8EPQ30WQAfQDwOTct6CPSHN5bWIdpxg64-8S1YmwSBKioG8_HkbtyKSRmHspJ03IHduBvKVUpXES53zbY8qPAayc2mztnbiO8cAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM%26sig%3DAOD64_2twJZoco39N7m5w4XPiIBFiwhT2w%26client%3Dca-pub-9665351610288016%26dbm_c%3DAKAmf-AmSJptQtGa3lZVC1IipLSfI8GIysVjHjZGath-wZtivcoAPSoXpIf-pTxG-WVL4eo30yF7dhjLRONPL14e7s6ksx4wsZT5LnVIeNnBn75D0I0xwQBW2vJdheM_P7tmoY10hO42AIQgmANPAhcHytHL_G6dAU24wLVDgy68EPnOmgiVVfk%26cry%3D1%26dbm_d%3DAKAmf-DnJPj2F2zfbMQWpzYVIfxnddok8AKtxXqYr4OgDeQM2PDzDD0vXMBVpR_-Jsq3NV462Qt3a0R5X_dGea8rIYKLFOHhsScQyHeOfk1r_IfEi3T9wYJLaProcnqgvGalzDRtabdyLzHZWxTKUSJ-3pyMqqnn0R7YlYSJFGWW7MxSlroa0MrXbEvqqbOc1nrpmK8kqDnB9Cuw61b-XeegGL5TlZZLS11DlEnO3EJ0UA_SGQ93Qu-6EXNL1Qhlu2kXDcySNSZsh4x3-MLkd3xpm6omxiqe_5222dl2byQxwzdZEgRlBKB2sw_mbyYjZlg1GQXgH2ykj4uKIKpsbog98C6rEnsYxRXl91WH624iZ1kkNxy7TOlLXImQUyOSEAnbsFxNxK62U3KVBY0kYM40OaQ-OJoewPmvhThZB2PgH7KIrv2V8flvrwRmrPBMRAoDlN2AgM5ZezqnHl0JQT-nWxr2cbRAPxbMlYkdFgXia3UNesMC5S7fDdXmNywLGPN1Q51k3RLPVbFrmtnJSjt3iAo3u6bUOzKF1tWyuKa7LljPFFP2u0Q%26adurl%3D&documentReferer=https%3A%2F%2Fwebhostingtips.club%2F&ancestorOrigins=null&random=8089860926052&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
IP 78.46.90.238:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash b62f10c1591994fcd7d286d1541c423a
9311f2171dd2307bd7f7b970db759ba6c75e3327
4b30edb757852c0e5013e81ab6a81532e91665cd9c224b24d6bfc338c6d95298
GET /request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=73c2136b0c&subid=&uid=ba63ced7184b5301&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCQVzy9ESwY8yvG7ysiQbk5YDIDMm5opxpzLzNztUP8C4QASCxn5eWAWDDhICAmBjIAQmpAiqsz0j59bE-qAMBqgT5AU_QQLKSNXa9XlwJJFqQxkWHKOibh8mxCkoqqtJ4K89R_3jRt3L3uer5JnfmKccm-spZ65VXB7kW342ShIcuxZyfNbwf3gBXW9w4BMLtYbpje9-AHHDJgQLilr1TFURPINx52kpPfxq7JvzVCSLrAw0YDR280knQpr9USo2TqlteuWfW6jXLnnJvQbH0VuIUOigw3sGp1MWKSTfmGhObRSbKpsiCJwIH8ToBj2NHB0lZ8EPQ30WQAfQDwOTct6CPSHN5bWIdpxg64-8S1YmwSBKioG8_HkbtyKSRmHspJ03IHduBvKVUpXES53zbY8qPAayc2mztnbiO8cAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9-mpKZ6FIPQ7znuwBPS1pRjm6MWix6IGGYDzqrsl5mOefZ9aGB8AMm2aoy4D_h7Eslvu8-p2smR_MwXyy7OiGKyVeAwCgpxgBIBM%26sig%3DAOD64_2twJZoco39N7m5w4XPiIBFiwhT2w%26client%3Dca-pub-9665351610288016%26dbm_c%3DAKAmf-AmSJptQtGa3lZVC1IipLSfI8GIysVjHjZGath-wZtivcoAPSoXpIf-pTxG-WVL4eo30yF7dhjLRONPL14e7s6ksx4wsZT5LnVIeNnBn75D0I0xwQBW2vJdheM_P7tmoY10hO42AIQgmANPAhcHytHL_G6dAU24wLVDgy68EPnOmgiVVfk%26cry%3D1%26dbm_d%3DAKAmf-DnJPj2F2zfbMQWpzYVIfxnddok8AKtxXqYr4OgDeQM2PDzDD0vXMBVpR_-Jsq3NV462Qt3a0R5X_dGea8rIYKLFOHhsScQyHeOfk1r_IfEi3T9wYJLaProcnqgvGalzDRtabdyLzHZWxTKUSJ-3pyMqqnn0R7YlYSJFGWW7MxSlroa0MrXbEvqqbOc1nrpmK8kqDnB9Cuw61b-XeegGL5TlZZLS11DlEnO3EJ0UA_SGQ93Qu-6EXNL1Qhlu2kXDcySNSZsh4x3-MLkd3xpm6omxiqe_5222dl2byQxwzdZEgRlBKB2sw_mbyYjZlg1GQXgH2ykj4uKIKpsbog98C6rEnsYxRXl91WH624iZ1kkNxy7TOlLXImQUyOSEAnbsFxNxK62U3KVBY0kYM40OaQ-OJoewPmvhThZB2PgH7KIrv2V8flvrwRmrPBMRAoDlN2AgM5ZezqnHl0JQT-nWxr2cbRAPxbMlYkdFgXia3UNesMC5S7fDdXmNywLGPN1Q51k3RLPVbFrmtnJSjt3iAo3u6bUOzKF1tWyuKa7LljPFFP2u0Q%26adurl%3D&documentReferer=https%3A%2F%2Fwebhostingtips.club%2F&ancestorOrigins=null&random=8089860926052&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 HTTP/1.1
Host: hal900019.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=27bac0f2ad421221
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 14:19:34 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 31 Dec 2022 14:19:34 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=27bac0f2ad421221; expires=Fri, 31-Mar-2023 14:19:34 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
X-NEORY-SubId: 76664100095900504438340012190019
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 513
Connection: close
Content-Type: application/x-javascript; charset=utf-8
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsueanDckxMtj8OT6QcN7oM85vPNEMNKo8e-Hx8qvUkSKNPMkFmSejLYbsttFxC5zt97YECV_fVRGk08PtN_s9JDp4bwd-oYR_twoC9hUWbmyovGNqt3kun9i6bOv5fUTlUVNckgpffc-rI6Q9ymWw&sai=AMfl-YRTXME5zVp3ix4qv-tBmV_p2rSsLCA7HSJw-LXnw-ODK_OeH25vzOHs1UjnMbZy0rPZbBpdf3yJ6DWUHTs0iQ&sig=Cg0ArKJSzFIKePFqFckaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=149&cbvp=1&cstd=143&cisv=r20221207.81546&arae=0&ftch=1&adurl=
142.250.74.162200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsueanDckxMtj8OT6QcN7oM85vPNEMNKo8e-Hx8qvUkSKNPMkFmSejLYbsttFxC5zt97YECV_fVRGk08PtN_s9JDp4bwd-oYR_twoC9hUWbmyovGNqt3kun9i6bOv5fUTlUVNckgpffc-rI6Q9ymWw&sai=AMfl-YRTXME5zVp3ix4qv-tBmV_p2rSsLCA7HSJw-LXnw-ODK_OeH25vzOHs1UjnMbZy0rPZbBpdf3yJ6DWUHTs0iQ&sig=Cg0ArKJSzFIKePFqFckaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=149&cbvp=1&cstd=143&cisv=r20221207.81546&arae=0&ftch=1&adurl=
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsueanDckxMtj8OT6QcN7oM85vPNEMNKo8e-Hx8qvUkSKNPMkFmSejLYbsttFxC5zt97YECV_fVRGk08PtN_s9JDp4bwd-oYR_twoC9hUWbmyovGNqt3kun9i6bOv5fUTlUVNckgpffc-rI6Q9ymWw&sai=AMfl-YRTXME5zVp3ix4qv-tBmV_p2rSsLCA7HSJw-LXnw-ODK_OeH25vzOHs1UjnMbZy0rPZbBpdf3yJ6DWUHTs0iQ&sig=Cg0ArKJSzFIKePFqFckaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=149&cbvp=1&cstd=143&cisv=r20221207.81546&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sat, 31 Dec 2022 14:19:34 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 31-Dec-2022 14:34:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 31 Dec 2022 14:19:34 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ca0372dcc9d14c7985d5e281c3d43429
a35ca89d1ade29453cf27e60599f32c3b4384d05
7112001c485609452e3dbe0efa58d8689f09bc712a12b466d30694642392978d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5870
Cache-Control: max-age=114208
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:34 GMT
Etag: "63af4928-117"
Expires: Sun, 01 Jan 2023 22:03:02 GMT
Last-Modified: Fri, 30 Dec 2022 20:25:12 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.0/gsap.min.js
104.17.25.14200 OK 25 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/gsap/3.11.0/gsap.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (65240)
Hash d4c384d136998bb64073442e62e881de
7f198f412310895e3760e6b2fd7a6f12d47f27b8
dd42788f72049218c6f6b2ff2e29afdc4e42b741ccaa260b72354a5cce7b6601
GET /ajax/libs/gsap/3.11.0/gsap.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 31 Dec 2022 14:19:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 24949
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62fc7613-6175"
last-modified: Wed, 17 Aug 2022 05:01:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2064548
expires: Thu, 21 Dec 2023 14:19:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ObmLW6WqnZp5ldIQ1J8A9dqFMN8QL4YQE6GnxCWwKyRMvckJSMyPjTTJZL0K8iI7IHFPxQ6ord025x4%2FMuJiZ6EVUI8oBg2FezoSH6iQ%2FeBAxX%2BcueZuHc2wbNpLKPXbaOcUQLt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7823a6a75c03b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ca0372dcc9d14c7985d5e281c3d43429
a35ca89d1ade29453cf27e60599f32c3b4384d05
7112001c485609452e3dbe0efa58d8689f09bc712a12b466d30694642392978d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5870
Cache-Control: max-age=114208
