jorttiuyng.com/link?z=5563133&var=8f88b500-e012-44cd-9707-b63d23f3efa1&ymid=wi0kn0t31ndt8mqk2k2fstrk
139.45.197.236302 Found 0 B URL HTTP/1.1 jorttiuyng.com/link?z=5563133&var=8f88b500-e012-44cd-9707-b63d23f3efa1&ymid=wi0kn0t31ndt8mqk2k2fstrk
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /link?z=5563133&var=8f88b500-e012-44cd-9707-b63d23f3efa1&ymid=wi0kn0t31ndt8mqk2k2fstrk HTTP/1.1
Host: jorttiuyng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 29 Nov 2022 14:15:56 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id: 75d6ac755853e44d2f60758f44a64ca2
Link: <https://track.hotvpn.io>; rel="dns-prefetch preconnect"
Referrer-Policy: no-referrer
Location: https://track.hotvpn.io/bfde2a7b-ad9b-4dfe-9152-8e68c6da52c7?zoneid=5563133_8f88b500-e012-44cd-9707-b63d23f3efa1&bannerid=15892529&browser=firefox&os=windows&device=desktop®ion=03&isp=blix group as&useragent=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0&language=en&connectiontype=broadband&cost=0.000000&visitor_id=621460581976904224
Set-Cookie: OAID=d795afb8e6b849399514196e1d812ead; expires=Wed, 29 Nov 2023 14:15:56 GMT
oaidts=1669731356; expires=Wed, 29 Nov 2023 14:15:56 GMT
OXCCLK=6366117.1; expires=Wed, 29 Nov 2023 14:15:56 GMT
allcnt=1; expires=Wed, 29 Nov 2023 14:15:56 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4008
Expires: Tue, 29 Nov 2022 15:22:44 GMT
Date: Tue, 29 Nov 2022 14:15:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1359
Cache-Control: max-age=160674
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:56 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 10:53:50 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6390
Expires: Tue, 29 Nov 2022 16:02:26 GMT
Date: Tue, 29 Nov 2022 14:15:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 13:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3481
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pWySt8TKobF+dssqgVpyxoKpS3ENuv7jYmnx4Lhx1wdCq7wuhO4iI8tkVEZMLZbcbGbvdjkx71U=
x-amz-request-id: 31252HQGX78KRPMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 13:42:31 GMT
age: 2005
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
track.hotvpn.io/bfde2a7b-ad9b-4dfe-9152-8e68c6da52c7?zoneid=5563133_8f88b500-e012-44cd-9707-b63d23f3efa1&bannerid=15892529&browser=firefox&os=windows&device=desktop®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.000000&visitor_id=621460581976904224
18.197.208.17302 Found 0 B URL HTTP/2 track.hotvpn.io/bfde2a7b-ad9b-4dfe-9152-8e68c6da52c7?zoneid=5563133_8f88b500-e012-44cd-9707-b63d23f3efa1&bannerid=15892529&browser=firefox&os=windows&device=desktop®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.000000&visitor_id=621460581976904224
IP 18.197.208.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bfde2a7b-ad9b-4dfe-9152-8e68c6da52c7?zoneid=5563133_8f88b500-e012-44cd-9707-b63d23f3efa1&bannerid=15892529&browser=firefox&os=windows&device=desktop®ion=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.000000&visitor_id=621460581976904224 HTTP/1.1
Host: track.hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Tue, 29 Nov 2022 14:15:56 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://hotvpn.io/landing-page?page=a1
pragma: no-cache
set-cookie: bfde2a7b-ad9b-4dfe-9152-8e68c6da52c7-v4=niFMIEVfQIdt-tdnmXEDEaXlq-U_CIgRphTA609dbfg; Max-Age=86400; Expires=Wed, 30-Nov-2022 14:15:56 GMT; Domain=track.hotvpn.io; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=v1%2FuA3qh3v1aRZtOS%2BF67t4RgFczY5a5T5LAvQ8rY0wv3jOVVYrrb1vWKCuZl1bk%2FBsG%2FYTvtxBOszcUHtXlEKa7TgzxLTc1PqhrXxhuUfPCXlpr2wIGBjiqQaR4CapDSs5O7dvprVI98h5jpnrcog%3D%3D; Max-Age=31536000; Expires=Wed, 29-Nov-2023 14:15:56 GMT; Domain=track.hotvpn.io; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 14:15:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 1c327d4e5b6baa441af96ea944b454cd
71c5aa9f00b31bc3db9a3c493af41166a8e7cf19
c6b9db7442747757b4780ed48c17975a6cf3cffd21f1cafd2ae115a15eeda001
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117791
Date: Tue, 29 Nov 2022 14:15:56 GMT
Etag: "63853c4c-1d7"
Expires: Wed, 30 Nov 2022 22:59:07 GMT
Last-Modified: Mon, 28 Nov 2022 22:55:08 GMT
Server: ECS (dcb/7F13)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: x3pGYl4bLKxVdYtbwWEt0OcajfcOFDZiJMbAMnK3WoQPmFJ7SBzg1Q==
Age: 239
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 14:08:56 GMT
cache-control: public,max-age=3600
age: 420
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
hotvpn.io/runtime.9f5e0f1c47831410.js
54.230.111.23200 OK 2.1 kB URL HTTP/2 hotvpn.io/runtime.9f5e0f1c47831410.js
IP 54.230.111.23:0
Hash daa1905462eb03bc707a1e5a84569160
b0dead152d5c84a596ae19ffef590019217db44e
1eb4a5c458fd98ab3a315ef12e80204e9d84d442081cf056a3394e08714432c5
GET /runtime.9f5e0f1c47831410.js HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 19:09:57 GMT
etag: W/"45396769f2ec783c20b8aa7bcce84d47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xo10Z7xpwczKuM6uwAOW319sIm15DPYHXNSPOf7rFs2-145jjtgpJg==
age: 68759
X-Firefox-Spdy: h2
hotvpn.io/polyfills.bbb3a18906f94e2a.js
54.230.111.23200 OK 12 kB URL HTTP/2 hotvpn.io/polyfills.bbb3a18906f94e2a.js
IP 54.230.111.23:0
Hash 86ddd0ab73eda2d1ea35fd4cf5cb04c6
d8d880c757ab58707e07fa3fc2f8d42f7f5dec2b
36ba100984cd7704d5f90e5f59935343c08cf1b179904ca3a058193727c3fac6
GET /polyfills.bbb3a18906f94e2a.js HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 29 Nov 2022 01:34:43 GMT
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
etag: W/"c1f5d9dca2f41e57c75a633ab34bb597"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NcYeic5ITaEGM2nvMm6FyVkuNqVKn81_bVUVEf5vGZvdV9rHTubqqQ==
age: 45674
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 14:15:56 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 576665
expires: Sun, 19 Nov 2023 14:15:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwmnQZnuVE%2BQCNyMPhiN0xjxYAarqYP61a40HO8GYOMLl%2BKGqAzt1qc10mzeH2HUYTrq8l2nhTlWDkaUZ1giu0U6RMG9rXUkmSAjT994RSIIy2CjIihbauofeYmSipE1cGaAjfjg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771bf554da521bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/js/bootstrap.bundle.min.js
151.101.85.229200 OK 23 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/js/bootstrap.bundle.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65293)
Hash 17be39c5c6fd45df16dfd5db3c085068
16e85f6095024d87f093975b392ee6d8307807a2
26323ab86481ea97bf21d9e5a84009ac48cd4fdce7a58ac15dd4c6391669a42e
GET /npm/bootstrap@5.2.0-beta1/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.2.0-beta1
x-jsd-version-type: version
etag: W/"1377e-a0uYWpCr16scLjX/O4dNB8+EEO4"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 14:15:56 GMT
age: 9725085
x-served-by: cache-fra19140-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23010
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
151.101.85.229200 OK 11 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
IP 151.101.85.229:0
Hash 9d925d15680cff8c6ea221e68d4da6fc
4feb53c66abd34264a976f4fae5f5819fa2a454a
42afd5d11d0b1f94ab684c456c19e39f1ddfae78f2f14118e9891f68558fc26b
GET /npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 14:15:56 GMT
age: 1418
x-served-by: cache-fra-eddf8230038-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11403
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ebda5539b32fd20ab6af182e1bc1e20b
4dd11178830150371e491ff52718a5f32b7e6169
7dde43dd3acc5353cc49b96dbced0a6995e47f52b4a055c6d4b35ab44e8f5fca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5024
Cache-Control: max-age=93769
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:56 GMT
Etag: "6384cbc5-117"
Expires: Wed, 30 Nov 2022 16:18:45 GMT
Last-Modified: Mon, 28 Nov 2022 14:55:01 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css
151.101.85.229200 OK 27 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css
IP 151.101.85.229:0
File type Unicode text, UTF-8 text, with very long lines (65300)
Hash 7fe415dab6752a3d34d32883ba08e681
7821ce1e4e8a6862c6ba04798083bd16d1a337d8
0cbb8b50577b24ed36371ea4cc9213fe8a86b3dc295594d3fa3c8a7884d57516
GET /npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.0-beta1
x-jsd-version-type: version
etag: W/"2f3f9-YnOsGiPXmhIvAi9qh8W3XCz6/Do"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 14:15:56 GMT
age: 14556098
x-served-by: cache-fra19143-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27328
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ebda5539b32fd20ab6af182e1bc1e20b
4dd11178830150371e491ff52718a5f32b7e6169
7dde43dd3acc5353cc49b96dbced0a6995e47f52b4a055c6d4b35ab44e8f5fca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5556
