app-tipps.com/best-music-streaming-services-ios-android/
104.21.92.231301 Moved Permanently 187 B URL HTTP/1.1 app-tipps.com/best-music-streaming-services-ios-android/
IP 104.21.92.231:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash a3ff447f49262fbe83ee1fea4302ee5e
2ed41905d0e02243822a695cf515f32c99b47844
f15d59be3d28bf3b10791fcfa6ea99423e1fc049f49104b68d8aad978b0d5fee
GET /best-music-streaming-services-ios-android/ HTTP/1.1
Host: app-tipps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 22:56:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://app-tipps.com/best-music-streaming-services-ios-android/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xucn9FKcBKsr2rkHoQvSMOT8wCnAFWM1%2B%2Bgjg62g44Se2Mwe99aUDi2MXFQXSsMZCEszsr6HKegvar%2BcEnUuYTSUfghCgFZbv8MaTvI%2Bqo9f53DOuTxLzcNeD1nPimTe"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7716b2ba4a35b4f4-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8498
Expires: Tue, 29 Nov 2022 01:18:18 GMT
Date: Mon, 28 Nov 2022 22:56:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6053
Cache-Control: max-age=134134
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:40 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:12:14 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9184
Expires: Tue, 29 Nov 2022 01:29:44 GMT
Date: Mon, 28 Nov 2022 22:56:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 22:19:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2227
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: O6Ewuu70NHCxUTWrJBJwEAqJBfCuuTcBXLV8SAWUl3Q08iTOp9GJJm9cQblJLsYoV/1RgspW/sM=
x-amz-request-id: MAGMRM4MH5MX9N3J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 22:42:15 GMT
age: 865
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8bdc6206e93d2c60d2b1429a3b01d0fb
f581246a7c530300f1461142fb9b5cdbaf71339d
52f8fc77c7de0af5a9b7df48dbf15cd6cf792ce1d121e8d7c9d00a61f6d5d17b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=106478
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:40 GMT
Etag: "63843996-116"
Expires: Wed, 30 Nov 2022 04:31:18 GMT
Last-Modified: Mon, 28 Nov 2022 04:31:18 GMT
Server: nginx
Content-Length: 278
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:56:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 22:08:55 GMT
cache-control: public,max-age=3600
age: 2865
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8bdc6206e93d2c60d2b1429a3b01d0fb
f581246a7c530300f1461142fb9b5cdbaf71339d
52f8fc77c7de0af5a9b7df48dbf15cd6cf792ce1d121e8d7c9d00a61f6d5d17b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=106478
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:41 GMT
Etag: "63843996-116"
Expires: Wed, 30 Nov 2022 04:31:19 GMT
Last-Modified: Mon, 28 Nov 2022 04:31:18 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1549
Cache-Control: max-age=124563
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:41 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 09:32:44 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 2.1 kB IP 142.250.74.3:0
Hash 30126deb63b4dc95331ce239facdc6c8
bdb3ba7d517482cc7c4a73f9e417436237da0834
bff0b727595cf841967580b266e4a41045a9d10bf1d34dc0771b5cda88dbcb37
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-85183250-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-85183250-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash b554dfa7a28a18584516b04cbffee26c
707058dbd16e8cb2ac06263b385c6f18ca7be20b
9f6bab4c376b628c8220f138316d2abb25f3c64f65b28d2b668179a7f43c629d
GET /gtag/js?id=UA-85183250-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 22:56:41 GMT
expires: Mon, 28 Nov 2022 22:56:41 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43600
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=1
185.76.9.22200 OK 2.7 kB URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=1
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (2659)
Hash 020ec4c5c120c74134135ff705bc1a4b
a584f42328dde7b60b8dcdf4e352ff4251dd10e7
06fba9bf713b8d988ef64fb35609f4d31bcb9eb126a4c2430e088944333cf5b0
GET /s/gen.js?type=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670216593
server: CDN77-Turbo
x-77-nzt: AblMCRQsWy3/mPsAAA
x-77-nzt-ray: af5856301ca4d667a93c8563ab5f270a
x-cache: HIT
x-age: 64408
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.37.79.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.37.79.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oXj6r70JYn+hjl3PxMU5Mg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: O5Rch62QAPFhX/16s+HTCRN7p04=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 01e4d87ff99d1da1a87c2fcb5f3471fb
a7c015140c0b97a77e0d88b3124de4742bb1336d
33eba60151f26f27bc9c693d5f893e78e1ca853fba90111f40fabb00380e0e45
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "33EBA60151F26F27BC9C693D5F893E78E1CA853FBA90111F40FABB00380E0E45"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6492
Expires: Tue, 29 Nov 2022 00:44:53 GMT
Date: Mon, 28 Nov 2022 22:56:41 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.themoneytizer.com/s/requestform3.js?siteId=97881&formatId=1
185.76.9.22200 OK 60 kB URL HTTP/2 ads.themoneytizer.com/s/requestform3.js?siteId=97881&formatId=1
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (29505)
Hash 53351fff6959f6a28487eb554e675dc6
2f1baf4227d2e0a909b333755c8d52d9802b0724
080a0ce5c1e91bf2d9d9964f7f0a8bc21807210a45a47edf6d0703e998b0b379
GET /s/requestform3.js?siteId=97881&formatId=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670262493
server: CDN77-Turbo
x-77-nzt: AblMCRSnjaP/TEgAAA
x-77-nzt-ray: af5856301ca4d667a93c85636b3dcb1a
x-cache: HIT
x-age: 18508
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
216.58.207.195200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:14:39 GMT
expires: Tue, 28 Nov 2023 21:14:39 GMT
cache-control: public, max-age=31536000
age: 6122
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
216.58.207.195200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:59:14 GMT
expires: Tue, 28 Nov 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 14247
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.tmyzer.com/c/?s=97881&f=1&fi=99
54.38.64.100200 OK 4.2 kB URL HTTP/1.1 c.tmyzer.com/c/?s=97881&f=1&fi=99
IP 54.38.64.100:0
Hash 0e5f5fa203666a9e2156466427c90fdf
50e4795e451765d2eb58aeb43906be7e82e785dd
ba9ca631a74b469b7cedfbab6cf1f9f47b1823efd012a2d9804752070c1fc812
GET /c/?s=97881&f=1&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 22:56:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:256F_36264064:01BB_63853CA9_11D507F:2A71F
X-IPLB-Instance: 38431
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4103d95f0782dad4ded379053bc7eb1e
27ade442c453f1dac25725710ee793cd9cd06e30
caee84505a5e98b0474a59edf46317aecb1787acae5a6a1f107cb15c9d38212f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5679
Cache-Control: max-age=135546
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:41 GMT
Etag: "638494f4-117"
Expires: Wed, 30 Nov 2022 12:35:47 GMT
Last-Modified: Mon, 28 Nov 2022 11:01:08 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.themoneytizer.com/s/requestform.js?siteId=97881&formatId=6
185.76.9.22200 OK 154 kB URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=97881&formatId=6
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
Size 154 kB (153547 bytes)
Hash 852762537f3a1dcf733f9d2cbe71f0d5
88d371d5e820146ddea56cbe0a4ba3213b8312a1
be25aaf8ca6a481753638374ae5eca517bd440e3e532bfc393cd7bca9c0c07cc
GET /s/requestform.js?siteId=97881&formatId=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670259006
server: CDN77-Turbo
x-77-nzt: AblMCRQwnF3/61UAAA
x-77-nzt-ray: af5856301ca4d667a93c8563d539bb23
x-cache: HIT
x-age: 21995
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1669676200890
51.89.9.251204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1669676200890
IP 51.89.9.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2a897e3f18e6769&cb=1669676200890 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
tag.leadplace.fr/libJsLP.js
145.239.192.166200 OK 5.5 kB URL HTTP/1.1 tag.leadplace.fr/libJsLP.js
IP 145.239.192.166:0
Hash a0c24f993bc0901cfe62d1e801cb2b45
7eb2bdce06161ae486bc8e7ecd0b5c9c4f7b2984
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
GET /libJsLP.js HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 28 Nov 2022 22:56:41 GMT
Content-Type: application/javascript
Content-Length: 5547
Last-Modified: Thu, 14 Oct 2021 07:27:52 GMT
ETag: "6167dbf8-15ab"
Accept-Ranges: bytes
X-IPLB-Request-ID: 5B5A2A9A:DA29_91EFC0A6:01BB_63853CA9_36E1F15D:603F
X-IPLB-Instance: 30196
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ba362212989ad5207074782643b6417d
584f0c4878812e4914b71b5f8d2052f4e0600443
584d9fad81699936ee45fe0f8cf03ab67d9aac45a67135584f8e9f81ae8ceb16
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:56:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 13:08:42 GMT
Expires: Sun, 04 Dec 2022 13:08:41 GMT
Etag: "584f0c4878812e4914b71b5f8d2052f4e0600443"
Cache-Control: max-age=482519,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7716b2c5586b0b06-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ba362212989ad5207074782643b6417d
584f0c4878812e4914b71b5f8d2052f4e0600443
584d9fad81699936ee45fe0f8cf03ab67d9aac45a67135584f8e9f81ae8ceb16
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:56:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 13:08:42 GMT
Expires: Sun, 04 Dec 2022 13:08:41 GMT
Etag: "584f0c4878812e4914b71b5f8d2052f4e0600443"
Cache-Control: max-age=482519,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7716b2c54834b524-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ba362212989ad5207074782643b6417d
584f0c4878812e4914b71b5f8d2052f4e0600443
584d9fad81699936ee45fe0f8cf03ab67d9aac45a67135584f8e9f81ae8ceb16
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:56:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 13:08:42 GMT
Expires: Sun, 04 Dec 2022 13:08:41 GMT
Etag: "584f0c4878812e4914b71b5f8d2052f4e0600443"
Cache-Control: max-age=482519,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7716b2c55e02b4ed-OSL
sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2020/12/roblox-game-review-448x316.jpg
194.242.11.186302 Found 0 B URL HTTP/2 sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2020/12/roblox-game-review-448x316.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2020/12/roblox-game-review-448x316.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://app-tipps.com/wp-content/uploads/2020/12/roblox-game-review-448x316.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
pragma: cache
cdn-cachedat: 11/28/2022 22:56:41
cdn-tag: 0; Domain: app-tipps.com; 302
cdn-proxyver: 1.03
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: c3df653ee4bd522db9d913a8e85c1200
cdn-cache: MISS
X-Firefox-Spdy: h2
sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/08/arknights-tower-defense-review-448x316.jpg
194.242.11.186302 Found 0 B URL HTTP/2 sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/08/arknights-tower-defense-review-448x316.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/08/arknights-tower-defense-review-448x316.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://app-tipps.com/wp-content/uploads/2022/08/arknights-tower-defense-review-448x316.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
pragma: cache
cdn-cachedat: 11/28/2022 22:56:41
cdn-tag: 0; Domain: app-tipps.com; 302
cdn-proxyver: 1.03
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 5cad755cd0ea74e398e8b7a75c51f11c
cdn-cache: MISS
X-Firefox-Spdy: h2
sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/09/war-robots-game-review-448x316.jpg
194.242.11.186302 Found 0 B URL HTTP/2 sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/09/war-robots-game-review-448x316.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/09/war-robots-game-review-448x316.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://app-tipps.com/wp-content/uploads/2022/09/war-robots-game-review-448x316.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
pragma: cache
cdn-cachedat: 11/28/2022 22:56:41
cdn-tag: 0; Domain: app-tipps.com; 302
cdn-proxyver: 1.03
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 9c4022db02d6717e16df50a4e74f650c
cdn-cache: MISS
X-Firefox-Spdy: h2
sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img,w_1024/https://app-tipps.com/wp-content/uploads/2022/11/free-music-streaming-apps-1024x538.jpg
194.242.11.186302 Found 0 B URL HTTP/2 sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img,w_1024/https://app-tipps.com/wp-content/uploads/2022/11/free-music-streaming-apps-1024x538.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/to_webp,q_lossy,ret_img,w_1024/https://app-tipps.com/wp-content/uploads/2022/11/free-music-streaming-apps-1024x538.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://app-tipps.com/wp-content/uploads/2022/11/free-music-streaming-apps-1024x538.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
pragma: cache
cdn-cachedat: 11/28/2022 22:56:41
cdn-tag: 0; Domain: app-tipps.com; 302
cdn-proxyver: 1.03
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 04a5ece3d0beebf7c444c9e7f76521cb
cdn-cache: MISS
X-Firefox-Spdy: h2
sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/09/clash-of-clans-review-448x316.jpg
194.242.11.186302 Found 0 B URL HTTP/2 sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/09/clash-of-clans-review-448x316.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/09/clash-of-clans-review-448x316.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://app-tipps.com/wp-content/uploads/2022/09/clash-of-clans-review-448x316.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
pragma: cache
cdn-cachedat: 11/28/2022 22:56:41
cdn-tag: 0; Domain: app-tipps.com; 302
cdn-proxyver: 1.03
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: e4626609348b2fff3df0cf9e9df4c26b
cdn-cache: MISS
X-Firefox-Spdy: h2
sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/10/ml-bang-bang-vs-adventure-448x316.jpg
194.242.11.186302 Found 0 B URL HTTP/2 sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/10/ml-bang-bang-vs-adventure-448x316.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/10/ml-bang-bang-vs-adventure-448x316.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://app-tipps.com/wp-content/uploads/2022/10/ml-bang-bang-vs-adventure-448x316.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
pragma: cache
cdn-cachedat: 11/28/2022 22:56:41
cdn-tag: 0; Domain: app-tipps.com; 302
cdn-proxyver: 1.03
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: ea5445f5b221e7cc318c662e86094828
cdn-cache: MISS
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 54d1ef13676590c5be9f947343c88658
c14ef18b17db6a2a17f402b5b29362a4113a409f
a85359670f033f74fcd941d14c22f9b6a4e0ed9481e9c9aea0e233e0f833602d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:56:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 12:11:58 GMT
Expires: Fri, 02 Dec 2022 12:11:57 GMT
Etag: "c14ef18b17db6a2a17f402b5b29362a4113a409f"
Cache-Control: max-age=306315,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7716b2c4c8411c0e-OSL
c.tmyzer.com/c/?s=97881&f=6&fi=99
54.38.64.100200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=97881&f=6&fi=99
IP 54.38.64.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=97881&f=6&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 22:56:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:256F_36264064:01BB_63853CA9_11D5088:2A71F
X-IPLB-Instance: 38431
p.cpx.to/p/12773/px.js
52.48.231.49200 OK 2.0 kB IP 52.48.231.49:0
File type ASCII text, with very long lines (1990), with no line terminators
Hash f439aad0d08f6305aa19a339a948084d
e01bb3707cab1c39dd4e78efeea438902182c3e0
d2581f2491c811e1e503e840938053e668884798e5dcc5eb43de83d146a7ed89
GET /p/12773/px.js HTTP/1.1
Host: p.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2419200, public
Content-Type: application/javascript; charset=UTF-8
Date: Mon, 28 Nov 2022 22:56:41 GMT
Content-Length: 1990
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ba362212989ad5207074782643b6417d
584f0c4878812e4914b71b5f8d2052f4e0600443
584d9fad81699936ee45fe0f8cf03ab67d9aac45a67135584f8e9f81ae8ceb16
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:56:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 13:08:42 GMT
Expires: Sun, 04 Dec 2022 13:08:41 GMT
Etag: "584f0c4878812e4914b71b5f8d2052f4e0600443"
Cache-Control: max-age=482519,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7716b2c54bcdb4ff-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b897c8573a9c7a46773b33a946248e38
93c7850c918aae1b5fc89832d8ec0de318d1d483