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:34 GMT
Etag: "63af4928-117"
Expires: Sun, 01 Jan 2023 22:03:02 GMT
Last-Modified: Fri, 30 Dec 2022 20:25:12 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
creative-libraries.lemonpi.io/v1/lemonpi.js
143.204.55.118200 OK 104 kB URL HTTP/2 creative-libraries.lemonpi.io/v1/lemonpi.js
IP 143.204.55.118:0
File type Unicode text, UTF-8 text, with very long lines (50853), with NEL line terminators
Size 104 kB (103873 bytes)
Hash d12de3c80b214ce1578ee4e96b8fa917
229ecb3d576cedf58073b82419daeae034b5a02a
5a518dfc92fc7859e0bee19bbe6de12b01b26c40b4e43baabfb0e2d935685876
GET /v1/lemonpi.js HTTP/1.1
Host: creative-libraries.lemonpi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 103873
last-modified: Thu, 22 Dec 2022 09:20:43 GMT
x-amz-version-id: NNOSbEdAPtSGrtvAZqTNF7Bflt8Qp0EW
accept-ranges: bytes
server: AmazonS3
date: Sat, 31 Dec 2022 14:15:06 GMT
etag: "d12de3c80b214ce1578ee4e96b8fa917"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lmTG80vHtgi_4Kpg8Ao1jfsJfvUYx_hDg-8ucWKQwW_HRw7QtLBibg==
age: 270
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 384c96c8a3f19e8aa5f875d2d3c70cd3
694b5d01a6277f26e29a229659e112eb51a9fae3
63c679cce3919a7e54e3fdad5312f2712a9831940b88e0a9a79ef70d448b356d
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 31 Dec 2022 14:19:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 31 Dec 2022 09:23:50 GMT
Expires: Sun, 01 Jan 2023 09:23:50 GMT
ETag: "694b5d01a6277f26e29a229659e112eb51a9fae3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=520&ttfrms=31&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauH639%40DE%3A%3F8E%3AAD%5D4%3DF3Tau&srcurlD=0&aUrlD=0&ssl=https:&dfs=1260&ddur=103&uid=1672496368007100&jsCallback=dvCallback_1672496368007561&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=600&winw=120&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3345&tgjsver=3345&lvvn=28&m1=13&refD=1&fcifrms=11&brh=1&sdf=2&dvp_epl=57&noc=16&nav_pltfrm=Linux%20x86_64&ctx=26236599&cmp=28607193&sid=8271975&plc=346487781&crt=179120825&btreg=539216154&btadsrv=doubleclick&adsrv=1&advid=12369155&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=243254731.86314952&dvp_tukv=731304967.1171654&dvp_uuid=479856500.8275746&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=716968208598&jurtd=1429804700
34.149.12.213200 OK 867 B URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=520&ttfrms=31&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauH639%40DE%3A%3F8E%3AAD%5D4%3DF3Tau&srcurlD=0&aUrlD=0&ssl=https:&dfs=1260&ddur=103&uid=1672496368007100&jsCallback=dvCallback_1672496368007561&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=600&winw=120&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3345&tgjsver=3345&lvvn=28&m1=13&refD=1&fcifrms=11&brh=1&sdf=2&dvp_epl=57&noc=16&nav_pltfrm=Linux%20x86_64&ctx=26236599&cmp=28607193&sid=8271975&plc=346487781&crt=179120825&btreg=539216154&btadsrv=doubleclick&adsrv=1&advid=12369155&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=243254731.86314952&dvp_tukv=731304967.1171654&dvp_uuid=479856500.8275746&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=716968208598&jurtd=1429804700
IP 34.149.12.213:0
File type ASCII text, with very long lines (2247), with no line terminators
Hash cb1a1f445a9ba96fc05fa71d302961c2
42b7b97218e0a554e8f830c2ece6324a2181d4a1
9ba94677ecb6484caeef12a47e39fdcc5af0cd45bb0df5f465aaa64884476b38
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=520&ttfrms=31&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauH639%40DE%3A%3F8E%3AAD%5D4%3DF3Tau&srcurlD=0&aUrlD=0&ssl=https:&dfs=1260&ddur=103&uid=1672496368007100&jsCallback=dvCallback_1672496368007561&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=600&winw=120&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3345&tgjsver=3345&lvvn=28&m1=13&refD=1&fcifrms=11&brh=1&sdf=2&dvp_epl=57&noc=16&nav_pltfrm=Linux%20x86_64&ctx=26236599&cmp=28607193&sid=8271975&plc=346487781&crt=179120825&btreg=539216154&btadsrv=doubleclick&adsrv=1&advid=12369155&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=243254731.86314952&dvp_tukv=731304967.1171654&dvp_uuid=479856500.8275746&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=716968208598&jurtd=1429804700 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 14:19:35 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0
Content-Encoding: br
Expires: 12/30/2022 14:19:35
Pragma: no-cache
Vary: Accept-Encoding
cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=dfee0588e7b640459ad293e3b2f53261&dup=&cbust=1672496368594362
95.101.11.115302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=dfee0588e7b640459ad293e3b2f53261&dup=&cbust=1672496368594362
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-eu3¶m=akipv6&impid=dfee0588e7b640459ad293e3b2f53261&dup=&cbust=1672496368594362 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-eu3.doubleverify.com/event.png?impid=dfee0588e7b640459ad293e3b2f53261&akipv6=&dup=
Date: Sat, 31 Dec 2022 14:19:35 GMT
Connection: keep-alive
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhYkiY9qclEtZEYbU7TstgFwQLE3hjgJlPeVd1vkOish7RjUJxA-Ugznrctwo7mWvLlxeEF0lt3MHwuiNCFDlRWdzfie7AZiiXlDVkuGx2M61VsGw8iAntb3-Mwlx9c5BOgKDC_tmeLqnPhPqFejFlv5Z1MQ69rRlMROlNXRrWgNFoJb1LKmiOpGzAMDIId8WmP16gOfLL5NJlIhT3ivrldtHzVC_1NBUG18BcqDkos6ybdU0V_dcX9DtYf62OD6owdPWlltTiIBCnnFaGGIWr8Lfw3XkHgeREsqn6RbMTpvcFYfiua_FEN-yCB1b7pbjMRP6Fc4rXLnPsphKE0qyAWt_PnEoxRwnjgf1KOKZZZ3vh8-6MOLh1nbCfigM2p7R_xNXhyCldkWEyjUPsmzdTtBCp6mk_HYTdQOGOqHDc_sLqISGJJX6_0Ga3Kv5w8Yj-6mUhJJmgeGa4PIKqOmtv_cLopC3jmXcETp7Exa8a16ec1xG7eZ7KXhbKMt7uZqAVv48kLv0WmbAGJ03H3C7BpvdA7KeJUMgWOI3a_GRtADQGfbVLZz6zPW2vRtApeIIT2KJUKAib44d9ujbJ6WLRwvLz6Kclij4oaS7aGA9kVSjW8ttYu6ZzJkm7bCCclXITA4p26OvNTGSPVjfILuqxGST7xhP5F6PrRmPZ8dZ7tacRqIm4moqlChcMrK6uKZhxrJfy6sUPpmZlA_KdqTnmJrhY9HVHfmqdZpvHcFRehBDVT_eTrO4yemj6GJC8wav0Y9lfyo6xGngDly2RJnDj3s9SNGjW_VWcfurCVuj0wqvboaTfSaTK_yc8GhhySQrtM5Yyj9q_aJtkz7XlNO52-1uhMbkPxbYYNshJ2LP1mtMIZMsFwHUT-SqGhx4rtoDimVOJcyOUpJGy4G6rgAp-JaU9YpL33O_YDaVDljS043mp6VdWBNZ5mt1u9ISaE8fKokSiZTP-pGCNXhnG3MH_5wVNUQYjJj7Byq8_JJemaZhCWoWgJGOz7CIlI4TLIygPESu64J8NP9NZFqEIyDM0qxUDowMuAiesGl-fcTmkncCH7dOQpsN_GD5sCTN1H9wmN3CWj32PSlBe1kiM1a7cFG12LqEkAJAY3EgTmZqmJrB5EqxHUZeKvXoiVSJX0x7CsoNlmDpyIIsZWcYXU3oLIj5Jq5Dq5O8fy1BHPyz1g_AtamJ-Fo95AuGXlBXQ3QN944kibW62g3__sXETcj-skAdnbDtr2VQESD6qCelq8Xeg5WK_USW2FEG-Sb7Z2Lsd9q2LhdtS&sai=AMfl-YSgBmH4BWuAlkkA0-4YVZ5PzViHrocn38fkph599dbWGAuXWj3sp5766YoSb4a4vcADle-5knNPO_UDlS6LPrtSppHqGFMNeTa1VZKjWKUSFYy8imTJSKtXY5COAoayE4WuuhGZJtXtWZdlidDLLtnWHXqr7rfUwh5j3Dd_LIV55rR_9gWK_8r7r9TMMPJ26gYdb2VaqyE7YdKjaLxYeAopJIHhfmmC_7CWDWP9IiThwKhhjWRxBdnAJvzE4C8frTxBzFASV0epRWRPkL7FdZUpqxTpycbkO_6OOAH40svn0gO0&sig=Cg0ArKJSzLBJNW4D8kjwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1918&vt=11&dtpt=1736&dett=3&cstd=179&cisv=r20221207.41724&arae=0&ftch=1&adurl=
