Overview

URLjorttiuyng.com/link?z=5563133&var=8f88b500-e012-44cd-9707-b63d23f3efa1&ymid=wi0kn0t31ndt8mqk2k2fstrk
IP 139.45.197.236 (United Kingdom)
ASN#9002 RETN Limited
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-29 14:16:07 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (32)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
chat-support-marketing66.herokuapp.com (9) 0 2019-09-11 09:16:39 UTC 2022-11-24 19:10:38 UTC 34.241.115.67 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.165.176.211
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-29 06:11:22 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
www.facebook.com (1) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 31.13.72.36
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-29 05:51:44 UTC 34.117.237.239
cdn.jsdelivr.net (3) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.85.229
www.paypalobjects.com (2) 1467 2012-05-30 06:40:21 UTC 2020-03-18 13:00:39 UTC 151.101.86.133
unpkg.com (6) 11693 2016-01-07 23:26:01 UTC 2022-11-29 06:09:35 UTC 104.16.125.175
t.paypal.com (1) 3487 2012-06-27 13:49:38 UTC 2020-03-01 11:23:49 UTC 192.229.221.25
www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-11-29 08:33:49 UTC 142.250.74.174
www.google.com (2) 7 2016-03-22 03:56:07 UTC 2022-11-29 09:16:29 UTC 142.250.74.164
jorttiuyng.com (1) 0 2022-09-01 14:41:14 UTC 2022-11-29 11:40:08 UTC 139.45.197.236 Unknown ranking
img-getpocket.cdn.mozilla.net (5) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
r3.o.lencr.org (6) 344 No data No data 23.36.76.226
ocsp.pki.goog (17) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2020-04-26 08:32:02 UTC 143.204.55.54
kit.fontawesome.com (1) 1868 2019-12-16 19:51:31 UTC 2020-10-22 17:14:21 UTC 104.18.22.52
www.google.no (2) 25607 2016-04-05 19:50:59 UTC 2022-11-29 08:15:17 UTC 142.250.74.3
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-29 05:48:55 UTC 34.102.187.140
track.hotvpn.io (2) 0 No data No data 18.197.208.17 Domain (hotvpn.io) ranked at: 470963
ocsp.sca1b.amazontrust.com (3) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.158
ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
www.googletagmanager.com (2) 75 2013-05-22 02:07:37 UTC 2022-11-29 06:48:06 UTC 142.250.74.168
www.paypal.com (6) 2583 2012-09-05 05:46:24 UTC 2020-05-05 12:40:48 UTC 151.101.1.21
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 31.13.72.12
ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
hotvpn.io (34) 470963 2020-01-14 09:19:08 UTC 2022-11-29 11:40:09 UTC 54.230.111.23
cdnjs.cloudflare.com (1) 235 2015-04-17 20:46:33 UTC 2022-11-29 07:25:31 UTC 104.17.25.14
googleads.g.doubleclick.net (2) 42 2021-02-20 15:43:32 UTC 2022-11-29 09:14:37 UTC 172.217.21.162
vars.hotjar.com (1) 1014 2020-11-05 16:23:46 UTC 2022-11-29 09:37:23 UTC 143.204.55.101
script.hotjar.com (1) 887 2020-11-05 16:23:46 UTC 2022-11-29 05:48:51 UTC 143.204.55.96

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-29 2 jorttiuyng.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 139.45.197.236
Date UQ / IDS / BL URL IP
2023-02-03 16:43:41 +0000 0 - 0 - 1 batcherg.com/ 139.45.197.236
2023-02-03 07:48:55 +0000 0 - 0 - 2 besmeargleor.com/400/2983203 139.45.197.236
2023-02-03 01:56:16 +0000 0 - 0 - 0 eephaush.com 139.45.197.236
2023-01-29 16:23:31 +0000 0 - 0 - 2 beaxewr.com/ 139.45.197.236
2023-01-28 03:52:15 +0000 0 - 0 - 2 dooloust.net 139.45.197.236