62e57cb5ef85e825e45ec971f559019fb15dc3ccc759bab54635be5b3695c1a4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5242
Cache-Control: max-age=90099
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:42 GMT
Etag: "6383e523-117"
Expires: Tue, 29 Nov 2022 23:58:21 GMT
Last-Modified: Sun, 27 Nov 2022 22:30:59 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c98063a5875a4153829eaa80be458262
9522070e97907c1f147c44284e4d7d9591518fb5
ad8607d475238f00a7328e41f35d5f50595455bef11db64d45ead1a64bc261a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD8607D475238F00A7328E41F35D5F50595455BEF11DB64D45EAD1A64BC261A2"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16166
Expires: Tue, 29 Nov 2022 03:26:08 GMT
Date: Mon, 28 Nov 2022 22:56:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash e2719662331235eab22354739e4dc7f6
0c551405dde991d90c609eac59209b4456ab63b0
6b99c1c9184d1cf2799a5d02ad358e2050788f0f7365e8e9b22ab80208c40410
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3007
Cache-Control: max-age=133210
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:42 GMT
Etag: "63849645-13a"
Expires: Wed, 30 Nov 2022 11:56:52 GMT
Last-Modified: Mon, 28 Nov 2022 11:06:45 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 314
ads.themoneytizer.com/lib_fs_close.js
185.76.9.22200 OK 44 kB URL HTTP/2 ads.themoneytizer.com/lib_fs_close.js
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type ASCII text, with CRLF line terminators
Hash 350b64f05696f5430b24e6d88db90d9d
a6786c00e51576691e77eda7a4736984d963d868
7aa3c6cc0fcfe3d86826948a0a864751cad3ecdf90a7ca18313a523187509d03
GET /lib_fs_close.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: application/javascript
last-modified: Tue, 14 Jun 2022 12:21:22 GMT
expires: Tue, 29 Nov 2022 05:03:11 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1669698191
server: CDN77-Turbo
x-77-nzt: AblMCRT3OYL/mvsAAA
x-77-nzt-ray: af5856301ca4d667a93c85630e7f7d2e
x-cache: HIT
x-age: 64410
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash e2719662331235eab22354739e4dc7f6
0c551405dde991d90c609eac59209b4456ab63b0
6b99c1c9184d1cf2799a5d02ad358e2050788f0f7365e8e9b22ab80208c40410
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3007
Cache-Control: max-age=133210
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:42 GMT
Etag: "63849645-13a"
Expires: Wed, 30 Nov 2022 11:56:52 GMT
Last-Modified: Mon, 28 Nov 2022 11:06:45 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 314
sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/09/app-tipps-logo-domain.png
194.242.11.186302 Found 0 B URL HTTP/2 sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/09/app-tipps-logo-domain.png
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/to_webp,q_lossy,ret_img/https://app-tipps.com/wp-content/uploads/2022/09/app-tipps-logo-domain.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:56:42 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://app-tipps.com/wp-content/uploads/2022/09/app-tipps-logo-domain.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
pragma: cache
cdn-cachedat: 11/28/2022 22:56:42
cdn-tag: 0; Domain: app-tipps.com; 302
cdn-proxyver: 1.03
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: c8e57de947a94fc29cca60c8cf1b7510
cdn-cache: MISS
X-Firefox-Spdy: h2
spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
172.67.13.182200 OK 317 B URL HTTP/2 spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
IP 172.67.13.182:0
File type ASCII text, with no line terminators
Hash 36f95c8fe1afaae8c46e88692fe589df
1c0a5b4212451ce08787bbaec6c24bb4102a22bd
c37fd4311edca50ad2431e59cc514ce47321240c284c0cc037fa2ea77cffa008
GET /?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://app-tipps.com
set-cookie: zc=778967d5-488e-4d45-4994-165dc6e9b91d; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
zsc=%BC%0BL%1Ch%00%9D%B0%864%A5%93%F3%80%A2d%AE%C2%9D%9E%BA%8B%29%F6%B5%DET%9D%81%82%16J%CB%97c%26%BBW%1F%CB%D1%7D%A2%29%23%94%F5%40.%14%21%CD%98%3B%0C%8A%E7%FC%22k%7D%8E3%BA%9F%EA%E7ORp%0E%7BE%80%3Fq%B4%C5%9F%DD5%90%B0; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2c52807b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 433d5435f6588824ab8cc0978aa355a9
4d9a8f4d77e50e1e9b3cad0b72d0bc79fc6f81ea
462cf3c18351828668132129eb2a2ce264355887cf6161f73c064bb89f838387
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "462CF3C18351828668132129EB2A2CE264355887CF6161F73C064BB89F838387"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3766
Expires: Mon, 28 Nov 2022 23:59:28 GMT
Date: Mon, 28 Nov 2022 22:56:42 GMT
Connection: keep-alive
kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F
51.158.29.12200 OK 593 B URL HTTP/1.1 kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F
IP 51.158.29.12:0
File type JSON data\012- , ASCII text, with very long lines (1359), with no line terminators
Hash 5551cae5f1f58e3298261f989243333e
b56509fd0b6e318ea46b2985a0bfc6e3b6c7d31c
a7a77d241194995f4518c9e3bfea7e8171cb3ef530f3aaecec9b8aea18e5272f
GET /api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F HTTP/1.1
Host: kvt.sddan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Mon, 28 Nov 2022 22:56:42 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://app-tipps.com
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=15724800; includeSubDomains; preload
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 201c67a6a552c4c28506830e2646627f
1862d50fa5241921b8303f3908e18c4a24d784d4
8217272d184496642167470195991bb3ba660d266b433d8d0dff1c1fcbb7a511
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8217272D184496642167470195991BB3BA660D266B433D8D0DFF1C1FCBB7A511"
Last-Modified: Sat, 26 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3104
Expires: Mon, 28 Nov 2022 23:48:26 GMT
Date: Mon, 28 Nov 2022 22:56:42 GMT
Connection: keep-alive
lb.eu-1-id5-sync.com/lb/v1
162.19.138.116200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 162.19.138.116:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6d5ca6eaeb976be62856344369ad4cef
c2e1c0b10c3888b3ed698891d2d86083d18efe7a
8c960ca5d12d8dbc05a047e6daf740de43a17758b15f763e560f7db9fe7f994c
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://app-tipps.com
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Mon, 28 Nov 2022 22:56:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
onetag-sys.com/prebid-request
51.89.9.251200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.251:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 5322
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://app-tipps.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 4ec7a8448287459c3db61a15e098a518
941b78a56d3c59ada17c9bb6ade518d1eeafa2b7
21e03d8abe1dbdfed2b614709203f1b9c82c597ebd5938d0e043177129c1a188
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2107
Cache-Control: max-age=145293
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:42 GMT
Etag: "6384c8fc-116"
Expires: Wed, 30 Nov 2022 15:18:15 GMT
Last-Modified: Mon, 28 Nov 2022 14:43:08 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 573613583b2fc34737980a7cc7b16674
e2767b3de2a17456cd18e4c9d38da3d86ad1e4ae
935f137da631187b9546556e6775b9d4b4cbc8d3768cf1f2ec1c437fcc9b6acd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 28 Nov 2022 22:56:42 GMT
Last-Modified: Mon, 28 Nov 2022 21:09:19 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vEKNLN3iLub7huzawyudGAIwJiVCo3QC5773KQrOaiXNX1RIZKCIXg==
Age: 6443
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 573613583b2fc34737980a7cc7b16674
e2767b3de2a17456cd18e4c9d38da3d86ad1e4ae
935f137da631187b9546556e6775b9d4b4cbc8d3768cf1f2ec1c437fcc9b6acd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113023
Date: Mon, 28 Nov 2022 22:56:42 GMT
Etag: "6384407c-1d7"
Expires: Wed, 30 Nov 2022 06:20:25 GMT
Last-Modified: Mon, 28 Nov 2022 05:00:44 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YChuj-Zo5iKIjdNnplXPa6e6mm2rZ6IuhJ1DAfI5mbBBb4k5_BXxJA==
Age: 4781
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 573613583b2fc34737980a7cc7b16674
e2767b3de2a17456cd18e4c9d38da3d86ad1e4ae
935f137da631187b9546556e6775b9d4b4cbc8d3768cf1f2ec1c437fcc9b6acd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109648
Date: Mon, 28 Nov 2022 22:56:42 GMT
Etag: "6384407c-1d7"
Expires: Wed, 30 Nov 2022 05:24:10 GMT
Last-Modified: Mon, 28 Nov 2022 05:00:44 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2tLUgYPqblcjIihpsT2E2X8l44A92MOUftMkxa9Z2_szt-KNweMDGQ==
Age: 1406
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 38eb09afa09351c1b589f6497f8e9562
b523415b505bfbee2e5d7b3a114bace61509549d
24e75f655eafc22419fe464382c210172a715a10dfc77d04e339400f9d0fdfd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24E75F655EAFC22419FE464382C210172A715A10DFC77D04E339400F9D0FDFD8"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11493
Expires: Tue, 29 Nov 2022 02:08:15 GMT
Date: Mon, 28 Nov 2022 22:56:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1aa592d7405d4112fa94b0155a914ad9
4cda77d3105ad70d1bcc8b5716c5f744488769ed
fa671666e0c118b708ee32ebf972accce8815a3a5ce5c1476d912a75e60c76a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6366
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:42 GMT
Last-Modified: Mon, 28 Nov 2022 21:10:36 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2927
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://app-tipps.com
cache-control: max-age=0, private, must-revalidate
date: Mon, 28 Nov 2022 22:56:41 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1aa592d7405d4112fa94b0155a914ad9
4cda77d3105ad70d1bcc8b5716c5f744488769ed
fa671666e0c118b708ee32ebf972accce8815a3a5ce5c1476d912a75e60c76a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6366
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:42 GMT
Last-Modified: Mon, 28 Nov 2022 21:10:36 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 573613583b2fc34737980a7cc7b16674
e2767b3de2a17456cd18e4c9d38da3d86ad1e4ae
935f137da631187b9546556e6775b9d4b4cbc8d3768cf1f2ec1c437fcc9b6acd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=109648
Date: Mon, 28 Nov 2022 22:56:42 GMT
Etag: "6384407c-1d7"
Expires: Wed, 30 Nov 2022 05:24:10 GMT
Last-Modified: Mon, 28 Nov 2022 05:00:44 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 34zwBNYMtc6zjEKExGlApfVKoSwH6Yc2iyJzEuOpEpqxbEF9BsHHNQ==
Age: 1406
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 42 kB URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 057a78a2f6209b2c98acb09f670242b8
7b9bb801910fc432c7fb0d63d801aea952d02c01
7136a2c09a6f1466a427dc1f457ccc17b07d230d6d67e53f434ea611501d92fa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=114304
Date: Mon, 28 Nov 2022 22:56:42 GMT
Etag: "6384407c-1d7"
Expires: Wed, 30 Nov 2022 06:41:46 GMT
Last-Modified: Mon, 28 Nov 2022 05:00:44 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FkbEEh4ekHPl4ovRCeyLbsh2vjm_FCJ_qdbPiwcr3IuAQzYUh8AVVg==
Age: 6062
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1aa592d7405d4112fa94b0155a914ad9
4cda77d3105ad70d1bcc8b5716c5f744488769ed
fa671666e0c118b708ee32ebf972accce8815a3a5ce5c1476d912a75e60c76a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6366
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:42 GMT
Last-Modified: Mon, 28 Nov 2022 21:10:36 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d95b8b22d5aaad68666218c4f7053ed
894347e6c77d955cc28940f840dd1b9e678f3a7e
2c9966551f2b81718f01f5cdf14e178cd0d0dee4df03b953f8708c4b7bc50c50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C9966551F2B81718F01F5CDF14E178CD0D0DEE4DF03B953F8708C4B7BC50C50"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14992
Expires: Tue, 29 Nov 2022 03:06:34 GMT
Date: Mon, 28 Nov 2022 22:56:42 GMT
Connection: keep-alive
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
18.157.235.109204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 18.157.235.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1090
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 22:56:42 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
prebid.smilewanted.com/
104.22.69.131204 No Content 0 B IP 104.22.69.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 358
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 22:56:42 GMT
cache-control: no-cache, private
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2ca5c33991b-ARN
X-Firefox-Spdy: h2
prebid.smilewanted.com/
104.22.69.131204 No Content 0 B IP 104.22.69.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 357
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 22:56:42 GMT
cache-control: no-cache, private
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2ca6c39991b-ARN
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
172.67.75.241200 OK 670 B URL HTTP/2 script.4dex.io/localstore.js
IP 172.67.75.241:0
File type ASCII text, with very long lines (482)
Hash 879ee70f5e2691a79a6b7c79f313a49f
920f9b9ab8d67824e0d2ca56e734a7b93fb73d05
c55a669abafffb18b46d3542931b3bc16895f309c69afabe5951fb2c8d5e10a5
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:42 GMT
content-type: application/javascript
cache-control: public, max-age=1800
etag: W/"922cffdd75f7192f75231d92684885aa"
last-modified: Wed, 23 Nov 2022 15:43:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 455131
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLjSq6pq8Hiztw1Jr7iZUlhZFsNyLa7sF79BZph3RGGZJkbMwKLRwDOSYYz7IAL8wZ4tt1CzNt608yscHOR8Ky0%2FSKl52gJkjAo5LTAQYUR70YjdZWZPOCyFcI1o6oSM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716b2c6c9da0b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 837ab321cb7d4d55b8f0bf9561969c53
6fb2b042e56579b60c3cdc42d3226adc972660d9
e08aa1b3487b0288b982117f1b79a102050b56a1fe8d6b7999563ebce72312a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5664
Cache-Control: max-age=99882
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:42 GMT
Etag: "638409b4-1d7"
Expires: Wed, 30 Nov 2022 02:41:24 GMT
Last-Modified: Mon, 28 Nov 2022 01:07:00 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8526
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 22:56:42 GMT
Connection: keep-alive
id5-sync.com/g/v2/12.json
162.19.138.116200 216 B URL HTTP/1.1 id5-sync.com/g/v2/12.json
IP 162.19.138.116:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4fe62e2907ea454ed4490195ed68c2da
4a57f16f092e0f43275cd5f1cc5366fe3cd14bca
6a2a50c92175bb4c1a2ab030062a1b0959550bcf2b457dd880d0cb1d2483be55
POST /g/v2/12.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 311
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Mon, 28 Nov 2022 22:56:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
prebid.smilewanted.com/
104.22.69.131204 No Content 0 B IP 104.22.69.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 409
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 22:56:42 GMT
cache-control: no-cache, private
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2ca7c41991b-ARN
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
18.157.235.109204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 18.157.235.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1040
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 22:56:42 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516776052e5e906ea9f42d25bae5cc85
be4c4d01fc67218e26a3e9d27a2f708e639c9d4b
28e70e38cfad65ad8a7a68ab1dc78747c7013a87b854fc35b163cc5765cd0570
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8460
x-amzn-requestid: 51416479-3854-4f1a-9d86-35e104c57f6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnkHuZIAMF-_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852963-180b323d4a45fa2f29f9b1fc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3MKambAjrBl64HI6hBuOtNJi3Tj6gxtwH_lOfk0WNX15UnCrAJbNig==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:48:54 GMT
age: 4068
etag: "be4c4d01fc67218e26a3e9d27a2f708e639c9d4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
prebid.smilewanted.com/
104.22.69.131204 No Content 0 B IP 104.22.69.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 458
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 22:56:42 GMT
cache-control: no-cache, private
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2ca7c53991b-ARN
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5e2bc1651b37b8e0467c2a6cb860fb3
3348f081a3357490a704592d105d02e81886df89
751c601e075c9338335c05b0f430ba8065b4e97440e6630993afd943f302b253
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6037
x-amzn-requestid: eb17903e-1fd3-4a41-a6d1-8b671d890400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPAJjFa3oAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382ad70-3db95fcd1aeb9c411c55d173;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 00:21:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mFiEmh1axlMNuIBb1YSzcciCdHzHGG7q0f3lQOuHJmjugWgdZKKiSg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 11:27:11 GMT