142.250.74.162200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvhYkiY9qclEtZEYbU7TstgFwQLE3hjgJlPeVd1vkOish7RjUJxA-Ugznrctwo7mWvLlxeEF0lt3MHwuiNCFDlRWdzfie7AZiiXlDVkuGx2M61VsGw8iAntb3-Mwlx9c5BOgKDC_tmeLqnPhPqFejFlv5Z1MQ69rRlMROlNXRrWgNFoJb1LKmiOpGzAMDIId8WmP16gOfLL5NJlIhT3ivrldtHzVC_1NBUG18BcqDkos6ybdU0V_dcX9DtYf62OD6owdPWlltTiIBCnnFaGGIWr8Lfw3XkHgeREsqn6RbMTpvcFYfiua_FEN-yCB1b7pbjMRP6Fc4rXLnPsphKE0qyAWt_PnEoxRwnjgf1KOKZZZ3vh8-6MOLh1nbCfigM2p7R_xNXhyCldkWEyjUPsmzdTtBCp6mk_HYTdQOGOqHDc_sLqISGJJX6_0Ga3Kv5w8Yj-6mUhJJmgeGa4PIKqOmtv_cLopC3jmXcETp7Exa8a16ec1xG7eZ7KXhbKMt7uZqAVv48kLv0WmbAGJ03H3C7BpvdA7KeJUMgWOI3a_GRtADQGfbVLZz6zPW2vRtApeIIT2KJUKAib44d9ujbJ6WLRwvLz6Kclij4oaS7aGA9kVSjW8ttYu6ZzJkm7bCCclXITA4p26OvNTGSPVjfILuqxGST7xhP5F6PrRmPZ8dZ7tacRqIm4moqlChcMrK6uKZhxrJfy6sUPpmZlA_KdqTnmJrhY9HVHfmqdZpvHcFRehBDVT_eTrO4yemj6GJC8wav0Y9lfyo6xGngDly2RJnDj3s9SNGjW_VWcfurCVuj0wqvboaTfSaTK_yc8GhhySQrtM5Yyj9q_aJtkz7XlNO52-1uhMbkPxbYYNshJ2LP1mtMIZMsFwHUT-SqGhx4rtoDimVOJcyOUpJGy4G6rgAp-JaU9YpL33O_YDaVDljS043mp6VdWBNZ5mt1u9ISaE8fKokSiZTP-pGCNXhnG3MH_5wVNUQYjJj7Byq8_JJemaZhCWoWgJGOz7CIlI4TLIygPESu64J8NP9NZFqEIyDM0qxUDowMuAiesGl-fcTmkncCH7dOQpsN_GD5sCTN1H9wmN3CWj32PSlBe1kiM1a7cFG12LqEkAJAY3EgTmZqmJrB5EqxHUZeKvXoiVSJX0x7CsoNlmDpyIIsZWcYXU3oLIj5Jq5Dq5O8fy1BHPyz1g_AtamJ-Fo95AuGXlBXQ3QN944kibW62g3__sXETcj-skAdnbDtr2VQESD6qCelq8Xeg5WK_USW2FEG-Sb7Z2Lsd9q2LhdtS&sai=AMfl-YSgBmH4BWuAlkkA0-4YVZ5PzViHrocn38fkph599dbWGAuXWj3sp5766YoSb4a4vcADle-5knNPO_UDlS6LPrtSppHqGFMNeTa1VZKjWKUSFYy8imTJSKtXY5COAoayE4WuuhGZJtXtWZdlidDLLtnWHXqr7rfUwh5j3Dd_LIV55rR_9gWK_8r7r9TMMPJ26gYdb2VaqyE7YdKjaLxYeAopJIHhfmmC_7CWDWP9IiThwKhhjWRxBdnAJvzE4C8frTxBzFASV0epRWRPkL7FdZUpqxTpycbkO_6OOAH40svn0gO0&sig=Cg0ArKJSzLBJNW4D8kjwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1918&vt=11&dtpt=1736&dett=3&cstd=179&cisv=r20221207.41724&arae=0&ftch=1&adurl=
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsvhYkiY9qclEtZEYbU7TstgFwQLE3hjgJlPeVd1vkOish7RjUJxA-Ugznrctwo7mWvLlxeEF0lt3MHwuiNCFDlRWdzfie7AZiiXlDVkuGx2M61VsGw8iAntb3-Mwlx9c5BOgKDC_tmeLqnPhPqFejFlv5Z1MQ69rRlMROlNXRrWgNFoJb1LKmiOpGzAMDIId8WmP16gOfLL5NJlIhT3ivrldtHzVC_1NBUG18BcqDkos6ybdU0V_dcX9DtYf62OD6owdPWlltTiIBCnnFaGGIWr8Lfw3XkHgeREsqn6RbMTpvcFYfiua_FEN-yCB1b7pbjMRP6Fc4rXLnPsphKE0qyAWt_PnEoxRwnjgf1KOKZZZ3vh8-6MOLh1nbCfigM2p7R_xNXhyCldkWEyjUPsmzdTtBCp6mk_HYTdQOGOqHDc_sLqISGJJX6_0Ga3Kv5w8Yj-6mUhJJmgeGa4PIKqOmtv_cLopC3jmXcETp7Exa8a16ec1xG7eZ7KXhbKMt7uZqAVv48kLv0WmbAGJ03H3C7BpvdA7KeJUMgWOI3a_GRtADQGfbVLZz6zPW2vRtApeIIT2KJUKAib44d9ujbJ6WLRwvLz6Kclij4oaS7aGA9kVSjW8ttYu6ZzJkm7bCCclXITA4p26OvNTGSPVjfILuqxGST7xhP5F6PrRmPZ8dZ7tacRqIm4moqlChcMrK6uKZhxrJfy6sUPpmZlA_KdqTnmJrhY9HVHfmqdZpvHcFRehBDVT_eTrO4yemj6GJC8wav0Y9lfyo6xGngDly2RJnDj3s9SNGjW_VWcfurCVuj0wqvboaTfSaTK_yc8GhhySQrtM5Yyj9q_aJtkz7XlNO52-1uhMbkPxbYYNshJ2LP1mtMIZMsFwHUT-SqGhx4rtoDimVOJcyOUpJGy4G6rgAp-JaU9YpL33O_YDaVDljS043mp6VdWBNZ5mt1u9ISaE8fKokSiZTP-pGCNXhnG3MH_5wVNUQYjJj7Byq8_JJemaZhCWoWgJGOz7CIlI4TLIygPESu64J8NP9NZFqEIyDM0qxUDowMuAiesGl-fcTmkncCH7dOQpsN_GD5sCTN1H9wmN3CWj32PSlBe1kiM1a7cFG12LqEkAJAY3EgTmZqmJrB5EqxHUZeKvXoiVSJX0x7CsoNlmDpyIIsZWcYXU3oLIj5Jq5Dq5O8fy1BHPyz1g_AtamJ-Fo95AuGXlBXQ3QN944kibW62g3__sXETcj-skAdnbDtr2VQESD6qCelq8Xeg5WK_USW2FEG-Sb7Z2Lsd9q2LhdtS&sai=AMfl-YSgBmH4BWuAlkkA0-4YVZ5PzViHrocn38fkph599dbWGAuXWj3sp5766YoSb4a4vcADle-5knNPO_UDlS6LPrtSppHqGFMNeTa1VZKjWKUSFYy8imTJSKtXY5COAoayE4WuuhGZJtXtWZdlidDLLtnWHXqr7rfUwh5j3Dd_LIV55rR_9gWK_8r7r9TMMPJ26gYdb2VaqyE7YdKjaLxYeAopJIHhfmmC_7CWDWP9IiThwKhhjWRxBdnAJvzE4C8frTxBzFASV0epRWRPkL7FdZUpqxTpycbkO_6OOAH40svn0gO0&sig=Cg0ArKJSzLBJNW4D8kjwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1918&vt=11&dtpt=1736&dett=3&cstd=179&cisv=r20221207.41724&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sat, 31 Dec 2022 14:19:35 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 31-Dec-2022 14:34:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 31 Dec 2022 14:19:35 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 0422d8da58a4a5190ed6609d6a1db120
710dacbc467d1ef4be32cb828ae5a7fc15761214
0bbc8967ba4aa88e57a2234a32bf99499cf0cde8386e8584784baf1644510b67
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=139345
Date: Sat, 31 Dec 2022 14:19:35 GMT
Etag: "63afb6b7-1d7"
Expires: Mon, 02 Jan 2023 05:02:00 GMT
Last-Modified: Sat, 31 Dec 2022 04:12:39 GMT
Server: ECS (nyb/1D0C)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: rtbRaX5aS1e6F0y2XhrgO0bpCfyfsQLxXaJ03E0ZolhctYdQdYj9Ng==
Age: 2961
content.lemonpi.io/a/902/request-cookies?callback=_lemonpiCookiesLoaded
108.128.186.239200 OK 90 B URL HTTP/1.1 content.lemonpi.io/a/902/request-cookies?callback=_lemonpiCookiesLoaded
IP 108.128.186.239:0
File type ASCII text, with no line terminators
Hash f6eb68f89803e79255fe3761563a86e3
ac717cd12bd9babb971c8fe238775cea6e323d91
18b82ad154d643f3208df89759a2db4343641f621e4c2be960177c62a7c86fd5
GET /a/902/request-cookies?callback=_lemonpiCookiesLoaded HTTP/1.1
Host: content.lemonpi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 14:19:35 GMT
Content-Length: 90
Connection: keep-alive
trace-id: 27fbc2bd63b24a7ab2749af93795a316
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000
Strict-Transport-Security: max-age=300; includeSubdomains; preload
ocsp.starfieldtech.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 3fd61d58b5c41d07081a0e117e63f983
1b07483020ad1aefdfc31eb271a8d81889e14943
e110f2ab8ded191ddd5d554faa10719d6e7923171854b8c1f356c876556bcb29
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 31 Dec 2022 14:19:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 30 Dec 2022 20:23:58 GMT
Expires: Sat, 31 Dec 2022 20:23:58 GMT
ETag: "1b07483020ad1aefdfc31eb271a8d81889e14943"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsueanDckxMtj8OT6QcN7oM85vPNEMNKo8e-Hx8qvUkSKNPMkFmSejLYbsttFxC5zt97YECV_fVRGk08PtN_s9JDp4bwd-oYR_twoC9hUWbmyovGNqt3kun9i6bOv5fUTlUVNckgpffc-rI6Q9ymWw&sai=AMfl-YRTXME5zVp3ix4qv-tBmV_p2rSsLCA7HSJw-LXnw-ODK_OeH25vzOHs1UjnMbZy0rPZbBpdf3yJ6DWUHTs0iQ&sig=Cg0ArKJSzFIKePFqFckaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1790&vt=11&dtpt=1641&dett=3&cstd=143&cisv=r20221207.81546&arae=0&ftch=1&adurl=
142.250.74.162200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsueanDckxMtj8OT6QcN7oM85vPNEMNKo8e-Hx8qvUkSKNPMkFmSejLYbsttFxC5zt97YECV_fVRGk08PtN_s9JDp4bwd-oYR_twoC9hUWbmyovGNqt3kun9i6bOv5fUTlUVNckgpffc-rI6Q9ymWw&sai=AMfl-YRTXME5zVp3ix4qv-tBmV_p2rSsLCA7HSJw-LXnw-ODK_OeH25vzOHs1UjnMbZy0rPZbBpdf3yJ6DWUHTs0iQ&sig=Cg0ArKJSzFIKePFqFckaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1790&vt=11&dtpt=1641&dett=3&cstd=143&cisv=r20221207.81546&arae=0&ftch=1&adurl=
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsueanDckxMtj8OT6QcN7oM85vPNEMNKo8e-Hx8qvUkSKNPMkFmSejLYbsttFxC5zt97YECV_fVRGk08PtN_s9JDp4bwd-oYR_twoC9hUWbmyovGNqt3kun9i6bOv5fUTlUVNckgpffc-rI6Q9ymWw&sai=AMfl-YRTXME5zVp3ix4qv-tBmV_p2rSsLCA7HSJw-LXnw-ODK_OeH25vzOHs1UjnMbZy0rPZbBpdf3yJ6DWUHTs0iQ&sig=Cg0ArKJSzFIKePFqFckaEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1790&vt=11&dtpt=1641&dett=3&cstd=143&cisv=r20221207.81546&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sat, 31 Dec 2022 14:19:35 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 31-Dec-2022 14:34:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 31 Dec 2022 14:19:35 GMT