Cache-Control: max-age=94301
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:56 GMT
Etag: "6384cbc5-117"
Expires: Wed, 30 Nov 2022 16:27:37 GMT
Last-Modified: Mon, 28 Nov 2022 14:55:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4809
Cache-Control: max-age=159060
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:57 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:26:57 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdf8fcc67ef5a6697d5b9e25088bb9e1
d7390ff89e205cc059d4466a4dcdcb66f5726c0b
99aab94597be8e161f919be17ad0a5b286a3263147c323fbb1ba20354f5b6d12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1806
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:57 GMT
Last-Modified: Tue, 29 Nov 2022 13:45:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 1e42d583bc12f9e26e761ed2c0901038
91a8f404d72889b56e724927a370a914ea101d91
06b252c6b1df77e83111f56373af005d9dd8438ebe39f929b6761ef4e3d7927b
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 14:15:57 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "1722C41C60DEDC3760921CC7B25328DB3F5011F2"
Expires: Wed, 30 Nov 2022 02:00:00 GMT
Last-Modified: Tue, 29 Nov 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 366
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771bf5558babb505-OSL
www.googletagmanager.com/gtag/js?id=UA-151425496-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-151425496-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash aa613c769d1fed0d4c19ce8e57a2edfa
640833b5a41b92088c8fcf5c184d6fe2318f923d
a0563ec6e797435f4886e0e654d388a5391e6ed48128f5c51f6b5ddbb2104a0a
GET /gtag/js?id=UA-151425496-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 14:15:57 GMT
expires: Tue, 29 Nov 2022 14:15:57 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-6705X2P2FH
142.250.74.168200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-6705X2P2FH
IP 142.250.74.168:0
File type ASCII text, with very long lines (21484)
Hash 6c3f63e5651c81a30c6beb1ba25c6e91
4037b58dfb462c49714749e8278db9ab6ecd0897
0995d4da642a7bfe1464aaedd1fd63d42293096ab40dea8f4c028b472aaaea92
GET /gtag/js?id=G-6705X2P2FH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 14:15:57 GMT
expires: Tue, 29 Nov 2022 14:15:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77778
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.paypal.com/sdk/js?client-id=AXiuTLh0HoBRzNyDB2w_NeR5wOZaLz8Ch6H9cr3mTA33XSeq5qgUi_AKPrNUfxxG1XLk6k0YDDVBtLwZ&vault=true&intent=subscription
151.101.1.21200 OK 96 kB URL HTTP/2 www.paypal.com/sdk/js?client-id=AXiuTLh0HoBRzNyDB2w_NeR5wOZaLz8Ch6H9cr3mTA33XSeq5qgUi_AKPrNUfxxG1XLk6k0YDDVBtLwZ&vault=true&intent=subscription
IP 151.101.1.21:0
File type ASCII text, with very long lines (65472)
Hash a25bbf37fe27be3655d6c888bc80fa40
c962648757033b648c778cc98c36aa52588a5a54
c8c6927244e5fd26d664efaac291fba2c3ea315df74e890932a4d15b916f9033
GET /sdk/js?client-id=AXiuTLh0HoBRzNyDB2w_NeR5wOZaLz8Ch6H9cr3mTA33XSeq5qgUi_AKPrNUfxxG1XLk6k0YDDVBtLwZ&vault=true&intent=subscription HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Dqh6hDpA1BVRL7vba4IPEV8E33R+vZKQC1E7lfcFG5l+qJ4u' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Dqh6hDpA1BVRL7vba4IPEV8E33R+vZKQC1E7lfcFG5l+qJ4u' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: application/javascript; charset=utf-8
etag: W/"177fe-yWJkh1cDO2SMd4zJjDaqUliKWlQ"
p3p: true
paypal-debug-id: f459083a36f92
traceparent: 00-0000000000000000000f459083a36f92-a578ab9b20980af3-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 14:15:57 GMT
age: 15
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4035-HHN, cache-bma1676-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1669731357.068934,VS0,VE2
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f459083a36f92-367d2052293a4f40-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 96254
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kit.fontawesome.com/a076d05399.js
104.18.22.52403 Forbidden 22 B URL HTTP/2 kit.fontawesome.com/a076d05399.js
IP 104.18.22.52:0
File type ASCII text, with no line terminators
Hash fd97e4f669829c0ab67c2203a6840a09
3cf1ecf50b3c929fb32a43896505db3ff9602275
6ee8906b2c990cc0ccd14c16ed0482a5b6dcacf438908ff2d8a98a4c4d5a35e3
GET /a076d05399.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 29 Nov 2022 14:15:57 GMT
content-type: text/plain; charset=utf-8
content-length: 22
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; preload
x-request-id: FywT0p5ULcpGwCd3S71B
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bf5550ae00b02-OSL
X-Firefox-Spdy: h2
www.paypal.com/tagmanager/pptm.js?id=hotvpn.io&t=xo&v=5.0.343&source=payments_sdk&client_id=AXiuTLh0HoBRzNyDB2w_NeR5wOZaLz8Ch6H9cr3mTA33XSeq5qgUi_AKPrNUfxxG1XLk6k0YDDVBtLwZ&vault=true
151.101.1.21200 OK 4.7 kB URL HTTP/2 www.paypal.com/tagmanager/pptm.js?id=hotvpn.io&t=xo&v=5.0.343&source=payments_sdk&client_id=AXiuTLh0HoBRzNyDB2w_NeR5wOZaLz8Ch6H9cr3mTA33XSeq5qgUi_AKPrNUfxxG1XLk6k0YDDVBtLwZ&vault=true
IP 151.101.1.21:0
File type ASCII text, with very long lines (13573)
Hash ef99ac3298526ff8eaaa9e34a2b0a5c2
cd55971ad494efc2e2f46898865d047e6990c33d
6805b9eafc064fd218a03c03ca58a33550ba2a9240aa3c7405f1d9c1bdcf9ad1
GET /tagmanager/pptm.js?id=hotvpn.io&t=xo&v=5.0.343&source=payments_sdk&client_id=AXiuTLh0HoBRzNyDB2w_NeR5wOZaLz8Ch6H9cr3mTA33XSeq5qgUi_AKPrNUfxxG1XLk6k0YDDVBtLwZ&vault=true HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Yuu2rxMTVvf4EM6Wnu5LuPv0l11soxojE7AKMxwRm6xMO3er' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type: application/x-javascript; charset=utf-8
etag: W/"3532-I2Um57fodfnxYVVdDDWOfJ//AXI"
paypal-debug-id: f111933244046
traceparent: 00-0000000000000000000f111933244046-9a88e19cfe9417dd-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 14:15:57 GMT
age: 72477
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11522-HHN, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 9, 1
x-timer: S1669731357.215362,VS0,VE2
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f111933244046-b83cd73ee774aae7-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 4742
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.165.176.211101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.176.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wagKQ9Ycb3D8EwflmcXUaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CYnAuM1Fgb27ssqMjHjCK5GstXs=
track.hotvpn.io/d/7a0b3336-5e57-4000-90ef-a7352824f6b9.js?oref=&ourl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&opt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&vtm=1669731356376
18.197.208.17400 Bad Request 152 B URL HTTP/2 track.hotvpn.io/d/7a0b3336-5e57-4000-90ef-a7352824f6b9.js?oref=&ourl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&opt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&vtm=1669731356376
IP 18.197.208.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d9bacc468aa23334526933389545e120
e26288b4bada404ce340ca72989f9f1193dc649c
0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4
GET /d/7a0b3336-5e57-4000-90ef-a7352824f6b9.js?oref=&ourl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&opt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&vtm=1669731356376 HTTP/1.1
Host: track.hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Cookie: bfde2a7b-ad9b-4dfe-9152-8e68c6da52c7-v4=niFMIEVfQIdt-tdnmXEDEaXlq-U_CIgRphTA609dbfg; cc-v4=v1%2FuA3qh3v1aRZtOS%2BF67t4RgFczY5a5T5LAvQ8rY0wv3jOVVYrrb1vWKCuZl1bk%2FBsG%2FYTvtxBOszcUHtXlEKa7TgzxLTc1PqhrXxhuUfPCXlpr2wIGBjiqQaR4CapDSs5O7dvprVI98h5jpnrcog%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 400 Bad Request
server: nginx
date: Tue, 29 Nov 2022 14:15:57 GMT
content-type: text/html
content-length: 152
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
www.paypalobjects.com/muse/muse.js
151.101.86.133200 OK 16 kB URL HTTP/2 www.paypalobjects.com/muse/muse.js
IP 151.101.86.133:0
File type ASCII text, with very long lines (55891)
Hash 6aebbe482c72000aea20895991f70478
eff1d3370786f9ee4ea539776bc43ab9bece89ba
2acb950bc7678b9e6c265194821fac386bf555db582ee8c0e2d9e68ff3eaa862
GET /muse/muse.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: application/javascript
etag: W/"6271663d-da91"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 84840867de170
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 14:15:57 GMT
x-served-by: cache-sjc10029-SJC, cache-bma1641-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 97848
x-timer: S1669731357.306856,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 16464
X-Firefox-Spdy: h2
unpkg.com/@lottiefiles/lottie-player@1.6.0/dist/lottie-player.js