age: 41371
etag: "3348f081a3357490a704592d105d02e81886df89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
prebid.smilewanted.com/
104.22.69.131204 No Content 0 B IP 104.22.69.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 408
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 22:56:42 GMT
cache-control: no-cache, private
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2ca8c5e991b-ARN
X-Firefox-Spdy: h2
ads.themoneytizer.com/bidder1/moneybid.js?siteid=97881&adid=3&formatid=26323&size=desktop
185.76.9.22200 OK 5.2 kB URL HTTP/2 ads.themoneytizer.com/bidder1/moneybid.js?siteid=97881&adid=3&formatid=26323&size=desktop
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type JSON data\012- HTML document, ASCII text, with very long lines (628), with no line terminators
Hash 06f81046fbd779e8b2e1a14cbda098d3
5a72c3d287e85c2b1c9b79ef4e0090eaa81ab342
a5c6e1a425b47725bf2b3252416066244c843465207c04dbdb97a7f3788d7c52
GET /bidder1/moneybid.js?siteid=97881&adid=3&formatid=26323&size=desktop HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:42 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://app-tipps.com
cache-control: max-age=604800
x-accel-expires: @1670281002
server: CDN77-Turbo
vary: Origin
x-77-nzt: AblMCRRBkTOh
x-77-nzt-ray: af5856301ca4d667aa3c8563eb81ce13
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/bidder1/moneybid.js?siteid=97881&adid=28&formatid=30012&size=desktop
185.76.9.22200 OK 9.2 kB URL HTTP/2 ads.themoneytizer.com/bidder1/moneybid.js?siteid=97881&adid=28&formatid=30012&size=desktop
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type JSON data\012- HTML document, ASCII text, with very long lines (631), with no line terminators
Hash 0745b93b15b3d8640c7dd86c309c3fcd
fcd82d22735c548c6e0d6ef860497b0f187d07fd
3e05f8c5578853822c9f8baa3439b966f8242631d022a0a4e41caa0fa8707dd1
GET /bidder1/moneybid.js?siteid=97881&adid=28&formatid=30012&size=desktop HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:42 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://app-tipps.com
cache-control: max-age=604800
x-accel-expires: @1670281002
server: CDN77-Turbo
vary: Origin
x-77-nzt: AblMCRQN4UOh
x-77-nzt-ray: af5856301ca4d667aa3c8563ccae2914
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
pbjs.e-planning.net/pbjs/1/2a156/1/app-tipps.com/ROS?rnd=0.5710897663539161&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26323%3A300x250%2C300x600%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&pbv=7.22.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&e_criteoId=-J_p2V8zeGRlTGlFZ1JhbXNWdkF3V3MzQjV2SEgxQVkwbFZrUCUyQmVrdXgyR3pTOW5RTXR6NE5zUUxlUVJYYzQyTUhpZzV0VWhHcFAxWmVEM2RNaGxuS1NVMTdRJTNEJTNE&e_pubcid=186097d8-90f7-4428-9d64-f27ce4e67786
185.172.90.252302 Found 1.0 kB URL HTTP/2 pbjs.e-planning.net/pbjs/1/2a156/1/app-tipps.com/ROS?rnd=0.5710897663539161&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26323%3A300x250%2C300x600%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&pbv=7.22.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&e_criteoId=-J_p2V8zeGRlTGlFZ1JhbXNWdkF3V3MzQjV2SEgxQVkwbFZrUCUyQmVrdXgyR3pTOW5RTXR6NE5zUUxlUVJYYzQyTUhpZzV0VWhHcFAxWmVEM2RNaGxuS1NVMTdRJTNEJTNE&e_pubcid=186097d8-90f7-4428-9d64-f27ce4e67786
IP 185.172.90.252:0
ASN #49981 WorldStream B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (784)
Hash a7ffa1682441741929c7ffd5af7ea985
de14075b5d6d1d4ab309ccd15c4120f89852095c
581b843ea0377aa8668c45bb9fd8ab9d93177f58f499b56635e2cb1130dec9cd
GET /pbjs/1/2a156/1/app-tipps.com/ROS?rnd=0.5710897663539161&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26323%3A300x250%2C300x600%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&pbv=7.22.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&e_criteoId=-J_p2V8zeGRlTGlFZ1JhbXNWdkF3V3MzQjV2SEgxQVkwbFZrUCUyQmVrdXgyR3pTOW5RTXR6NE5zUUxlUVJYYzQyTUhpZzV0VWhHcFAxWmVEM2RNaGxuS1NVMTdRJTNEJTNE&e_pubcid=186097d8-90f7-4428-9d64-f27ce4e67786 HTTP/1.1
Host: pbjs.e-planning.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Mon, 28 Nov 2022 22:56:42 GMT
content-type: text/html; charset=iso-8859-1
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2a156/1/app-tipps.com/ROS?ct=1&r=pbjs&rnd=0.5710897663539161&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26323%3A300x250%2C300x600%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B30012%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100&ur=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&pbv=7.22.0&ncb=1&vs=FFFFF&crs=UTF-8&fr=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&e_criteoId=-J_p2V8zeGRlTGlFZ1JhbXNWdkF3V3MzQjV2SEgxQVkwbFZrUCUyQmVrdXgyR3pTOW5RTXR6NE5zUUxlUVJYYzQyTUhpZzV0VWhHcFAxWmVEM2RNaGxuS1NVMTdRJTNEJTNE&e_pubcid=186097d8-90f7-4428-9d64-f27ce4e67786
access-control-allow-origin: https://app-tipps.com
set-cookie: CT=1; path=/; SameSite=None; Secure
access-control-allow-credentials: true
x-sid: AMS-928
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8526
Expires: Tue, 29 Nov 2022 01:18:48 GMT
Date: Mon, 28 Nov 2022 22:56:42 GMT
Connection: keep-alive
ads.themoneytizer.com/bidder1/moneybid.js?siteid=97881&adid=2&formatid=26300&size=desktop
185.76.9.22200 OK 7.9 kB URL HTTP/2 ads.themoneytizer.com/bidder1/moneybid.js?siteid=97881&adid=2&formatid=26300&size=desktop
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type JSON data\012- HTML document, ASCII text, with very long lines (626), with no line terminators
Hash 65ef2b49d4dedb48bc1c3e1e2320551c
5d23f0c49d451e3fb550e4586815056bf2d05d29
5ec6df1e55c85d2a20c69d210e68573f54bd43db4f2762ccda3090b5fcb963e8
GET /bidder1/moneybid.js?siteid=97881&adid=2&formatid=26300&size=desktop HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:42 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://app-tipps.com
cache-control: max-age=604800
x-accel-expires: @1670281002
server: CDN77-Turbo
vary: Origin
x-77-nzt: AblMCRQNoGOh
x-77-nzt-ray: af5856301ca4d667aa3c85638eae2b14
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 33df1619417edeece73f5a131b21ef59
359989fbc9dfc5fcaec1654d101b213b50bd9b49
b67985c71c7fe28a1407e85539075ca85cd8f40f582cca14bb66b86f88971ee1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3284
Cache-Control: max-age=101850
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:42 GMT
Etag: "63841ab0-1d7"
Expires: Wed, 30 Nov 2022 03:14:12 GMT
Last-Modified: Mon, 28 Nov 2022 02:19:28 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 755842c4015cdf23ce448636e32277fb
ddb14148163258686b5a6c025fe97d3c35317c9a
593d877e82d7a28ad48561c84375e6dae5363877df5c70bd823dac6c39bbd385
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3273
Cache-Control: max-age=157273
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:42 GMT
Etag: "6384f33a-138"
Expires: Wed, 30 Nov 2022 18:37:55 GMT
Last-Modified: Mon, 28 Nov 2022 17:43:22 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 748366131b496e41f92e15ce7d1cd0e0
a6c7a59a6599ece2cf0e76c778c920dea94ff469
b9ea2d419742c67e2b14536379e7383524f22645b1af988d5bd72154647fc602
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faee65fe0-e370-42e3-be13-065dcb4d76e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4862
x-amzn-requestid: 17c6fb35-2dc8-45e4-a226-a74ba94323b3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYlHXxIAMFcpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5d0-5a0f4f667a3747166eb2b338;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XDdox2fz8xWMEWiTlHtpk_EeS6NUmzBRyWO3fTe47FfJOOvIehST1Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 09:08:40 GMT
age: 49682
etag: "a6c7a59a6599ece2cf0e76c778c920dea94ff469"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 9e65918e160cf67c348593e420da6ccb
5a8140a60bef17678dbafa8fb4396be3e8e1cab0
5d5118a1e488835de91831f51cb580637c8007161b59e18b6ea4714c3ee64363
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=94417
Date: Mon, 28 Nov 2022 22:56:42 GMT
Etag: "638402bc-1d7"
Expires: Wed, 30 Nov 2022 01:10:19 GMT
Last-Modified: Mon, 28 Nov 2022 00:37:16 GMT
Server: ECS (nyb/1DD2)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: o-R3M58ijU0VTr6Z01BIo6riUxYeCnSyiNtAeIk8bHvSjsvdUy52bg==
Age: 1983
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:42 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=zErsqV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czlhc2tvamJwSzJ5ZElEeXJBanJEVlRuSkJrY3pOVGlHRm95dHd3QW1aREI; expires=Sat, 23 Dec 2023 22:56:42 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://app-tipps.com
server-processing-duration-in-ticks: 378210
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
18.157.235.109204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 18.157.235.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 989
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 22:56:42 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
18.157.235.109204 No Content 0 B URL HTTP/2 btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
IP 18.157.235.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /universal/v1?supply_id=WYu2BXv1 HTTP/1.1
Host: btlr.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1041
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 22:56:42 GMT
vary: Origin
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ad.360yield.com/pb
52.58.236.223204 No Content 0 B IP 52.58.236.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /pb HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1717
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 22:56:42 GMT
access-control-allow-origin: https://app-tipps.com
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-credentials: true
X-Firefox-Spdy: h2
b1h.zemanta.com/api/bidder/prebid/bid/
50.31.142.191204 No Content 0 B URL HTTP/1.1 b1h.zemanta.com/api/bidder/prebid/bid/
IP 50.31.142.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/bidder/prebid/bid/ HTTP/1.1
Host: b1h.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 977
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://app-tipps.com
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f2fc48e2c47c481ce2307207e472e9fb
adc216d1410de3784479a17245d6dec49d5da482
9ec388f1788793b21eda11afd7aad3fb9dc9436916c3f8140e92ae26d98bcf22
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:56:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 15:11:53 GMT
Expires: Sat, 03 Dec 2022 15:11:52 GMT
Etag: "adc216d1410de3784479a17245d6dec49d5da482"
Cache-Control: max-age=403509,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7716b2cadc501c0e-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6ceeb0fa8f792106679e242104e3110b
f060d3fe81ce002009a179501531d07c1c7a07da
e39934fce99325a9bab3ca1e4f4de18c24851fa4b6c39235a33ed47d3657c014
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6405
Cache-Control: max-age=113937
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:43 GMT
Etag: "63843db7-1d7"
Expires: Wed, 30 Nov 2022 06:35:40 GMT
Last-Modified: Mon, 28 Nov 2022 04:48:55 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6ceeb0fa8f792106679e242104e3110b
f060d3fe81ce002009a179501531d07c1c7a07da
e39934fce99325a9bab3ca1e4f4de18c24851fa4b6c39235a33ed47d3657c014
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5069
Cache-Control: max-age=112601
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:43 GMT
Etag: "63843db7-1d7"
Expires: Wed, 30 Nov 2022 06:13:24 GMT
Last-Modified: Mon, 28 Nov 2022 04:48:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6ceeb0fa8f792106679e242104e3110b
f060d3fe81ce002009a179501531d07c1c7a07da
e39934fce99325a9bab3ca1e4f4de18c24851fa4b6c39235a33ed47d3657c014
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5069
Cache-Control: max-age=112601
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:43 GMT
Etag: "63843db7-1d7"
Expires: Wed, 30 Nov 2022 06:13:24 GMT
Last-Modified: Mon, 28 Nov 2022 04:48:55 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://app-tipps.com/
Origin: https://app-tipps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://app-tipps.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://app-tipps.com/
Origin: https://app-tipps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://app-tipps.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://app-tipps.com/
Origin: https://app-tipps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://app-tipps.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://app-tipps.com/
Origin: https://app-tipps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://app-tipps.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://app-tipps.com/
Origin: https://app-tipps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://app-tipps.com
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9249efdc5816f792c6e2fa6305f8ded5
211f8094a894aa3b60e03e5087085e1cec31f92f
f538f8719cee5babf83a2ce5aa2e768542e231201072c2788891c51f89bf9357
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1171
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://app-tipps.com
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c761e3a932f83ccaf4f9657603df6673
5152fced1ab614cece94efa0e01e5c07fb13296e
bba1bfccf8265b08b77b556008a32ec0ac29c75d263349d5162f109956f22be0
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1121
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://app-tipps.com
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 0
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1124628%3B1078226%3B1078226%3B1078310%3B1078226&size_id=15%3B15%3B2%3B2%3B15&alt_size_ids=2%2C55%2C58%2C221%3B10%3B19%2C43%2C44%2C117%3B19%2C43%2C44%2C117%3B&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,50244,1,,,&eid_pubcid.org=186097d8-90f7-4428-9d64-f27ce4e67786%5E1&rf=https%3A%2F%2Fapp-tipps.com&kw=97881&tg_i.name=app-tipps.com&tg_i.siteid=97881&tg_i.pbadslot=%2F97881%2Fapp-tipps.com%2Fdesktop%2F26328%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26323%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26322%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F30012%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26300&tk_flint=pbjs_lite_v7.22.0&x_source.tid=0bb78704-9ec7-453d-b19a-7e916458749a%3B13ffa19b-3d48-4c03-af95-4c11af7302bf%3B5f930971-4d14-4d4a-aa15-b244b33c59ea%3Bec713270-4214-4820-ab48-abe263a9437b%3Be234bcab-bed9-4232-8425-2b0af0a63920&l_pb_bid_id=2499eadeab04f44%3B25d2c695d9d49ed%3B2685395e6e2a79c%3B27deff906143078%3B28217671bc7e5fa&p_screen_res=1280x1024&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F97881%2Fapp-tipps.com%2Fdesktop%2F26328%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26323%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26322%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F30012%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26300&slots=5&rand=0.057503805366015404
213.19.162.41200 OK 876 B URL HTTP/2 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1124628%3B1078226%3B1078226%3B1078310%3B1078226&size_id=15%3B15%3B2%3B2%3B15&alt_size_ids=2%2C55%2C58%2C221%3B10%3B19%2C43%2C44%2C117%3B19%2C43%2C44%2C117%3B&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,50244,1,,,&eid_pubcid.org=186097d8-90f7-4428-9d64-f27ce4e67786%5E1&rf=https%3A%2F%2Fapp-tipps.com&kw=97881&tg_i.name=app-tipps.com&tg_i.siteid=97881&tg_i.pbadslot=%2F97881%2Fapp-tipps.com%2Fdesktop%2F26328%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26323%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26322%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F30012%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26300&tk_flint=pbjs_lite_v7.22.0&x_source.tid=0bb78704-9ec7-453d-b19a-7e916458749a%3B13ffa19b-3d48-4c03-af95-4c11af7302bf%3B5f930971-4d14-4d4a-aa15-b244b33c59ea%3Bec713270-4214-4820-ab48-abe263a9437b%3Be234bcab-bed9-4232-8425-2b0af0a63920&l_pb_bid_id=2499eadeab04f44%3B25d2c695d9d49ed%3B2685395e6e2a79c%3B27deff906143078%3B28217671bc7e5fa&p_screen_res=1280x1024&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F97881%2Fapp-tipps.com%2Fdesktop%2F26328%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26323%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26322%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F30012%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26300&slots=5&rand=0.057503805366015404
IP 213.19.162.41:0
File type JSON data\012- , ASCII text, with very long lines (876), with no line terminators
Hash ae3edcecb1d6b73237b66fca8e1dec17
d03fcaa2cfe44ad3365007180833d5d3725954ce
fd028b4a80c2c10b9a1d5e7c6ef2bf78c204b0263dcf650a64aed78e5c336d85