X-Firefox-Spdy: h2
tpsc-eu3.doubleverify.com/event.png?impid=dfee0588e7b640459ad293e3b2f53261&akipv6=&dup=
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=dfee0588e7b640459ad293e3b2f53261&akipv6=&dup=
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=dfee0588e7b640459ad293e3b2f53261&akipv6=&dup= HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 31 Dec 2022 14:19:35 GMT
Connection: keep-alive
Cache-Control: max-age=0
Expires: 12/30/2022 14:19:35
Pragma: no-cache
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtckvae0oMswTjL-DLK9sC18JzfUZpb33UwmbaH0xiZPbJVauu45wlY2GYlJQB2owJvxk75GJIy6MdjExO0gonkes8BXpuX8Bm_O5sLfdfoSbshQTlO5gLjiva7ScmYvtP4XrogA&sai=AMfl-YRMc8s-hGqb-SZABxWIM_GyzcHUs2NF6HKiQwTnlPGPAlVMoYP2c_esVd1oBSvNEPvU01w38m3j-rnHkkGq0s6O3GG36Jw_n_es9LpWyJY07aEjyg2R-dEKUjJJmSE4xkIFYK0j-irxrMA315J9&sig=Cg0ArKJSzCXzUHBfJsWEEAE&cid=CAQSTADq26N9Z2WUEGLTsaOU985-F_DORsP8656dV6MwSyNm4KPkmOXMbzK9px2RLNgNzBmM8iXNdyAnIFM5FTCBjwie4jHZEfy2E8KQ3boYASAT&id=lidar2&mcvt=1415&p=849,270,939,998&mtos=1415,1415,1415,1415,1415&tos=1415,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=587713309&rs=4&la=0&cr=0&vs=4&r=v&rst=1672496366592&rpt=1520&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
142.250.74.162200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtckvae0oMswTjL-DLK9sC18JzfUZpb33UwmbaH0xiZPbJVauu45wlY2GYlJQB2owJvxk75GJIy6MdjExO0gonkes8BXpuX8Bm_O5sLfdfoSbshQTlO5gLjiva7ScmYvtP4XrogA&sai=AMfl-YRMc8s-hGqb-SZABxWIM_GyzcHUs2NF6HKiQwTnlPGPAlVMoYP2c_esVd1oBSvNEPvU01w38m3j-rnHkkGq0s6O3GG36Jw_n_es9LpWyJY07aEjyg2R-dEKUjJJmSE4xkIFYK0j-irxrMA315J9&sig=Cg0ArKJSzCXzUHBfJsWEEAE&cid=CAQSTADq26N9Z2WUEGLTsaOU985-F_DORsP8656dV6MwSyNm4KPkmOXMbzK9px2RLNgNzBmM8iXNdyAnIFM5FTCBjwie4jHZEfy2E8KQ3boYASAT&id=lidar2&mcvt=1415&p=849,270,939,998&mtos=1415,1415,1415,1415,1415&tos=1415,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=587713309&rs=4&la=0&cr=0&vs=4&r=v&rst=1672496366592&rpt=1520&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsvtckvae0oMswTjL-DLK9sC18JzfUZpb33UwmbaH0xiZPbJVauu45wlY2GYlJQB2owJvxk75GJIy6MdjExO0gonkes8BXpuX8Bm_O5sLfdfoSbshQTlO5gLjiva7ScmYvtP4XrogA&sai=AMfl-YRMc8s-hGqb-SZABxWIM_GyzcHUs2NF6HKiQwTnlPGPAlVMoYP2c_esVd1oBSvNEPvU01w38m3j-rnHkkGq0s6O3GG36Jw_n_es9LpWyJY07aEjyg2R-dEKUjJJmSE4xkIFYK0j-irxrMA315J9&sig=Cg0ArKJSzCXzUHBfJsWEEAE&cid=CAQSTADq26N9Z2WUEGLTsaOU985-F_DORsP8656dV6MwSyNm4KPkmOXMbzK9px2RLNgNzBmM8iXNdyAnIFM5FTCBjwie4jHZEfy2E8KQ3boYASAT&id=lidar2&mcvt=1415&p=849,270,939,998&mtos=1415,1415,1415,1415,1415&tos=1415,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=587713309&rs=4&la=0&cr=0&vs=4&r=v&rst=1672496366592&rpt=1520&isd=0&lsd=0&met=mue&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Sat, 31 Dec 2022 14:19:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal900019.redintelligence.net/request_content.php?s=76664100095900504438340012190019&a=c27d86e9
78.46.90.238200 OK 1.4 kB URL HTTP/1.1 hal900019.redintelligence.net/request_content.php?s=76664100095900504438340012190019&a=c27d86e9
IP 78.46.90.238:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2181913225fe8ef88b25f4095c1fab39
0278d561f3d5a1fe7e0acdef6b74ba9e31cd09a6
9b3198e4c2fae860a73c4f8d3723b6e821bd6514e1b5d94b7770b08494dfbe58
GET /request_content.php?s=76664100095900504438340012190019&a=c27d86e9 HTTP/1.1
Host: hal900019.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Cookie: 8lcfmzhxc8d6_uid=27bac0f2ad421221
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 14:19:36 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 31 Dec 2022 14:19:36 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1412
Connection: close
Content-Type: text/html; charset=utf-8
content.lemonpi.io/a/902/c/9770/content/18742-67122?impression-id=03fd5fda-b40e-4190-a71e-b5039c629fd3
108.128.186.239204 No Content 0 B URL HTTP/1.1 content.lemonpi.io/a/902/c/9770/content/18742-67122?impression-id=03fd5fda-b40e-4190-a71e-b5039c629fd3
IP 108.128.186.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /a/902/c/9770/content/18742-67122?impression-id=03fd5fda-b40e-4190-a71e-b5039c629fd3 HTTP/1.1
Host: content.lemonpi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://s0.2mdn.net/
Origin: https://s0.2mdn.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 31 Dec 2022 14:19:36 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000
Content-Length: 0
Strict-Transport-Security: max-age=300; includeSubdomains; preload
content.lemonpi.io/a/902/c/9770/content/18742-67122?impression-id=03fd5fda-b40e-4190-a71e-b5039c629fd3
108.128.186.239200 OK 5.7 kB URL HTTP/1.1 content.lemonpi.io/a/902/c/9770/content/18742-67122?impression-id=03fd5fda-b40e-4190-a71e-b5039c629fd3
IP 108.128.186.239:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5672), with no line terminators
Hash d3ab492fc8899599fcc8d8f2331cd5a4
76dab006814996e4aed13bc184f1f829e619289a
d51f37224c9b059e577e6fc66116a8d56e98cafc7c1cd5a69b825800afcc56a6
POST /a/902/c/9770/content/18742-67122?impression-id=03fd5fda-b40e-4190-a71e-b5039c629fd3 HTTP/1.1
Host: content.lemonpi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 563
Origin: https://s0.2mdn.net
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 14:19:36 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 5678
Connection: keep-alive
trace-id: 1ecfa8ee5dbb41e2b7d3abd6e40656df
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000
Strict-Transport-Security: max-age=300; includeSubdomains; preload
log.lemonpi.io/log
108.128.186.239200 OK 2 B IP 108.128.186.239:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log HTTP/1.1
Host: log.lemonpi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 92
Origin: https://s0.2mdn.net
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 14:19:36 GMT
Content-Type: text/plain
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: *
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-headers: Content-Type
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjFuNuzzH3NBGkwUw_4QVQxdPRMfPB4Z-7LeTfW148R6-i-j1L068ZcDx1VvOydZ-OZDHGfjow4A9nCsHVSBJuIcA1H_UASpB_3VM4MLdvHesazSMb20pCEKHF7QAP3tWlVtnTkA&sai=AMfl-YTDiRnI_8-m7mzRlY0TYmAgi-TxpEsjIHzbRm8iSu0HCbwsWhknnJra1JUfog52gSjywJsbx0eBau7Whzh-bEzBywa2-o-IWLIzOpiw5Djm0mxfHnzDjY285z5wk6icMPQEe18lllOAAh9KrFI&sig=Cg0ArKJSzHCHgGrXtYQiEAE&cid=CAQSSwDq26N90fD_uX0qKq1NTSn0pUrETL01hKX50d2o1WJOumHR6Rdl6nWjyDfwDe_OoWiLJIK1Mabtf-McdZ-JNuVw_yCEy2o5_QsHlRgBIBM&id=lidar2&mcvt=1156&p=849,270,939,998&mtos=1156,1156,1156,1156,1156&tos=1156,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1112456955&rs=4&la=0&cr=0&vs=4&r=v&rst=1672496366013&rpt=2591&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
