revain.org/exchanges/kucoin
301 Moved Permanently 0 B URL HTTP/1.1 revain.org/exchanges/kucoin
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchanges/kucoin HTTP/1.1
Host: revain.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 18 Jan 2023 06:37:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 18 Jan 2023 07:37:47 GMT
Location: https://revain.org
Server-Timing: cf-q-config;dur=6.9999996412662e-06
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFnoTHXpCgqP4j2%2Fnr1xNnYyQqCaEdrDoDn5zChFkmTZUiMfrX%2FnKGuxHwlH%2FcmN%2FBUYpukbR7F5Uie5NzciBskPM%2B%2BelHnZ94BtwbzPy9aHcTc8nhyS6cp9Kys%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78b552f609beb50c-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8795
Expires: Wed, 18 Jan 2023 09:04:23 GMT
Date: Wed, 18 Jan 2023 06:37:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bb0c8d0984a1f09a012961a54cda03c6
1a8ad450a0241554ee4fc7d02fac7b83529e60f6
eee3ca879a67cc25ea89cb83de9521eea1b82845705c3e82169d4787ecb7dd3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3CA879A67CC25EA89CB83DE9521EEA1B82845705C3E82169D4787ECB7DD3A"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12957
Expires: Wed, 18 Jan 2023 10:13:45 GMT
Date: Wed, 18 Jan 2023 06:37:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 18 Jan 2023 06:34:22 GMT
content-type: application/json
age: 206
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d38f4bb41e1264b8a1e11ff0b1499d20
21c3e36bd908df43e0d49b747e270ec75cb882b0
3ff822eb56d2218ad6244fd013a82e0d27450ae21d47e08f1e3fdf4c82a8aad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FF822EB56D2218AD6244FD013A82E0D27450AE21D47E08F1E3FDF4C82A8AAD7"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6086
Expires: Wed, 18 Jan 2023 08:19:14 GMT
Date: Wed, 18 Jan 2023 06:37:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ostQCyjVvscQs/JA3bDZYK7CuPHNcZsjqss9Y16IHGcMGYoYa5NJZ4nQNH3qbo0oTE/BS4fgaQ8=
x-amz-request-id: 746GSM24P2T58HX5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 18 Jan 2023 05:56:34 GMT
age: 2474
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 18 Jan 2023 06:37:48 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 18 Jan 2023 05:48:57 GMT
age: 2931
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 8720730dce33d0026a1a354ac93d4a7d
ed5f086bc646a4d93d2344b19ff7821c96e44f7c
b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4388
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:48 GMT
Last-Modified: Wed, 18 Jan 2023 05:24:40 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: M8V0J6mlKUvYRjEhhENzWA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X+B8SIFJ2ottPHmH15NBrRhwvGk=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 773596e36fe4af70225f1ee08e977461
5595433fd09a22008b2c739f6626aef116ad5285
fb18080471e9a54e7d1c060d2e26b023f09c135e0d195e48917cd064549d7fdc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-MTGQKWK
200 OK 85 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-MTGQKWK
IP
File type ASCII text, with very long lines (13614)
Hash fd148e8ffcc365e95dca19b9cadb977f
c5dd49eedad70a8a8a65ef2ac98c720f1498c8eb
5f8fc9a58cba1eacb8de2ce5fbd0d4a88896446d6625c0539ca2fd317b8cacb0
GET /gtm.js?id=GTM-MTGQKWK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 18 Jan 2023 06:37:49 GMT
expires: Wed, 18 Jan 2023 06:37:49 GMT
cache-control: private, max-age=900
last-modified: Wed, 18 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84565
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 773596e36fe4af70225f1ee08e977461
5595433fd09a22008b2c739f6626aef116ad5285
fb18080471e9a54e7d1c060d2e26b023f09c135e0d195e48917cd064549d7fdc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
200 OK 94 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP
Hash a3f9181f1ed79b535cce79a176e4e98d
3072d383acc335422af9379fa41e15f19b0a0737
f4ab49e938b052f0e9b179da98eeb9bc8a43c1af0a6fcac9ac8bde37fa2b257d
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://revain.org
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 06:37:49 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 78b553000b4ab529-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12183
Expires: Wed, 18 Jan 2023 10:00:53 GMT
Date: Wed, 18 Jan 2023 06:37:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12183
Expires: Wed, 18 Jan 2023 10:00:53 GMT
Date: Wed, 18 Jan 2023 06:37:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6cfc390c95e65230e6798520be7df960
084d7efc24649c68fb6a0da6929585873796ec2a
ca8ad2a520681efa3bd19dc19b9414ae238d6ec5cf8d443103cabd16099c2117
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12183
Expires: Wed, 18 Jan 2023 10:00:53 GMT
Date: Wed, 18 Jan 2023 06:37:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 5.0 kB IP
ASN #20940 Akamai International B.V.
Hash 6aa2fceff5555c8859e4a138ad6c006c
dd75c392a9f963b9510afdc341bfd3433d0883a6
a80d7a5f360e7b5e769b556772b7407a3a4b76f048d4b2429af44f1ebf79b741
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA8AD2A520681EFA3BD19DC19B9414AE238D6EC5CF8D443103CABD16099C2117"
Last-Modified: Tue, 17 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12183
Expires: Wed, 18 Jan 2023 10:00:53 GMT
Date: Wed, 18 Jan 2023 06:37:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f491398239265c63ac162d47ab006ce6
c95e1bba76e910100e86f8abf789e5b5c1a2baa6
cdada2d9608e9d3f8e03cf9ced211550b6f7c8f7e0b5ee027a96f45af38523f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7741
x-amzn-requestid: 9af04340-5be9-42b0-96be-0264661c6dae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A6LEMtoAMFW_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c7150d-2348c8846249175e74efc226;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:37:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _7YOm38n8-T2LAL-cRA7R8KvEUBhXEM0dOXjOZ6HyPRNfMu6Z0Fh3g==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:17:05 GMT
age: 30045
etag: "c95e1bba76e910100e86f8abf789e5b5c1a2baa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
200 OK 21 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
IP
Hash 18c3e9fe60eb56576a1238d71b481e85
3d58fd2d42667f673f2e9a2a03adc8505f7817ca
c971d7f093e28f7a2638a4b884e398af04e678e0c03fcc99bd181c514cf8336d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8853