GET /a/api/fastlane.json?account_id=11740&site_id=39544&zone_id=1124628%3B1078226%3B1078226%3B1078310%3B1078226&size_id=15%3B15%3B2%3B2%3B15&alt_size_ids=2%2C55%2C58%2C221%3B10%3B19%2C43%2C44%2C117%3B19%2C43%2C44%2C117%3B&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,50244,1,,,&eid_pubcid.org=186097d8-90f7-4428-9d64-f27ce4e67786%5E1&rf=https%3A%2F%2Fapp-tipps.com&kw=97881&tg_i.name=app-tipps.com&tg_i.siteid=97881&tg_i.pbadslot=%2F97881%2Fapp-tipps.com%2Fdesktop%2F26328%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26323%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26322%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F30012%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26300&tk_flint=pbjs_lite_v7.22.0&x_source.tid=0bb78704-9ec7-453d-b19a-7e916458749a%3B13ffa19b-3d48-4c03-af95-4c11af7302bf%3B5f930971-4d14-4d4a-aa15-b244b33c59ea%3Bec713270-4214-4820-ab48-abe263a9437b%3Be234bcab-bed9-4232-8425-2b0af0a63920&l_pb_bid_id=2499eadeab04f44%3B25d2c695d9d49ed%3B2685395e6e2a79c%3B27deff906143078%3B28217671bc7e5fa&p_screen_res=1280x1024&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F97881%2Fapp-tipps.com%2Fdesktop%2F26328%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26323%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26322%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F30012%3B%2F97881%2Fapp-tipps.com%2Fdesktop%2F26300&slots=5&rand=0.057503805366015404 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.4
date: Mon, 28 Nov 2022 22:56:42 GMT
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://app-tipps.com
pragma: no-cache
vary: Accept-Encoding
set-cookie: khaos=LB1E3NB3-8-DIE1; Domain=.rubiconproject.com; Path=/; Expires=Tue, 28-Nov-2023 22:56:42 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrCfpdOn50mMe9DtVM30fCgX9j0V4idhPs3uo5h4G+Lsk8iO45uXEdxwFCfoC+4IsUFRDes1k6HRBuybVyVU0yt; Domain=.rubiconproject.com; Path=/; Expires=Tue, 28-Nov-2023 22:56:42 GMT; Max-Age=31536000; SameSite=None; Secure
khaos=LB1E3NB3-8-DIE1; Domain=.rubiconproject.com; Path=/; Expires=Tue, 28-Nov-2023 22:56:42 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrCfpdOn50mMe9DtVM30fCgX9j0V4idhPs3uo5h4G+Lsk8iO45uXEdxwFCfoC+4IsUFRDes1k6HRBuybVyVU0yt; Domain=.rubiconproject.com; Path=/; Expires=Tue, 28-Nov-2023 22:56:42 GMT; Max-Age=31536000; SameSite=None; Secure
khaos=LB1E3NB3-8-DIE1; Domain=.rubiconproject.com; Path=/; Expires=Tue, 28-Nov-2023 22:56:42 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrCfpdOn50mMe9DtVM30fCgX9j0V4idhPs3uo5h4G+Lsk8iO45uXEdxwFCfoC+4IsUFRDes1k6HRBuybVyVU0yt; Domain=.rubiconproject.com; Path=/; Expires=Tue, 28-Nov-2023 22:56:42 GMT; Max-Age=31536000; SameSite=None; Secure
khaos=LB1E3NB3-8-DIE1; Domain=.rubiconproject.com; Path=/; Expires=Tue, 28-Nov-2023 22:56:42 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrCfpdOn50mMe9DtVM30fCgX9j0V4idhPs3uo5h4G+Lsk8iO45uXEdxwFCfoC+4IsUFRDes1k6HRBuybVyVU0yt; Domain=.rubiconproject.com; Path=/; Expires=Tue, 28-Nov-2023 22:56:42 GMT; Max-Age=31536000; SameSite=None; Secure
khaos=LB1E3NB3-8-DIE1; Domain=.rubiconproject.com; Path=/; Expires=Tue, 28-Nov-2023 22:56:42 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qrCfpdOn50mMe9DtVM30fCgX9j0V4idhPs3uo5h4G+Lsk8iO45uXEdxwFCfoC+4IsUFRDes1k6HRBuybVyVU0yt; Domain=.rubiconproject.com; Path=/; Expires=Tue, 28-Nov-2023 22:56:42 GMT; Max-Age=31536000; SameSite=None; Secure
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-Firefox-Spdy: h2
hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&PageUrl=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&PageReferrer=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&CanonicalUrl=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F
185.255.84.150200 OK 893 B URL HTTP/2 hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&PageUrl=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&PageReferrer=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&CanonicalUrl=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F
IP 185.255.84.150:0
ASN #200271 Iguane Solutions SAS
File type JSON data\012- , ASCII text, with very long lines (892)
Hash 4eef3a0b7271967c1660efa24005d1b0
325cd206062260d78396ced4ce6d3df81a188b14
d4f3b7d83d599c3a659b3319e06a016d0da3c9cfe5e217de9dae32bfb8c15d5d
POST /hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&PageUrl=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&PageReferrer=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&CanonicalUrl=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F HTTP/1.1
Host: hb-api.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1787
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://app-tipps.com
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=e54f573c433ca01db44a658579aec732; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 22:56:42 GMT
content-length: 893
x-envoy-upstream-service-time: 114
server: ayl-lb-fra02
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 150f78261b8c28278ad3b8a1b141d39d
ee7ad0ea443d3042e6e7af5895e094c65493a38a
b73ac1439e26efbc5ff561619f94a04b9fb07dc3aa00fab9d94bf3065feab9e3
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1121
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://app-tipps.com
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 66 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0aa571512bc74d5684b34c96d0727a33
fb8cba2655857444ec9b61f9e8fb9a1295d2204c
06c32664c1430515e36a441fca8b5e68f17bee082c84bf87067ccfd4cdbddf2c
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1221
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-type: application/json;charset=utf-8
content-length: 66
server: ATS/9.1.10.25
access-control-allow-origin: https://app-tipps.com
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
age: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash a420f114763b45e3b1b68a943f9acd03
635db61465101e1d3569ce0ebd2c300bafe6f97b
4e051c31cc3bb08689dc39d6d38ccb805468e7e0cc7d5741cb4fc9c314ffd7ce
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:56:43 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 16:09:18 GMT
Expires: Fri, 02 Dec 2022 16:09:17 GMT
Etag: "635db61465101e1d3569ce0ebd2c300bafe6f97b"
Cache-Control: max-age=320553,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7716b2ce4ed21c0e-OSL
a.teads.tv/analytics/tag.js
23.38.201.50200 OK 3.4 kB URL HTTP/2 a.teads.tv/analytics/tag.js
IP 23.38.201.50:0
File type ASCII text, with very long lines (4822)
Hash 6ddfb3a828a563a7719081ff9aeedaba
80286455b7c85311df5f997714b83380ac02fd6d
826524e59a21d4190f923f804a17db1513e1ee3cb4a5ed12f3bb6a5b4f370835
GET /analytics/tag.js HTTP/1.1
Host: a.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +hi3J8gLh7odTbzzwPTTi1cNLRiMIMeCbLwhFS3fdhvnkPc6F/KidF+aylAlaVgqP4umQC5X3TY=
x-amz-request-id: VYTSDGA8QVA7F7Y0
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
accept-ranges: bytes
content-type: text/javascript;charset=utf-8
content-length: 3391
cache-control: private, max-age=3600
date: Mon, 28 Nov 2022 22:56:43 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
143.204.42.64200 OK 26 kB URL HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP 143.204.42.64:0
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Mon, 28 Nov 2022 02:57:00 GMT
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yXmCcxA1bw31z6Ks-LHEm3h5uGtscjhQrM3QQ3uQI-nDZDQQ4aFCWg==
Age: 72006
ced.sascdn.com/tag/1097/smart.js
23.36.77.24200 OK 33 kB URL HTTP/1.1 ced.sascdn.com/tag/1097/smart.js
IP 23.36.77.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4686ea4ceef48bf4d7b06bf70fe2a6ef
6a1348d13eca8b7882c4679c53019a51f48a94fd
685fc19fe5c57ebff672b1a9c03ea8b85f78d37558cc6743a39baa034f852d0d
GET /tag/1097/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 32836
Cache-Control: public, max-age=7200
Expires: Tue, 29 Nov 2022 00:56:43 GMT
Date: Mon, 28 Nov 2022 22:56:43 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 22:41:08 GMT
expires: Tue, 29 Nov 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 935
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4334032aadde00885f1ac8dc1b42475e
2eec08a9fa9ff03fae3d30078584d3540e70555a
969cbab753fcbc0692fc274ccdc93c5ea8be9797eac783fcdcc4d8976530c8b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5899
Cache-Control: max-age=161309
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:43 GMT
Etag: "6384f8bd-1d7"
Expires: Wed, 30 Nov 2022 19:45:12 GMT
Last-Modified: Mon, 28 Nov 2022 18:06:53 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ads.themoneytizer.com/media/tm.png
185.76.9.22200 OK 228 B URL HTTP/2 ads.themoneytizer.com/media/tm.png
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type PNG image data, 19 x 15, 8-bit colormap, non-interlaced\012- data
Hash 27a694e3fa0ab9153f0fa8d274f4bc5c
fde476fa9c8dd1b5c8b49883bbd9e71cb649052d
fb98a2a03c925aa211a860ca87a7f33a100fe74f37915c16b16ce7c0a1247223
GET /media/tm.png HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-type: image/png
content-length: 228
last-modified: Mon, 07 Nov 2022 09:00:04 GMT
expires: Tue, 29 Nov 2022 05:03:10 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1669698190
server: CDN77-Turbo
x-77-nzt: AblMCRREWsX/nfsAAA
x-77-nzt-ray: af5856301ca4d667ab3c85632c9c1119
x-cache: HIT
x-age: 64413
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
c.tmyzer.com/c/?s=97881&f=1&fi=0
54.38.64.100200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=97881&f=1&fi=0
IP 54.38.64.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=97881&f=1&fi=0 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 22:56:43 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:254B_36264064:01BB_63853CA9_11CBC12:2036C
X-IPLB-Instance: 38432
cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=778967d5-488e-4d45-4994-165dc6e9b91d&reqId=06f37496-e6e8-4e5b-486c-c971d6bf651f&zdid=1258
216.58.211.2302 Found 447 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=778967d5-488e-4d45-4994-165dc6e9b91d&reqId=06f37496-e6e8-4e5b-486c-c971d6bf651f&zdid=1258
IP 216.58.211.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash b26539b99f5f47964e8ee15db0506aee
5a638aec67deb0f263923f7deedc2b96a3700337
9a55dc41ac88e9fb58305eabe1f797c7057db0f5c5f601b803dd26032bc6c5ca
GET /pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=778967d5-488e-4d45-4994-165dc6e9b91d&reqId=06f37496-e6e8-4e5b-486c-c971d6bf651f&zdid=1258 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=778967d5-488e-4d45-4994-165dc6e9b91d&reqId=06f37496-e6e8-4e5b-486c-c971d6bf651f&zdid=1258&google_tc=
date: Mon, 28 Nov 2022 22:56:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 447
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 28-Nov-2022 23:11:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/shared/tbframe.js
151.101.85.44200 OK 3.9 kB URL HTTP/2 cdn.taboola.com/shared/tbframe.js
IP 151.101.85.44:0
File type HTML document text\012- HTML document, ASCII text
Hash fb01aa2871441406b1ba014b6d7d1090
d21f6039f7382e52eae90b4d13c2d64f19b0570d
98b77c0a2e61d0279e64ab3f782d9f714898c8b1c5192be627ff8bef3a1333ca
GET /shared/tbframe.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MN9XaM/M+h/Qp9BPyRJeb340G4Pucv6Y4Pcowpb3egHjmCFs9+VVxhILfloP4UjJ7UdOXKHX+G0=
x-amz-request-id: DM4HTT2F4X9ZCD58
x-amz-replication-status: COMPLETED
last-modified: Thu, 14 Apr 2016 14:04:36 GMT
etag: "0c6cdb6c2f89bf98124c3679a3412fb6"
x-amz-version-id: 0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-type: application/x-javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Mon, 28 Nov 2022 22:56:43 GMT
via: 1.1 varnish
age: 26937
x-served-by: cache-bma1679-BMA
x-cache: HIT
x-cache-hits: 6411
x-timer: S1669676203.462529,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 12
content-length: 3897
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=778967d5-488e-4d45-4994-165dc6e9b91d&reqId=06f37496-e6e8-4e5b-486c-c971d6bf651f&zdid=1258&google_tc=
216.58.211.2302 Found 437 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=778967d5-488e-4d45-4994-165dc6e9b91d&reqId=06f37496-e6e8-4e5b-486c-c971d6bf651f&zdid=1258&google_tc=
IP 216.58.211.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c6b7f32a76846ae36785337db311bf33
20b830c359fd5383fa4e11507c2ae7c4320b446e
edb7ec9f2f01230fdaf3b78a1cdb0d7dc2eed95d06db1cbcf48fd8e51247e385
GET /pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=778967d5-488e-4d45-4994-165dc6e9b91d&reqId=06f37496-e6e8-4e5b-486c-c971d6bf651f&zdid=1258&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app-tipps.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=778967d5-488e-4d45-4994-165dc6e9b91d&reqId=06f37496-e6e8-4e5b-486c-c971d6bf651f&zdid=1258&google_error=3
date: Mon, 28 Nov 2022 22:56:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 437
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.sunmedia.tv/integrations/7cba1a6f-d0d1-4a04-a349-c63433f044d4/7cba1a6f-d0d1-4a04-a349-c63433f044d4.js
51.89.67.82200 OK 82 kB URL HTTP/1.1 static.sunmedia.tv/integrations/7cba1a6f-d0d1-4a04-a349-c63433f044d4/7cba1a6f-d0d1-4a04-a349-c63433f044d4.js
IP 51.89.67.82:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ea59243f4c2b300a41914b6169f714f8
ea0aaccc92b541c9a010f75195848e81a355488a
8d1250703142c444c1e2e02aecd8b90da85bd0525b3a67933f9afa400c334913
GET /integrations/7cba1a6f-d0d1-4a04-a349-c63433f044d4/7cba1a6f-d0d1-4a04-a349-c63433f044d4.js HTTP/1.1
Host: static.sunmedia.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 22:56:43 GMT
Content-Type: application/javascript
Content-Length: 82441
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 09:30:18 GMT
Content-Encoding: gzip
Cache-control: max-age=0, s-maxage=2592001
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
X-Device: mobile
Accept-Ranges: bytes
Age: 47510
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
142.250.74.106200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (32034)
Hash c54aac7ef64c39b4f384e0d5771d3b46
d3e059104378a3844862a5ed12a13f5d423e86b6
3e1b5002dd64d185f806edeefd333348f423584d876cfc966b5c13884c8fe3da
GET /ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:01:59 GMT
expires: Thu, 23 Nov 2023 19:01:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 446084
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?t=prebid
188.42.34.65200 OK 1.8 kB URL HTTP/2 ads.betweendigital.com/adjson?t=prebid
IP 188.42.34.65:0
Hash dd79d852ec6a0a561c35b00c14f7088f
bd08ea3726ea3488ba1d49e808d3fb1806f2eee8
bf1722b8a81caff1b27ae4ca5e002d1033d4df55b71f34aaacd7f0e49b302350
POST /adjson?t=prebid HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2524
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Tue, 28 Nov 2023 22:56:43 GMT; Path=/; Domain=.betweendigital.com
tuuid=00f26220-b21e-524d-b7b0-7ca3d4354008; Max-Age=31536000; Expires=Tue, 28 Nov 2023 22:56:43 GMT; Path=/; Domain=.betweendigital.com
ut=Y4U8qwADncheCpIH_HnSd97--nC6Wxsl3CJnKg==; Max-Age=31536000; Expires=Tue, 28 Nov 2023 22:56:43 GMT; Path=/; Domain=.betweendigital.com
unm=1; Max-Age=31536000; Expires=Tue, 28 Nov 2023 22:56:43 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.themoneytizer.com/lib_watermark.js
185.76.9.22200 OK 285 kB URL HTTP/2 ads.themoneytizer.com/lib_watermark.js
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Size 285 kB (284648 bytes)
Hash 3252f934320c7602fb3a992d2a99a6c3
e99bac40bb83fedf860bbb0827124aa8123bb7b1
74b5213cec44749af8888d870c2550d9d1031a04eb4c5f04a94f64bd7462b7ab
GET /lib_watermark.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 14:30:54 GMT
expires: Tue, 29 Nov 2022 05:03:10 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1669698190
server: CDN77-Turbo
x-77-nzt: AblMCRQbeR3/nfsAAA
x-77-nzt-ray: af5856301ca4d667ab3c8563cf7bc716
x-cache: HIT
x-age: 64413
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=778967d5-488e-4d45-4994-165dc6e9b91d&reqId=06f37496-e6e8-4e5b-486c-c971d6bf651f&zdid=1258&google_error=3
172.67.13.182200 OK 95 B URL HTTP/2 mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=778967d5-488e-4d45-4994-165dc6e9b91d&reqId=06f37496-e6e8-4e5b-486c-c971d6bf651f&zdid=1258&google_error=3
IP 172.67.13.182:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=778967d5-488e-4d45-4994-165dc6e9b91d&reqId=06f37496-e6e8-4e5b-486c-c971d6bf651f&zdid=1258&google_error=3 HTTP/1.1
Host: mwzeom.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app-tipps.com/
Connection: keep-alive
Cookie: zc=778967d5-488e-4d45-4994-165dc6e9b91d; zsc=%BC%0BL%1Ch%00%9D%B0%864%A5%93%F3%80%A2d%AE%C2%9D%9E%BA%8B%29%F6%B5%DET%9D%81%82%16J%CB%97c%26%BBW%1F%CB%D1%7D%A2%29%23%94%F5%40.%14%21%CD%98%3B%0C%8A%E7%FC%22k%7D%8E3%BA%9F%EA%E7ORp%0E%7BE%80%3Fq%B4%C5%9F%DD5%90%B0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://app-tipps.com