Last 5 reports on ASN: RETN Limited
Date UQ / IDS / BL URL IP
2023-02-03 17:00:11 +0000 0 - 0 - 4 chemtoaxeehy.com/ 139.45.197.151
2023-02-03 16:56:59 +0000 0 - 0 - 4 zeyappland.com/ 139.45.197.151
2023-02-03 16:54:53 +0000 0 - 1 - 2 wetoocku.com/ 139.45.197.249
2023-02-03 16:54:14 +0000 0 - 0 - 2 allhotfeed.com/ 139.45.197.153
2023-02-03 16:52:56 +0000 0 - 0 - 2 waisheph.com/ 139.45.197.245


Last 5 reports on domain: jorttiuyng.com
Date UQ / IDS / BL URL IP
2023-01-06 22:14:37 +0000 0 - 1 - 21 jorttiuyng.com/link?z=5611556&var=342522&ymid (...) 139.45.197.236
2023-01-06 14:22:18 +0000 0 - 0 - 1 jorttiuyng.com/link?z=5611232&var=101_95895&y (...) 139.45.197.236
2022-11-29 14:16:07 +0000 0 - 0 - 1 jorttiuyng.com/link?z=5563133&var=8f88b500-e0 (...) 139.45.197.236
2022-11-11 14:20:57 +0000 0 - 0 - 4 jorttiuyng.com/link?z=5485198&var=36741&ymid= (...) 139.45.197.236
2022-11-06 06:39:32 +0000 0 - 0 - 1 jorttiuyng.com/link?z=5049170&ymid=8adb6e29z4 (...) 139.45.197.236


Last 1 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-20 23:25:07 +0000 0 - 2 - 0 track.hotvpn.io/bfde2a7b-ad9b-4dfe-9152-8e68c (...) 18.197.208.17

JavaScript

Executed Scripts (34)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (127)


Request Response
                                        
                                            GET /link?z=5563133&var=8f88b500-e012-44cd-9707-b63d23f3efa1&ymid=wi0kn0t31ndt8mqk2k2fstrk HTTP/1.1 
Host: jorttiuyng.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         139.45.197.236
HTTP/1.1 302 Found
                                        
Server: nginx
Date: Tue, 29 Nov 2022 14:15:56 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
X-Trace-Id: 75d6ac755853e44d2f60758f44a64ca2
Link: <https://track.hotvpn.io>; rel="dns-prefetch preconnect"
Referrer-Policy: no-referrer
Location: https://track.hotvpn.io/bfde2a7b-ad9b-4dfe-9152-8e68c6da52c7?zoneid=5563133_8f88b500-e012-44cd-9707-b63d23f3efa1&bannerid=15892529&browser=firefox&os=windows&device=desktop&region=03&isp=blix group as&useragent=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0&language=en&connectiontype=broadband&cost=0.000000&visitor_id=621460581976904224
Set-Cookie: OAID=d795afb8e6b849399514196e1d812ead; expires=Wed, 29 Nov 2023 14:15:56 GMT oaidts=1669731356; expires=Wed, 29 Nov 2023 14:15:56 GMT OXCCLK=6366117.1; expires=Wed, 29 Nov 2023 14:15:56 GMT allcnt=1; expires=Wed, 29 Nov 2023 14:15:56 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4008
Expires: Tue, 29 Nov 2022 15:22:44 GMT
Date: Tue, 29 Nov 2022 14:15:56 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1359
Cache-Control: max-age=160674
Date: Tue, 29 Nov 2022 14:15:56 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 10:53:50 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6390
Expires: Tue, 29 Nov 2022 16:02:26 GMT
Date: Tue, 29 Nov 2022 14:15:56 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 13:17:55 GMT
cache-control: public,max-age=3600
age: 3481
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: pWySt8TKobF+dssqgVpyxoKpS3ENuv7jYmnx4Lhx1wdCq7wuhO4iI8tkVEZMLZbcbGbvdjkx71U=
x-amz-request-id: 31252HQGX78KRPMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 13:42:31 GMT
age: 2005
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /bfde2a7b-ad9b-4dfe-9152-8e68c6da52c7?zoneid=5563133_8f88b500-e012-44cd-9707-b63d23f3efa1&bannerid=15892529&browser=firefox&os=windows&device=desktop&region=03&isp=blix%20group%20as&useragent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&language=en&connectiontype=broadband&cost=0.000000&visitor_id=621460581976904224 HTTP/1.1 
Host: track.hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         18.197.208.17
HTTP/2 302 Found
                                        