x-amzn-requestid: ff98ec33-294a-4a13-b064-3cd4744cd2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0LLKHPnIAMF0vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4bf14-233cbc6407c6b138144d7abb;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:05:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QZZaGtGl3Z-4G4DxO4R_gjfDdQVgJc30Ur9EyLAvbGFhv4LfaXziPQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 04:00:29 GMT
age: 9441
etag: "dacc584338546bf60f26b2a0bec48e9b584640dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26fa7bd40b5c3a3b5a6f95e7fca843b9
d8064f74f1e40bf6be4ea8ab4e319db22026c462
3e7744acf3e7ace6931c28cb5a5d3d7a77d9b97855b864c5c774368f2d0719c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7361
x-amzn-requestid: 54e3621a-ec24-4d56-85bf-84239fa7811e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e23ZvGtnIAMFivg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5d2a4-7ce0e7924c03aeaa3ea684c3;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 22:41:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hamm4_4ud3QWXK2EeTcYUSN7ot6m-d-1z_NN29tSFYP25Itmz25jaA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 14:16:01 GMT
age: 58909
etag: "d8064f74f1e40bf6be4ea8ab4e319db22026c462"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F670ced8b-7c3c-440b-8ef8-ce104b85116d.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F670ced8b-7c3c-440b-8ef8-ce104b85116d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 318731dc24b5b47b96998e30e5ce27aa
86729555b4cf8d1f460ff74981b8b5a54a4bf9ea
acb7a93f815812cab50385796f6bcd7e16e96125422fb1415388a3b94767895e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F670ced8b-7c3c-440b-8ef8-ce104b85116d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10860
x-amzn-requestid: 808ed5a6-f0c3-40d9-a45f-aba1ffdf4ad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0LSuEZcoAMFsyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4bf44-52c2a1756df73c8c1b9e041a;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:06:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Dek1Pngy_IqhWKhgiItX_XsYpqBTE7oyIkvPmYSIWafSnBoAt24Hlg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 04:11:25 GMT
age: 8785
etag: "86729555b4cf8d1f460ff74981b8b5a54a4bf9ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8656702f08344d3a4658bc43a9074a1f
fba424e1d09cbdc839ca320458b51715dafbbccc
0b0ac963c377b07f843637348f3d7c41d2aca89540ab8c2b80ef5fbbf466fee8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13848
x-amzn-requestid: 93bbdd19-aa04-49ec-858f-9fa1d6b736d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6BKCGEtoAMFgsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c71573-008911af44c3998d7b27b837;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:38:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: adtKl3gOcesaXNHcRbi71-1Wz6caEgtXrAvbhB9qhId7eJEkd7d7pQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:59:45 GMT
age: 31085
etag: "fba424e1d09cbdc839ca320458b51715dafbbccc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86f138af-59eb-444d-882b-80f5918f4405.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86f138af-59eb-444d-882b-80f5918f4405.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 402bdd90bc2557de4f317d4d0ec892ed
b205b0bb74fabcf1612f22db53c197b63ae4ce0c
2fa402a38832c3efe15d5fee9116b36aeea5a0012ba4e8d6477b4fa9a0368598
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F86f138af-59eb-444d-882b-80f5918f4405.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11028
x-amzn-requestid: 2b2b0030-a54b-42d1-a680-69e23c4320bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4AteE7uIAMFSvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c647ef-5abf38ea140446ec294cdf6c;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:02:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 36gRhJPc8ASKV6h7W1qvKx-fca-KbtnNDFJqmumSHU38JBpoDdtL3Q==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 07:15:23 GMT
age: 84147
etag: "b205b0bb74fabcf1612f22db53c197b63ae4ce0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 43ef73c77c5ca082c5e5926229c4d437
b917c7d81ee5955fa4b7710040fe555d40fa96fe
891d591cfafced7f573177ec842e232a7c8f82f3e84cff5bdf117bb394b72444
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "891D591CFAFCED7F573177EC842E232A7C8F82F3E84CFF5BDF117BB394B72444"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13041
Expires: Wed, 18 Jan 2023 10:15:12 GMT
Date: Wed, 18 Jan 2023 06:37:51 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 9007c12f259945d57208746dd0bd43ca
9181840ec25e47b31aec9c198626cbae5d7bc728
72a65b8897594c75530881d84adeac94ba93cc13e245cb7ca9b800be085dd794
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "72A65B8897594C75530881D84ADEAC94BA93CC13E245CB7CA9B800BE085DD794"
Last-Modified: Tue, 17 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12970
Expires: Wed, 18 Jan 2023 10:14:01 GMT
Date: Wed, 18 Jan 2023 06:37:51 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 43ef73c77c5ca082c5e5926229c4d437
b917c7d81ee5955fa4b7710040fe555d40fa96fe
891d591cfafced7f573177ec842e232a7c8f82f3e84cff5bdf117bb394b72444
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "891D591CFAFCED7F573177EC842E232A7C8F82F3E84CFF5BDF117BB394B72444"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13029
Expires: Wed, 18 Jan 2023 10:15:00 GMT
Date: Wed, 18 Jan 2023 06:37:51 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 9007c12f259945d57208746dd0bd43ca
9181840ec25e47b31aec9c198626cbae5d7bc728
72a65b8897594c75530881d84adeac94ba93cc13e245cb7ca9b800be085dd794
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "72A65B8897594C75530881D84ADEAC94BA93CC13E245CB7CA9B800BE085DD794"
Last-Modified: Tue, 17 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 18 Jan 2023 12:37:52 GMT
Date: Wed, 18 Jan 2023 06:37:52 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 9007c12f259945d57208746dd0bd43ca
9181840ec25e47b31aec9c198626cbae5d7bc728
72a65b8897594c75530881d84adeac94ba93cc13e245cb7ca9b800be085dd794
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "72A65B8897594C75530881D84ADEAC94BA93CC13E245CB7CA9B800BE085DD794"
Last-Modified: Tue, 17 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Wed, 18 Jan 2023 12:37:36 GMT
Date: Wed, 18 Jan 2023 06:37:52 GMT
Connection: keep-alive
images.revain.org/blob/Forniture_d19ba810e5.jpg
200 OK 9.7 kB URL HTTP/2 images.revain.org/blob/Forniture_d19ba810e5.jpg
IP
Hash 74b7530daa5a82368a72406e0073005f
46a4cadf65bd403b7040809e223a398cb7fc49aa
6650e0319e6f7fb1bf82ec164ddcb2b643fe02805b589b06db0eec8cdfd0b589
GET /blob/Forniture_d19ba810e5.jpg HTTP/1.1