142.250.74.162200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjFuNuzzH3NBGkwUw_4QVQxdPRMfPB4Z-7LeTfW148R6-i-j1L068ZcDx1VvOydZ-OZDHGfjow4A9nCsHVSBJuIcA1H_UASpB_3VM4MLdvHesazSMb20pCEKHF7QAP3tWlVtnTkA&sai=AMfl-YTDiRnI_8-m7mzRlY0TYmAgi-TxpEsjIHzbRm8iSu0HCbwsWhknnJra1JUfog52gSjywJsbx0eBau7Whzh-bEzBywa2-o-IWLIzOpiw5Djm0mxfHnzDjY285z5wk6icMPQEe18lllOAAh9KrFI&sig=Cg0ArKJSzHCHgGrXtYQiEAE&cid=CAQSSwDq26N90fD_uX0qKq1NTSn0pUrETL01hKX50d2o1WJOumHR6Rdl6nWjyDfwDe_OoWiLJIK1Mabtf-McdZ-JNuVw_yCEy2o5_QsHlRgBIBM&id=lidar2&mcvt=1156&p=849,270,939,998&mtos=1156,1156,1156,1156,1156&tos=1156,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1112456955&rs=4&la=0&cr=0&vs=4&r=v&rst=1672496366013&rpt=2591&isd=0&lsd=0&met=ie&wmsd=0&pbe=0
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjstjFuNuzzH3NBGkwUw_4QVQxdPRMfPB4Z-7LeTfW148R6-i-j1L068ZcDx1VvOydZ-OZDHGfjow4A9nCsHVSBJuIcA1H_UASpB_3VM4MLdvHesazSMb20pCEKHF7QAP3tWlVtnTkA&sai=AMfl-YTDiRnI_8-m7mzRlY0TYmAgi-TxpEsjIHzbRm8iSu0HCbwsWhknnJra1JUfog52gSjywJsbx0eBau7Whzh-bEzBywa2-o-IWLIzOpiw5Djm0mxfHnzDjY285z5wk6icMPQEe18lllOAAh9KrFI&sig=Cg0ArKJSzHCHgGrXtYQiEAE&cid=CAQSSwDq26N90fD_uX0qKq1NTSn0pUrETL01hKX50d2o1WJOumHR6Rdl6nWjyDfwDe_OoWiLJIK1Mabtf-McdZ-JNuVw_yCEy2o5_QsHlRgBIBM&id=lidar2&mcvt=1156&p=849,270,939,998&mtos=1156,1156,1156,1156,1156&tos=1156,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1112456955&rs=4&la=0&cr=0&vs=4&r=v&rst=1672496366013&rpt=2591&isd=0&lsd=0&met=ie&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Sat, 31 Dec 2022 14:19:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
log.lemonpi.io/log
108.128.186.239200 OK 2 B IP 108.128.186.239:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /log HTTP/1.1
Host: log.lemonpi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 121
Origin: https://s0.2mdn.net
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 14:19:36 GMT
Content-Type: text/plain
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: *
access-control-allow-methods: POST,GET,OPTIONS
access-control-allow-headers: Content-Type
content.lemonpi.io/track/event?e=%7B%22content%22%3A%7B%22source%22%3A%22lemonpi%22%7D%2C%22version%22%3A2%2C%22type%22%3A%22impression%22%2C%22schema%22%3A%22adset-creative%22%2C%22impression-id%22%3A%2203fd5fda-b40e-4190-a71e-b5039c629fd3%22%2C%22adset-id%22%3A18742%2C%22creative-id%22%3A15282%2C%22advertiser-id%22%3A902%2C%22creative-revision-id%22%3A67122%7D
108.128.186.239200 OK 47 B URL HTTP/1.1 content.lemonpi.io/track/event?e=%7B%22content%22%3A%7B%22source%22%3A%22lemonpi%22%7D%2C%22version%22%3A2%2C%22type%22%3A%22impression%22%2C%22schema%22%3A%22adset-creative%22%2C%22impression-id%22%3A%2203fd5fda-b40e-4190-a71e-b5039c629fd3%22%2C%22adset-id%22%3A18742%2C%22creative-id%22%3A15282%2C%22advertiser-id%22%3A902%2C%22creative-revision-id%22%3A67122%7D
IP 108.128.186.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4cbdd78205e94e459810e30f0936e620
9d94c036b505fddf89a105da62978a727939f6ba
7813226abb8a96b43c775baa0c109186ec8b6e723789ada7aaa43346596b6450
GET /track/event?e=%7B%22content%22%3A%7B%22source%22%3A%22lemonpi%22%7D%2C%22version%22%3A2%2C%22type%22%3A%22impression%22%2C%22schema%22%3A%22adset-creative%22%2C%22impression-id%22%3A%2203fd5fda-b40e-4190-a71e-b5039c629fd3%22%2C%22adset-id%22%3A18742%2C%22creative-id%22%3A15282%2C%22advertiser-id%22%3A902%2C%22creative-revision-id%22%3A67122%7D HTTP/1.1
Host: content.lemonpi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 14:19:36 GMT
Content-Type: image/gif
Content-Length: 47
Connection: keep-alive
access-control-allow-origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Max-Age: 1728000
Strict-Transport-Security: max-age=300; includeSubdomains; preload
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvpbpeT39xZEdtiqf1dfH5EfcjyaQkJ7SS7nboSTvsb2UyPDBhUTykHHdpuVQ-Tr-_ayHVtNAnCsZOW1Y9d2Wzaj7YAYv8rulB3Rb4l4NRdI2enG8I1PRKKZEmSzKu3S1yePzsWtmHoFXHMtPI-5k2Eb1TdiURXOe0V0Q7eCioepN_jXi9hM95_KLOvwFN5vodCAQSgEVKUzYHrkIK6U0vH8ICcP3ZHesMSfpuADPsq9hZnx-xlnMHDA5GFusc-veKmYuHgK55u4JvAMvUA8jesujUxraNiCLRN9XR4dM3z7OYZU7nUdvW04sd9jnvT_8o4pgvZNLrpLiebqcZNhieVWjp4A7LFe9gsudfRnwWGwMhJqCuRqj-baX-NvnURRQgGcobE9Wn-16GPgptpUtWm0rDfgOWEGpOxRI4iShUIOafnDcRTy0BVVfGXjNZxfDVWpZGnLVyBlDdqCP6Plws1i2u0I41-oQwcxxr71BCu79HQXuK21hq9SqaWC-7ocgcXLtAA8YwsiriVo_Dr4EcGpIXKmYkkIP-7UtpY93Dke-pv3K1l3KWQ3JRvNcvx7nxW1qC-W4gmpNA7CE-fZcy5X5DYmvgy39z51GWZHONbxia-0T_9nn6zac5lbokVuYwXsGZVNiuZqBWkFrNsDCM7jtmno29gB-g3G7nPLUsycFFyniHkzrfuZydAWkqH3x0BfTSE4A_EhrmIztZYiVUJVSP-f7RIQiJRwGIZa7mndVINE1LeGupBk86vbKECecP0obGnIJm1K32zMSzcVCp1enLE5sfdAOOzsGH2sP1ljcFyccHPVMcfAwZ6vszDri9p2miQSVXnNrQPp1Vu_Fy0pI2-NDbfc05dj_SWk8GNat0mnBVR53eJAekoRcHIP0xJtoL3rBtWqdQ9ff8RbMvoA0e0sabW4AAarY0MPk1xyAxDt2qD5rI77o1a6cAxHb83fg6iVOmVjNegYzQR7CayopNRsdcBoWpa4qUb-iUZiJZ9l8G8r_vNbaV4XHAnzkTx7p6nzjVOuBeyE6GChvDnHfqhCOEa86J16AhdE8x68rUkSiNMyTMHNRaPYR1z-XTG8ys4Sk&sai=AMfl-YSRoQ_RN9hSYcAY2cgsYF50g-pbKM-J2O9UeZegKWeoXGCqK6beK5HG-8Cw8-20xHWSVY-QxeHKIW8Zq1JspLKSQSGfdzjfIdO2vVi2GIqYE1sCHiOs2b_aHgB-u6W2GbL-IRygQPAyGSN7sLMZYjoR2IOEUPrmlR1V9w&sig=Cg0ArKJSzPUqGWOfhUyQEAE&cid=CAQSTADq26N9Z2WUEGLTsaOU985-F_DORsP8656dV6MwSyNm4KPkmOXMbzK9px2RLNgNzBmM8iXNdyAnIFM5FTCBjwie4jHZEfy2E8KQ3boYASAT&id=lidar2&mcvt=1069&p=748,120,875,796&mtos=1069,1069,1069,1069,1069&tos=1069,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=9&adk=4136745099&rs=4&la=0&cr=0&vs=4&r=v&rst=1672496366577&rpt=1726&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
142.250.74.162200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvpbpeT39xZEdtiqf1dfH5EfcjyaQkJ7SS7nboSTvsb2UyPDBhUTykHHdpuVQ-Tr-_ayHVtNAnCsZOW1Y9d2Wzaj7YAYv8rulB3Rb4l4NRdI2enG8I1PRKKZEmSzKu3S1yePzsWtmHoFXHMtPI-5k2Eb1TdiURXOe0V0Q7eCioepN_jXi9hM95_KLOvwFN5vodCAQSgEVKUzYHrkIK6U0vH8ICcP3ZHesMSfpuADPsq9hZnx-xlnMHDA5GFusc-veKmYuHgK55u4JvAMvUA8jesujUxraNiCLRN9XR4dM3z7OYZU7nUdvW04sd9jnvT_8o4pgvZNLrpLiebqcZNhieVWjp4A7LFe9gsudfRnwWGwMhJqCuRqj-baX-NvnURRQgGcobE9Wn-16GPgptpUtWm0rDfgOWEGpOxRI4iShUIOafnDcRTy0BVVfGXjNZxfDVWpZGnLVyBlDdqCP6Plws1i2u0I41-oQwcxxr71BCu79HQXuK21hq9SqaWC-7ocgcXLtAA8YwsiriVo_Dr4EcGpIXKmYkkIP-7UtpY93Dke-pv3K1l3KWQ3JRvNcvx7nxW1qC-W4gmpNA7CE-fZcy5X5DYmvgy39z51GWZHONbxia-0T_9nn6zac5lbokVuYwXsGZVNiuZqBWkFrNsDCM7jtmno29gB-g3G7nPLUsycFFyniHkzrfuZydAWkqH3x0BfTSE4A_EhrmIztZYiVUJVSP-f7RIQiJRwGIZa7mndVINE1LeGupBk86vbKECecP0obGnIJm1K32zMSzcVCp1enLE5sfdAOOzsGH2sP1ljcFyccHPVMcfAwZ6vszDri9p2miQSVXnNrQPp1Vu_Fy0pI2-NDbfc05dj_SWk8GNat0mnBVR53eJAekoRcHIP0xJtoL3rBtWqdQ9ff8RbMvoA0e0sabW4AAarY0MPk1xyAxDt2qD5rI77o1a6cAxHb83fg6iVOmVjNegYzQR7CayopNRsdcBoWpa4qUb-iUZiJZ9l8G8r_vNbaV4XHAnzkTx7p6nzjVOuBeyE6GChvDnHfqhCOEa86J16AhdE8x68rUkSiNMyTMHNRaPYR1z-XTG8ys4Sk&sai=AMfl-YSRoQ_RN9hSYcAY2cgsYF50g-pbKM-J2O9UeZegKWeoXGCqK6beK5HG-8Cw8-20xHWSVY-QxeHKIW8Zq1JspLKSQSGfdzjfIdO2vVi2GIqYE1sCHiOs2b_aHgB-u6W2GbL-IRygQPAyGSN7sLMZYjoR2IOEUPrmlR1V9w&sig=Cg0ArKJSzPUqGWOfhUyQEAE&cid=CAQSTADq26N9Z2WUEGLTsaOU985-F_DORsP8656dV6MwSyNm4KPkmOXMbzK9px2RLNgNzBmM8iXNdyAnIFM5FTCBjwie4jHZEfy2E8KQ3boYASAT&id=lidar2&mcvt=1069&p=748,120,875,796&mtos=1069,1069,1069,1069,1069&tos=1069,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=9&adk=4136745099&rs=4&la=0&cr=0&vs=4&r=v&rst=1672496366577&rpt=1726&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsuvpbpeT39xZEdtiqf1dfH5EfcjyaQkJ7SS7nboSTvsb2UyPDBhUTykHHdpuVQ-Tr-_ayHVtNAnCsZOW1Y9d2Wzaj7YAYv8rulB3Rb4l4NRdI2enG8I1PRKKZEmSzKu3S1yePzsWtmHoFXHMtPI-5k2Eb1TdiURXOe0V0Q7eCioepN_jXi9hM95_KLOvwFN5vodCAQSgEVKUzYHrkIK6U0vH8ICcP3ZHesMSfpuADPsq9hZnx-xlnMHDA5GFusc-veKmYuHgK55u4JvAMvUA8jesujUxraNiCLRN9XR4dM3z7OYZU7nUdvW04sd9jnvT_8o4pgvZNLrpLiebqcZNhieVWjp4A7LFe9gsudfRnwWGwMhJqCuRqj-baX-NvnURRQgGcobE9Wn-16GPgptpUtWm0rDfgOWEGpOxRI4iShUIOafnDcRTy0BVVfGXjNZxfDVWpZGnLVyBlDdqCP6Plws1i2u0I41-oQwcxxr71BCu79HQXuK21hq9SqaWC-7ocgcXLtAA8YwsiriVo_Dr4EcGpIXKmYkkIP-7UtpY93Dke-pv3K1l3KWQ3JRvNcvx7nxW1qC-W4gmpNA7CE-fZcy5X5DYmvgy39z51GWZHONbxia-0T_9nn6zac5lbokVuYwXsGZVNiuZqBWkFrNsDCM7jtmno29gB-g3G7nPLUsycFFyniHkzrfuZydAWkqH3x0BfTSE4A_EhrmIztZYiVUJVSP-f7RIQiJRwGIZa7mndVINE1LeGupBk86vbKECecP0obGnIJm1K32zMSzcVCp1enLE5sfdAOOzsGH2sP1ljcFyccHPVMcfAwZ6vszDri9p2miQSVXnNrQPp1Vu_Fy0pI2-NDbfc05dj_SWk8GNat0mnBVR53eJAekoRcHIP0xJtoL3rBtWqdQ9ff8RbMvoA0e0sabW4AAarY0MPk1xyAxDt2qD5rI77o1a6cAxHb83fg6iVOmVjNegYzQR7CayopNRsdcBoWpa4qUb-iUZiJZ9l8G8r_vNbaV4XHAnzkTx7p6nzjVOuBeyE6GChvDnHfqhCOEa86J16AhdE8x68rUkSiNMyTMHNRaPYR1z-XTG8ys4Sk&sai=AMfl-YSRoQ_RN9hSYcAY2cgsYF50g-pbKM-J2O9UeZegKWeoXGCqK6beK5HG-8Cw8-20xHWSVY-QxeHKIW8Zq1JspLKSQSGfdzjfIdO2vVi2GIqYE1sCHiOs2b_aHgB-u6W2GbL-IRygQPAyGSN7sLMZYjoR2IOEUPrmlR1V9w&sig=Cg0ArKJSzPUqGWOfhUyQEAE&cid=CAQSTADq26N9Z2WUEGLTsaOU985-F_DORsP8656dV6MwSyNm4KPkmOXMbzK9px2RLNgNzBmM8iXNdyAnIFM5FTCBjwie4jHZEfy2E8KQ3boYASAT&id=lidar2&mcvt=1069&p=748,120,875,796&mtos=1069,1069,1069,1069,1069&tos=1069,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=9&adk=4136745099&rs=4&la=0&cr=0&vs=4&r=v&rst=1672496366577&rpt=1726&isd=0&lsd=0&met=mue&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Sat, 31 Dec 2022 14:19:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal900019.redintelligence.net/viewability?s=76664100095900504438340012190019&a=d59c8431&vb=m
78.46.90.238200 OK 0 B URL HTTP/1.1 hal900019.redintelligence.net/viewability?s=76664100095900504438340012190019&a=d59c8431&vb=m
IP 78.46.90.238:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=76664100095900504438340012190019&a=d59c8431&vb=m HTTP/1.1
Host: hal900019.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900019.redintelligence.net/request_content.php?s=76664100095900504438340012190019&a=c27d86e9
Cookie: 8lcfmzhxc8d6_uid=27bac0f2ad421221
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 31 Dec 2022 14:19:36 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
image.lemonpi.io/img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/noimage-jni8abi1od.png?t=1671725226
143.204.55.108200 OK 95 B URL HTTP/2 image.lemonpi.io/img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/noimage-jni8abi1od.png?t=1671725226
IP 143.204.55.108:0
File type PNG image data, 1 x 1, 8-bit colormap, interlaced\012- data
Hash f5b8026909e0d05cdc6c1ed860646d67
32e8363efd0a35665344f374c2081f31f6767ac7
dc749707f2501669bc76c3852e4bc4e6168658a21d1223151e776608bb5bf36c
GET /img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/noimage-jni8abi1od.png?t=1671725226 HTTP/1.1
Host: image.lemonpi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 95
date: Fri, 30 Dec 2022 16:10:52 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qWDwQH9tnO0VqdQ4djbXMvxNhg5xPcYB-R6TBN9KJcW-eJz-R1TM3w==
age: 79724
X-Firefox-Spdy: h2
image.lemonpi.io/img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/clients/62e176993a0f890009d5fe73/master-templates/632af90fc4c8730009ce2feb-1670424161/images/logo-skyshowtime-colour.png?t=1671725226
143.204.55.108200 OK 11 kB URL HTTP/2 image.lemonpi.io/img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/clients/62e176993a0f890009d5fe73/master-templates/632af90fc4c8730009ce2feb-1670424161/images/logo-skyshowtime-colour.png?t=1671725226
IP 143.204.55.108:0
File type PNG image data, 350 x 165, 8-bit colormap, interlaced\012- data
Hash 37422b33965122b5158ab4337fe6c386
fd2ae1fc603929662c9c9331bb0c0d7754f60fa6
4a4e211cdc019c7a8fe7f97a0759df40e832548c797af824932d3b3eb966392d
GET /img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/clients/62e176993a0f890009d5fe73/master-templates/632af90fc4c8730009ce2feb-1670424161/images/logo-skyshowtime-colour.png?t=1671725226 HTTP/1.1
Host: image.lemonpi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 10802
date: Fri, 30 Dec 2022 16:16:18 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GgrJzqd6UovCgfRvniWwX-7zTtp2tq1zhzs8sSLWh6a7d5orhayu5Q==
age: 79398
X-Firefox-Spdy: h2
image.lemonpi.io/img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/sonic2-qs72po7zba/sonicthehedgehog2_gen_digitalmech_600x410-prnj6k1mdl.jpg?t=1671725226
143.204.55.108200 OK 56 kB URL HTTP/2 image.lemonpi.io/img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/sonic2-qs72po7zba/sonicthehedgehog2_gen_digitalmech_600x410-prnj6k1mdl.jpg?t=1671725226
IP 143.204.55.108:0
File type JPEG image data, progressive, precision 8, 600x410, components 3\012- data
Hash ff8389b317fcac3244aa1e4832c567b9
6ee95b6c3ba510ab117d92a77309aac1ad2a2b34
c77d2b76ef4568556865ca78cfb7fcaa2125e596bb0a9fe76ba62ef618a02cb7
GET /img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/sonic2-qs72po7zba/sonicthehedgehog2_gen_digitalmech_600x410-prnj6k1mdl.jpg?t=1671725226 HTTP/1.1
Host: image.lemonpi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 56208
date: Fri, 30 Dec 2022 16:10:56 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NEynVXHwT8tzTZK37cHfVpK-tSQMHG6bwu9AbjQ-ea-Io_fEdswkBA==
age: 79720
X-Firefox-Spdy: h2
image.lemonpi.io/img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/clients/62e176993a0f890009d5fe73/master-templates/632af90fc4c8730009ce2feb-1670424161/images/noimage.png?t=1671725226
143.204.55.108200 OK 116 B URL HTTP/2 image.lemonpi.io/img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/clients/62e176993a0f890009d5fe73/master-templates/632af90fc4c8730009ce2feb-1670424161/images/noimage.png?t=1671725226
IP 143.204.55.108:0
File type PNG image data, 1 x 1, 8-bit colormap, interlaced\012- data
Hash 507b1a25d1628320f6e49a55199515e8
edb303a8a2af0395d2e158866d74452355316e04
9ca350d897955357234e65923c5bc8e930a7bead409d18e8a66075923e15e016
GET /img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/clients/62e176993a0f890009d5fe73/master-templates/632af90fc4c8730009ce2feb-1670424161/images/noimage.png?t=1671725226 HTTP/1.1
Host: image.lemonpi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 116
date: Fri, 30 Dec 2022 16:14:15 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eOO9usrNWcAufKrxd_yNppvxQ0mnaXsOPVRQ5SkC6cEyX3WRhMzBjw==
age: 79521
X-Firefox-Spdy: h2
image.lemonpi.io/img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/yellowstone-jk28r6xxgw/yel-s02-lawn-0044-ri_600x400-optgem2o9w.jpg?t=1671725226
143.204.55.108200 OK 34 kB URL HTTP/2 image.lemonpi.io/img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/yellowstone-jk28r6xxgw/yel-s02-lawn-0044-ri_600x400-optgem2o9w.jpg?t=1671725226
IP 143.204.55.108:0
File type JPEG image data, progressive, precision 8, 600x400, components 3\012- data
Hash 63977ec78ea9f8ca6f3ebf8dc788dffb
86e7e2e3ff855880e21a2e4436fc533f7e728096