set-cookie: zc=778967d5-488e-4d45-4994-165dc6e9b91d; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2cfeca1b524-OSL
X-Firefox-Spdy: h2
www.clarity.ms/tag/cxskmp9h7a
13.107.246.53200 OK 3.0 kB URL HTTP/2 www.clarity.ms/tag/cxskmp9h7a
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 3315e12555f40da7523f283070a3acef
80fcea2aa008d414a3cf03551ec41d23aecdb0a2
a83f6a0432c6464fbb00d0b7362a8cff5ed2470b84614d846829cc03a3d5ccc1
GET /tag/cxskmp9h7a HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=4b0c69585ccf41a8a210fa8ff10c3b23.20221128.20231128; expires=Tue, 28 Nov 2023 22:56:43 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
x-cache: CONFIG_NOCACHE
x-azure-ref: 0qzyFYwAAAABOYejut5/rSoOy4qaxB8SdQU1TMDRFREdFMTgxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 28 Nov 2022 22:56:43 GMT
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.43/clarity.js
13.107.246.53200 OK 165 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.43/clarity.js
IP 13.107.246.53:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (55029)
Size 165 kB (165132 bytes)
Hash 43d0a7cd5952d89e9f8f67eb6545bc27
602a4b5d68bd4a34be117a08a2ecf9104a297f40
c7033a918d11e5016df165864f8441ac3416f1fe39c4c246d66de9058f96bd73
GET /eus2/s/0.6.43/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d9026a431ead4c"
x-cache: TCP_HIT
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-azure-ref: 0qzyFYwAAAADIR+7iwODBRrqWM8+0CLH5QU1TMDRFREdFMTgxOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
date: Mon, 28 Nov 2022 22:56:43 GMT
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-aYq_-kbg2-3Jn.js
54.230.111.4200 OK 160 B URL HTTP/2 rules.quantcount.com/rules-p-aYq_-kbg2-3Jn.js
IP 54.230.111.4:0
Hash a284e6d0d49e85aec47d838ad8e30c3b
9d69fba529675599282e393531bded0b44d30033
2db5201650ed72f26ede302e33578d66e841dda063bac922be4494ff93f94f00
GET /rules-p-aYq_-kbg2-3Jn.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 160
last-modified: Wed, 26 Oct 2022 11:59:54 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Mon, 28 Nov 2022 22:56:43 GMT
cache-control: max-age=3600
etag: "a284e6d0d49e85aec47d838ad8e30c3b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RZs-LgEH-qvP58dohg0tM9VClKjuXFEj8FQ1wk3LPld2XTNHdHUqsw==
age: 3356
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-85183250-1&cid=1581217892.1669676203&jid=546156981&gjid=1218357859&_gid=1581747579.1669676203&_u=YEBAAUAAAAAAACAAI~&z=1055139590
142.250.150.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-85183250-1&cid=1581217892.1669676203&jid=546156981&gjid=1218357859&_gid=1581747579.1669676203&_u=YEBAAUAAAAAAACAAI~&z=1055139590
IP 142.250.150.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-85183250-1&cid=1581217892.1669676203&jid=546156981&gjid=1218357859&_gid=1581747579.1669676203&_u=YEBAAUAAAAAAACAAI~&z=1055139590 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://app-tipps.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Nov 2022 22:56:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cf6e7fd81cd953003e0ea04521c25ea
c7c764cea7a54c986aadd90fdfc63cfa234b1978
dc848de23c1837bda89e40d7ada8183eb2561470cf8dc50d8854fad413315c17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC848DE23C1837BDA89E40D7ADA8183EB2561470CF8DC50D8854FAD413315C17"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=24
Expires: Mon, 28 Nov 2022 22:57:07 GMT
Date: Mon, 28 Nov 2022 22:56:43 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 5ddd10ebd682891c8b8b25882bf94286
8d52a20c75e90abe8f193f3b44f5bc12936004d7
f21b42e8a27687d7e2dc46aa7d98c0f1ed82f69c7783068b1c1df2f648561462
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170293
Date: Mon, 28 Nov 2022 22:56:44 GMT
Etag: "6385192e-1d7"
Expires: Wed, 30 Nov 2022 22:14:57 GMT
Last-Modified: Mon, 28 Nov 2022 20:25:18 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Y3lEK9tm25ibHYe17_9-QX7_3lugwj-T9l_K1TPY6d6JYMg9EOdgRQ==
Age: 6579
id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
162.19.138.116200 43 B URL HTTP/1.1 id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
IP 162.19.138.116:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/12/9.gif?gdpr=true&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Mon, 28-Nov-2022 23:01:44 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Mon, 28-Nov-2022 23:01:44 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Mon, 28-Nov-2022 23:01:44 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Mon, 28-Nov-2022 23:01:44 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Mon, 28-Nov-2022 23:01:44 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Mon, 28-Nov-2022 23:01:44 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Mon, 28 Nov 2022 22:56:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://app-tipps.com/
Origin: https://app-tipps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://app-tipps.com
server-processing-duration-in-ticks: 548737
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
awayimplemented.com/d354694f29d5c38999e01f7f31bc504d/invoke.js
173.233.139.164200 OK 9.8 kB URL HTTP/1.1 awayimplemented.com/d354694f29d5c38999e01f7f31bc504d/invoke.js
IP 173.233.139.164:0
File type exported SGML document, ASCII text, with very long lines (27032), with no line terminators
Hash dd68282b62b459b64f5fdb0ffa7e3cf1
7628a9e2415a1293c5e886a78ba897f2b22030c8
2b74d773882f293976f6dfdc9b8361a00b276bfa23debbf3f4b047dd58b9523b
Analyzer Verdict Alert quad9 Sinkholed
GET /d354694f29d5c38999e01f7f31bc504d/invoke.js HTTP/1.1
Host: awayimplemented.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 22:56:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2d370ecf7d7c9eaf2d389550f2cc4120
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cmp.quantcast.com/choice/aYq_-kbg2-3Jn/app-tipps.com/choice.js?tag_version=V2
143.204.55.88200 OK 46 kB URL HTTP/2 cmp.quantcast.com/choice/aYq_-kbg2-3Jn/app-tipps.com/choice.js?tag_version=V2
IP 143.204.55.88:0
Hash cb245fbf3dd8197ed621948bf205e7ef
2e1c2f0e677d9de40c47d07c1462fd093aa12670
9d46ee4c923d2cf983129dab933affef65954480dae7adcc3410f3325567fdec
GET /choice/aYq_-kbg2-3Jn/app-tipps.com/choice.js?tag_version=V2 HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 26 Oct 2022 12:06:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: gzip
cache-control: max-age=3600
date: Mon, 28 Nov 2022 22:56:44 GMT
etag: W/"f4233b3b8a294388799d584de1141e16"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oas-sxLk7sBsgtUZacqAuwf0FmgXOZT5PlxLfyuQN0rljs1X7ogfsQ==
X-Firefox-Spdy: h2
test.cmp.quantcast.com/GVL-v2/cmp-list.json
143.204.55.14200 OK 38 kB URL HTTP/2 test.cmp.quantcast.com/GVL-v2/cmp-list.json
IP 143.204.55.14:0
File type JSON data\012- , ASCII text, with very long lines (9979), with no line terminators
Hash a0a73b8ccd1c24009423c09214b0ef1f
13bc6c0c14e68b718b2c3d74adb8700b2101301b
680c817de07d06bc3c0c254163523b8c859f510a0c740cd062fd2d26313e85bc
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Mon, 28 Nov 2022 03:00:52 GMT
last-modified: Tue, 15 Nov 2022 19:52:30 GMT
etag: W/"67643b5faa0950a5532c47758ba39d2f"
x-amz-server-side-encryption: AES256
x-amz-version-id: xPMKnfS8YcqF2frTT5_I_M_eoLLd3kli
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lKG3h6JQ5dEjvqpbemGQlSvOEiuq6ZdbU9mTQzRyCLJ4C8uF_lbUfg==
age: 71752
X-Firefox-Spdy: h2
trc-events.taboola.com/themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.223&type=info&msg=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&llvl=2&id=1614&cv=20221124-3-RELEASE<=deflated&pct=1
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.223&type=info&msg=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&llvl=2&id=1614&cv=20221124-3-RELEASE<=deflated&pct=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.223&type=info&msg=https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F&llvl=2&id=1614&cv=20221124-3-RELEASE<=deflated&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 28 Nov 2022 22:56:44 GMT
x-fastly-to-nlb-rtt: 22129
access-control-allow-credentials: true
X-Firefox-Spdy: h2
trc-events.taboola.com/themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.226&type=info&msg=%7B%22publisher%22%3A%22themonetizer-network%22%2C%22mode%22%3A%22thumbnails-a%22%2C%22container%22%3A%22tbl_widget_container%22%2C%22placement%22%3A%22527426-MEGABANNER%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=1010&cv=20221124-3-RELEASE<=deflated&pct=1
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.226&type=info&msg=%7B%22publisher%22%3A%22themonetizer-network%22%2C%22mode%22%3A%22thumbnails-a%22%2C%22container%22%3A%22tbl_widget_container%22%2C%22placement%22%3A%22527426-MEGABANNER%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=1010&cv=20221124-3-RELEASE<=deflated&pct=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.226&type=info&msg=%7B%22publisher%22%3A%22themonetizer-network%22%2C%22mode%22%3A%22thumbnails-a%22%2C%22container%22%3A%22tbl_widget_container%22%2C%22placement%22%3A%22527426-MEGABANNER%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=1010&cv=20221124-3-RELEASE<=deflated&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 28 Nov 2022 22:56:44 GMT
x-fastly-to-nlb-rtt: 22129
access-control-allow-credentials: true
X-Firefox-Spdy: h2
trc-events.taboola.com/themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.224&type=usage&msg=rtus&llvl=2&id=1397&cv=20221124-3-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.224&type=usage&msg=rtus&llvl=2&id=1397&cv=20221124-3-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.224&type=usage&msg=rtus&llvl=2&id=1397&cv=20221124-3-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 28 Nov 2022 22:56:44 GMT
x-fastly-to-nlb-rtt: 22129
access-control-allow-credentials: true
X-Firefox-Spdy: h2
trc-events.taboola.com/themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.229&type=info&msg=527426-MEGABANNER%20thumbnails-a&llvl=2&id=2913&cv=20221124-3-RELEASE<=deflated&pct=1
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.229&type=info&msg=527426-MEGABANNER%20thumbnails-a&llvl=2&id=2913&cv=20221124-3-RELEASE<=deflated&pct=1
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.229&type=info&msg=527426-MEGABANNER%20thumbnails-a&llvl=2&id=2913&cv=20221124-3-RELEASE<=deflated&pct=1 HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 28 Nov 2022 22:56:44 GMT
x-fastly-to-nlb-rtt: 22129
access-control-allow-credentials: true
X-Firefox-Spdy: h2
audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22aYq_-kbg2-3Jn%22%2C%22domain%22%3A%22app-tipps.com%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22SDK%2B5CIL0a8NScD79tZg3A%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1669676203409%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-p3uk2q9h1jh7nusogm8x%22%7D
18.184.92.103200 OK 2 B URL HTTP/2 audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22aYq_-kbg2-3Jn%22%2C%22domain%22%3A%22app-tipps.com%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22SDK%2B5CIL0a8NScD79tZg3A%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1669676203409%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-p3uk2q9h1jh7nusogm8x%22%7D
IP 18.184.92.103:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22accountId%22%3A%22aYq_-kbg2-3Jn%22%2C%22domain%22%3A%22app-tipps.com%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22SDK%2B5CIL0a8NScD79tZg3A%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1669676203409%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-p3uk2q9h1jh7nusogm8x%22%7D HTTP/1.1
Host: audit-tcfv2.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:44 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash e2ec4a67bfb02a4bb3c73887d8573918
83b7e213a54818271c9a5cb28ffd2490692829ea
e16f0cf5af3bb82c845495fefdaf091b65693075b9500387b4e6c107d61e78b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6002
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:44 GMT
Last-Modified: Mon, 28 Nov 2022 21:16:42 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 312
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 887
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
date: Mon, 28 Nov 2022 22:56:43 GMT
X-Firefox-Spdy: h2
services.sunmedia.tv/geotarget/geocity.php
141.94.109.48200 OK 435 B URL HTTP/1.1 services.sunmedia.tv/geotarget/geocity.php
IP 141.94.109.48:0
File type JSON data\012- , ASCII text, with very long lines (435), with no line terminators
Hash 2ef5733ae6a6d17993f934a59bee9f7a
2d437b649e582a6e89e814d4ecbaf5289a8b037a
3979bf053be2ab0a3d4a489219ae19031970057db4fa50545466bdd13f1796b4
GET /geotarget/geocity.php HTTP/1.1
Host: services.sunmedia.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 22:56:44 GMT
Content-Type: application/json
Content-Length: 435
Connection: keep-alive
Cache-control: max-age=0, s-maxage=3600
X-Device: mobile
Accept-Ranges: bytes
Age: 388
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://app-tipps.com
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Origin.FromBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 94d394d6beaad25971b7f1e02d93b841
07359fac8e3e5c10dee86bdb0d2a468ab90d8f9a
06c4f25efd09668ee6bc8cc7b4d278841c5abb5d31c0e029cda8b43c4ee4a489
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140231
Date: Mon, 28 Nov 2022 22:56:44 GMT
Etag: "6384b816-1d7"
Expires: Wed, 30 Nov 2022 13:53:55 GMT
Last-Modified: Mon, 28 Nov 2022 13:31:02 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7J3PXM1H-FtEnVW7q1fLaXw8Gp7a3uEzWYyHPF0WmsM8yADIQhLMiw==
Age: 1373
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 7ea4e6545ae1f6c3330a706ac021e41d
7ae7b3e22b59941577691687a62275ad1f0f3a60
0799012f9b9a328698a9db5a8b2be6f1ffd76765f94b6118acef67234649186f
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:44 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
set-cookie: uid_id2=2d34ebd5-d2c9-4adc-a500-152be7334496:3:1; expires=Thu, 25 Nov 2032 22:56:44 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/userx.20221124-3-RELEASE.es6.js
151.101.85.44200 OK 5.4 kB URL HTTP/2 cdn.taboola.com/libtrc/userx.20221124-3-RELEASE.es6.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (17842)
Hash 129244999d8d8004219b9e045244aea6
4741d9b9c88c49e6f9142c5df6429844497d1ede
f573816cd0a8dc6c35763271ee98acf3b0ef63e169bc1bf43e17e4ef2389ca83
GET /libtrc/userx.20221124-3-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: tmzhIrDoaxmT5D7JyFWbYZ+Iyds51hcTzdcUdApgrPNKnZp8JW+6yu9MuV4S1mcOI/TiVUolE0I=
x-amz-request-id: G62E5Z20VNQYRQVW
x-amz-replication-status: PENDING
last-modified: Mon, 28 Nov 2022 12:44:29 GMT
etag: "cbcee3c869fea41a378f32a6ff9c0188"
x-amz-version-id: eZk5nit9YP_V7dgXBkQ2nTPPQTxJjJk7
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Mon, 28 Nov 2022 22:56:44 GMT
via: 1.1 varnish
age: 101
x-served-by: cache-bma1679-BMA
x-cache: HIT
x-cache-hits: 9
x-timer: S1669676204.403027,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 12
content-length: 5396
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0bee36675c9141b9c0359696d737d3f.jpg
151.101.85.44200 OK 6.1 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0bee36675c9141b9c0359696d737d3f.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 862979fcb91cab9679597b283a62b336
a44e3309f75bef23f2577b90889c72d4ccb3c1a9
47526131d34efc5121014d4c30c1c7ad2cfb5b46c75d0c54451f9ac33b9a9499
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0bee36675c9141b9c0359696d737d3f.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 424742794595452004267229129827057939325,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 424742794595452004267229129827057939325,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
etag: "51a35af909d176dd4e596597a6f0a104"
expiration: expiry-date="Sun, 09 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Thu, 08 Sep 2022 13:55:32 GMT
req-referer: https://www.zupimages.net/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 196
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 28 Nov 2022 22:56:44 GMT
age: 5763477
x-served-by: cache-iad-kiad7000102-IAD, cache-iad-kcgs7200060-IAD, cache-bur-kbur8200091-BUR, cache-iad-kiad7000159-IAD, cache-bma1679-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 180, 1
x-timer: S1669676204.419355,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e0bee36675c9141b9c0359696d737d3f.jpg
x-vcl-time-ms: 1
content-length: 6050
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5ef33bf6e1f77d891082b5c73eb62d9.jpg
151.101.85.44200 OK 4.5 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5ef33bf6e1f77d891082b5c73eb62d9.jpg
IP 151.101.85.44:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c16e57cb1590abf6d6595cad602a6530
af9558c3a96d327382cc9fe56fe318dcd7ca85ac
3787f1e82939ca4908a9e4e1e0076d8635867b5133d854960a2fcb6c548647eb