Host: images.revain.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Cookie: _gcl_au=1.1.2108848871.1674023872
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 06:37:52 GMT
content-type: image/jpeg
content-length: 1488
access-control-allow-origin: *
cache-control: max-age=172800
content-disposition: inline; filename=Forniture_d19ba810e5.jpg
last-modified: Wed, 18 Jan 2023 06:37:30 GMT
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHI5lTkG7CN%2BVkjYmIHF72UDQQ3FYlemp8ZJMIMvaHWDiENrEIf6kRZZZtOVEOFwLVtSgGux2smQlhkgU2hPRPuHGd9kJqiW%2Fs%2BX0hxPYXe%2BmgVcmtCt70F0SgLFHG3KlLnd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78b5530fddfeb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.revain.org/blob/Action_Figures_and_Statues_3ef035949b.jpg
200 OK 1.2 kB URL HTTP/2 images.revain.org/blob/Action_Figures_and_Statues_3ef035949b.jpg
IP
File type JPEG image data, baseline, precision 8, 100x70, components 3\012- data
Hash a581cd7d8c55f91a4e54a481e03a32af
f186714022ada7adb15fe25f919f12e2c5759d74
ac36dcdc028560a970441544ee0106bf97a59225da32ea92e9a2ea7180167e0a
GET /blob/Action_Figures_and_Statues_3ef035949b.jpg HTTP/1.1
Host: images.revain.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Cookie: _gcl_au=1.1.2108848871.1674023872
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 06:37:52 GMT
content-type: image/jpeg
content-length: 1191
access-control-allow-origin: *
cache-control: max-age=172800
content-disposition: inline; filename=Action_Figures_and_Statues_3ef035949b.jpg
last-modified: Wed, 18 Jan 2023 06:37:30 GMT
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z6vT0HQ9US%2BXB8ff%2FN40VCi5CCh3asVK8%2Fao2BgclYNoIGu1KqBC%2B9JjwmnS%2BLSFsd6JiUN4R4e4TdRr5Xc0HvWpzd0Zxub2A7B9x5rEVAMM%2BRJ7OtISBdp%2Fo%2BK95Ie3JJsv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78b5530fee08b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.revain.org/blob/Computers_and_Tablets_c16cf8ac0f.jpg
200 OK 2.1 kB URL HTTP/2 images.revain.org/blob/Computers_and_Tablets_c16cf8ac0f.jpg
IP
File type JPEG image data, baseline, precision 8, 100x70, components 3\012- data
Hash 14cdb224977e6cca5233decd5fe28efb
06d3cca7819bff898e707b7142bbfe1717d3489e
b50cb7f65cdd11c8c22549acd44efcb9ea9261399217ca1edc900a217402fd87
GET /blob/Computers_and_Tablets_c16cf8ac0f.jpg HTTP/1.1
Host: images.revain.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Cookie: _gcl_au=1.1.2108848871.1674023872
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 06:37:52 GMT
content-type: image/jpeg
content-length: 2087
access-control-allow-origin: *
cache-control: max-age=172800
content-disposition: inline; filename=Computers_and_Tablets_c16cf8ac0f.jpg
last-modified: Wed, 18 Jan 2023 06:37:30 GMT
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vi5f0m1db1PM3mgtFiEZkFSe31VcMG05ntKzDMAZvm0UQgDoDzZUTgwuHB%2BaplRPc%2BM5E%2FW9YGcvl9jOLzq%2B2PNttghkPobZP4UxLhvk5Evo7Rmf86qEwZXB1KjaA9Vjm2r%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78b5530fee05b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 9007c12f259945d57208746dd0bd43ca
9181840ec25e47b31aec9c198626cbae5d7bc728
72a65b8897594c75530881d84adeac94ba93cc13e245cb7ca9b800be085dd794
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "72A65B8897594C75530881D84ADEAC94BA93CC13E245CB7CA9B800BE085DD794"
Last-Modified: Tue, 17 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Wed, 18 Jan 2023 12:37:36 GMT
Date: Wed, 18 Jan 2023 06:37:52 GMT
Connection: keep-alive
images.revain.org/blob/Beauty_Tools_and_Accessories_3d99b55394.jpg
200 OK 1.0 kB URL HTTP/2 images.revain.org/blob/Beauty_Tools_and_Accessories_3d99b55394.jpg
IP
File type JPEG image data, baseline, precision 8, 100x70, components 3\012- data
Hash 4bb751204bb0ff345e9cd78437665532
3bbaec6bc65cf6fd3d75ce4e14b9d6184e961161
584790ce8c9957795599231a2ec6f6fdf5951c34584d27ce87d40a6f31bdad27
GET /blob/Beauty_Tools_and_Accessories_3d99b55394.jpg HTTP/1.1
Host: images.revain.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Cookie: _gcl_au=1.1.2108848871.1674023872
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 06:37:52 GMT
content-type: image/jpeg
content-length: 1036
access-control-allow-origin: *
cache-control: max-age=172800
content-disposition: inline; filename=Beauty_Tools_and_Accessories_3d99b55394.jpg
last-modified: Wed, 18 Jan 2023 06:37:30 GMT
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doNsDi3dq8z3boAsprk5G0YuLr3gSL7bBzZobhtSmEe%2FaxzewERwqk0S2cYvYIwOjb8ZRusmQxq3pln7G25FEdwGMf2lYlzH6Gx3DcJ151w1Y3yrcKT%2BxYJnhzZTQkNrh6tZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78b553102e30b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.revain.org/blob/Cell_phones_c386d5c0ac.jpg
200 OK 1.2 kB URL HTTP/2 images.revain.org/blob/Cell_phones_c386d5c0ac.jpg
IP
File type JPEG image data, baseline, precision 8, 100x70, components 3\012- data
Hash 0e7cee88fc08e0b4e70c36eff45e905c
b6e56a2b179692485ad0f5a651f52865a44a1efa
29fdf061aceca4cd867fa7dbe6cefa29c7f07e12fded85d562c0e19a3dc57065
GET /blob/Cell_phones_c386d5c0ac.jpg HTTP/1.1
Host: images.revain.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Cookie: _gcl_au=1.1.2108848871.1674023872
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 06:37:52 GMT
content-type: image/jpeg
content-length: 1194
access-control-allow-origin: *
cache-control: max-age=172800
content-disposition: inline; filename=Cell_phones_c386d5c0ac.jpg
last-modified: Wed, 18 Jan 2023 06:37:30 GMT
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGMt9rdt3GIacZ97DnsmkB4l7CzgsJJt23PTyKWvk6K41unL%2B3csDaegyS1r0o%2BsKI6IqDyUJb0m6%2FloD%2FPSsAKD9ZmijkFsB%2BFk3VBkJFEHXHn2YzNDxsyzLz0s0Bscy1JS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78b553102e37b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
images.revain.org/blob/Womans_clothing_52223f772a.jpg
200 OK 2.0 kB URL HTTP/2 images.revain.org/blob/Womans_clothing_52223f772a.jpg
IP
File type JPEG image data, baseline, precision 8, 100x70, components 3\012- data
Hash b9d15a30c38904825c376db2ed11ebe6
4d44638ce66aafe7a69f4a71b1e92e8762c41525
9c96e197e70fe220ae8a1d02d9d7f9191b62a284d85e0bcf17f5736a19fc2598
GET /blob/Womans_clothing_52223f772a.jpg HTTP/1.1
Host: images.revain.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Cookie: _gcl_au=1.1.2108848871.1674023872
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 06:37:52 GMT
content-type: image/jpeg
content-length: 1979
access-control-allow-origin: *
cache-control: max-age=172800
content-disposition: inline; filename=Womans_clothing_52223f772a.jpg