server: nginx
date: Tue, 29 Nov 2022 14:15:56 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://hotvpn.io/landing-page?page=a1
pragma: no-cache
set-cookie: bfde2a7b-ad9b-4dfe-9152-8e68c6da52c7-v4=niFMIEVfQIdt-tdnmXEDEaXlq-U_CIgRphTA609dbfg; Max-Age=86400; Expires=Wed, 30-Nov-2022 14:15:56 GMT; Domain=track.hotvpn.io; Path=/; Secure; HttpOnly;SameSite=None cc-v4=v1%2FuA3qh3v1aRZtOS%2BF67t4RgFczY5a5T5LAvQ8rY0wv3jOVVYrrb1vWKCuZl1bk%2FBsG%2FYTvtxBOszcUHtXlEKa7TgzxLTc1PqhrXxhuUfPCXlpr2wIGBjiqQaR4CapDSs5O7dvprVI98h5jpnrcog%3D%3D; Max-Age=31536000; Expires=Wed, 29-Nov-2023 14:15:56 GMT; Domain=track.hotvpn.io; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 29 Nov 2022 14:15:56 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=117791
Date: Tue, 29 Nov 2022 14:15:56 GMT
Etag: "63853c4c-1d7"
Expires: Wed, 30 Nov 2022 22:59:07 GMT
Last-Modified: Mon, 28 Nov 2022 22:55:08 GMT
Server: ECS (dcb/7F13)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: x3pGYl4bLKxVdYtbwWEt0OcajfcOFDZiJMbAMnK3WoQPmFJ7SBzg1Q==
Age: 239

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 14:08:56 GMT
cache-control: public,max-age=3600
age: 420
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /runtime.9f5e0f1c47831410.js HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: application/javascript
                                        
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 19:09:57 GMT
etag: W/"45396769f2ec783c20b8aa7bcce84d47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xo10Z7xpwczKuM6uwAOW319sIm15DPYHXNSPOf7rFs2-145jjtgpJg==
age: 68759
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2080
Md5:    daa1905462eb03bc707a1e5a84569160
Sha1:   b0dead152d5c84a596ae19ffef590019217db44e
Sha256: 1eb4a5c458fd98ab3a315ef12e80204e9d84d442081cf056a3394e08714432c5
                                        
                                            GET /polyfills.bbb3a18906f94e2a.js HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 01:34:43 GMT
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
etag: W/"c1f5d9dca2f41e57c75a633ab34bb597"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NcYeic5ITaEGM2nvMm6FyVkuNqVKn81_bVUVEf5vGZvdV9rHTubqqQ==
age: 45674
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12229
Md5:    86ddd0ab73eda2d1ea35fd4cf5cb04c6
Sha1:   d8d880c757ab58707e07fa3fc2f8d42f7f5dec2b
Sha256: 36ba100984cd7704d5f90e5f59935343c08cf1b179904ca3a058193727c3fac6
                                        
                                            GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 29 Nov 2022 14:15:56 GMT
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 576665
expires: Sun, 19 Nov 2023 14:15:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwmnQZnuVE%2BQCNyMPhiN0xjxYAarqYP61a40HO8GYOMLl%2BKGqAzt1qc10mzeH2HUYTrq8l2nhTlWDkaUZ1giu0U6RMG9rXUkmSAjT994RSIIy2CjIihbauofeYmSipE1cGaAjfjg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 771bf554da521bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   5631
Md5:    109d1ed85cd01f9cdab73a4cac5bf80d
Sha1:   d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
Sha256: 8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
                                        
                                            GET /npm/bootstrap@5.2.0-beta1/dist/js/bootstrap.bundle.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.2.0-beta1
x-jsd-version-type: version
etag: W/"1377e-a0uYWpCr16scLjX/O4dNB8+EEO4"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 14:15:56 GMT
age: 9725085
x-served-by: cache-fra19140-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23010
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65293)
Size:   23010
Md5:    17be39c5c6fd45df16dfd5db3c085068
Sha1:   16e85f6095024d87f093975b392ee6d8307807a2
Sha256: 26323ab86481ea97bf21d9e5a84009ac48cd4fdce7a58ac15dd4c6391669a42e
                                        