23a5e2e592f89ddfc010160e37652dd462b89c02d679ab46d723d09c3768fa14
GET /img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/yellowstone-jk28r6xxgw/yel-s02-lawn-0044-ri_600x400-optgem2o9w.jpg?t=1671725226 HTTP/1.1
Host: image.lemonpi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 33652
date: Fri, 30 Dec 2022 16:10:56 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M-tw1o88DwuKlKlLK9A4Q8bIZ38gy-K0XbhIGvSLgrZFb15aJGChoA==
age: 79720
X-Firefox-Spdy: h2
image.lemonpi.io/img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/halo-fz1dkfqpff/halo-s01-single-master-chief_600x322-ghdk1f4ial.jpg?t=1671725226
143.204.55.108200 OK 29 kB URL HTTP/2 image.lemonpi.io/img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/halo-fz1dkfqpff/halo-s01-single-master-chief_600x322-ghdk1f4ial.jpg?t=1671725226
IP 143.204.55.108:0
File type JPEG image data, progressive, precision 8, 600x322, components 3\012- data
Hash b132f4bacee056dc0f23692f6fa92655
b053cd93b5c3ba367a4be20733f6e0843282c72d
de6c990dad55de6a55056e5bf2a43c0b13eaacfebb298f46e7f25707fdabd592
GET /img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/halo-fz1dkfqpff/halo-s01-single-master-chief_600x322-ghdk1f4ial.jpg?t=1671725226 HTTP/1.1
Host: image.lemonpi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 29363
date: Fri, 30 Dec 2022 16:10:56 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: O9wxRS9U8lGJXv3-PN_dQylMq5YALgMZhUOBnjm26GOauBUNl4mbBA==
age: 79720
X-Firefox-Spdy: h2
image.lemonpi.io/img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/clients/62e176993a0f890009d5fe73/master-templates/632af90fc4c8730009ce2feb-1670424161/images/logo-skyshowtime.svg?t=1671725226
143.204.55.108200 OK 6.5 kB URL HTTP/2 image.lemonpi.io/img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/clients/62e176993a0f890009d5fe73/master-templates/632af90fc4c8730009ce2feb-1670424161/images/logo-skyshowtime.svg?t=1671725226
IP 143.204.55.108:0
File type PNG image data, 531 x 123, 8-bit colormap, interlaced\012- data
Hash 391727f66087ada23688047ec6f8ce2b
4cee35de24812626e81e1823e9c21ee011e21f60
40eda013a230ee2b00b75afbfe16ffb9c913c9429aa331bb458c0f4cae65b22e
GET /img/https://img.imageboss.me/doubleclick-assets-storage-prd/cdn/animation:true/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/clients/62e176993a0f890009d5fe73/master-templates/632af90fc4c8730009ce2feb-1670424161/images/logo-skyshowtime.svg?t=1671725226 HTTP/1.1
Host: image.lemonpi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 6477
date: Fri, 30 Dec 2022 16:14:15 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=300; includeSubdomains; preload
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cmDArd7eI0658m3_NZXESpZ64SQyM8HkX937vLyQ0jTM-eXYIxBj7w==
age: 79521
X-Firefox-Spdy: h2
cdn.contentspread.net/24i/content/soberfb/EN/S-336x280.gif
51.75.147.170200 OK 79 kB URL HTTP/1.1 cdn.contentspread.net/24i/content/soberfb/EN/S-336x280.gif
IP 51.75.147.170:0
File type GIF image data, version 89a, 336 x 280\012- data
Hash 2d8f4084666e5bd2e4b050d82b791c0e
1f9f90f623398be4f3b4c198c602ca127243d4e3
0a946d52ac8890900833e2996c926ddabba3d9aa7dd4d9d7a1b4e5cd1db8dd34
GET /24i/content/soberfb/EN/S-336x280.gif HTTP/1.1
Host: cdn.contentspread.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900019.redintelligence.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 31 Dec 2022 14:19:36 GMT
Content-Type: image/gif
Content-Length: 79127
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Connection: close
ETag: "5b55f218-13517"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e9d65e803f2b6cb5db8a2da95a09cfdb
142344f82d6065414c02580f5004d7f3ac0fa252
e1bed42e9fec8c45cddd38224d8fbceb4531e9a69faac5d6fa02d8631861e46c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e9d65e803f2b6cb5db8a2da95a09cfdb
142344f82d6065414c02580f5004d7f3ac0fa252
e1bed42e9fec8c45cddd38224d8fbceb4531e9a69faac5d6fa02d8631861e46c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 31 Dec 2022 14:19:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
doubleclick-assets-storage-prd.storage.googleapis.com/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/multi-uvdiukvsvj/multi-version-9x16-intro_compressed-cwbzai7hy0.mp4?t=1671725226
142.250.74.176206 Partial Content 210 kB URL HTTP/2 doubleclick-assets-storage-prd.storage.googleapis.com/odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/multi-uvdiukvsvj/multi-version-9x16-intro_compressed-cwbzai7hy0.mp4?t=1671725226
IP 142.250.74.176:0
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 210 kB (210539 bytes)
Hash f707229bbccbb82039acaf01549c7010
f0f829d0733ba7cda7c1b6d0d501ee59e4b7d853
83be42157a1ce4eaf1251760eefcdcae580bbd05cd6674fceaab9c38ff3462b7
GET /odc/sky-showtime_yylfschszn/icxcc_digitaldisplay_no_ypnu6y9ggx/assets/media-library/yylfschszn-6zgpq0viri/multi-uvdiukvsvj/multi-version-9x16-intro_compressed-cwbzai7hy0.mp4?t=1671725226 HTTP/1.1
Host: doubleclick-assets-storage-prd.storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
x-guploader-uploadid: ADPycduidzGNIrQ2x1vYJh50eaWSlohWAgtEBHTftLP_gRlWTnm_NbrFSSw8fV4wxLzqLWaqEoa6lWZQSyMrkVonP-4kDw
expires: Sat, 31 Dec 2022 15:19:36 GMT
date: Sat, 31 Dec 2022 14:19:36 GMT
cache-control: public, max-age=3600
last-modified: Tue, 04 Oct 2022 12:05:48 GMT
etag: "d0fe0d653e88baf9afea6e9883336208"
x-goog-generation: 1664885147994632
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4105222
content-type: video/mp4
x-goog-hash: crc32c=B97q2A==, md5=0P4NZT6Iuvmv6m6YgzNiCA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-range: bytes 0-4105221/4105222
content-length: 4105222
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tps.doubleverify.com/visit.jpg?cmp=DV020594&ctx=818052&plc=impdm&dvp_cmp=28607193&dvp_ctx=26236599&jsver=3345&dvp_imp=dfee0588e7b640459ad293e3b2f53261&cbust=1672496370698122
34.149.12.213302 Found 0 B URL HTTP/1.1 tps.doubleverify.com/visit.jpg?cmp=DV020594&ctx=818052&plc=impdm&dvp_cmp=28607193&dvp_ctx=26236599&jsver=3345&dvp_imp=dfee0588e7b640459ad293e3b2f53261&cbust=1672496370698122
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /visit.jpg?cmp=DV020594&ctx=818052&plc=impdm&dvp_cmp=28607193&dvp_ctx=26236599&jsver=3345&dvp_imp=dfee0588e7b640459ad293e3b2f53261&cbust=1672496370698122 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sat, 31 Dec 2022 14:19:37 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0
Expires: 12/30/2022 14:19:37
Location: https://cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=96a1cbc5d6d04217bbfb66a985587208&dup=
Pragma: no-cache
cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=96a1cbc5d6d04217bbfb66a985587208&dup=
95.101.11.115302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=96a1cbc5d6d04217bbfb66a985587208&dup=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-eu3¶m=akipv6&impid=96a1cbc5d6d04217bbfb66a985587208&dup= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-eu3.doubleverify.com/event.png?impid=96a1cbc5d6d04217bbfb66a985587208&akipv6=&dup=