last-modified: Wed, 18 Jan 2023 06:37:30 GMT
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVCRdc6hfpRguX00hrS4F2oYb6nmBwnA7xKrpMUlzP8i57aQ57PQfJ5u4TbjGq3Ouy0ezXnJForTY6%2F23iSowv7FHXQC4sgvqUeIcnIq0SohjYfW8d4CEOIwzNv%2BHnMioTk1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78b5530fee04b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 97c18a1f4ad26bed14c097c5bb7459f0
2c6ee86fc895d1b3a4b5b8e4caf9cb71a54ab790
d6817e25966a6106335f3e3c2eecb392cc3cff8e148e1dfadf7c26254cc8e8dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4646
Cache-Control: max-age=150392
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:52 GMT
Etag: "63c72a12-1d7"
Expires: Fri, 20 Jan 2023 00:24:24 GMT
Last-Modified: Tue, 17 Jan 2023 23:06:58 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f96ac6d23518cd0485e1d41d276d8184
58de3ad32744f1f92b86e9f60c29094c7ba5b115
a1b6546dc485dbbfc652a64b11655450987e9a391e44b05a6eb20b323ede242c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 18 Jan 2023 05:45:20 GMT
expires: Wed, 18 Jan 2023 07:45:20 GMT
cache-control: public, max-age=7200
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
age: 3152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: KlMFTvjiYvrKtYfoEvZA04YIo0AdByVGvOsQbbZmz68obh1sjMi1nnUGMKG8JR4v6dsfkVA+eFT587AbJKwVfA==
content-length: 27815
x-fb-trip-id: 1904183273
date: Wed, 18 Jan 2023 06:37:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5498884377680203
200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5498884377680203
IP
File type ASCII text, with very long lines (4885)
Hash 9ff794d4a69c0142c5e6d26cd12e9e2e
318059461bb36bf67b43010814765edc6addd3be
29e07634cdb96cb1ea9924a25cbb2173d690b367766d926359582ad24c5cf034
GET /pagead/js/adsbygoogle.js?client=ca-pub-5498884377680203 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://revain.org
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 18 Jan 2023 06:37:52 GMT
expires: Wed, 18 Jan 2023 06:37:52 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16700003293812290862
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49303
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 9f0975eff1640a77bd49ac482ebbc710
713201dc69225903f212b971880ad955cf350b55
aafa8c2086f7e028de872f8b042e71fa2c0efc546f7a9e6be01e55877e355600
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 940
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 22 Jan 2023 03:50:31 GMT
ETag: "713201dc69225903f212b971880ad955cf350b55"
Last-Modified: Wed, 18 Jan 2023 03:50:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 18 Jan 2023 06:37:52 GMT
Age: 758
X-Served-By: cache-qpg1244-QPG, cache-bma1643-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 30
X-Timer: S1674023872.369793,VS0,VE0
ocsp.digicert.com/
200 OK 471 B IP
Hash 97c18a1f4ad26bed14c097c5bb7459f0
2c6ee86fc895d1b3a4b5b8e4caf9cb71a54ab790
d6817e25966a6106335f3e3c2eecb392cc3cff8e148e1dfadf7c26254cc8e8dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4646
Cache-Control: max-age=150392
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:52 GMT
Etag: "63c72a12-1d7"
Expires: Fri, 20 Jan 2023 00:24:24 GMT
Last-Modified: Tue, 17 Jan 2023 23:06:58 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 783 B IP
Hash 3fe4c190d60ec761e42c6a93486de62f
2829bbd66e62098356ea218dddf34be66c70b5a9
8922c34cfae1f07b68ebaa259e62fa92916ec533ccd9f39227c0fcf7574c69ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/tag.js
200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash 6b73c16591711035f0f831449387805a
9ced28d59b6bb733eb61affa4a1813799825c5fb
882ce5914d1128850855e250a5e4e6b6d71ed5d5ba33294aebd74411dc73fd10
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73629
date: Wed, 18 Jan 2023 06:37:52 GMT
access-control-allow-origin: *
etag: "63bfb9f8-11f9d"
expires: Wed, 18 Jan 2023 07:37:52 GMT
last-modified: Thu, 12 Jan 2023 10:42:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20230112/r20190131/zrt_lookup.html
200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230112/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230112/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Tue, 17 Jan 2023 06:49:21 GMT
expires: Tue, 31 Jan 2023 06:49:21 GMT
cache-control: public, max-age=1209600
age: 85711
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Sat, 03 Dec 2022 04:42:02 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: o6xhWdPFb9WzuAIeqPjzkkBI2LrO09fNW3FUI_HH0Yi_hXjDykvg1g==
age: 3981350
X-Firefox-Spdy: h2
script.hotjar.com/modules.5bc662be9faceb9038da.js
200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.5bc662be9faceb9038da.js
IP
File type Unicode text, UTF-8 text, with very long lines (47958)
Hash 80bbbdc2c462ad6e55b13b4def9dd8de
a50995d5a88154acb5328008140d677998da15c0
c52e08d76e10f378120f0d28428fedee20f57c8afcc71d52a8e770a16d7cf25b
GET /modules.5bc662be9faceb9038da.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68986
date: Tue, 17 Jan 2023 10:32:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "80bbbdc2c462ad6e55b13b4def9dd8de"
last-modified: Tue, 17 Jan 2023 10:31:25 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6LCqExLCkS4IxUUq_UL-BugMCiKkFURFsJVuU5G9hdqO42XOLgtP7w==
age: 72347
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 18 Jan 2023 06:37:52 GMT
access-control-allow-origin: *
etag: "63bfb9f8-2b"
expires: Wed, 18 Jan 2023 07:37:52 GMT
accept-ranges: bytes
last-modified: Thu, 12 Jan 2023 10:42:48 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5c3b377741ede870f54f1d39f058797a
51a291083489cac32fac5839650dd64e1347aa25
1b7d63c40914cc158a5bc5c8080b68efb258bdd39ade34334d19238ba68c3d48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 43904744042cec16f81766250b8ebf49
8393568a2e9c86dafc36563c76703704c7cd86c6
d2359c7cce5176a68cd627ba7e39dfceff78036c6840cd468994df8519f1fb27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=revain.org&callback=_gfp_s_&client=ca-pub-5498884377680203&gpid_exp=1
200 OK 249 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=revain.org&callback=_gfp_s_&client=ca-pub-5498884377680203&gpid_exp=1
IP
File type ASCII text, with very long lines (387), with no line terminators
Hash 648a16fb9b2480844a03de9f87bf9ed0
5508b2bd6236a847afdb74f2486cf1b594d207c0
4cf409f8eacb2b3a7d0c72c65ab1c05de336e4e62feaba2feeead9e4488439d7
GET /gampad/cookie.js?domain=revain.org&callback=_gfp_s_&client=ca-pub-5498884377680203&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 18 Jan 2023 06:37:53 GMT