                                            GET /npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.229
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 14:15:56 GMT
age: 1418
x-served-by: cache-fra-eddf8230038-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11403
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   11403
Md5:    9d925d15680cff8c6ea221e68d4da6fc
Sha1:   4feb53c66abd34264a976f4fae5f5819fa2a454a
Sha256: 42afd5d11d0b1f94ab684c456c19e39f1ddfae78f2f14118e9891f68558fc26b
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5024
Cache-Control: max-age=93769
Date: Tue, 29 Nov 2022 14:15:56 GMT
Etag: "6384cbc5-117"
Expires: Wed, 30 Nov 2022 16:18:45 GMT
Last-Modified: Mon, 28 Nov 2022 14:55:01 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.85.229
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.2.0-beta1
x-jsd-version-type: version
etag: W/"2f3f9-YnOsGiPXmhIvAi9qh8W3XCz6/Do"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 14:15:56 GMT
age: 14556098
x-served-by: cache-fra19143-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27328
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65300)
Size:   27328
Md5:    7fe415dab6752a3d34d32883ba08e681
Sha1:   7821ce1e4e8a6862c6ba04798083bd16d1a337d8
Sha256: 0cbb8b50577b24ed36371ea4cc9213fe8a86b3dc295594d3fa3c8a7884d57516
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5556
Cache-Control: max-age=94301
Date: Tue, 29 Nov 2022 14:15:56 GMT
Etag: "6384cbc5-117"
Expires: Wed, 30 Nov 2022 16:27:37 GMT
Last-Modified: Mon, 28 Nov 2022 14:55:01 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4809
Cache-Control: max-age=159060
Date: Tue, 29 Nov 2022 14:15:57 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:26:57 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1806
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 14:15:57 GMT
Last-Modified: Tue, 29 Nov 2022 13:45:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "1722C41C60DEDC3760921CC7B25328DB3F5011F2"
Expires: Wed, 30 Nov 2022 02:00:00 GMT
Last-Modified: Tue, 29 Nov 2022 14:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 366
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771bf5558babb505-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    1e42d583bc12f9e26e761ed2c0901038
Sha1:   91a8f404d72889b56e724927a370a914ea101d91
Sha256: 06b252c6b1df77e83111f56373af005d9dd8438ebe39f929b6761ef4e3d7927b
                                        
                                            GET /gtag/js?id=UA-151425496-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 14:15:57 GMT
expires: Tue, 29 Nov 2022 14:15:57 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43610
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43610
Md5:    aa613c769d1fed0d4c19ce8e57a2edfa
Sha1:   640833b5a41b92088c8fcf5c184d6fe2318f923d
Sha256: a0563ec6e797435f4886e0e654d388a5391e6ed48128f5c51f6b5ddbb2104a0a
                                        
                                            GET /gtag/js?id=G-6705X2P2FH HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 14:15:57 GMT
expires: Tue, 29 Nov 2022 14:15:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77778
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21484)
Size:   77778
Md5:    6c3f63e5651c81a30c6beb1ba25c6e91
Sha1:   4037b58dfb462c49714749e8278db9ab6ecd0897
Sha256: 0995d4da642a7bfe1464aaedd1fd63d42293096ab40dea8f4c028b472aaaea92
                                        