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5ef33bf6e1f77d891082b5c73eb62d9.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 592564939577972081587890501903593957851,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 592564939577972081587890501903593957851,347694868690283001542333083413887495249,29ecf9b93bbf306179626feeda1fab70
etag: "1207148106a4976b133564ff1aa38f82"
expiration: expiry-date="Sat, 15 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Wed, 14 Sep 2022 01:31:08 GMT
req-referer: https://cdn.taboola.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 99
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Mon, 28 Nov 2022 22:56:44 GMT
age: 4049191
x-served-by: cache-iad-kiad7000151-IAD, cache-iad-kcgs7200117-IAD, cache-bur-kbur8200055-BUR, cache-iad-kcgs7200106-IAD, cache-bma1679-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 33, 1
x-timer: S1669676204.420103,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_100%2Cw_180%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5ef33bf6e1f77d891082b5c73eb62d9.jpg
x-vcl-time-ms: 1
content-length: 4520
X-Firefox-Spdy: h2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Origin.FromBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
track.sunmedia.tv/?ap=smptf&it=7cba1a6f-d0d1-4a04-a349-c63433f044d4&tp=op&pb=1&pos=0&loop=1
51.91.154.17200 OK 42 B URL HTTP/1.1 track.sunmedia.tv/?ap=smptf&it=7cba1a6f-d0d1-4a04-a349-c63433f044d4&tp=op&pb=1&pos=0&loop=1
IP 51.91.154.17:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /?ap=smptf&it=7cba1a6f-d0d1-4a04-a349-c63433f044d4&tp=op&pb=1&pos=0&loop=1 HTTP/1.1
Host: track.sunmedia.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 22:56:44 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 15 Nov 2018 09:59:07 GMT
Cache-control: max-age=0, s-maxage=31536000
X-Device: desktop
Accept-Ranges: bytes
Age: 692578
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 273f94a8f5a55688554a0f97d148db7a
32c5f0bd97eb0480fa5a8b94bcb89b0768f135eb
48376468136c15f9423b0898d4ee95cd67bd245863da17ed056933aaa3c165da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48376468136C15F9423B0898D4EE95CD67BD245863DA17ED056933AAA3C165DA"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16133
Expires: Tue, 29 Nov 2022 03:25:37 GMT
Date: Mon, 28 Nov 2022 22:56:44 GMT
Connection: keep-alive
il-trc-events.taboola.com/themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.701&type=info&msg=Finish%20Rendering%20527426-MEGABANNER&llvl=2&id=7915&cv=20221124-3-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.701&type=info&msg=Finish%20Rendering%20527426-MEGABANNER&llvl=2&id=7915&cv=20221124-3-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.701&type=info&msg=Finish%20Rendering%20527426-MEGABANNER&llvl=2&id=7915&cv=20221124-3-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 28 Nov 2022 22:56:44 GMT
x-fastly-to-nlb-rtt: 72716
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.682&type=info&msg=Start%20Rendering%20527426-MEGABANNER&llvl=2&id=1184&cv=20221124-3-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.682&type=info&msg=Start%20Rendering%20527426-MEGABANNER&llvl=2&id=1184&cv=20221124-3-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.682&type=info&msg=Start%20Rendering%20527426-MEGABANNER&llvl=2&id=1184&cv=20221124-3-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 28 Nov 2022 22:56:44 GMT
x-fastly-to-nlb-rtt: 72716
access-control-allow-credentials: true
X-Firefox-Spdy: h2
il-trc-events.taboola.com/themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.687&type=info&msg=Finish%20Rendering%20527426-MEGABANNER&llvl=2&id=215&cv=20221124-3-RELEASE<=deflated&pct=1
185.106.33.48204 No Content 0 B URL HTTP/2 il-trc-events.taboola.com/themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.687&type=info&msg=Finish%20Rendering%20527426-MEGABANNER&llvl=2&id=215&cv=20221124-3-RELEASE<=deflated&pct=1
IP 185.106.33.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /themonetizer-app-tippscom/log/2/debug?tim=22%3A56%3A43.687&type=info&msg=Finish%20Rendering%20527426-MEGABANNER&llvl=2&id=215&cv=20221124-3-RELEASE<=deflated&pct=1 HTTP/1.1
Host: il-trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 28 Nov 2022 22:56:44 GMT
x-fastly-to-nlb-rtt: 72716
access-control-allow-credentials: true
X-Firefox-Spdy: h2
soldierreproduceadmiration.com/watch.1402681953114.js?key=d354694f29d5c38999e01f7f31bc504d&kw=%5B%22best%22%2C%22music%22%2C%22streaming%22%2C%22services%22%2C%22for%22%2C%22iphone%22%2C%22and%22%2C%22android%22%2C%222022%22%2C%22-%22%2C%22app-tipps%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=2d34ebd5-d2c9-4adc-a500-152be7334496%3A3%3A1
173.233.139.164307 Temporary Redirect 0 B URL HTTP/1.1 soldierreproduceadmiration.com/watch.1402681953114.js?key=d354694f29d5c38999e01f7f31bc504d&kw=%5B%22best%22%2C%22music%22%2C%22streaming%22%2C%22services%22%2C%22for%22%2C%22iphone%22%2C%22and%22%2C%22android%22%2C%222022%22%2C%22-%22%2C%22app-tipps%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=2d34ebd5-d2c9-4adc-a500-152be7334496%3A3%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1402681953114.js?key=d354694f29d5c38999e01f7f31bc504d&kw=%5B%22best%22%2C%22music%22%2C%22streaming%22%2C%22services%22%2C%22for%22%2C%22iphone%22%2C%22and%22%2C%22android%22%2C%222022%22%2C%22-%22%2C%22app-tipps%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=2d34ebd5-d2c9-4adc-a500-152be7334496%3A3%3A1 HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 22:56:44 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://app-tipps.com
Access-Control-Allow-Origin: https://app-tipps.com
Access-Control-Allow-Credentials: true
Location: https://soldierreproduceadmiration.com/watch.1402681953114.js?key=d354694f29d5c38999e01f7f31bc504d&kw=%5B%22best%22%2C%22music%22%2C%22streaming%22%2C%22services%22%2C%22for%22%2C%22iphone%22%2C%22and%22%2C%22android%22%2C%222022%22%2C%22-%22%2C%22app-tipps%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=2d34ebd5-d2c9-4adc-a500-152be7334496%3A3%3A1&shu=628c8f08a7d03a765f2fae52b7a91c6fc3e9c0edd4ca214452d916efd246496d65b067de0eb0a69bc6f21ec3b39399e766c1997dfd3d6419c0ff6ffb186ba142eb49ec9f340de9cfc45e14ee712306c3f8dfd72687f9ef237dd39523a7bbfb&pst=1669676264&rmtc=t
Set-Cookie: u_pl=17248011; expires=Tue, 29 Nov 2022 22:56:44 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0ODAxMSwiayI6ImQzNTQ2OTRmMjlkNWMzODk5OWUwMWY3ZjMxYmM1MDRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4NDcyLCJwaWQiOjQ2ODU5NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoienRuYWFjYjQiLCJjcGtzIjp7ICIyOCI6ImQxZDQ0NTRkOWUxN2NiZTI2MjcxZDJjODFiY2ViNjc2IiwiMjkiOiJiYWFkNzI1ZTlkNzQ0NTMyNTYwYmMwOGI0ZjE2ODJiZiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hcHAtdGlwcHMuY29tLyJ9fQ.hefyanFiYSD6mLQhNAZ-Zeg-_NwlirzZ6f1BTaCZeEg; expires=Mon, 28 Nov 2022 22:57:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0907c28aceddb08ff86be83b0a127209
Strict-Transport-Security: max-age=0; includeSubdomains
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 114425
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
vary: Origin
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
date: Mon, 28 Nov 2022 22:56:44 GMT
X-Firefox-Spdy: h2
soldierreproduceadmiration.com/watch.1402681953114.js?key=d354694f29d5c38999e01f7f31bc504d&kw=%5B%22best%22%2C%22music%22%2C%22streaming%22%2C%22services%22%2C%22for%22%2C%22iphone%22%2C%22and%22%2C%22android%22%2C%222022%22%2C%22-%22%2C%22app-tipps%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=2d34ebd5-d2c9-4adc-a500-152be7334496%3A3%3A1&shu=628c8f08a7d03a765f2fae52b7a91c6fc3e9c0edd4ca214452d916efd246496d65b067de0eb0a69bc6f21ec3b39399e766c1997dfd3d6419c0ff6ffb186ba142eb49ec9f340de9cfc45e14ee712306c3f8dfd72687f9ef237dd39523a7bbfb&pst=1669676264&rmtc=t
173.233.139.164200 OK 2.1 kB URL HTTP/1.1 soldierreproduceadmiration.com/watch.1402681953114.js?key=d354694f29d5c38999e01f7f31bc504d&kw=%5B%22best%22%2C%22music%22%2C%22streaming%22%2C%22services%22%2C%22for%22%2C%22iphone%22%2C%22and%22%2C%22android%22%2C%222022%22%2C%22-%22%2C%22app-tipps%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=2d34ebd5-d2c9-4adc-a500-152be7334496%3A3%3A1&shu=628c8f08a7d03a765f2fae52b7a91c6fc3e9c0edd4ca214452d916efd246496d65b067de0eb0a69bc6f21ec3b39399e766c1997dfd3d6419c0ff6ffb186ba142eb49ec9f340de9cfc45e14ee712306c3f8dfd72687f9ef237dd39523a7bbfb&pst=1669676264&rmtc=t
IP 173.233.139.164:0
File type HTML document, ASCII text, with very long lines (2537)
Hash 39566800e8d4918ff914456b2e6a8a18
c12aa922f10819af986ee7458aafb4015ac53321
b0faba2a6fd2770139999077f5e6459ebbabfaccace3882e41a68cd0e0bec80b
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1402681953114.js?key=d354694f29d5c38999e01f7f31bc504d&kw=%5B%22best%22%2C%22music%22%2C%22streaming%22%2C%22services%22%2C%22for%22%2C%22iphone%22%2C%22and%22%2C%22android%22%2C%222022%22%2C%22-%22%2C%22app-tipps%22%5D&refer=&tz=0&dev=e&res=12.1055&uuid=2d34ebd5-d2c9-4adc-a500-152be7334496%3A3%3A1&shu=628c8f08a7d03a765f2fae52b7a91c6fc3e9c0edd4ca214452d916efd246496d65b067de0eb0a69bc6f21ec3b39399e766c1997dfd3d6419c0ff6ffb186ba142eb49ec9f340de9cfc45e14ee712306c3f8dfd72687f9ef237dd39523a7bbfb&pst=1669676264&rmtc=t HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app-tipps.com
Referer: https://app-tipps.com/
Connection: keep-alive
Cookie: u_pl=17248011; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzI0ODAxMSwiayI6ImQzNTQ2OTRmMjlkNWMzODk5OWUwMWY3ZjMxYmM1MDRkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODU4NDcyLCJwaWQiOjQ2ODU5NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoienRuYWFjYjQiLCJjcGtzIjp7ICIyOCI6ImQxZDQ0NTRkOWUxN2NiZTI2MjcxZDJjODFiY2ViNjc2IiwiMjkiOiJiYWFkNzI1ZTlkNzQ0NTMyNTYwYmMwOGI0ZjE2ODJiZiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9hcHAtdGlwcHMuY29tLyJ9fQ.hefyanFiYSD6mLQhNAZ-Zeg-_NwlirzZ6f1BTaCZeEg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 22:56:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://app-tipps.com
Access-Control-Allow-Origin: https://app-tipps.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=2d34ebd5-d2c9-4adc-a500-152be7334496:3:1; expires=Mon, 05 Dec 2022 22:56:44 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 22:56:44 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 22:56:44 GMT; secure; SameSite=None
pdhtkv23=true; expires=Tue, 29 Nov 2022 22:56:44 GMT; secure; SameSite=None
uncs23=1; expires=Tue, 29 Nov 2022 22:56:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c693d47fafcec34629d25c830b29f58e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
soldierreproduceadmiration.com/d1/d4/45/d1d4454d9e17cbe26271d2c81bceb676.js
173.233.139.164200 OK 29 kB URL HTTP/1.1 soldierreproduceadmiration.com/d1/d4/45/d1d4454d9e17cbe26271d2c81bceb676.js
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash a854d6882867d14ed8fde0c4fd8d74b1
8253afa461c04aeb94933f29d8144fb1c0a11bb1
3263312f5196c72fe91c5e5c662e35c5a50d840baa03aaac9eaef64165649b1b
Analyzer Verdict Alert quad9 Sinkholed
GET /d1/d4/45/d1d4454d9e17cbe26271d2c81bceb676.js HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 22:56:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0204f1b51fd51a2fb32c6f9d1862980a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d02308d366e622aa26e632ea017600cc
c16673d53c20ac70efbda483ca12b4374a76105c
ad8ccb9b049120b7e44a79dcbc9caab326567933cfce70608bc812237319a0ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD8CCB9B049120B7E44A79DCBC9CAAB326567933CFCE70608BC812237319A0EC"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12871
Expires: Tue, 29 Nov 2022 02:31:16 GMT
Date: Mon, 28 Nov 2022 22:56:45 GMT
Connection: keep-alive
cdn.cloudimagesb.com/bi/ee/4f/40/ee4f409bca9830a809732c96ace24883/1649932043.gif
45.133.44.10200 OK 30 kB URL HTTP/2 cdn.cloudimagesb.com/bi/ee/4f/40/ee4f409bca9830a809732c96ace24883/1649932043.gif
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 728 x 90\012- data
Hash 2bf03a0306fcf28251f4bc3ba85523dc
37d2d970841b4ff3768aad2d232b828ace83f3f9
cbcf5aa1abb8b59829c6bd7a7cb410ea42c14069948378a7a5d25e71c429e231
GET /bi/ee/4f/40/ee4f409bca9830a809732c96ace24883/1649932043.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:45 GMT
content-type: image/gif
content-length: 30524
server: nginx/1.17.6
last-modified: Thu, 14 Apr 2022 10:27:29 GMT
etag: "6257f711-773c"
expires: Wed, 30 Nov 2022 22:56:45 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
151.101.85.44200 OK 254 B URL HTTP/2 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP 151.101.85.44:0
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
content-type: image/png
server: AmazonS3
accept-ranges: bytes
date: Mon, 28 Nov 2022 22:56:45 GMT
via: 1.1 varnish
age: 26653
x-served-by: cache-bma1679-BMA
x-cache: HIT
x-cache-hits: 2245
x-timer: S1669676205.486254,VS0,VE0
cache-control: private,max-age=31536000
abp: 12
content-length: 254
X-Firefox-Spdy: h2
trc.taboola.com/themonetizer-app-tippscom/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1
151.101.85.44204 No Content 0 B URL HTTP/2 trc.taboola.com/themonetizer-app-tippscom/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1
IP 151.101.85.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /themonetizer-app-tippscom/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2154
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Mon, 28 Nov 2022 22:56:45 GMT
via: 1.1 varnish
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669676205.412420,VS0,VE92
x-vcl-time-ms: 92
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ad880e4bf096af9fce367e3280727f6
a4005efaa1acf9078430dd64a668ca5045b60287
bd5a212b5baa992c45ce1ca5e9ba1c11fd990c930f7c43f0e55683232fe9e25b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD5A212B5BAA992C45CE1CA5E9BA1C11FD990C930F7C43F0E55683232FE9E25B"
Last-Modified: Mon, 28 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2619
Expires: Mon, 28 Nov 2022 23:40:24 GMT
Date: Mon, 28 Nov 2022 22:56:45 GMT
Connection: keep-alive
yearbookhobblespinal.com/pixel/purst?dl=0&th=0&sc=0&rs=1603&rd=1603&fd=833&bv=22.10.v.10&tmpl=136
173.233.139.164200 OK 0 B URL HTTP/1.1 yearbookhobblespinal.com/pixel/purst?dl=0&th=0&sc=0&rs=1603&rd=1603&fd=833&bv=22.10.v.10&tmpl=136
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1603&rd=1603&fd=833&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: yearbookhobblespinal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 22:56:45 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:45 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=F4B3839FED404E4F91913DD33EC403E3&RedC=c.clarity.ms&MXFR=2C51ECE85FA066C61129FE825BA06879
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=2C51ECE85FA066C61129FE825BA06879; domain=.clarity.ms; expires=Sat, 23-Dec-2023 22:56:45 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Mon, 28 Nov 2022 22:56:44 GMT
content-length: 0
X-Firefox-Spdy: h2
sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img,w_800/https://app-tipps.com/wp-content/uploads/2022/11/shazam-streaming-app-preview.jpg
194.242.11.186302 Found 0 B URL HTTP/2 sp-ao.shortpixel.ai/client/to_webp,q_lossy,ret_img,w_800/https://app-tipps.com/wp-content/uploads/2022/11/shazam-streaming-app-preview.jpg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /client/to_webp,q_lossy,ret_img,w_800/https://app-tipps.com/wp-content/uploads/2022/11/shazam-streaming-app-preview.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:56:45 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://app-tipps.com/wp-content/uploads/2022/11/shazam-streaming-app-preview.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
pragma: cache
cdn-cachedat: 11/28/2022 22:56:45
cdn-tag: 0; Domain: app-tipps.com; 302
cdn-proxyver: 1.03
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: a501c5c83a419941efef9a586cb5b171
cdn-cache: MISS
X-Firefox-Spdy: h2
c.bing.com/c.gif?CtsSyncId=F4B3839FED404E4F91913DD33EC403E3&RedC=c.clarity.ms&MXFR=2C51ECE85FA066C61129FE825BA06879
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=F4B3839FED404E4F91913DD33EC403E3&RedC=c.clarity.ms&MXFR=2C51ECE85FA066C61129FE825BA06879
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=F4B3839FED404E4F91913DD33EC403E3&RedC=c.clarity.ms&MXFR=2C51ECE85FA066C61129FE825BA06879 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app-tipps.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=F4B3839FED404E4F91913DD33EC403E3&MUID=02972438B8D661F5315B3652B92360BE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=02972438B8D661F5315B3652B92360BE; domain=c.bing.com; expires=Sat, 23-Dec-2023 22:56:46 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B1930B631A9C4B508159AD43CC1843D1 Ref B: OSL30EDGE0208 Ref C: 2022-11-28T22:56:46Z