104.16.125.175200 OK 92 kB URL HTTP/2 unpkg.com/@lottiefiles/lottie-player@1.6.0/dist/lottie-player.js
IP 104.16.125.175:0
File type ASCII text, with very long lines (27447)
Hash 4330d90fc62927dad79913fa9b8b37dd
c67644f75384e330c847f9f6084577beda0d9bb5
1b844b5ceaa0ce2a2f885bcc2f140a2c6af287301918ba485375bbe8b0ac4588
GET /@lottiefiles/lottie-player@1.6.0/dist/lottie-player.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotvpn.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 14:15:57 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"5664f-nL1GUo3O167x1rvVi92ydr01W9E"
via: 1.1 fly.io
fly-request-id: 01GG49HT6JXCRGYK1HPYP05F7H-fra
cf-cache-status: HIT
age: 3139807
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771bf5558ef5b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
hotvpn.io/assets/images/landing%20page/Vector%20(1).svg
54.230.111.23200 OK 237 B URL HTTP/2 hotvpn.io/assets/images/landing%20page/Vector%20(1).svg
IP 54.230.111.23:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bb1a601735361e405ac71027c44b0b40
b2622b5d940fa8f1aacc9d4b28d1441d99409cb1
88e44a74232d5ff22219c89e5fdd57e5bbb14d38e4f00022ee29e3711de164a7
GET /assets/images/landing%20page/Vector%20(1).svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 237
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "bb1a601735361e405ac71027c44b0b40"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jg6ADWdB5iLNv1IIJDZwjt4zXyoNnX0HYNA9-LpUuaA1lFczcK92SQ==
age: 6991
X-Firefox-Spdy: h2
unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
104.16.125.175302 Found 17 kB URL HTTP/2 unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
IP 104.16.125.175:0
Hash 464931aaec432d64fe2a89f03172dbbe
323ec0b125850aed61c56443f46ab3a76f8a6450
166f90c62790452120e1873ae32ddb5a4ae1ba7aa5888cc60aee015129fc525b
GET /@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 29 Nov 2022 14:15:57 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /@lottiefiles/lottie-player@1.6.0/dist/lottie-player.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK1VAWB0Q76RJZAX1NKDE2KR-ams
cf-cache-status: HIT
age: 598
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771bf5555ea7b515-OSL
X-Firefox-Spdy: h2
hotvpn.io/assets/images/benefits/security/browse.png
54.230.111.23200 OK 21 kB URL HTTP/2 hotvpn.io/assets/images/benefits/security/browse.png
IP 54.230.111.23:0
File type PNG image data, 732 x 513, 8-bit/color RGBA, non-interlaced\012- data
Hash 66229975a54182c5276f43a9a2e25aad
3d16a30c29b5d51ed605e61eea907bf646e12b52
fc99544aadacd8601622756376f8de205c226e01b8711637b81de9c0b9dfd432
GET /assets/images/benefits/security/browse.png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 20765
last-modified: Thu, 17 Nov 2022 14:11:02 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "66229975a54182c5276f43a9a2e25aad"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 15x9ChynYlpv788s7_4YBnCg_pYB-PmF8Tju2HgmBzaQ25vjQnAo6w==
age: 6991
X-Firefox-Spdy: h2
unpkg.com/aos@next/dist/aos.css
104.16.125.175302 Found 12 kB URL HTTP/2 unpkg.com/aos@next/dist/aos.css
IP 104.16.125.175:0
Hash 2057882b9a8513bf40b8fe64262dbf97
66791fd1049a9a2723323a59abfc46a10b09f8a0
c85aaf2ba10059e34392d383cef1a01ff751b2afff623c0fb5bcaf009241162c
GET /aos@next/dist/aos.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 29 Nov 2022 14:15:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /aos@3.0.0-beta.6/dist/aos.css
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK1VKZS1HKTGJR7M60PGHXHQ-ams
cf-cache-status: HIT
age: 289
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771bf5551e52b515-OSL
X-Firefox-Spdy: h2
hotvpn.io/assets/images/landing%20page/Vector%20black.svg
54.230.111.23200 OK 239 B URL HTTP/2 hotvpn.io/assets/images/landing%20page/Vector%20black.svg
IP 54.230.111.23:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 4c81737f64a4d0cd7dbcfb6edaa8ebaf
3cc3ac1ac4bded89fdc384c46affa725b2062aaf
0655c0555b961e01d5e9b7d43bb7f89d8ecb1eea5bcfca2ec123aa6e33d4a3d1
GET /assets/images/landing%20page/Vector%20black.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 239
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "4c81737f64a4d0cd7dbcfb6edaa8ebaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0N5He_StFyK2lgapLBwbakjjXcqDEhCxPje_Pc1uZSd1gAFkwhQEzw==
age: 6991
X-Firefox-Spdy: h2
hotvpn.io/assets/images/benefits/features/Auto%20location.png
54.230.111.23200 OK 19 kB URL HTTP/2 hotvpn.io/assets/images/benefits/features/Auto%20location.png
IP 54.230.111.23:0
File type PNG image data, 167 x 167, 8-bit/color RGBA, non-interlaced\012- data
Hash e9dc641118c582b22333a34bc5b8b69a
e098f4eea528f185a547468e63badba9481e20da
18e72934986f628e72754f460e4a1847127e93ece68fbe2d0b3cc753a7f7644e
GET /assets/images/benefits/features/Auto%20location.png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 18953
last-modified: Thu, 17 Nov 2022 14:11:02 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "e9dc641118c582b22333a34bc5b8b69a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TGoJTt4b4kizWu6vQsZbTcAX5tYSaWncImH5MC5XLvf9NEAwDcj-mA==
age: 6991
X-Firefox-Spdy: h2
hotvpn.io/assets/images/footer/Logo.png
54.230.111.23200 OK 2.5 kB URL HTTP/2 hotvpn.io/assets/images/footer/Logo.png
IP 54.230.111.23:0
File type PNG image data, 163 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 193e0e7a1f142a022d2aaceb79df740c
da90dcd9c7d081863974c84eebec136ad1c9d445
c189790d9fb51dcf3028893ee968eba0a787dc2c232cc9661e843e614af90679
GET /assets/images/footer/Logo.png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2491
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 11:23:34 GMT
etag: "193e0e7a1f142a022d2aaceb79df740c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FtX4_KFf34IXVQ5jaZwpu33ug5lV4dozQwi4BFpOl5nhr4qzsjj6pg==
age: 10344
X-Firefox-Spdy: h2
hotvpn.io/assets/images/footer/Trust%20pilot%20(1).png
54.230.111.23200 OK 1.0 kB URL HTTP/2 hotvpn.io/assets/images/footer/Trust%20pilot%20(1).png
IP 54.230.111.23:0
File type PNG image data, 132 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash fa57fd54a58da5beec7a5f32b46f4e56
c0836c5c240bb84964f8dea311ad69a25839a411
ce59484230d808a0a93cbd900ea626778b4fdfb7d1c9b50524a730f05ca1c760
GET /assets/images/footer/Trust%20pilot%20(1).png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1008
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 11:23:35 GMT
etag: "fa57fd54a58da5beec7a5f32b46f4e56"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xVTzreaOsXRZwv8pK_d5MFVuKe5-JJBiKQO_ocrxxJOQdayp46KT2w==
age: 10343
X-Firefox-Spdy: h2
hotvpn.io/assets/images/footer/made-in.png
54.230.111.23200 OK 1.3 kB URL HTTP/2 hotvpn.io/assets/images/footer/made-in.png
IP 54.230.111.23:0
File type PNG image data, 165 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash c0effaf3dc43306de154dfbf0f766786
c7388df15b5de3295d403cfc9688059640721668
1359c0a37f00a9f807d19e793bb263c480f8d75bcb0dd7193b3da114c628ee4c
GET /assets/images/footer/made-in.png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1270
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 28 Nov 2022 17:32:59 GMT
etag: "c0effaf3dc43306de154dfbf0f766786"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MySz-T0Fw8BE0XoKNLLfAnJlGm8QOoU2VDquZlH8atoenk1lZTL3qw==
age: 74578
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash bfad1b0899d2c9a9989e83b1651d9f1d
463e936919294576b7033526223c321ecdf9891f
cbc28fdc2674c31e27a53b0d2f5b263b9a9dec2124c96e07b51307acd8684ed4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2587
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:57 GMT
Last-Modified: Tue, 29 Nov 2022 13:32:50 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
hotvpn.io/assets/images/header/header-icon-phone/header-icon-close-white.svg
54.230.111.23200 OK 194 B URL HTTP/2 hotvpn.io/assets/images/header/header-icon-phone/header-icon-close-white.svg
IP 54.230.111.23:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 7985f2445e9b1b02777c987962ccd8b7
55a5a4fbb2af5b488fe8db06b0b39c01a2b282ad
eac41dca7ccd1f121ce77c82bf72ddf7286263f2a960f32f337e5d6e9751b446
GET /assets/images/header/header-icon-phone/header-icon-close-white.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 194
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 13:27:38 GMT
etag: "7985f2445e9b1b02777c987962ccd8b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 95gbnp-rQdx-2HfEXGEWt4YR1QHD-XvBg1o_SuGZO-xmGUJKIUw-HA==
age: 2900
X-Firefox-Spdy: h2
hotvpn.io/assets/images/what-is-a-vpn/white/logo-mac%20(2).png
54.230.111.23200 OK 2.4 kB URL HTTP/2 hotvpn.io/assets/images/what-is-a-vpn/white/logo-mac%20(2).png
IP 54.230.111.23:0