                                            GET /sdk/js?client-id=AXiuTLh0HoBRzNyDB2w_NeR5wOZaLz8Ch6H9cr3mTA33XSeq5qgUi_AKPrNUfxxG1XLk6k0YDDVBtLwZ&vault=true&intent=subscription HTTP/1.1 
Host: www.paypal.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.1.21
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
content-encoding: gzip
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-Dqh6hDpA1BVRL7vba4IPEV8E33R+vZKQC1E7lfcFG5l+qJ4u' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-Dqh6hDpA1BVRL7vba4IPEV8E33R+vZKQC1E7lfcFG5l+qJ4u' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
etag: W/"177fe-yWJkh1cDO2SMd4zJjDaqUliKWlQ"
p3p: true
paypal-debug-id: f459083a36f92
traceparent: 00-0000000000000000000f459083a36f92-a578ab9b20980af3-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 14:15:57 GMT
age: 15
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4035-HHN, cache-bma1676-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1669731357.068934,VS0,VE2
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f459083a36f92-367d2052293a4f40-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 96254
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65472)
Size:   96254
Md5:    a25bbf37fe27be3655d6c888bc80fa40
Sha1:   c962648757033b648c778cc98c36aa52588a5a54
Sha256: c8c6927244e5fd26d664efaac291fba2c3ea315df74e890932a4d15b916f9033
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /a076d05399.js HTTP/1.1 
Host: kit.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.18.22.52
HTTP/2 403 Forbidden
content-type: text/plain; charset=utf-8
                                        
date: Tue, 29 Nov 2022 14:15:57 GMT
content-length: 22
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; preload
x-request-id: FywT0p5ULcpGwCd3S71B
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bf5550ae00b02-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   22
Md5:    fd97e4f669829c0ab67c2203a6840a09
Sha1:   3cf1ecf50b3c929fb32a43896505db3ff9602275
Sha256: 6ee8906b2c990cc0ccd14c16ed0482a5b6dcacf438908ff2d8a98a4c4d5a35e3
                                        
                                            GET /tagmanager/pptm.js?id=hotvpn.io&t=xo&v=5.0.343&source=payments_sdk&client_id=AXiuTLh0HoBRzNyDB2w_NeR5wOZaLz8Ch6H9cr3mTA33XSeq5qgUi_AKPrNUfxxG1XLk6k0YDDVBtLwZ&vault=true HTTP/1.1 
Host: www.paypal.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.1.21
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Yuu2rxMTVvf4EM6Wnu5LuPv0l11soxojE7AKMxwRm6xMO3er' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
etag: W/"3532-I2Um57fodfnxYVVdDDWOfJ//AXI"
paypal-debug-id: f111933244046
traceparent: 00-0000000000000000000f111933244046-9a88e19cfe9417dd-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 14:15:57 GMT
age: 72477
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11522-HHN, cache-bma1676-BMA
x-cache: HIT, HIT
x-cache-hits: 9, 1
x-timer: S1669731357.215362,VS0,VE2
vary: Accept-Encoding
server-timing: "traceparent;desc="00-0000000000000000000f111933244046-b83cd73ee774aae7-01"";content-encoding;desc="gzip",x-cdn;desc="fastly"
content-length: 4742
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13573)
Size:   4742
Md5:    ef99ac3298526ff8eaaa9e34a2b0a5c2
Sha1:   cd55971ad494efc2e2f46898865d047e6990c33d
Sha256: 6805b9eafc064fd218a03c03ca58a33550ba2a9240aa3c7405f1d9c1bdcf9ad1
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wagKQ9Ycb3D8EwflmcXUaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.165.176.211
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CYnAuM1Fgb27ssqMjHjCK5GstXs=

                                        
                                            GET /d/7a0b3336-5e57-4000-90ef-a7352824f6b9.js?oref=&ourl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&opt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&vtm=1669731356376 HTTP/1.1 
Host: track.hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Cookie: bfde2a7b-ad9b-4dfe-9152-8e68c6da52c7-v4=niFMIEVfQIdt-tdnmXEDEaXlq-U_CIgRphTA609dbfg; cc-v4=v1%2FuA3qh3v1aRZtOS%2BF67t4RgFczY5a5T5LAvQ8rY0wv3jOVVYrrb1vWKCuZl1bk%2FBsG%2FYTvtxBOszcUHtXlEKa7TgzxLTc1PqhrXxhuUfPCXlpr2wIGBjiqQaR4CapDSs5O7dvprVI98h5jpnrcog%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         18.197.208.17
HTTP/2 400 Bad Request
content-type: text/html
                                        
server: nginx
date: Tue, 29 Nov 2022 14:15:57 GMT
content-length: 152
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Size:   152
Md5:    d9bacc468aa23334526933389545e120
Sha1:   e26288b4bada404ce340ca72989f9f1193dc649c
Sha256: 0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4
                                        