server: cafe
cache-control: private
content-length: 249
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=revain.org
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=revain.org
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=revain.org HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 18 Jan 2023 06:37:53 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5c3b377741ede870f54f1d39f058797a
51a291083489cac32fac5839650dd64e1347aa25
1b7d63c40914cc158a5bc5c8080b68efb258bdd39ade34334d19238ba68c3d48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 43904744042cec16f81766250b8ebf49
8393568a2e9c86dafc36563c76703704c7cd86c6
d2359c7cce5176a68cd627ba7e39dfceff78036c6840cd468994df8519f1fb27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/91935439/1?wmode=7&page-url=https%3A%2F%2Frevain.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1930%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1014178835454%3Ahid%3A117781191%3Az%3A0%3Ai%3A20230118063752%3Aet%3A1674023873%3Ac%3A1%3Arn%3A555365985%3Arqn%3A1%3Au%3A16740238731016670769%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C27%2C967%2C0%2C306%2C0%2C%2C620%2C3%2C%2C%2C%2C3891%3Aco%3A0%3Ans%3A1674023867703%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674023873%3At%3ARevain%20-%20Products%2C%20Brands%20and%20Companies%20%7C%20Reviews%20%26%20Ratings%20Platform&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
200 OK 440 B URL HTTP/2 mc.yandex.ru/watch/91935439/1?wmode=7&page-url=https%3A%2F%2Frevain.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1930%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1014178835454%3Ahid%3A117781191%3Az%3A0%3Ai%3A20230118063752%3Aet%3A1674023873%3Ac%3A1%3Arn%3A555365985%3Arqn%3A1%3Au%3A16740238731016670769%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C27%2C967%2C0%2C306%2C0%2C%2C620%2C3%2C%2C%2C%2C3891%3Aco%3A0%3Ans%3A1674023867703%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674023873%3At%3ARevain%20-%20Products%2C%20Brands%20and%20Companies%20%7C%20Reviews%20%26%20Ratings%20Platform&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (440), with no line terminators
Hash 54267f3f9e5419a18ed195fcbf8adcd8
ddccb927532a7f9c82a2e1638c1bfdc98c91bc94
6dd78572724d3ebf1d5acc19bde07ba138ef6de91cefdd4285f5230a280f33fe
GET /watch/91935439/1?wmode=7&page-url=https%3A%2F%2Frevain.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1930%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1014178835454%3Ahid%3A117781191%3Az%3A0%3Ai%3A20230118063752%3Aet%3A1674023873%3Ac%3A1%3Arn%3A555365985%3Arqn%3A1%3Au%3A16740238731016670769%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C27%2C967%2C0%2C306%2C0%2C%2C620%2C3%2C%2C%2C%2C3891%3Aco%3A0%3Ans%3A1674023867703%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674023873%3At%3ARevain%20-%20Products%2C%20Brands%20and%20Companies%20%7C%20Reviews%20%26%20Ratings%20Platform&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://revain.org
Referer: https://revain.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 440
date: Wed, 18 Jan 2023 06:37:53 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://revain.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 18-Jan-2023 06:37:53 GMT
last-modified: Wed, 18-Jan-2023 06:37:53 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=319361929240030&ev=PageView&dl=https%3A%2F%2Frevain.org%2F&rl=&if=false&ts=1674023873424&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1674023873423.1463514057&it=1674023872642&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=319361929240030&ev=PageView&dl=https%3A%2F%2Frevain.org%2F&rl=&if=false&ts=1674023873424&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1674023873423.1463514057&it=1674023872642&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=319361929240030&ev=PageView&dl=https%3A%2F%2Frevain.org%2F&rl=&if=false&ts=1674023873424&sw=1280&sh=1024&v=2.9.92&r=stable&ec=0&o=28&cs_est=true&fbp=fb.1.1674023873423.1463514057&it=1674023872642&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 18 Jan 2023 06:37:53 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2b02c407fd912449a1b278f0bf3d8574
817bcff5b7c0444426b19027c772bddce84cf130
67ceddcf2eef43f1c11fc85c1398c39b5ff875a93dafbf9c4526e6d3bc5eb52a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vc.hotjar.io/sessions/1565517?s=0.25&r=0.11547216973918895
204 No Content 11 kB URL HTTP/2 vc.hotjar.io/sessions/1565517?s=0.25&r=0.11547216973918895
IP
Hash a3267363ad326487df85fbfad4a11776
1d842b51acfb9c91306d5c5b7e15581c2af5d8dd
45e72e5f14621b693ac028b8e3f423e4cceea3b0a5a91a81a5aacf1e46cfe9f1
GET /sessions/1565517?s=0.25&r=0.11547216973918895 HTTP/1.1
Host: vc.hotjar.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://revain.org
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-store
date: Wed, 18 Jan 2023 06:37:53 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pL26lgcPFeRvC2F2pVKnY7lYz7QdhR9NGq5p1A6lsq3Ka-9eCzI8tg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6a6b2d9466c78838d5b89a24b1afc5f1
056b045d2648e975609cc689aace2cebf56dc4b8
87f1afd429d569be0ae89952298d447806d8c9d543b4ed8d2bc80cd9dc3d125d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-102522335-3&cid=273289131.1674023873&jid=1929753682&gjid=1595759563&_gid=239463032.1674023873&_u=YEBAAEAAAAAAACAAI~&z=60023217
200 OK 4.0 kB URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-102522335-3&cid=273289131.1674023873&jid=1929753682&gjid=1595759563&_gid=239463032.1674023873&_u=YEBAAEAAAAAAACAAI~&z=60023217
IP
Hash 302135e9cf8dcc017864a0bd25af61bd
3e02d2db535d8556478558141e5fb53d29a5fcb7
e1124fa3e3a8fa24b298593f2e9497e12a2fc136abb4b18da57268f1188b0fec
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-102522335-3&cid=273289131.1674023873&jid=1929753682&gjid=1595759563&_gid=239463032.1674023873&_u=YEBAAEAAAAAAACAAI~&z=60023217 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://revain.org
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://revain.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 18 Jan 2023 06:37:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2b02c407fd912449a1b278f0bf3d8574
817bcff5b7c0444426b19027c772bddce84cf130
67ceddcf2eef43f1c11fc85c1398c39b5ff875a93dafbf9c4526e6d3bc5eb52a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6a6b2d9466c78838d5b89a24b1afc5f1
056b045d2648e975609cc689aace2cebf56dc4b8