File type PNG image data, 87 x 73, 8-bit/color RGBA, non-interlaced\012- data
Hash aa4fe78bb188b19eec396655989ee542
5caaf9a162b80a2f40db633e044a6e75d4b13589
ae5b9277f6727e40210b593fa8eea1c664a815d6eb1e0025eb96567999abf970
GET /assets/images/what-is-a-vpn/white/logo-mac%20(2).png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2386
last-modified: Thu, 17 Nov 2022 14:11:17 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "aa4fe78bb188b19eec396655989ee542"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VZJuptOfacF9ctxUgJZ1F1mEKQDis3OmmOxVVM778Xh3LrboOvXpsQ==
age: 74578
X-Firefox-Spdy: h2
hotvpn.io/assets/images/what-is-a-vpn/white/ios.png
54.230.111.23200 OK 1.8 kB URL HTTP/2 hotvpn.io/assets/images/what-is-a-vpn/white/ios.png
IP 54.230.111.23:0
File type PNG image data, 61 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 7029ed636afabeb9f2cc0e9008700001
5401e27e72dfc23090d40baa4f7da4b674054b8c
86fdf40d31ae2af39762ea99c44c14c2c6ed2abc48e398df780ff96e2d654076
GET /assets/images/what-is-a-vpn/white/ios.png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1783
last-modified: Thu, 17 Nov 2022 14:11:17 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "7029ed636afabeb9f2cc0e9008700001"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Sog1PrLysXRd6W1WMNIHFYEVbc-I_jR6L-mnj1F0lM8C59c-SGU34g==
age: 6991
X-Firefox-Spdy: h2
hotvpn.io/assets/images/what-is-a-vpn/white/androidW.png
54.230.111.23200 OK 1.6 kB URL HTTP/2 hotvpn.io/assets/images/what-is-a-vpn/white/androidW.png
IP 54.230.111.23:0
File type PNG image data, 63 x 73, 8-bit/color RGBA, non-interlaced\012- data
Hash 505f8188e026c71b5b5717997c9db5d4
c3e91ed7b3cb76ee4099353cc62d6dc2f4ac9b72
1c323a0ba93e660c4de53d3cd64fc427e131831e1c2efd0ce2f5aec87bf6dfce
GET /assets/images/what-is-a-vpn/white/androidW.png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1648
last-modified: Thu, 17 Nov 2022 14:11:17 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "505f8188e026c71b5b5717997c9db5d4"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sskJE3HnhVPMBqfpz4A7xWv0ZClJuBTpDhMGvqA60x-Feq03F4SomQ==
age: 6991
X-Firefox-Spdy: h2
hotvpn.io/assets/images/what-is-a-vpn/white/winsows.png
54.230.111.23200 OK 1.0 kB URL HTTP/2 hotvpn.io/assets/images/what-is-a-vpn/white/winsows.png
IP 54.230.111.23:0
File type PNG image data, 73 x 73, 8-bit/color RGBA, non-interlaced\012- data
Hash ab6f57d791664b9ee7872f60715a9d06
599151a9768910c9a33fb46f93de99fd78ca6581
470093e42349d068cc02141ea24046779645d1f8c72ec971bd81a23cdf912f4e
GET /assets/images/what-is-a-vpn/white/winsows.png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1025
last-modified: Thu, 17 Nov 2022 14:11:17 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "ab6f57d791664b9ee7872f60715a9d06"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qmHZsgqlV9QDt8fPJhiYcR_Ts1JjU3HbPMxejNiVd7WqqSIlODvp_Q==
age: 6991
X-Firefox-Spdy: h2
hotvpn.io/assets/images/header/grey/windows.svg
54.230.111.23200 OK 353 B URL HTTP/2 hotvpn.io/assets/images/header/grey/windows.svg
IP 54.230.111.23:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash ed524bf1dedd6f3660e4c230f6ab2ebf
d33166ff4c495e1f6e0f4bfa2e20147c6217d3c5
78c3d1c32bfb7fc03612359e6cbb808c1dc018659eead4d4727d6696c2144636
GET /assets/images/header/grey/windows.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 353
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 28 Nov 2022 19:09:59 GMT
etag: "ed524bf1dedd6f3660e4c230f6ab2ebf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n13iQ3jgTcAHCK6oKityu2UGrohJ-mQLiQ0Dj-mDctchXJ-NGr2dSQ==
age: 68759
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 1e90385a4e7dc931f01b66a9895dd980
85a8c85acc9446699394113f5ad3963906fd2033
e38ef13a0b60c91c476a6c491c24b0ec564554c810cc38c00325e42ff426349d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143268
Date: Tue, 29 Nov 2022 14:15:57 GMT
Etag: "6385921a-1d7"
Expires: Thu, 01 Dec 2022 06:03:45 GMT
Last-Modified: Tue, 29 Nov 2022 05:01:14 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: od7kOQUCjt6Ookxg7qrLY-H1e9B9nj-Krck-EiYxiSnTr3WfXy1VOQ==
Age: 3751
hotvpn.io/assets/images/footer/Google%20play.png
54.230.111.23200 OK 7.6 kB URL HTTP/2 hotvpn.io/assets/images/footer/Google%20play.png
IP 54.230.111.23:0
File type PNG image data, 217 x 71, 8-bit/color RGBA, non-interlaced\012- data
Hash 7c1b5c7a30992d96b575b3bfa9ba0c5b
fa070413dd5bb97fdc3ef873089b2ee8560bc847
99ee3647ece1055c38d3337b1a74b9feee1b6414f5cbfae54ba57715fee84193
GET /assets/images/footer/Google%20play.png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7609
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 28 Nov 2022 19:09:59 GMT
etag: "7c1b5c7a30992d96b575b3bfa9ba0c5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JpjNQ6l-DNYsagUWpbZxNFQHXXsch0MJ87Hrv1T3596MbUJhExYPtA==
age: 68759
X-Firefox-Spdy: h2
unpkg.com/aos@3.0.0-beta.6/dist/aos.css
104.16.125.175200 OK 63 kB URL HTTP/2 unpkg.com/aos@3.0.0-beta.6/dist/aos.css
IP 104.16.125.175:0
File type ASCII text, with very long lines (28765), with no line terminators
Hash e1496d3e52a82b5b29a8d05c24c6f996
d55d2ddb0c396884c7d05a26d436e47bb579e4c3
80c2be2cdf0ba6ee6ebc527050b6f8cf3bee00cb6e68e806a022bf4b2da4eebf
GET /aos@3.0.0-beta.6/dist/aos.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotvpn.io/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 14:15:57 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"705d-miajSdIaS4cfRd/RJKQ/raT5S5g"
via: 1.1 fly.io
fly-request-id: 01F529PAQ8FBT7QKGWC0ES5DBR
cf-cache-status: HIT
age: 17841664
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771bf5558ee7b515-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hotvpn.io/assets/images/landing%20page/30%20days.svg
54.230.111.23200 OK 3.3 kB URL HTTP/2 hotvpn.io/assets/images/landing%20page/30%20days.svg
IP 54.230.111.23:0
Hash 14d965ad2920b1ff50eab15cc2ed1f3a
42c9425efefd94777cd046504d0ba7816911a258
ef5941dca1bc3281f053273a1271ad7573b5c94bcfc40c5a92f5b7c57f675f1e
GET /assets/images/landing%20page/30%20days.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: W/"5e4e31218bc904cc24af9aff698df180"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EOXnoBIZDO9RYuA3KfZLth6nwPzZEnYU44RfOHDyE_MYSdhFJNJwkg==
age: 74578
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hotvpn.io/assets/images/flag.svg
54.230.111.23200 OK 31 kB URL HTTP/2 hotvpn.io/assets/images/flag.svg
IP 54.230.111.23:0
Hash 0f9fe967a54d309d6efe23ece38199db
b347658336f7f033ffaf93ae73d72f63049d91bd
450155db262f0726ffff4a581b7bad3e05392133aaa4e2bcca8140ce1105bcc3
GET /assets/images/flag.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:02 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: W/"570be0d1dfc23a7f8a153ef581fcffaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7RmdZtAWgF4JXzh8sVgA1tUSKzO6JpDPvYXOWrTtYfugv81IsXleaw==
age: 14998
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hotvpn.io/assets/images/stars.svg
54.230.111.23200 OK 1.8 kB URL HTTP/2 hotvpn.io/assets/images/stars.svg
IP 54.230.111.23:0
Hash 5f2352f40d3da55216b0d70259cc8a0b
44d247b840af001f801b6edeba06ef70706a5f15
b3cd7e68d8e1d5f60b2e8ba94adb0f9bd8c321c546f6e46ecbbda8d0d9fbbd5c
GET /assets/images/stars.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:16 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 12:19:27 GMT
etag: W/"02afbfecfe7a31940923b538364e2a86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IqDmFc7QXmWY-EzMjUVradinPCR9BUZe3hYF0RPwO1ufyYuVF_K1zQ==
age: 6991
X-Firefox-Spdy: h2
www.paypalobjects.com/muse/analytics/index.html
151.101.86.133200 OK 17 kB URL HTTP/2 www.paypalobjects.com/muse/analytics/index.html
IP 151.101.86.133:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (55410)
Hash 56fc10c2e8100a7e4418dc987c23d7a5
5c11880437f36368f82da60522bfcb0d57b395cf
326df6156907ef357f13bf48a5a3798dd4e692345d04fb4edad8370058d1198a
GET /muse/analytics/index.html HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: text/html
etag: W/"6271663d-d994"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 50b39f10d2761
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 14:15:57 GMT
x-served-by: cache-sjc10077-SJC, cache-bma1641-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 110806
x-timer: S1669731358.964814,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 16791
X-Firefox-Spdy: h2
chat-support-marketing66.herokuapp.com/random-conversation-id
34.241.115.67200 OK 35 B URL HTTP/1.1 chat-support-marketing66.herokuapp.com/random-conversation-id
IP 34.241.115.67:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6c532985f602c5fc28c4adc79ca90eba
d3aa9a2dddd77f5186e40744c693007b0e9b879d