                                            GET /muse/muse.js HTTP/1.1 
Host: www.paypalobjects.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.86.133
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
etag: W/"6271663d-da91"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 84840867de170
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 14:15:57 GMT
x-served-by: cache-sjc10029-SJC, cache-bma1641-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 97848
x-timer: S1669731357.306856,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 16464
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (55891)
Size:   16464
Md5:    6aebbe482c72000aea20895991f70478
Sha1:   eff1d3370786f9ee4ea539776bc43ab9bece89ba
Sha256: 2acb950bc7678b9e6c265194821fac386bf555db582ee8c0e2d9e68ff3eaa862
                                        
                                            GET /@lottiefiles/lottie-player@1.6.0/dist/lottie-player.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotvpn.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.125.175
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 29 Nov 2022 14:15:57 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"5664f-nL1GUo3O167x1rvVi92ydr01W9E"
via: 1.1 fly.io
fly-request-id: 01GG49HT6JXCRGYK1HPYP05F7H-fra
cf-cache-status: HIT
age: 3139807
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771bf5558ef5b515-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27447)
Size:   91658
Md5:    4330d90fc62927dad79913fa9b8b37dd
Sha1:   c67644f75384e330c847f9f6084577beda0d9bb5
Sha256: 1b844b5ceaa0ce2a2f885bcc2f140a2c6af287301918ba485375bbe8b0ac4588
                                        
                                            GET /assets/images/landing%20page/Vector%20(1).svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 237
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "bb1a601735361e405ac71027c44b0b40"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jg6ADWdB5iLNv1IIJDZwjt4zXyoNnX0HYNA9-LpUuaA1lFczcK92SQ==
age: 6991
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   237
Md5:    bb1a601735361e405ac71027c44b0b40
Sha1:   b2622b5d940fa8f1aacc9d4b28d1441d99409cb1
Sha256: 88e44a74232d5ff22219c89e5fdd57e5bbb14d38e4f00022ee29e3711de164a7
                                        
                                            GET /@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.125.175
HTTP/2 302 Found
content-type: text/plain; charset=utf-8
                                        
date: Tue, 29 Nov 2022 14:15:57 GMT
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /@lottiefiles/lottie-player@1.6.0/dist/lottie-player.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK1VAWB0Q76RJZAX1NKDE2KR-ams
cf-cache-status: HIT
age: 598
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771bf5555ea7b515-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   17035
Md5:    464931aaec432d64fe2a89f03172dbbe
Sha1:   323ec0b125850aed61c56443f46ab3a76f8a6450
Sha256: 166f90c62790452120e1873ae32ddb5a4ae1ba7aa5888cc60aee015129fc525b
                                        
                                            GET /assets/images/benefits/security/browse.png HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 20765
last-modified: Thu, 17 Nov 2022 14:11:02 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "66229975a54182c5276f43a9a2e25aad"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 15x9ChynYlpv788s7_4YBnCg_pYB-PmF8Tju2HgmBzaQ25vjQnAo6w==
age: 6991
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 732 x 513, 8-bit/color RGBA, non-interlaced\012- data
Size:   20765
Md5:    66229975a54182c5276f43a9a2e25aad
Sha1:   3d16a30c29b5d51ed605e61eea907bf646e12b52
Sha256: fc99544aadacd8601622756376f8de205c226e01b8711637b81de9c0b9dfd432
                                        
                                            GET /aos@next/dist/aos.css HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.125.175
HTTP/2 302 Found
content-type: text/plain; charset=utf-8
                                        
date: Tue, 29 Nov 2022 14:15:56 GMT
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /aos@3.0.0-beta.6/dist/aos.css
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK1VKZS1HKTGJR7M60PGHXHQ-ams
cf-cache-status: HIT
age: 289
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771bf5551e52b515-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   12085
Md5:    2057882b9a8513bf40b8fe64262dbf97
Sha1:   66791fd1049a9a2723323a59abfc46a10b09f8a0
Sha256: c85aaf2ba10059e34392d383cef1a01ff751b2afff623c0fb5bcaf009241162c
                                        