87f1afd429d569be0ae89952298d447806d8c9d543b4ed8d2bc80cd9dc3d125d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Poppins:regular
200 OK 863 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:regular
IP
Hash 53c10c50758b0d94a46382ba07f1f991
0652246d5300ea8bbd8ae29c030bedcd30d5c6b6
23a820bec38d7296ec1346668679ab69ecc7cef8dcc5051acad7296cee7e2dac
GET /css?family=Poppins:regular HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 18 Jan 2023 06:37:53 GMT
date: Wed, 18 Jan 2023 06:37:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 19e9c21f1e72949764d8ffcb5747bec5
65af9cb30aa7959c39889fd28d3f870dbbf896cd
3deb58a447d7318ef995f772ea43eeb2af3eaca23f96e68638d2303bbbb65108
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e1c7515ba5231aaae042ef63071a8562
676673d88597e11f572ac38844b18562ab57b920
002b5adabb3fb37aa6c0f18adee2f221a770e217fe95a027fcf8b8fe84794a19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/ads/studio/Enabler.js
200 OK 47 kB URL HTTP/2 s0.2mdn.net/ads/studio/Enabler.js
IP
File type ASCII text, with very long lines (1961)
Hash 8ec92a20b17d27140f8fd18535e58692
cb03c94c8d0f6b9c0416e89aa4050f10243437a7
6ff0b9890218c8201ed1487d6e36524d4fa318591bbca5da67065e21e36fe9f1
GET /ads/studio/Enabler.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 46978
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 06:36:47 GMT
expires: Wed, 18 Jan 2023 06:51:47 GMT
cache-control: public, max-age=900
age: 66
last-modified: Mon, 06 Jun 2022 19:45:39 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102522335-3&cid=273289131.1674023873&jid=1929753682&_u=YEBAAEAAAAAAACAAI~&z=902927159
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102522335-3&cid=273289131.1674023873&jid=1929753682&_u=YEBAAEAAAAAAACAAI~&z=902927159
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-102522335-3&cid=273289131.1674023873&jid=1929753682&_u=YEBAAEAAAAAAACAAI~&z=902927159 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Jan 2023 06:37:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 19e9c21f1e72949764d8ffcb5747bec5
65af9cb30aa7959c39889fd28d3f870dbbf896cd
3deb58a447d7318ef995f772ea43eeb2af3eaca23f96e68638d2303bbbb65108
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230112&st=env
200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230112&st=env
IP
File type JSON data\012- , ASCII text, with very long lines (14606), with no line terminators
Hash 543afd1459cc2d45f4e535dde5cbfc0b
f86115ee6bd74ca7bbb64257a1d2363f753e76ad
4542a2b916a5f0ca674e326f1ab52205a2ad82119f09bf0ca84ebc6255d038ad
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230112&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://revain.org
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Wed, 18 Jan 2023 06:37:54 GMT
server: cafe
content-length: 11028
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/1565517/visit-data?sv=7
200 OK 7.3 kB URL HTTP/2 in.hotjar.com/api/v2/client/sites/1565517/visit-data?sv=7
IP
File type ASCII text, with very long lines (23527), with no line terminators
Hash 53c913ccf9d2f0ac87e69486c0cba4f4
990501e1ded66f120865a7654782a8d708c06800
a4f119aae58bc1a80daa852e73912c7a7cf85f9cec7e216ce8c7dfb474965d82
POST /api/v2/client/sites/1565517/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 130
Origin: https://revain.org
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 18 Jan 2023 06:37:53 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 2d1c6ca97c5412d24844c97296d8e73c
6e079f5c8aa487bae5a4f798620eccf3ac3f6604
acbfcb5c2624e6e528d992098e3f8400113488c05a00cdaf5bac8b5269c7be1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 18 Jan 2023 06:37:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Wed, 18 Jan 2023 06:37:54 GMT
expires: Wed, 18 Jan 2023 06:37:54 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
200 OK 32 kB URL HTTP/2 pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
IP
Hash bebdbaaf0901ba4261fedcfbbc9eead5
c2eb5f0e9b17b7e36ae12e322cca8552782b9836
45d676f0bf35980dac8620e041fcdd304a3a6b2b18da62b3e86b00bef4db28e4
GET /bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 16095
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 22:30:50 GMT
expires: Sat, 13 Jan 2024 22:30:50 GMT
cache-control: public, max-age=31536000
age: 374824
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230112&jk=3497569376285463&rc=
204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230112&jk=3497569376285463&rc=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20230112&jk=3497569376285463&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 06:37:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230112&jk=3497569376285463&bg=!YmGlYSXNAAYDMoyoIzI7ACkAdvg8WpbwlrMEv2PWvD9k8vHBGtj5GbVmo9L_WV_mwHFMlDblJ3jHzAIAAACDUgAAAANoAQeZAo8t3tIuYOM5gYCIa9bSH6xvrzeARDuPWvVzCPUMJtv89eSpRb8PsVpa-P1WB8DcbXlfdVMJxR1KYw0j4SL0ZaoFtXtZUQCRpI29vDtZ2f9AuMIAmMoDBNlchO2T7scbLzx-din9LSCGHV-iE4TRzy1KcEkayzvV16ArM1NBWeu0vhpKOLYcAyrAYi67GZ4-yeN_EhHQcuOT3lxkWCAmLPoRcJB7jgj7YSzzb8lhs1YKx-kZqRl-jNTIo_6Mt0sFSqJT_-Kw6z7Ek31zZ2mxzHwxQF2xph0_RYO-Gc8j4KZ8562CYY8e48tY2Pz9IriEimTBNPExL69e0FxxlHEw2XI-yqjNQ6ZBgyAS5yMg0M8cFGiMImggTiUBqL-5O6AV6KG4hrucMjfQPic7xBWjyTFeCJtk6asxJ5gCTsohT2Hge9EjYDC3VfiPnZD6l5b4fSP-_HcLcA5kEbgCbqExtaymWSJrpHUG846B_rqgpMf3rly91qaNdZfGoH3BOrr0z8C1f3rz9FThQ7mU4P4gmmGQlBoe3HwJGB2zzJulg-AHlI5DWLaSf5hwFtXE0BuolUWITgxPXeAHm3NMlz4Udk7ZhvRRDrLIsuMIRHse5MqpGn6RMG8FYzQz0SOVnEQkrA059yASkmi-Gqn2jhZY-_PfZBMPS6u1Mrwl3oRhid5vvp13TGcdiF5P9vHj3Hzkqv543CLq1mJ7lE4-XMOWg-jOdBjT75_x8KyYQPY1jvo9RG-nU11rt2hZSDH-_X2qhvCZ6zo4cmobGuNZYMNGo0Vru2z5ccU96DFtR41Hzx-HcVfbhI_WSeWK8gV4O6kVDftTYr8iwH_YM3uk6fFsMATXPBATdeATAG6VBjWJrPFp
204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230112&jk=3497569376285463&bg=!YmGlYSXNAAYDMoyoIzI7ACkAdvg8WpbwlrMEv2PWvD9k8vHBGtj5GbVmo9L_WV_mwHFMlDblJ3jHzAIAAACDUgAAAANoAQeZAo8t3tIuYOM5gYCIa9bSH6xvrzeARDuPWvVzCPUMJtv89eSpRb8PsVpa-P1WB8DcbXlfdVMJxR1KYw0j4SL0ZaoFtXtZUQCRpI29vDtZ2f9AuMIAmMoDBNlchO2T7scbLzx-din9LSCGHV-iE4TRzy1KcEkayzvV16ArM1NBWeu0vhpKOLYcAyrAYi67GZ4-yeN_EhHQcuOT3lxkWCAmLPoRcJB7jgj7YSzzb8lhs1YKx-kZqRl-jNTIo_6Mt0sFSqJT_-Kw6z7Ek31zZ2mxzHwxQF2xph0_RYO-Gc8j4KZ8562CYY8e48tY2Pz9IriEimTBNPExL69e0FxxlHEw2XI-yqjNQ6ZBgyAS5yMg0M8cFGiMImggTiUBqL-5O6AV6KG4hrucMjfQPic7xBWjyTFeCJtk6asxJ5gCTsohT2Hge9EjYDC3VfiPnZD6l5b4fSP-_HcLcA5kEbgCbqExtaymWSJrpHUG846B_rqgpMf3rly91qaNdZfGoH3BOrr0z8C1f3rz9FThQ7mU4P4gmmGQlBoe3HwJGB2zzJulg-AHlI5DWLaSf5hwFtXE0BuolUWITgxPXeAHm3NMlz4Udk7ZhvRRDrLIsuMIRHse5MqpGn6RMG8FYzQz0SOVnEQkrA059yASkmi-Gqn2jhZY-_PfZBMPS6u1Mrwl3oRhid5vvp13TGcdiF5P9vHj3Hzkqv543CLq1mJ7lE4-XMOWg-jOdBjT75_x8KyYQPY1jvo9RG-nU11rt2hZSDH-_X2qhvCZ6zo4cmobGuNZYMNGo0Vru2z5ccU96DFtR41Hzx-HcVfbhI_WSeWK8gV4O6kVDftTYr8iwH_YM3uk6fFsMATXPBATdeATAG6VBjWJrPFp