86150d993b6377ce6c8b8cab0af4adbfc7ee305fceefa309fa294fb164d28cc4
GET /random-conversation-id HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Type: application/json; charset=utf-8
Content-Length: 35
Etag: W/"23-06qaLd3Xf1GG5AdExpMAew6bh50"
Date: Tue, 29 Nov 2022 14:15:58 GMT
Via: 1.1 vegur
chat-support-marketing66.herokuapp.com/random-conversation-id
34.241.115.67200 OK 35 B URL HTTP/1.1 chat-support-marketing66.herokuapp.com/random-conversation-id
IP 34.241.115.67:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 45ae6bb1abe4c0f262986f9037a565d5
6eef6aa40640681cd5e86706f6dc05c255c7c717
f035656bd48168557ebcf639b9dd11092faf7e27021ca380497a92bae3c34945
GET /random-conversation-id HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Type: application/json; charset=utf-8
Content-Length: 35
Etag: W/"23-bu9qpAZAaBzV6GcG9twFwlXHxxc"
Date: Tue, 29 Nov 2022 14:15:58 GMT
Via: 1.1 vegur
hotvpn.io/assets/images/flags/svg/NO.svg
54.230.111.23200 OK 340 B URL HTTP/2 hotvpn.io/assets/images/flags/svg/NO.svg
IP 54.230.111.23:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash b884cec9fb2d4762a79626f841796979
33d80190dba81f56da7c543ce33048d3e0137fa0
7c0bbcbb75427a982b1c478b32cf8f6d93405e129f0af424d00d6bf3fd7be367
GET /assets/images/flags/svg/NO.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 340
last-modified: Thu, 17 Nov 2022 14:11:12 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:44 GMT
etag: "b884cec9fb2d4762a79626f841796979"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mpv7OcHMm2uqa6i8dtZjFYSh2LevRb0EUCPSXRPr_LV5o4_q7XiPrg==
age: 15
X-Firefox-Spdy: h2
chat-support-marketing66.herokuapp.com/support_chat_hotvpn.css
34.241.115.67200 OK 8.3 kB URL HTTP/1.1 chat-support-marketing66.herokuapp.com/support_chat_hotvpn.css
IP 34.241.115.67:0
Hash 84516f5cee03e7dd17ae4f0508750657
bac728cb24539d19eab82c86b53451c795bfd6ea
eee446b060475634dceeaea23604a3346c7e6a2635f6bc1303f45c49ccf4a575
GET /support_chat_hotvpn.css HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 06 Oct 2022 13:42:38 GMT
Etag: W/"209d-183ad88a8b0"
Content-Type: text/css; charset=UTF-8
Content-Length: 8349
Date: Tue, 29 Nov 2022 14:15:58 GMT
Via: 1.1 vegur
chat-support-marketing66.herokuapp.com/get_fromsupport_notread?appname=HOTVPN
34.241.115.67200 OK 14 B URL HTTP/1.1 chat-support-marketing66.herokuapp.com/get_fromsupport_notread?appname=HOTVPN
IP 34.241.115.67:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bab3e657fe24918a9dbdaf0512a91690
02756c4d67b7c712c483ad3ca070f8ea04358a88
add4663d52bdb001123f209eea844c0b189322a67fb7d014559efbeee6e72edb
POST /get_fromsupport_notread?appname=HOTVPN HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 29
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Type: application/json; charset=utf-8
Content-Length: 14
Etag: W/"e-AnVsTWe3xxLEg608oHD46gQ1iog"
Date: Tue, 29 Nov 2022 14:15:58 GMT
Via: 1.1 vegur
chat-support-marketing66.herokuapp.com/socket.io.js
34.241.115.67200 OK 62 kB URL HTTP/1.1 chat-support-marketing66.herokuapp.com/socket.io.js
IP 34.241.115.67:0
File type ASCII text, with very long lines (32031)
Hash ad682b888ad99cbd0a1e17bf68b97204
2c7440696029e79b94a93c4db05c579439691a1e
cabe1f464fc65357a16093c0b3c3f82654e0bb41ddb29e192abc7c6c31030b72
GET /socket.io.js HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 06 Oct 2022 13:42:49 GMT
Etag: W/"f3d5-183ad88d3a8"
Content-Type: application/javascript; charset=UTF-8
Content-Length: 62421
Date: Tue, 29 Nov 2022 14:15:58 GMT
Via: 1.1 vegur
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2657
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 14:15:58 GMT
Connection: keep-alive
www.paypal.com/targeting/graphql
151.101.1.21204 No Content 0 B URL HTTP/2 www.paypal.com/targeting/graphql
IP 151.101.1.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /targeting/graphql HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.paypalobjects.com/
Origin: https://www.paypalobjects.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f6159305af257
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 29 Nov 2022 23:01:54 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 29 Nov 2023 14:15:58 GMT; Secure
x-pp-s=eyJ0IjoiMTY2OTczMTM1ODUzMiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
nsid=s%3AP2wJ9m71gdOhfDxgvkl9EvEQJezm0txx.MhcdJR%2Bbao6aV5tXyaqXMTYLG83l5SYWxzYxAr1eH1I; Path=/; HttpOnly; Secure
l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Tue, 29 Nov 2022 14:45:58 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1764425758%26vteXpYrS%3D1669733158%26vr%3Dc3be972e1840a7885b2d990efd9ed09f%26vt%3Dc3be972e1840a7885b2d990efd9ed09e%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; HttpOnly; Secure
ts_c=vr%3Dc3be972e1840a7885b2d990efd9ed09f%26vt%3Dc3be972e1840a7885b2d990efd9ed09e; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; Secure
traceparent: 00-0000000000000000000f6159305af257-722fde247d121b18-01
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 29 Nov 2022 14:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11560-HHN, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669731358.428006,VS0,VE196
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2657
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 14:15:58 GMT
Connection: keep-alive
t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AHWS36JWC6K8UJ-1&page=muse%3Aoffer%3A%3A%3AHWS36JWC6K8UJ-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=02852b0b-5823-4148-a6f5-931ea32a1ad1&es=visitorInfoFlowStarted&mrid=HWS36JWC6K8UJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1669731357499&g=0&completeurl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1
192.229.221.25200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AHWS36JWC6K8UJ-1&page=muse%3Aoffer%3A%3A%3AHWS36JWC6K8UJ-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=02852b0b-5823-4148-a6f5-931ea32a1ad1&es=visitorInfoFlowStarted&mrid=HWS36JWC6K8UJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1669731357499&g=0&completeurl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1
IP 192.229.221.25:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Aoffer%3A%3A%3AHWS36JWC6K8UJ-1&page=muse%3Aoffer%3A%3A%3AHWS36JWC6K8UJ-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=02852b0b-5823-4148-a6f5-931ea32a1ad1&es=visitorInfoFlowStarted&mrid=HWS36JWC6K8UJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1669731357499&g=0&completeurl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1 HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
date: Tue, 29 Nov 2022 14:15:58 GMT
expires: Tue, 29 Nov 2022 14:15:58 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 5e65fcc5ee3ae
pragma: no-cache
server: ECAcc (lhd/35F0)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=211
set-cookie: ts=vreXpYrS%3D1764425758%26vteXpYrS%3D1669733158%26vr%3Dc3be97551840a570acf562afffffffff%26vt%3Dc3be97551840a570acf562affffffffe; Expires=Sat, 29 Nov 2025 14:15:58 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3Dc3be97551840a570acf562afffffffff%26vt%3Dc3be97551840a570acf562affffffffe; Expires=Sat, 29 Nov 2025 14:15:58 GMT; Domain=.paypal.com; Path=/; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000005e65fcc5ee3ae-5298e5df12158d94-01
content-length: 42
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2657
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 14:15:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2657
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 14:15:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9fRfgj9_S00P8fI_T-tVt7khJ1kYZux_55K_yLYUsiyVEoiWRM9QAw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:07:26 GMT
age: 58112
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 39467
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:45:15 GMT
age: 34243
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 59344
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:01:55 GMT
age: 58443
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hotvpn.io/assets/images/trust-pilot-stars.svg
54.230.111.23200 OK 1.8 MB URL HTTP/2 hotvpn.io/assets/images/trust-pilot-stars.svg
IP 54.230.111.23:0
Size 1.8 MB (1843145 bytes)
Hash 8dc1534a9de556940ebf9b80e97f2e4a
321445a6515b7cc57edf097a98903bed5af99dac
bc16a62bb6a9fae2adb0a944fa066ece1c33e36591fb82ebd883450747746ffd
GET /assets/images/trust-pilot-stars.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:16 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 09:39:16 GMT
etag: W/"bf87087b66c1a7338592085d092fbe63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iwfBVgmYMQsGEuUr0R6ZUFPflUbRMiK-e0TgN4by0bj1CNPZM_wMDw==