date: Mon, 28 Nov 2022 22:56:45 GMT
content-length: 0
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=F4B3839FED404E4F91913DD33EC403E3&MUID=02972438B8D661F5315B3652B92360BE
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=F4B3839FED404E4F91913DD33EC403E3&MUID=02972438B8D661F5315B3652B92360BE
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=F4B3839FED404E4F91913DD33EC403E3&MUID=02972438B8D661F5315B3652B92360BE HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app-tipps.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Thu, 13 Oct 2022 20:07:05 GMT
accept-ranges: bytes
etag: "40db785d3fdfd81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Mon, 28-Nov-2022 23:06:46 GMT; path=/; SameSite=None; Secure;
date: Mon, 28 Nov 2022 22:56:45 GMT
content-length: 42
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
172.67.75.241200 OK 75 kB IP 172.67.75.241:0
File type ASCII text, with very long lines (65354)
Hash 9f5d610099f3790788d12f822d05eb36
3cfc35534241c5666c9ce5d3f7702c96550faa96
fe9b2adadbbe6f06039cf5f5b262e2b69fd6517549149e982b48746ea0309fb6
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app-tipps.com/
Origin: https://app-tipps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:42 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
etag: W/"c56b6332dacf72f135afcd153ae22448"
last-modified: Wed, 23 Nov 2022 15:43:17 GMT
vary: Origin, Accept-Encoding
access-control-expose-headers:
cf-cache-status: HIT
age: 97268
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1%2BUibXpKOWV8rLJ7kFTlvH0VlibQIGFP4pZXwhGESIZgNx5ITevj3J3llYWfU%2FdTf%2FWp5272mYgZxg8yek1Z48W2MhQeW1JANRDnobcCMBHpVSyE0mSRtbVy9doA1n6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7716b2c6e889fac8-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.taboola.com/scripts/cds-pips.js
151.101.85.44200 OK 1.3 kB URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (3545), with no line terminators
Hash 780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Mon, 28 Nov 2022 22:56:46 GMT
via: 1.1 varnish
age: 3167
x-served-by: cache-bma1679-BMA
x-cache: HIT
x-cache-hits: 2076
x-timer: S1669676206.407737,VS0,VE0
vary: Accept-Encoding
abp: 12
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2
onetag-sys.com/usync/?cb=1669676201729
51.89.9.251204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?cb=1669676201729
IP 51.89.9.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1669676201729 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ads.betweendigital.com/sspmatch-iframe
188.42.34.65302 Found 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe
IP 188.42.34.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Tue, 28 Nov 2023 22:56:46 GMT; Path=/; Domain=.betweendigital.com
tuuid=442b89c8-1997-524d-aac5-4fa6c9407308; Max-Age=31536000; Expires=Tue, 28 Nov 2023 22:56:46 GMT; Path=/; Domain=.betweendigital.com
ut=Y4U8rgAJmQj8uqufL1diPLmWV4a3ifbSkYRrrQ==; Max-Age=31536000; Expires=Tue, 28 Nov 2023 22:56:46 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html
2.23.134.137200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 28 Nov 2022 22:56:46 GMT
Connection: keep-alive
Vary: Accept-Encoding
ads.betweendigital.com/sspmatch-iframe?crf=1
188.42.34.65200 OK 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe?crf=1
IP 188.42.34.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe?crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app-tipps.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Tue, 28 Nov 2023 22:56:46 GMT; Path=/; Domain=.betweendigital.com
tuuid=b88e242a-d580-524d-91dd-6ff7f2585359; Max-Age=31536000; Expires=Tue, 28 Nov 2023 22:56:46 GMT; Path=/; Domain=.betweendigital.com
ut=Y4U8rgAGNdgHpEM3RdOxeSkwey2V2YX1EYBrzg==; Max-Age=31536000; Expires=Tue, 28 Nov 2023 22:56:46 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.js
2.23.134.137200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 2.23.134.137:0
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (18728)
Hash fdd7647c113e262e451e18feb170144d
09902ac30f27b40177b4d93e4ab8372ff3851d78
3be574fd7560bb72fa81896137cc9f38f4ae979b4e0e60a9cfd4db840325a3e4
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Mon, 28 Nov 2022 04:05:02 GMT
Content-Encoding: gzip
Content-Length: 10066
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=18464
Expires: Tue, 29 Nov 2022 04:04:30 GMT
Date: Mon, 28 Nov 2022 22:56:46 GMT
Connection: keep-alive
Vary: Accept-Encoding
pips.taboola.com/
151.101.85.44200 OK 4 B IP 151.101.85.44:0
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: https://app-tipps.com
accept-ranges: bytes
date: Mon, 28 Nov 2022 22:56:46 GMT
via: 1.1 varnish
x-served-by: cache-bma1627-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
b1h.zemanta.com/usersync/prebid
50.31.142.191200 OK 26 B URL HTTP/1.1 b1h.zemanta.com/usersync/prebid
IP 50.31.142.191:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /usersync/prebid HTTP/1.1
Host: b1h.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 26
Date: Mon, 28 Nov 2022 22:56:46 GMT
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 8.8 kB URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
File type C source, ASCII text, with very long lines (29462)
Hash 851f1b8c204b9a4b8b81e8d4fd0f8b7e
ec3f794aca367b57cd863e3faa144e79ab8df62b
18957d4e6d3ac234a3cdb3b18914dafa85a80783b105a4bbca7efb749c8c7215
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 681083
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f160c99d9a77a44663a7433fe4382bc0
dfe5becda1e37f9a54c1bc6c636f809f5923ad75
784dfb6e7a5e0d2f1c02136039b3388a96d156a9f4d9bdb0dc8cfa603c989d7b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3104
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:46 GMT
Last-Modified: Mon, 28 Nov 2022 22:05:02 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
creativecdn.com/cm-notify?pi=smilewanted
185.184.8.90302 Found 0 B URL HTTP/2 creativecdn.com/cm-notify?pi=smilewanted
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm-notify?pi=smilewanted HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:56:46 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=Tk00I64PghDhfpNIpehA;Path=/;Domain=.creativecdn.com;Expires=Tue, 28-Nov-2023 22:56:46 GMT;Max-Age=31536000;Secure;SameSite=None
ts=1669676206;Path=/;Domain=.creativecdn.com;Expires=Tue, 28-Nov-2023 22:56:46 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 483e5a5351c5fb8a57e4f034dd2c55e8
1ecc077aa487797115351c02bcddbb9e74dcf32d
f9c643a25992fe521b244fd855bbf0613c45849404dd037d362e4b8e7572b83f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3422
Cache-Control: max-age=144095
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:46 GMT
Etag: "6384bf2f-117"
Expires: Wed, 30 Nov 2022 14:58:21 GMT
Last-Modified: Mon, 28 Nov 2022 14:01:19 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279
creativecdn.com/cm-notify?pi=smilewanted&tc=1
185.184.8.90200 OK 42 B URL HTTP/2 creativecdn.com/cm-notify?pi=smilewanted&tc=1
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm-notify?pi=smilewanted&tc=1 HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://csync.smilewanted.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:46 GMT
content-type: image/gif
content-length: 42
X-Firefox-Spdy: h2
ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
23.36.77.41302 Moved Temporarily 0 B URL HTTP/1.1 ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
IP 23.36.77.41:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /user-matching?id=3602&gdpr=0&gdpr_consent= HTTP/1.1
Host: ads.stickyadstv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Content-Length: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
x-sticky-vk: 1669676206795024-579
Location: https://csync.smilewanted.com/set_partner_userid_get/freewheel/35685a781aa18d7abb3419c5f34c46c9?gdpr_consent=&gdpr=0
Expires: Mon, 28 Nov 2022 22:56:46 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 28 Nov 2022 22:56:46 GMT
Connection: keep-alive
Set-Cookie: UID=35685a781aa18d7abb3419c5f34c46c9; Domain=ads.stickyadstv.com; Expires=Wed, 28-Dec-2022 22:56:46 GMT; Path=/
ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
52.58.236.223302 Found 0 B URL HTTP/2 ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
IP 52.58.236.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:56:46 GMT
content-type: text/plain
content-length: 0
location: https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
set-cookie: tuuid=7151e5f0-57e2-46a6-94d2-d8aab6124021; Expires=Sun, 26 Feb 2023 22:56:46 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1669676206; Expires=Sun, 26 Feb 2023 22:56:46 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
static.smilewanted.com/js/decode_consent/decode_consent.js
104.22.69.131200 OK 12 kB URL HTTP/2 static.smilewanted.com/js/decode_consent/decode_consent.js
IP 104.22.69.131:0
File type ASCII text, with very long lines (49614), with no line terminators
Hash bd2f0dcab73ebb60d131f43eb12cbf9b
a87e73a92a1a1caac7a3dd1c121bac302b47beb2
5708999d26627a8619b4efc47e9403dafbd701704ebfd9acccfb18384edd6e98
GET /js/decode_consent/decode_consent.js HTTP/1.1
Host: static.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:46 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
etag: W/"607873db-c1ce"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 283990
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716b2e28ca2991b-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
52.58.236.223200 OK 43 B URL HTTP/2 ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
IP 52.58.236.223:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://csync.smilewanted.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:46 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=627ccf1eb9d7f994dd0f61b06f53b245
185.89.211.84200 OK 43 B URL HTTP/1.1 ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=627ccf1eb9d7f994dd0f61b06f53b245
IP 185.89.211.84:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=627ccf1eb9d7f994dd0f61b06f53b245 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://csync.smilewanted.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 28 Nov 2022 22:56:46 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
AN-X-Request-Uuid: 1f89f15f-cdde-4912-82fb-736ffa4036a8
Set-Cookie: anj=dTM7k!M4.FE:2jUF']wIg2E?dj(n`s!]tbP6j2F-.aE@%O4WYq=BWns7C8JL3O%x0eF?HsiRl0].S2.ffmXMTj5^Vpe+P1$hVIvk/X+GY1Qw2VhTKJA; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 26-Feb-2023 22:56:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
uids=eyJ0ZW1wVUlEcyI6eyJzbWlsZXdhbnRlZCI6eyJ1aWQiOiI2MjdjY2YxZWI5ZDdmOTk0ZGQwZjYxYjA2ZjUzYjI0NSIsImV4cGlyZXMiOiIyMDIzLTAyLTI2VDIyOjU2OjQ2WiJ9fSwiYmlydGhkYXkiOiIyMDIyLTExLTI4VDIyOjU2OjQ2WiJ9; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 26-Feb-2023 22:56:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 483e5a5351c5fb8a57e4f034dd2c55e8
1ecc077aa487797115351c02bcddbb9e74dcf32d
f9c643a25992fe521b244fd855bbf0613c45849404dd037d362e4b8e7572b83f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4020
Cache-Control: max-age=144693
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:46 GMT
Etag: "6384bf2f-117"
Expires: Wed, 30 Nov 2022 15:08:19 GMT
Last-Modified: Mon, 28 Nov 2022 14:01:19 GMT
Server: ECS (amb/6B85)
X-Cache: HIT
Content-Length: 279
sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
104.22.54.206204 No Content 0 B URL HTTP/2 sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
IP 104.22.54.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F HTTP/1.1
Host: sync-eu.connectad.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.connectad.io/
Cookie: cadsync
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 28 Nov 2022 22:56:46 GMT
set-cookie: id=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
uid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.connectad.io; secure; SameSite=None
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2e53854b512-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 9a13fb2e1257b1369043c1aa22c984e1
7980a14e9066e30006a5adeb516f41edf12c1bcc
68db5a5dea6060a8e82adcf752c5ae45ff0fe0483a9d1d57ce58dff7652179ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3637
Cache-Control: max-age=151110
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:46 GMT
Etag: "6384d9bf-139"
Expires: Wed, 30 Nov 2022 16:55:16 GMT
Last-Modified: Mon, 28 Nov 2022 15:54:39 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 313
ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=113475
expires: Wed, 30 Nov 2022 06:28:01 GMT
date: Mon, 28 Nov 2022 22:56:46 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
185.86.139.106302 Found 0 B URL HTTP/1.1 sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
IP 185.86.139.106:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
content-length: 0
date: Mon, 28 Nov 2022 22:56:46 GMT
cache-control: no-cache,no-store
location: https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
pragma: no-cache
set-cookie: TestIfCookie=ok; expires=Mon, 01 Jan 0001 00:00:00 GMT; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Tue, 28 Nov 2023 22:56:47 GMT; domain=.smartadserver.com; path=/
pbw=%24b%3d12100%3b%24o%3d11100; expires=Tue, 28 Nov 2023 22:56:47 GMT; domain=.smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5f09cebeeeacd350902a847f93cf9899
61188aa40c646c2217e7013ea356d315ddc9cd80
b678d2c71b30cf5c6452065c6070c89a3712aaacb2c7d812b391ec11e8e00ba7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 135
Cache-Control: max-age=104412
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:47 GMT
Etag: "63843104-116"
Expires: Wed, 30 Nov 2022 03:56:59 GMT
Last-Modified: Mon, 28 Nov 2022 03:54:44 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
185.86.139.106200 OK 0 B URL HTTP/1.1 sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
IP 185.86.139.106:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://csync.smilewanted.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
date: Mon, 28 Nov 2022 22:56:46 GMT
pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 1da0c96602e9a1076eae4f5554c05cf3
Content-Type: image/gif
ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
104.18.33.19302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
IP 104.18.33.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:56:47 GMT
content-length: 0
location: /usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
cf-ray: 7716b2e62db8b4fa-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y4U8r76YjjXayuopmKuecwAA; Path=/; Domain=casalemedia.com; Expires=Tue, 28 Nov 2023 22:56:47 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=706; Path=/; Domain=casalemedia.com; Expires=Sun, 26 Feb 2023 22:56:47 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=706; Path=/; Domain=casalemedia.com; Expires=Sun, 26 Feb 2023 22:56:47 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FTP6Ok0WX1rLsJMyi9P4kor%2BZbUnqhVxg4%2FH3BrbVHijXI2rOzsGbII%2B3COLkxePMyaOj7%2F9PXlvZRsbia9MzZJXR6oAqT%2F1v4mfbY3oa5%2B80d4lftQv0JNj7atlYBOhX5%2BWHDGklmFJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5f09cebeeeacd350902a847f93cf9899
61188aa40c646c2217e7013ea356d315ddc9cd80
b678d2c71b30cf5c6452065c6070c89a3712aaacb2c7d812b391ec11e8e00ba7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 624
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:47 GMT
Last-Modified: Mon, 28 Nov 2022 22:46:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
104.18.33.19302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1
IP 104.18.33.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatchredir?cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Findexexchange%2F&s=193216&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://csync.smilewanted.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:56:47 GMT
content-length: 0
location: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/0
cf-ray: 7716b2e66e09b4fa-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGSiT%2FjvDKHxzdTQIecb%2BLpUk%2F%2F4sSnOeoAkqfMLKLiXQESyDLr3zAO6Ahnx4RdS37p2UkS15liyWI1sdbAHsRSgAskf%2ByR2jYm2VIVDXe%2FZiDm2PpAivr1x3eIcaaxWr8HEBoen0UcKHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6496a820d07707e5da02d99905894e58
ca128a729e4e0bfcd68eb936f7e6b2307a46409e
f0a0d599de5c8203e29b9b10f386821b82024bd8ec6171763c0a8cc60962c616
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6050
Cache-Control: max-age=130836
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:56:47 GMT
Etag: "63848121-1d7"
Expires: Wed, 30 Nov 2022 11:17:23 GMT
Last-Modified: Mon, 28 Nov 2022 09:36:33 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