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230112&jk=3497569376285463&bg=!YmGlYSXNAAYDMoyoIzI7ACkAdvg8WpbwlrMEv2PWvD9k8vHBGtj5GbVmo9L_WV_mwHFMlDblJ3jHzAIAAACDUgAAAANoAQeZAo8t3tIuYOM5gYCIa9bSH6xvrzeARDuPWvVzCPUMJtv89eSpRb8PsVpa-P1WB8DcbXlfdVMJxR1KYw0j4SL0ZaoFtXtZUQCRpI29vDtZ2f9AuMIAmMoDBNlchO2T7scbLzx-din9LSCGHV-iE4TRzy1KcEkayzvV16ArM1NBWeu0vhpKOLYcAyrAYi67GZ4-yeN_EhHQcuOT3lxkWCAmLPoRcJB7jgj7YSzzb8lhs1YKx-kZqRl-jNTIo_6Mt0sFSqJT_-Kw6z7Ek31zZ2mxzHwxQF2xph0_RYO-Gc8j4KZ8562CYY8e48tY2Pz9IriEimTBNPExL69e0FxxlHEw2XI-yqjNQ6ZBgyAS5yMg0M8cFGiMImggTiUBqL-5O6AV6KG4hrucMjfQPic7xBWjyTFeCJtk6asxJ5gCTsohT2Hge9EjYDC3VfiPnZD6l5b4fSP-_HcLcA5kEbgCbqExtaymWSJrpHUG846B_rqgpMf3rly91qaNdZfGoH3BOrr0z8C1f3rz9FThQ7mU4P4gmmGQlBoe3HwJGB2zzJulg-AHlI5DWLaSf5hwFtXE0BuolUWITgxPXeAHm3NMlz4Udk7ZhvRRDrLIsuMIRHse5MqpGn6RMG8FYzQz0SOVnEQkrA059yASkmi-Gqn2jhZY-_PfZBMPS6u1Mrwl3oRhid5vvp13TGcdiF5P9vHj3Hzkqv543CLq1mJ7lE4-XMOWg-jOdBjT75_x8KyYQPY1jvo9RG-nU11rt2hZSDH-_X2qhvCZ6zo4cmobGuNZYMNGo0Vru2z5ccU96DFtR41Hzx-HcVfbhI_WSeWK8gV4O6kVDftTYr8iwH_YM3uk6fFsMATXPBATdeATAG6VBjWJrPFp HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 18 Jan 2023 06:37:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg
200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 928e970121a035e9f8d537e4bfe6bf5c
ce4aadc6b3500508d1c4b42b76f09be4414b6eee
2da1438b17cf05aed64e565350dcc706420f2bae7e8c5e36d1b5bad38248c275
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ce66831-56e0-4f6e-ba05-da99c3485e5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3599
x-amzn-requestid: 5b743b27-b6d4-4d98-9984-3a5e17cb28e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1xH8BIAMFuZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714f1-2f1031db0871abae4760d5b6;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jyWosZVSdPHomvHRyf-MuxVp0gR7sKIJ0-jmMStDeixhd8Bhoqzitg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:01:09 GMT
age: 31008
etag: "ce4aadc6b3500508d1c4b42b76f09be4414b6eee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/91935439?wmode=0&wv-part=1&wv-hit=117781191&page-url=https%3A%2F%2Frevain.org%2F&rn=683584099&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1674023877%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230118063756%3Au%3A16740238731016670769%3Avf%3Asm0eap24hzlr84c06sesn%3Ast%3A1674023877&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/91935439?wmode=0&wv-part=1&wv-hit=117781191&page-url=https%3A%2F%2Frevain.org%2F&rn=683584099&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1674023877%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230118063756%3Au%3A16740238731016670769%3Avf%3Asm0eap24hzlr84c06sesn%3Ast%3A1674023877&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/91935439?wmode=0&wv-part=1&wv-hit=117781191&page-url=https%3A%2F%2Frevain.org%2F&rn=683584099&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1674023877%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230118063756%3Au%3A16740238731016670769%3Avf%3Asm0eap24hzlr84c06sesn%3Ast%3A1674023877&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 256581
Origin: https://revain.org
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 18 Jan 2023 06:37:57 GMT
access-control-allow-origin: https://revain.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 18-Jan-2023 06:37:57 GMT
last-modified: Wed, 18-Jan-2023 06:37:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/91935439?wv-check=53682&wv-type=0&wmode=0&wv-part=1&wv-hit=117781191&page-url=https%3A%2F%2Frevain.org%2F&rn=862617417&browser-info=we%3A1%3Aet%3A1674023877%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230118063757%3Au%3A16740238731016670769%3Avf%3Asm0eap24hzlr84c06sesn%3Ast%3A1674023877&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/91935439?wv-check=53682&wv-type=0&wmode=0&wv-part=1&wv-hit=117781191&page-url=https%3A%2F%2Frevain.org%2F&rn=862617417&browser-info=we%3A1%3Aet%3A1674023877%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230118063757%3Au%3A16740238731016670769%3Avf%3Asm0eap24hzlr84c06sesn%3Ast%3A1674023877&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/91935439?wv-check=53682&wv-type=0&wmode=0&wv-part=1&wv-hit=117781191&page-url=https%3A%2F%2Frevain.org%2F&rn=862617417&browser-info=we%3A1%3Aet%3A1674023877%3Aw%3A1268x939%3Av%3A953%3Az%3A0%3Ai%3A20230118063757%3Au%3A16740238731016670769%3Avf%3Asm0eap24hzlr84c06sesn%3Ast%3A1674023877&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: https://revain.org
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Wed, 18 Jan 2023 06:37:57 GMT
access-control-allow-origin: https://revain.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 18-Jan-2023 06:37:57 GMT
last-modified: Wed, 18-Jan-2023 06:37:57 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
revain.org/
200 OK 0 B IP
GET / HTTP/1.1
Host: revain.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 18 Jan 2023 06:37:49 GMT
content-type: text/html; charset=utf-8
cache-control: public, max-age=5, stale-while-revalidate=30
content-security-policy: default-src 'self' 'unsafe-inline' https://revain.org; connect-src 'self' wss://revain.org/api/v3/notifications/ws *.google.ru *.google.de *.google.cn *.google.it *.google.es *.google.pt *.google.fr *.google.com *.googlesyndication.com *.googleapis.com *.google-analytics.com stats.g.doubleclick.net facebook.com *.facebook.net *.facebook.com *.fbcdn.net *.hotjar.com *.hotjar.io wss://*.hotjar.com cointelegraph.com *.cointelegraph.com linkedin.com *.linkedin.com request-global.czilladx.com *.cointraffic.io top-fwz1.mail.ru adx.adform.net prebid.smilewanted.com a.teads.tv inv-nets.admixer.net hbopenbid.pubmatic.com prebid-eu.creativecdn.com bidder.criteo.com prg.smartadserver.com prebid-inv-eu.admixer.net static.criteo.net securepubads.g.doubleclick.net mc.