age: 16602
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 32303516732a01bf79009b7266715f80
30c3a47eada87b3e1edfb06411858627b835b56c
28846e2e903889cf81b7a0520b8b2ad1d46b3e9e549457189dc9890d22346849
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6374
Cache-Control: max-age=168559
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:58 GMT
Etag: "6385eaa7-1d7"
Expires: Thu, 01 Dec 2022 13:05:17 GMT
Last-Modified: Tue, 29 Nov 2022 11:19:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 12:41:08 GMT
expires: Tue, 29 Nov 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 5690
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: R5WDDv7zFW4T9o/sRKtgZVtYLn3wWuQCs009XLnPx/cS8rI6RRUYR7PHZAiS/crjLQdau+of0NSIEw0we3cvdw==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Tue, 29 Nov 2022 14:15:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 32303516732a01bf79009b7266715f80
30c3a47eada87b3e1edfb06411858627b835b56c
28846e2e903889cf81b7a0520b8b2ad1d46b3e9e549457189dc9890d22346849
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6374
Cache-Control: max-age=168559
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:58 GMT
Etag: "6385eaa7-1d7"
Expires: Thu, 01 Dec 2022 13:05:17 GMT
Last-Modified: Tue, 29 Nov 2022 11:19:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/852685511/?random=1669731357614&cv=11&fst=1669731357614&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&auid=1191306534.1669731358&rfmt=3&fmt=4
172.217.21.162200 OK 965 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/852685511/?random=1669731357614&cv=11&fst=1669731357614&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&auid=1191306534.1669731358&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2044), with no line terminators
Hash 867f874888ab49ef3a735fe20465f9ae
f47611842ce1951f1aabc6a58e680b0afdc25256
e10b3c980784b18d118d2ef0eeed3885cee7260be29556c94e8b9f53f2b82c04
GET /pagead/viewthroughconversion/852685511/?random=1669731357614&cv=11&fst=1669731357614&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&auid=1191306534.1669731358&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 14:15:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 965
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Nov-2022 14:30:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=126950372&t=pageview&_s=1&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&ul=en-us&de=UTF-8&dt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=752217446&gjid=909790306&cid=1187608851.1669731358&tid=UA-151425496-1&_gid=1912338173.1669731358&_r=1>m=2oub90&z=133441750
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=126950372&t=pageview&_s=1&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&ul=en-us&de=UTF-8&dt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=752217446&gjid=909790306&cid=1187608851.1669731358&tid=UA-151425496-1&_gid=1912338173.1669731358&_r=1>m=2oub90&z=133441750
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=126950372&t=pageview&_s=1&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&ul=en-us&de=UTF-8&dt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=752217446&gjid=909790306&cid=1187608851.1669731358&tid=UA-151425496-1&_gid=1912338173.1669731358&_r=1>m=2oub90&z=133441750 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://hotvpn.io
date: Tue, 29 Nov 2022 14:15:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.101200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 06j99ur1czd7ZoPkwlAkkr5cgASGBVkcqCJSXRK0hqlb5Tnz2akNTw==
age: 522352
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/852685511/?random=1669731357596&cv=11&fst=1669731357596&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&auid=1191306534.1669731358&data=event%3Dgtag.config&rfmt=3&fmt=4
172.217.21.162200 OK 930 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/852685511/?random=1669731357596&cv=11&fst=1669731357596&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&auid=1191306534.1669731358&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (2013), with no line terminators
Hash 7f8ec88595f6c23f986cf30002325aa5
2bb96e3bdf25b90803128203d6d9b64292b2ab20
ece72a2a6640f02b2b1cecd4b364af62b8f0bf7e4459b6aa26c78c0182dad46a
GET /pagead/viewthroughconversion/852685511/?random=1669731357596&cv=11&fst=1669731357596&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&auid=1191306534.1669731358&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 14:15:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 930
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Nov-2022 14:30:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.hotjar.com/modules.fb61877307ee2cbdddd8.js
143.204.55.96200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.fb61877307ee2cbdddd8.js
IP 143.204.55.96:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash 83b19b8f1226afd21aa19be455afda7e
fae192c39c07152703f176652331b0012c642d64
29d4b3c00c20eefcbe98d8e99a16a64314bfb599eaf90153754c5a3c6375f87a
GET /modules.fb61877307ee2cbdddd8.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68686
date: Tue, 29 Nov 2022 13:13:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "83b19b8f1226afd21aa19be455afda7e"
last-modified: Tue, 29 Nov 2022 13:12:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eHpiqpG9kqBVhAkCn4C1q1uX3gCT2nFRNJDQ2P4jd_aKVw0NCwG5qg==
age: 3773
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 798c6088f000b3a2464e23a92271c24d
2a53b3d3bd4a9104c79595f664276db5b32b9bad
dcccfc9bb4da634286d08301fcf23be3ae26bb429b35349fb72dde530fdb3ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 798c6088f000b3a2464e23a92271c24d
2a53b3d3bd4a9104c79595f664276db5b32b9bad
dcccfc9bb4da634286d08301fcf23be3ae26bb429b35349fb72dde530fdb3ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0fe20d41a043db700a84924cd9793f3
c0da481fef6cd00558f6e68b074acb34bef8292f
03caeb65ab9e22f6d6fe0d344d327950d20ee9ed144e2da0e5e062943a03fc56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0fe20d41a043db700a84924cd9793f3
c0da481fef6cd00558f6e68b074acb34bef8292f
03caeb65ab9e22f6d6fe0d344d327950d20ee9ed144e2da0e5e062943a03fc56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/852685511/?random=1669731357614&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&fmt=3&is_vtc=1&random=2470291529&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/852685511/?random=1669731357614&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&fmt=3&is_vtc=1&random=2470291529&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/852685511/?random=1669731357614&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&fmt=3&is_vtc=1&random=2470291529&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 14:15:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/852685511/?random=1669731357596&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3780943724&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/852685511/?random=1669731357596&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3780943724&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/852685511/?random=1669731357596&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3780943724&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 14:15:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/852685511/?random=1669731357596&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3780943724&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/852685511/?random=1669731357596&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3780943724&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/852685511/?random=1669731357596&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1>m=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3780943724&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 14:15:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/852685511/?random=1669731357614&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&fmt=3&is_vtc=1&random=2470291529&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/852685511/?random=1669731357614&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&fmt=3&is_vtc=1&random=2470291529&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/852685511/?random=1669731357614&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&fmt=3&is_vtc=1&random=2470291529&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 14:15:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 798c6088f000b3a2464e23a92271c24d
2a53b3d3bd4a9104c79595f664276db5b32b9bad