csync.smilewanted.com/set_partner_userid_get/freewheel/35685a781aa18d7abb3419c5f34c46c9?gdpr_consent=&gdpr=0
104.22.69.131200 OK 85 B URL HTTP/2 csync.smilewanted.com/set_partner_userid_get/freewheel/35685a781aa18d7abb3419c5f34c46c9?gdpr_consent=&gdpr=0
IP 104.22.69.131:0
Hash 09ee6cbcf4a28cda8a44fa55e9014269
64e320b44ee4d721f211e352676aa0137ec3485c
9015fb2339ac36ecb5726d6b1dc4f261156ef0308c83356f86a01f01fb03288e
GET /set_partner_userid_get/freewheel/35685a781aa18d7abb3419c5f34c46c9?gdpr_consent=&gdpr=0 HTTP/1.1
Host: csync.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://csync.smilewanted.com/
Connection: keep-alive
Cookie: sw_user_params_infos=8sdRREvsw7LjLys0YvGw8zHAkADEBNPvYTc7FIjCCPHbP3xl%2FhC3eSZRmA8UsOEADbKharu45J2LtF4iqUR5IwETzxb2ORoHNPFOLNmDEN6Mia0dNse%2BBrdIA0FOk2u6Ig6SNkr4B%2BpxTmWKKKeYLw%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: sw_user_params_infos=gc2xkvhWxBoU3S7kfLteuAJLhQLdLOpTSp5hKzSlrIXlJSz6Yb2SMbLY0gNAS2OazwD68BvsBd05KEZCPF6bPlHf%2F627hqBARj4HV79uKF8elRuGql%2BAgA%2BBCrqhRhbo%2BBF6rCpY0i%2BjEAuDc40KDBcedFD0o3yVswh1bqp3qngPtU8LCn7fwKccT34GgaqjS5nSvAqt%2Fbe7k%2BRzs9n30wn%2FICUSlSzgwm6lcUyT2Gg%3D; expires=Wed, 29-Nov-2023 04:45:58 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2e4ffa4991b-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D3E62364C-6598-4051-B1F5-1153E062A887%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
23.38.200.201200 OK 953 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D3E62364C-6598-4051-B1F5-1153E062A887%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Hash 499546dec064c08e4c7c354bab138f7f
f155d071d071e4e7c1d45e22943915df9d9f2b75
1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4
GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D3E62364C-6598-4051-B1F5-1153E062A887%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
content-type: text/html; charset=UTF-8
cache-control: max-age=42036
expires: Tue, 29 Nov 2022 10:37:23 GMT
date: Mon, 28 Nov 2022 22:56:47 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.2.114200 OK 0 B IP 104.18.2.114:0
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 9383
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:42 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://app-tipps.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Shapings: no adunits with size and seat and mapping
x-version: 3.0.0-gcp-ams
x-warn: Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: 26328, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: 26300
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2c9bbdcb51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
csync.smilewanted.com/
104.22.69.131200 OK 0 B IP 104.22.69.131:0
GET / HTTP/1.1
Host: csync.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2e20c21991b-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:42 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 1101442
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.themoneytizer.com/lib_footer_slidein.js
185.76.9.22200 OK 0 B URL HTTP/2 ads.themoneytizer.com/lib_footer_slidein.js
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
GET /lib_footer_slidein.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 21:31:41 GMT
expires: Tue, 29 Nov 2022 05:03:12 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1669698192
server: CDN77-Turbo
x-77-nzt: AblMCRQvkej/m/sAAA
x-77-nzt-ray: af5856301ca4d667ab3c85638b5fe116
x-cache: HIT
x-age: 64411
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=158810&sc=1&pr=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F&u=3E62364C-6598-4051-B1F5-1153E062A887&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=158810&sc=1&pr=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F&u=3E62364C-6598-4051-B1F5-1153E062A887&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
GET /AdServer/SPug?o=1&p=158810&sc=1&pr=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F&u=3E62364C-6598-4051-B1F5-1153E062A887&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:56:46 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fapp-tipps.com%2F&domain=app-tipps.com&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fapp-tipps.com%2F&domain=app-tipps.com&cw=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fapp-tipps.com%2F&domain=app-tipps.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://app-tipps.com/
Origin: https://app-tipps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://app-tipps.com
server-processing-duration-in-ticks: 504195
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
trc.taboola.com/themonetizer-app-tippscom/trc/3/json?tim=22%3A56%3A43.229<i=deflated&data=%7B%22id%22%3A466%2C%22ii%22%3A%22%2Fbest-music-streaming-services-ios-android%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669541768050%2C%22vi%22%3A1669676203227%2C%22cv%22%3A%2220221124-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F%22%2C%22vpi%22%3A%22%2Fbest-music-streaming-services-ios-android%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A10%2C%22dw%22%3A728%2C%22dh%22%3A10%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22527426-MEGABANNER%22%2C%22orig_uip%22%3A%22527426-MEGABANNER%22%2C%22cd%22%3A8%2C%22mw%22%3A712%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fbest-music-streaming-services-ios-android%2C527426-MEGABANNER%3Dthumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
151.101.85.44200 OK 0 B URL HTTP/2 trc.taboola.com/themonetizer-app-tippscom/trc/3/json?tim=22%3A56%3A43.229<i=deflated&data=%7B%22id%22%3A466%2C%22ii%22%3A%22%2Fbest-music-streaming-services-ios-android%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669541768050%2C%22vi%22%3A1669676203227%2C%22cv%22%3A%2220221124-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F%22%2C%22vpi%22%3A%22%2Fbest-music-streaming-services-ios-android%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A10%2C%22dw%22%3A728%2C%22dh%22%3A10%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22527426-MEGABANNER%22%2C%22orig_uip%22%3A%22527426-MEGABANNER%22%2C%22cd%22%3A8%2C%22mw%22%3A712%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fbest-music-streaming-services-ios-android%2C527426-MEGABANNER%3Dthumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
IP 151.101.85.44:0
GET /themonetizer-app-tippscom/trc/3/json?tim=22%3A56%3A43.229<i=deflated&data=%7B%22id%22%3A466%2C%22ii%22%3A%22%2Fbest-music-streaming-services-ios-android%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1669541768050%2C%22vi%22%3A1669676203227%2C%22cv%22%3A%2220221124-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fapp-tipps.com%2Fbest-music-streaming-services-ios-android%2F%22%2C%22vpi%22%3A%22%2Fbest-music-streaming-services-ios-android%22%2C%22bad%22%3A-1%2C%22sw%22%3A1280%2C%22sh%22%3A1002%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A10%2C%22dw%22%3A728%2C%22dh%22%3A10%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22527426-MEGABANNER%22%2C%22orig_uip%22%3A%22527426-MEGABANNER%22%2C%22cd%22%3A8%2C%22mw%22%3A712%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fbest-music-streaming-services-ios-android%2C527426-MEGABANNER%3Dthumbnails-a%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://app-tipps.com
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Mon, 28 Nov 2022 22:56:44 GMT
via: 1.1 varnish
x-served-by: cache-bma1679-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669676204.987874,VS0,VE127
vary: Accept-Encoding
x-vcl-time-ms: 127
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.244200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.244:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "nAbmxtqHqaYrwBiADJAeFg=="
expires: Mon, 05 Dec 2022 22:56:43 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app-tipps.com/
x-crto-bundle: vlL0X19vTUZOMmROV1hjSmZtQnA3d1JOZDBzMWRRSmk3ZVlHYVRnekdPSWhnRXhkQWEybmtJdE9HMDJxMU56Vml2cnBGWmhNUkk0RFVseHlFd2RQVXBjWnZqUkp0NW03dTVoS2g5VUlSTUpvMVVrZ3lTVjB5UndjOGdLalZTcXlybTJkTQ
Origin: https://app-tipps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://app-tipps.com
server-processing-duration-in-ticks: 1426092
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
app-tipps.com/best-music-streaming-services-ios-android/
172.67.199.101200 OK 0 B URL HTTP/2 app-tipps.com/best-music-streaming-services-ios-android/
IP 172.67.199.101:0
GET /best-music-streaming-services-ios-android/ HTTP/1.1
Host: app-tipps.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:40 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://app-tipps.com/xmlrpc.php
link: <https://app-tipps.com/wp-json/>; rel="https://api.w.org/", <https://app-tipps.com/wp-json/wp/v2/posts/10502>; rel="alternate"; type="application/json", <https://app-tipps.com/?p=10502>; rel=shortlink
x-wp-cf-super-cache: cache
x-wp-cf-super-cache-active: 1
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
cache-control: private, max-age=7200, proxy-revalidate, s-maxage=0
cf-edge-cache: no-cache
cf-cache-status: MISS
last-modified: Mon, 28 Nov 2022 22:56:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXza3%2BNHZ4ISVgqaZFea2nh1Am9iFIDc4AIb48oznKqaeiQBJCkDoWC3Gyi3oyzIN70kZLPW3qyQ2Egu5%2F6m1Ib12nQQUgw05d%2FWlzLMGQvT8k7JyiSWgsYJ9hS0Irye"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7716b2bcfb371c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=6
185.76.9.22200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=6
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
GET /s/gen.js?type=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670216591
server: CDN77-Turbo
x-77-nzt: AblMCRRgTd7/mvsAAA
x-77-nzt-ray: af5856301ca4d667a93c8563a7a1aa23
x-cache: HIT
x-age: 64410
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
104.22.54.206200 OK 0 B URL HTTP/2 cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
IP 104.22.54.206:0
GET /connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F HTTP/1.1
Host: cdn.connectad.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:46 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2e49f96b512-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app-tipps.com/
x-crto-bundle: vlL0X19vTUZOMmROV1hjSmZtQnA3d1JOZDBzMWRRSmk3ZVlHYVRnekdPSWhnRXhkQWEybmtJdE9HMDJxMU56Vml2cnBGWmhNUkk0RFVseHlFd2RQVXBjWnZqUkp0NW03dTVoS2g5VUlSTUpvMVVrZ3lTVjB5UndjOGdLalZTcXlybTJkTQ
Origin: https://app-tipps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://app-tipps.com
server-processing-duration-in-ticks: 1742719
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
172.67.13.182200 OK 0 B URL HTTP/2 spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
IP 172.67.13.182:0
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://app-tipps.com
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2c45f38b524-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/bidder1/moneybid.js?siteid=97881&adid=6&formatid=26328&size=desktop
185.76.9.22200 OK 0 B URL HTTP/2 ads.themoneytizer.com/bidder1/moneybid.js?siteid=97881&adid=6&formatid=26328&size=desktop
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
GET /bidder1/moneybid.js?siteid=97881&adid=6&formatid=26328&size=desktop HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:42 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://app-tipps.com
cache-control: max-age=604800
x-accel-expires: @1670281002
server: CDN77-Turbo
vary: Origin
x-77-nzt: AblMCRSpcI2h
x-77-nzt-ray: af5856301ca4d667aa3c85638f25ca13
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform3.js?siteId=97881&formatId=6
185.76.9.22200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform3.js?siteId=97881&formatId=6
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
GET /s/requestform3.js?siteId=97881&formatId=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670274403
server: CDN77-Turbo
x-77-nzt: AblMCRRmk8D/xhkAAA
x-77-nzt-ray: af5856301ca4d667a93c8563ae349a27
x-cache: HIT
x-age: 6598
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app-tipps.com/
x-crto-bundle: vlL0X19vTUZOMmROV1hjSmZtQnA3d1JOZDBzMWRRSmk3ZVlHYVRnekdPSWhnRXhkQWEybmtJdE9HMDJxMU56Vml2cnBGWmhNUkk0RFVseHlFd2RQVXBjWnZqUkp0NW03dTVoS2g5VUlSTUpvMVVrZ3lTVjB5UndjOGdLalZTcXlybTJkTQ
Origin: https://app-tipps.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:43 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://app-tipps.com
server-processing-duration-in-ticks: 1820768
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.themoneytizer.com/bidder1/moneybid.js?siteid=97881&adid=1&formatid=26322&size=desktop
185.76.9.22200 OK 0 B URL HTTP/2 ads.themoneytizer.com/bidder1/moneybid.js?siteid=97881&adid=1&formatid=26322&size=desktop
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
GET /bidder1/moneybid.js?siteid=97881&adid=1&formatid=26322&size=desktop HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://app-tipps.com
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:42 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://app-tipps.com
cache-control: max-age=604800
x-accel-expires: @1670281002
server: CDN77-Turbo
vary: Origin
x-77-nzt: AblMCRTaFQOh
x-77-nzt-ray: af5856301ca4d667aa3c856360b42614
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
104.22.69.131302 Found 0 B URL HTTP/2 csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
IP 104.22.69.131:0
GET /getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP/1.1
Host: csync.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Cookie: sw_user_params_infos=8sdRREvsw7LjLys0YvGw8zHAkADEBNPvYTc7FIjCCPHbP3xl%2FhC3eSZRmA8UsOEADbKharu45J2LtF4iqUR5IwETzxb2ORoHNPFOLNmDEN6Mia0dNse%2BBrdIA0FOk2u6Ig6SNkr4B%2BpxTmWKKKeYLw%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Mon, 28 Nov 2022 22:56:46 GMT
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=627ccf1eb9d7f994dd0f61b06f53b245
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2e3fe54991b-ARN
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
143.204.55.88200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
IP 143.204.55.88:0
GET /tcfv2/45/cmp2ui-en.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 604800
last-modified: Thu, 10 Nov 2022 18:23:24 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Sun, 27 Nov 2022 20:45:07 GMT
cache-control: max-age=172800
etag: W/"39d0cac7e548f81f1e1e1c36db3c775e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _zR6wTyOWr2zXjIO0qSLwbbpwrPflY58Ct35OE_qiD0FdVgskThUQQ==
age: 97791
X-Firefox-Spdy: h2
csync.smilewanted.com/set_partner_userid_get/indexexchange/0
104.22.69.131200 OK 0 B URL HTTP/2 csync.smilewanted.com/set_partner_userid_get/indexexchange/0
IP 104.22.69.131:0
GET /set_partner_userid_get/indexexchange/0 HTTP/1.1
Host: csync.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://csync.smilewanted.com/
Connection: keep-alive
Cookie: sw_user_params_infos=gc2xkvhWxBoU3S7kfLteuAJLhQLdLOpTSp5hKzSlrIXlJSz6Yb2SMbLY0gNAS2OazwD68BvsBd05KEZCPF6bPlHf%2F627hqBARj4HV79uKF8elRuGql%2BAgA%2BBCrqhRhbo%2BBF6rCpY0i%2BjEAuDc40KDBcedFD0o3yVswh1bqp3qngPtU8LCn7fwKccT34GgaqjS5nSvAqt%2Fbe7k%2BRzs9n30wn%2FICUSlSzgwm6lcUyT2Gg%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: sw_user_params_infos=3EglpxphRzxCcdWKjgeZ6e73XznlKPydU%2BHAgtUIQvabjiw6CEQ05XgViBF2mZn28bTz%2FtpBhZz8jwyY6zrzhZc%2Bg25ht5vFXaDG6%2BbHW9flLSxe29hK8SHjE18irrsb6qT1ESJ8a5V6Y26HQiAkCSoVHrgVHYbeIplMeFjaIakTYLEA1%2BJCXBKrKnhCm3v%2F5w7FR236eHlY8IQ3vk8LYhas4SdDtuYAXKDvsQ%2BYkDlemV6VDAgnxQLG0jAskEez; expires=Wed, 29-Nov-2023 04:45:59 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7716b2e6a9a3991b-ARN
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=97881&formatId=1
185.76.9.22200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=97881&formatId=1
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=97881&formatId=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 22:56:41 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670258915
server: CDN77-Turbo
x-77-nzt: AblMCRQhhx7/RlYAAA
x-77-nzt-ray: af5856301ca4d667a93c8563a8f80e0a
x-cache: HIT
x-age: 22086
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open%20Sans:300,400,500,600,700,800,300italic,400italic,500italic,600italic,700italic,800italic%7COswald:200,300,400,500,600,700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open%20Sans:300,400,500,600,700,800,300italic,400italic,500italic,600italic,700italic,800italic%7COswald:200,300,400,500,600,700&display=swap
IP 142.250.74.10:0
GET /css?family=Open%20Sans:300,400,500,600,700,800,300italic,400italic,500italic,600italic,700italic,800italic%7COswald:200,300,400,500,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://app-tipps.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 22:56:41 GMT
date: Mon, 28 Nov 2022 22:56:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2