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz; font-src 'self' data: https://revain.org fonts.googleapis.com fonts.gstatic.com kucoin-assets.s3-ap-southeast-1.amazonaws.com; frame-src 'self' https://revain.org https://widgets.revain.org *.google.ru *.google.de *.google.cn *.google.it *.google.es *.google.pt *.google.fr *.google.com *.googlesyndication.com googleads.g.doubleclick.net facebook.com *.facebook.net *.facebook.com *.hotjar.com *.hotjar.io wss://*.hotjar.com linkedin.com *.linkedin.com gleam.io coinzillatag.com request-global.czilladx.com *.cointraffic.io player.vimeo.com www.youtube.com gum.criteo.com; img-src 'self' data: blob: i.ytimg.com i.vimeocdn.com https://revain.org images.revain.org *.google.ru *.google.de *.google.cn *.google.it *.google.es *.google.pt *.google.fr *.google.com *.googletagmanager.com *.googlesyndication.com stats.g.doubleclick.net *.google-analytics.com *.gstatic.com facebook.com *.facebook.net *.facebook.com cointelegraph.com *.cointelegraph.com certify.alexametrics.com images.ctfassets.net *.cointraffic.io coinzillatag.com unpkg.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com securepubads.g.doubleclick.net www.google.co.in www.google.nl googleads.g.doubleclick.net mc.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz; manifest-src 'self' https://revain.org; media-src 'self' data: blob: https://revain.org; script-src 'self' blob: 'unsafe-inline' 'unsafe-eval' https://revain.org *.google.ru *.google.de *.google.cn *.google.it *.google.es *.google.pt *.google.fr *.google.com *.gstatic.com *.google-analytics.com *.googleapis.com certify-js.alexametrics.com *.googletagmanager.com *.googlesyndication.com *.googleadservices.com *.googletagservices.com facebook.com *.facebook.net *.facebook.com *.hotjar.com *.hotjar.io wss://*.hotjar.com linkedin.com *.linkedin.com cointelegraph.com *.cointelegraph.com *.cointraffic.io coinzillatag.com top-fwz1.mail.ru s.adroll.com s0.2mdn.net securepubads.g.doubleclick.net prebid-inv-eu.admixer.net cdn.admixer.net static.criteo.net cdn.ampproject.org adservice.google.co.in static.cloudflareinsights.com yastatic.net mc.yandex.ru mc.yandex.az mc.yandex.by mc.yandex.co.il mc.yandex.com mc.yandex.com.am mc.yandex.com.ge mc.yandex.com.tr mc.yandex.ee mc.yandex.fr mc.yandex.kg mc.yandex.kz mc.yandex.lt mc.yandex.lv mc.yandex.md mc.yandex.tj mc.yandex.tm mc.yandex.ua mc.yandex.uz; style-src 'self' 'unsafe-inline' https://revain.org *.googleapis.com; child-src 'self' blob:
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wifvu%2Bqq0tBMvXGnzX6OOZmJPhATGYRxyEXNHbGZRRTp0JNj4CCYLcTYnIhcSypaDPleBmc7bEBskcwcc9QrIa%2BsKdmHBhsQQvUR86Z9BsE2QgfDnTdp%2FHgGqLo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b552f79ce6b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/91935439?wmode=7&page-url=https%3A%2F%2Frevain.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1930%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1014178835454%3Ahid%3A117781191%3Az%3A0%3Ai%3A20230118063752%3Aet%3A1674023873%3Ac%3A1%3Arn%3A555365985%3Arqn%3A1%3Au%3A16740238731016670769%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C27%2C967%2C0%2C306%2C0%2C%2C620%2C3%2C%2C%2C%2C3891%3Aco%3A0%3Ans%3A1674023867703%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674023873%3At%3ARevain%20-%20Products%2C%20Brands%20and%20Companies%20%7C%20Reviews%20%26%20Ratings%20Platform&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/91935439?wmode=7&page-url=https%3A%2F%2Frevain.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1930%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1014178835454%3Ahid%3A117781191%3Az%3A0%3Ai%3A20230118063752%3Aet%3A1674023873%3Ac%3A1%3Arn%3A555365985%3Arqn%3A1%3Au%3A16740238731016670769%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C27%2C967%2C0%2C306%2C0%2C%2C620%2C3%2C%2C%2C%2C3891%3Aco%3A0%3Ans%3A1674023867703%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674023873%3At%3ARevain%20-%20Products%2C%20Brands%20and%20Companies%20%7C%20Reviews%20%26%20Ratings%20Platform&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
GET /watch/91935439?wmode=7&page-url=https%3A%2F%2Frevain.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1930%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1014178835454%3Ahid%3A117781191%3Az%3A0%3Ai%3A20230118063752%3Aet%3A1674023873%3Ac%3A1%3Arn%3A555365985%3Arqn%3A1%3Au%3A16740238731016670769%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C27%2C967%2C0%2C306%2C0%2C%2C620%2C3%2C%2C%2C%2C3891%3Aco%3A0%3Ans%3A1674023867703%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674023873%3At%3ARevain%20-%20Products%2C%20Brands%20and%20Companies%20%7C%20Reviews%20%26%20Ratings%20Platform&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://revain.org
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/91935439/1?wmode=7&page-url=https%3A%2F%2Frevain.org%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1930%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1014178835454%3Ahid%3A117781191%3Az%3A0%3Ai%3A20230118063752%3Aet%3A1674023873%3Ac%3A1%3Arn%3A555365985%3Arqn%3A1%3Au%3A16740238731016670769%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C27%2C967%2C0%2C306%2C0%2C%2C620%2C3%2C%2C%2C%2C3891%3Aco%3A0%3Ans%3A1674023867703%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674023873%3At%3ARevain%20-%20Products%2C%20Brands%20and%20Companies%20%7C%20Reviews%20%26%20Ratings%20Platform&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Wed, 18 Jan 2023 06:37:52 GMT
access-control-allow-origin: https://revain.org
set-cookie: yabs-sid=1073839931674023872; Path=/; SameSite=None; Secure
i=sbJObSecaTyDOM7ZlCq3w7NSnSZ63ECKYW/oHzIp7NqyHCv34ZHwMEQXNXNHOfaykg9NUz0MUulXG/ZqRluCWvXAOU8=; Expires=Sat, 15-Jan-2033 06:37:51 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=633011451674023872; Expires=Thu, 18-Jan-2024 06:37:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=633011451674023872; Expires=Thu, 18-Jan-2024 06:37:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705559872.yc.1674023872#1705559872.yrts.1674023872#1705559872.yrtsi.1674023872; Expires=Thu, 18-Jan-2024 06:37:52 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 18-Jan-2023 06:37:52 GMT
last-modified: Wed, 18-Jan-2023 06:37:52 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-1565517.js?sv=7
200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-1565517.js?sv=7
IP
GET /c/hotjar-1565517.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://revain.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 18 Jan 2023 06:37:52 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
etag: W/8d66f17f906ee41558c00b246e4d36a4
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 9-A6HmpUGsu3eyXEU3f1RdcK_0HeUlqhOCBL0SNDWlfd9QMi5F_7Og==
X-Firefox-Spdy: h2
104.26.2.221
87.250.250.119
93.184.220.29
54.171.13.128
95.101.11.115
104.16.56.101
31.13.72.36