dcccfc9bb4da634286d08301fcf23be3ae26bb429b35349fb72dde530fdb3ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-6705X2P2FH>m=2oeb90&_p=126950372&cid=1187608851.1669731358&ul=en-us&sr=1280x1024&_s=1&sid=1669731357&sct=1&seg=0&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&dt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-6705X2P2FH>m=2oeb90&_p=126950372&cid=1187608851.1669731358&ul=en-us&sr=1280x1024&_s=1&sid=1669731357&sct=1&seg=0&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&dt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6705X2P2FH>m=2oeb90&_p=126950372&cid=1187608851.1669731358&ul=en-us&sr=1280x1024&_s=1&sid=1669731357&sct=1&seg=0&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&dt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://hotvpn.io
date: Tue, 29 Nov 2022 14:15:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 14:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=821702848785505&ev=PageView&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&rl=&if=false&ts=1669731358231&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669731358229.1067430962&it=1669731357942&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=821702848785505&ev=PageView&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&rl=&if=false&ts=1669731358231&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669731358229.1067430962&it=1669731357942&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=821702848785505&ev=PageView&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&rl=&if=false&ts=1669731358231&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669731358229.1067430962&it=1669731357942&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Nov 2022 14:15:59 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 71de4c0fa392d3688ea0215d2d175610
9c7f7483da1ccd773641756b58518878b7b29e4b
cac04afb92da211a59415a6142245547048f0cace330291c03b1f83129ab5657
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 14:15:59 GMT
Last-Modified: Tue, 29 Nov 2022 12:35:06 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HNncEbDDYQDtATI7phI3NeiiV3UPC2AYCnZTP-0tpZTAb9Pu2yIlMw==
Age: 6054
chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1669731358215&EIO=3&transport=polling&t=OJ3lgTQ
34.241.115.67200 OK 103 B URL HTTP/1.1 chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1669731358215&EIO=3&transport=polling&t=OJ3lgTQ
IP 34.241.115.67:0
File type ASCII text, with no line terminators
Hash 47eb4d6a0dd071526969e46937a5be7d
f1d5471f11b09ff210d8b7a44c1ba760d78f4111
6f28d535878ee65aacee6cfd9ef1688bea809ed45b7d88bf14d261c0b7d2f404
GET /socket.io/?conversation_id=1669731358215&EIO=3&transport=polling&t=OJ3lgTQ HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 103
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hotvpn.io
Set-Cookie: io=b5z_nc_yY5lnGBJ9AArN; Path=/; HttpOnly
Date: Tue, 29 Nov 2022 14:16:03 GMT
Via: 1.1 vegur
www.paypal.com/xoplatform/logger/api/logger
151.101.1.21200 OK 77 kB URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 151.101.1.21:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
OPTIONS /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotvpn.io/
Origin: https://hotvpn.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://hotvpn.io
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f8001409a0742
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 29 Nov 2022 23:01:54 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 29 Nov 2023 14:15:58 GMT; Secure
x-pp-s=eyJ0IjoiMTY2OTczMTM1ODY4MCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=loggernodeweb; Domain=.paypal.com; Path=/; Expires=Fri, 02 Dec 2022 14:15:58 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Tue, 29 Nov 2022 14:45:58 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1764425758%26vteXpYrS%3D1669733158%26vr%3Dc3be97b61840ad0096e367fcfdd49849%26vt%3Dc3be97b61840ad0096e367fcfdd49848%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; HttpOnly; Secure
ts_c=vr%3Dc3be97b61840ad0096e367fcfdd49849%26vt%3Dc3be97b61840ad0096e367fcfdd49848; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; Secure
traceparent: 00-0000000000000000000f8001409a0742-d4ccf91d099d2804-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 29 Nov 2022 14:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4053-HHN, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669731359.538641,VS0,VE231
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
X-Firefox-Spdy: h2
chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1669731358215&EIO=3&transport=polling&t=OJ3lgUG&sid=b5z_nc_yY5lnGBJ9AArN
34.241.115.67200 OK 38 B URL HTTP/1.1 chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1669731358215&EIO=3&transport=polling&t=OJ3lgUG&sid=b5z_nc_yY5lnGBJ9AArN
IP 34.241.115.67:0
File type ASCII text, with no line terminators
Hash a9482f5f2f9c6ce003861662854e78a1
3b15bd2eb60c8be297f2bea9eda897a2b391dc9f
1bb16fbb679f44f5543e23c9ec0791bf3c0342f4d6ed1ad83909a9549fca7670
GET /socket.io/?conversation_id=1669731358215&EIO=3&transport=polling&t=OJ3lgUG&sid=b5z_nc_yY5lnGBJ9AArN HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 38
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hotvpn.io
Set-Cookie: io=b5z_nc_yY5lnGBJ9AArN; Path=/; HttpOnly
Date: Tue, 29 Nov 2022 14:16:03 GMT
Via: 1.1 vegur
chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1669731358215&EIO=3&transport=websocket&sid=b5z_nc_yY5lnGBJ9AArN
34.241.115.67101 Switching Protocols 0 B URL HTTP/1.1 chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1669731358215&EIO=3&transport=websocket&sid=b5z_nc_yY5lnGBJ9AArN
IP 34.241.115.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?conversation_id=1669731358215&EIO=3&transport=websocket&sid=b5z_nc_yY5lnGBJ9AArN HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://hotvpn.io
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dLYDp2vygHOknIdEzVOAvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-Websocket-Accept: yGqxNhSPM8+J+mfuy/GCbZ+hwDE=
Sec-Websocket-Extensions: permessage-deflate
Via: 1.1 vegur
chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1669731358215&EIO=3&transport=polling&t=OJ3lgV6&sid=b5z_nc_yY5lnGBJ9AArN
34.241.115.67200 OK 3 B URL HTTP/1.1 chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1669731358215&EIO=3&transport=polling&t=OJ3lgV6&sid=b5z_nc_yY5lnGBJ9AArN
IP 34.241.115.67:0
File type ASCII text, with no line terminators
Hash 9b9065b3ba2c3c87f1e30fdf998d791e
cc471c1ac39e9f79d65111b47de18d7bf187f1ed
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
GET /socket.io/?conversation_id=1669731358215&EIO=3&transport=polling&t=OJ3lgV6&sid=b5z_nc_yY5lnGBJ9AArN HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 3
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hotvpn.io
Set-Cookie: io=b5z_nc_yY5lnGBJ9AArN; Path=/; HttpOnly
Date: Tue, 29 Nov 2022 14:16:03 GMT
Via: 1.1 vegur
hotvpn.io/main.4557e971c45388af.js
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/main.4557e971c45388af.js
IP 54.230.111.23:0
GET /main.4557e971c45388af.js HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 19:09:57 GMT
etag: W/"a320ec920f0f95a537590c90e573d89d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DIFcDcd_x8LNNXQin3cwVfra5t2rxSknVIPxirL7c2oaN9VxPIF6_A==
age: 68759
X-Firefox-Spdy: h2
hotvpn.io/assets/images/footer/facebook.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/footer/facebook.svg
IP 54.230.111.23:0
GET /assets/images/footer/facebook.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 19:09:59 GMT
etag: W/"a95acbc84137e1bdc8a43c248cae7618"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MnBy7vxXkTQJQeQ-fI185Y8Ln391QjiJZ0ghAJm-ZEYkHXiTg33H4w==
age: 68759
X-Firefox-Spdy: h2
unpkg.com/aos@3.0.0-beta.6/dist/aos.js
104.16.125.175200 OK 0 B URL HTTP/2 unpkg.com/aos@3.0.0-beta.6/dist/aos.js
IP 104.16.125.175:0
GET /aos@3.0.0-beta.6/dist/aos.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotvpn.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 14:15:57 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"35e8-44lQwbzmXp8EjjBbNWf/kKDJI+M"
via: 1.1 fly.io
fly-request-id: 01G4XPMRK60WFNVK2QWFYNAZ5A-fra
cf-cache-status: HIT
age: 15172221
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771bf5558eeeb515-OSL
content-encoding: br
X-Firefox-Spdy: h2
hotvpn.io/assets/images/footer/twitter.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/footer/twitter.svg
IP 54.230.111.23:0
GET /assets/images/footer/twitter.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 19:09:59 GMT
etag: W/"2fe4289702df9c8a942ce76034cb05cc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WYwHLT2co8gcazS6vHDSSt5jU7sHGkE5_9K4HxK2iB81LJE2Lngsig==