Date: Sat, 31 Dec 2022 14:19:37 GMT
Connection: keep-alive
tpsc-eu3.doubleverify.com/event.png?impid=96a1cbc5d6d04217bbfb66a985587208&akipv6=&dup=
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=96a1cbc5d6d04217bbfb66a985587208&akipv6=&dup=
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=96a1cbc5d6d04217bbfb66a985587208&akipv6=&dup= HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 31 Dec 2022 14:19:37 GMT
Connection: keep-alive
Cache-Control: max-age=0
Expires: 12/30/2022 14:19:37
Pragma: no-cache
tpsc-eu3.doubleverify.com/event.png?impid=dfee0588e7b640459ad293e3b2f53261&flavor=0&gdpr=&gdpr_consent=&dvp_decount=16-36.6-29.8-29&dvp_estats=1-33-0-27.29.30.36.37.38.45.51&eoid=16&cbust=1672496371597261
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=dfee0588e7b640459ad293e3b2f53261&flavor=0&gdpr=&gdpr_consent=&dvp_decount=16-36.6-29.8-29&dvp_estats=1-33-0-27.29.30.36.37.38.45.51&eoid=16&cbust=1672496371597261
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event.png?impid=dfee0588e7b640459ad293e3b2f53261&flavor=0&gdpr=&gdpr_consent=&dvp_decount=16-36.6-29.8-29&dvp_estats=1-33-0-27.29.30.36.37.38.45.51&eoid=16&cbust=1672496371597261 HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Date: Sat, 31 Dec 2022 14:19:39 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Expires: 12/30/2022 14:19:39
Pragma: no-cache
tpsc-eu3.doubleverify.com/event.png?impid=dfee0588e7b640459ad293e3b2f53261&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=508&eoid=15&msrjs=3345&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=103&tetms=4&msltms=49&vltms=508&sei=145&vetms=77&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=906&msrcannum=3&ismms=39&isumms=39&nvr=2&isgmmims=39&isgmv4mims=39&elmtp=1&isbxdms=2679&b0=2740&adhgt=600&adwdth=120&norwdth=120&norhgt=600&dvp_vsosnmr=1&lftb=2740&sftb=2740&msrdp=2&naral=642&vct=512&vphgt=1024&vpwdth=1280&chgt=600&cwdth=120&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&engalms=39&dvp_dpr=1&ee_dp_cvcmeeid=1&ee_dp_cvcmetp=2&metp=2&meeid=1&ttfurm=3614&cbust=1672496371593457
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=dfee0588e7b640459ad293e3b2f53261&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=508&eoid=15&msrjs=3345&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=103&tetms=4&msltms=49&vltms=508&sei=145&vetms=77&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=906&msrcannum=3&ismms=39&isumms=39&nvr=2&isgmmims=39&isgmv4mims=39&elmtp=1&isbxdms=2679&b0=2740&adhgt=600&adwdth=120&norwdth=120&norhgt=600&dvp_vsosnmr=1&lftb=2740&sftb=2740&msrdp=2&naral=642&vct=512&vphgt=1024&vpwdth=1280&chgt=600&cwdth=120&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&engalms=39&dvp_dpr=1&ee_dp_cvcmeeid=1&ee_dp_cvcmetp=2&metp=2&meeid=1&ttfurm=3614&cbust=1672496371593457
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event.png?impid=dfee0588e7b640459ad293e3b2f53261&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=508&eoid=15&msrjs=3345&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=103&tetms=4&msltms=49&vltms=508&sei=145&vetms=77&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=906&msrcannum=3&ismms=39&isumms=39&nvr=2&isgmmims=39&isgmv4mims=39&elmtp=1&isbxdms=2679&b0=2740&adhgt=600&adwdth=120&norwdth=120&norhgt=600&dvp_vsosnmr=1&lftb=2740&sftb=2740&msrdp=2&naral=642&vct=512&vphgt=1024&vpwdth=1280&chgt=600&cwdth=120&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&engalms=39&dvp_dpr=1&ee_dp_cvcmeeid=1&ee_dp_cvcmetp=2&metp=2&meeid=1&ttfurm=3614&cbust=1672496371593457 HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://1cb08049022e24fbf44326633bbfae9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Date: Sat, 31 Dec 2022 14:19:39 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Expires: 12/30/2022 14:19:39
Pragma: no-cache
cdn.id5-sync.com/api/1.0/esp.js
104.22.52.86200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.52.86:0
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 31 Dec 2022 14:19:32 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: br8ocj5fWmQgOqNy/Y5LiIH5q+MAwLmtxoIHmumKrdJnVOflpFk2DrvLlhRMxH1N156iQZCmWrRJmSpedVGlPA==
x-amz-request-id: 9KT5DTFKEWY7HC5S
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 3484
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7823a69a2905b518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600
IP 142.250.74.74:0
GET /css?family=Open+Sans:400,400italic,700,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 31 Dec 2022 14:19:31 GMT
date: Sat, 31 Dec 2022 14:19:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.adligature.com/webhostingtips.club/prod/rules.js
188.114.96.1200 OK 0 B URL HTTP/2 cdn.adligature.com/webhostingtips.club/prod/rules.js
IP 188.114.96.1:0
GET /webhostingtips.club/prod/rules.js HTTP/1.1
Host: cdn.adligature.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 31 Dec 2022 14:19:31 GMT
content-type: application/javascript
cache-control: public, max-age=1800, s-maxage=600, must-revalidate
cf-bgj: minify
cf-polished: origSize=4064
etag: W/"5abd9d2ff941f6655d2f763134dcb8f4"
expires: Sat, 31 Dec 2022 14:29:31 GMT
last-modified: Wed, 14 Dec 2022 22:58:01 GMT
x-guploader-uploadid: ADPycdsJ1X0x7hCwCUicWTyzl18T_vYKlTAR-Kq_28dCQXFowbEz-n3C6_nK0zX3KT2zZwMvR2ja_Ihk5lyLVfPA7v9h
x-goog-generation: 1671058681032295
x-goog-hash: crc32c=6yKovw==, md5=Wr2dL/lB9mVdL3YxNNy49A==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4064
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q0VSF49c5fmDkV6Wgx1Nnkf3CVPZnRMofU%2By0amY7Nu8JMwv0zirpVi%2F9ZouwwzzNMu1B8u%2Fcf%2Ban0Is4FYD5Bib4a8SOsZrkNt0b75P%2BcuCsbg9dsV%2BSbvttLo9m3dTRTV%2Bg4M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7823a690f980b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adligature.com/rules.js/advally-5.6.0.js
188.114.96.1200 OK 0 B URL HTTP/2 cdn.adligature.com/rules.js/advally-5.6.0.js
IP 188.114.96.1:0
GET /rules.js/advally-5.6.0.js HTTP/1.1
Host: cdn.adligature.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webhostingtips.club/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 31 Dec 2022 14:19:31 GMT
content-type: application/javascript
cache-control: public, max-age=7200, s-maxage=7200, must-revalidate
cf-bgj: minify
cf-polished: origSize=178816
etag: W/"93d406c6937e7a8018d85789ad1193d5"
expires: Sat, 31 Dec 2022 15:16:40 GMT
last-modified: Wed, 14 Dec 2022 18:36:31 GMT
x-guploader-uploadid: ADPycdt1oquBiVjDi9tNuQb8CQr_Qkwwd9KAFPhViBU0ryd3Ge2lpYeNnV-VF0MZm7yJGOnfPxUT7Eyezg2MObjDSPgaiO3S_BvN
x-goog-generation: 1671042991645353
x-goog-hash: crc32c=n6grAA==, md5=k9QGxpN+eoAY2FeJrRGT1Q==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 178816
cf-cache-status: HIT
age: 3771
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceLYX2NvHnXfOJZ4aPvpNIgjWFkS6mG1wPjwKJEzcizWaswrKG4g9Avp2vNPLp9njpLR32VjO84Ozajxy7ZS07KxpUGV7%2Bq2lHKxNXduska%2FtxYqY%2BkefgF%2BRozqTDCcECXjKTY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7823a6920b08b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2