age: 68759
X-Firefox-Spdy: h2
hotvpn.io/assets/images/footer/instegram.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/footer/instegram.svg
IP 54.230.111.23:0
GET /assets/images/footer/instegram.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 11:23:36 GMT
etag: W/"fda72ebb78bf1ab5b62035060bc5e27a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9U0iIfQZCGAsr8ubYTlM68gMLq6tbj6RvXNsT99LEdWZ9PYU1TJmVA==
age: 10342
X-Firefox-Spdy: h2
hotvpn.io/assets/images/header/grey/android.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/header/grey/android.svg
IP 54.230.111.23:0
GET /assets/images/header/grey/android.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 19:09:59 GMT
etag: W/"c3e91803247861d5faa3d9021372f906"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QjjrqqlXce1vH_Qq0mZ2_SE8I6NCC3IYCMtMHNLCt6VHdvzUeWUtcQ==
age: 68759
X-Firefox-Spdy: h2
hotvpn.io/landing-page?page=a1
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/landing-page?page=a1
IP 54.230.111.23:0
GET /landing-page?page=a1 HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 16:33:02 GMT
etag: W/"2de5b723aa3dc928e6595d8f7e8b58ee"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kwOsbDWE2qsMsAv9DEqOr39IpKPX7Rt5gR9XdYnfdZ0qP5uSm8YbRg==
age: 78175
X-Firefox-Spdy: h2
hotvpn.io/assets/images/footer/Linkedin.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/footer/Linkedin.svg
IP 54.230.111.23:0
GET /assets/images/footer/Linkedin.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 03:29:39 GMT
etag: W/"0a3751345eb8278a04a7d13636dbd1d4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zHyXaOWPQlQf6gwWv8tuG1Dqww8I89rKcHI5swhkAoR3P-Tyfa81RQ==
age: 38779
X-Firefox-Spdy: h2
hotvpn.io/assets/images/header/grey/apple.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/header/grey/apple.svg
IP 54.230.111.23:0
GET /assets/images/header/grey/apple.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 19:09:59 GMT
etag: W/"b7c88f903c82ea8d72656119c81e423f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2i6nliJ_Pmy2qAiSTMw0vNAXlSrKkx5QmRwkGaCouiKpY6qLVbiUjg==
age: 68759
X-Firefox-Spdy: h2
www.paypal.com/targeting/graphql
151.101.1.21200 OK 0 B URL HTTP/2 www.paypal.com/targeting/graphql
IP 151.101.1.21:0
POST /targeting/graphql HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paypalobjects.com/
Content-Type: application/json
Origin: https://www.paypalobjects.com
Content-Length: 319
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-zx3CYxKb/C6QypbXNbQsGO2S2j3NXpbxItmL8S9i6uqZpqNy' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-type: application/json; charset=utf-8
etag: W/W/"1b3-OTYMe18vwxpGTgaok+aW3gAcm7s"
paypal-debug-id: f80014087fd4a
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 29 Nov 2022 23:01:54 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 29 Nov 2023 14:15:58 GMT; Secure
x-pp-s=eyJ0IjoiMTY2OTczMTM1ODgyMiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=targetingnodeweb; Domain=.paypal.com; Path=/; Expires=Fri, 02 Dec 2022 14:15:58 GMT; HttpOnly; Secure; SameSite=None
nsid=s%3AgnKuN3s7DZH7EncqUpAZ2LtYH2lgJpvR.yluTThkvCnwHzupYy%2BvD3t5krLQRXzfZzZyQi%2BpFVX0; Path=/; HttpOnly; Secure
l7_az=dcg15.slc; Path=/; Domain=paypal.com; Expires=Tue, 29 Nov 2022 14:45:58 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1764425758%26vteXpYrS%3D1669733158%26vr%3Dc3be98001840a78857f7d0f9fda1ad58%26vt%3Dc3be98001840a78857f7d0f9fda1ad57%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; HttpOnly; Secure
ts_c=vr%3Dc3be98001840a78857f7d0f9fda1ad58%26vt%3Dc3be98001840a78857f7d0f9fda1ad57; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; Secure
traceparent: 00-0000000000000000000f80014087fd4a-ba160e2ba13bfb22-01
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Tue, 29 Nov 2022 14:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11544-HHN, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669731359.638092,VS0,VE273
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
X-Firefox-Spdy: h2
www.paypal.com/xoplatform/logger/api/logger
151.101.1.21200 OK 0 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 151.101.1.21:0
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1460
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://hotvpn.io
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
etag: W/W/"3e2-+IFUzzRxpqqsG9suEBfZNrUNuWI"
paypal-debug-id: f8001404b67ad
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 29 Nov 2023 14:15:58 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 29 Nov 2022 23:01:54 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Fri, 02 Dec 2022 14:15:57 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY2OTczMTM1ODkwNyIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Tue, 29 Nov 2022 14:45:58 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1764425758%26vteXpYrS%3D1669733158%26vr%3Dc3be98991840a2d1fd8a1bcafdf7329c%26vt%3Dc3be98991840a2d1fd8a1bcafdf7329b%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; HttpOnly; Secure
ts_c=vr%3Dc3be98991840a2d1fd8a1bcafdf7329c%26vt%3Dc3be98991840a2d1fd8a1bcafdf7329b; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; Secure
traceparent: 00-0000000000000000000f8001404b67ad-ac70c411eadd8dde-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Tue, 29 Nov 2022 14:15:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11560-HHN, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669731359.782705,VS0,VE220
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
X-Firefox-Spdy: h2
hotvpn.io/scripts.0050e7fef10bfa2f.js
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/scripts.0050e7fef10bfa2f.js
IP 54.230.111.23:0
GET /scripts.0050e7fef10bfa2f.js HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 07:25:56 GMT
etag: W/"f9e24949cb40c6c413dc39b4236414b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tDrNkjEeWoJmAR9QibJhCsj9yPXF1rEPLm7NFD_1eA4lhOKsoCv3CA==
age: 24601
X-Firefox-Spdy: h2
hotvpn.io/assets/images/header/warning.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/header/warning.svg
IP 54.230.111.23:0
GET /assets/images/header/warning.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 29 Nov 2022 08:09:06 GMT
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
etag: W/"99adb8fd68e5d35a781451351a0145c4"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sJdlrIRWf2N_bk8as3TqbZms5WfCZrQcmOmQdzmHkJuKDh5QSEReYA==
age: 22012
X-Firefox-Spdy: h2
hotvpn.io/assets/images/footer/rss.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/footer/rss.svg
IP 54.230.111.23:0
GET /assets/images/footer/rss.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 11:23:35 GMT
etag: W/"aa19599a35ec65d011e1701f5d9a1548"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yDTPVTjfP-SLPSE9HzD7vCdqnOMVkSedeVLwII7kztqv80DhqFnW_g==
age: 10343
X-Firefox-Spdy: h2
unpkg.com/aos@next/dist/aos.js
104.16.125.175302 Found 0 B URL HTTP/2 unpkg.com/aos@next/dist/aos.js
IP 104.16.125.175:0
GET /aos@next/dist/aos.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 29 Nov 2022 14:15:57 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /aos@3.0.0-beta.6/dist/aos.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK1VWGAJENSZSDT3SF9CRXDH-ams
cf-cache-status: HIT
age: 21
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771bf5554e87b515-OSL
X-Firefox-Spdy: h2
hotvpn.io/styles.b9a4fa6e7890685a.css
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/styles.b9a4fa6e7890685a.css
IP 54.230.111.23:0
GET /styles.b9a4fa6e7890685a.css HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 08:09:02 GMT
etag: W/"c2ee6588791c454ff9408db24725fe70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gp6mjQrec31zqtoA6PrAlXiRyNV0chBuaWe8hu7_GNk9JPpeJgvZeQ==
age: 22015
X-Firefox-Spdy: h2
hotvpn.io/assets/images/hotvpn-icon.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/hotvpn-icon.svg
IP 54.230.111.23:0
GET /assets/images/hotvpn-icon.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 22:12:55 GMT
etag: W/"5025f7aa8aed5e41a95aaee2f12d795e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N9c4TEmL4InXx1ngGzHC5q5KyYFsfzpUaaNmmmsg_xYyZ4L3opFkGQ==
age: 57783
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-879925.js?sv=7
143.204.55.54200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-879925.js?sv=7
IP 143.204.55.54:0
GET /c/hotjar-879925.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 14:15:43 GMT
cache-control: max-age=60
etag: W/0dc4430c9e4be977eabfab7a706cfbeb
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -l1QlHZ_JWR7jVZF-OdvqsjXhK2CPDTsr4k8UoSGfxWk4e3jjhLFfA==
age: 15
X-Firefox-Spdy: h2