                                            GET /assets/images/landing%20page/Vector%20black.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 239
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "4c81737f64a4d0cd7dbcfb6edaa8ebaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0N5He_StFyK2lgapLBwbakjjXcqDEhCxPje_Pc1uZSd1gAFkwhQEzw==
age: 6991
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   239
Md5:    4c81737f64a4d0cd7dbcfb6edaa8ebaf
Sha1:   3cc3ac1ac4bded89fdc384c46affa725b2062aaf
Sha256: 0655c0555b961e01d5e9b7d43bb7f89d8ecb1eea5bcfca2ec123aa6e33d4a3d1
                                        
                                            GET /assets/images/benefits/features/Auto%20location.png HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 18953
last-modified: Thu, 17 Nov 2022 14:11:02 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "e9dc641118c582b22333a34bc5b8b69a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TGoJTt4b4kizWu6vQsZbTcAX5tYSaWncImH5MC5XLvf9NEAwDcj-mA==
age: 6991
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 167 x 167, 8-bit/color RGBA, non-interlaced\012- data
Size:   18953
Md5:    e9dc641118c582b22333a34bc5b8b69a
Sha1:   e098f4eea528f185a547468e63badba9481e20da
Sha256: 18e72934986f628e72754f460e4a1847127e93ece68fbe2d0b3cc753a7f7644e
                                        
                                            GET /assets/images/footer/Logo.png HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 2491
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 11:23:34 GMT
etag: "193e0e7a1f142a022d2aaceb79df740c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FtX4_KFf34IXVQ5jaZwpu33ug5lV4dozQwi4BFpOl5nhr4qzsjj6pg==
age: 10344
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 163 x 44, 8-bit/color RGBA, non-interlaced\012- data
Size:   2491
Md5:    193e0e7a1f142a022d2aaceb79df740c
Sha1:   da90dcd9c7d081863974c84eebec136ad1c9d445
Sha256: c189790d9fb51dcf3028893ee968eba0a787dc2c232cc9661e843e614af90679
                                        
                                            GET /assets/images/footer/Trust%20pilot%20(1).png HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1008
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 11:23:35 GMT
etag: "fa57fd54a58da5beec7a5f32b46f4e56"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xVTzreaOsXRZwv8pK_d5MFVuKe5-JJBiKQO_ocrxxJOQdayp46KT2w==
age: 10343
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 132 x 25, 8-bit/color RGBA, non-interlaced\012- data
Size:   1008
Md5:    fa57fd54a58da5beec7a5f32b46f4e56
Sha1:   c0836c5c240bb84964f8dea311ad69a25839a411
Sha256: ce59484230d808a0a93cbd900ea626778b4fdfb7d1c9b50524a730f05ca1c760
                                        
                                            GET /assets/images/footer/made-in.png HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1270
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 28 Nov 2022 17:32:59 GMT
etag: "c0effaf3dc43306de154dfbf0f766786"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MySz-T0Fw8BE0XoKNLLfAnJlGm8QOoU2VDquZlH8atoenk1lZTL3qw==
age: 74578
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 165 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size:   1270
Md5:    c0effaf3dc43306de154dfbf0f766786
Sha1:   c7388df15b5de3295d403cfc9688059640721668
Sha256: 1359c0a37f00a9f807d19e793bb263c480f8d75bcb0dd7193b3da114c628ee4c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2587
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 14:15:57 GMT
Last-Modified: Tue, 29 Nov 2022 13:32:50 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /assets/images/header/header-icon-phone/header-icon-close-white.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 194
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 13:27:38 GMT
etag: "7985f2445e9b1b02777c987962ccd8b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 95gbnp-rQdx-2HfEXGEWt4YR1QHD-XvBg1o_SuGZO-xmGUJKIUw-HA==
age: 2900
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   194
Md5:    7985f2445e9b1b02777c987962ccd8b7
Sha1:   55a5a4fbb2af5b488fe8db06b0b39c01a2b282ad
Sha256: eac41dca7ccd1f121ce77c82bf72ddf7286263f2a960f32f337e5d6e9751b446
                                        
                                            GET /assets/images/what-is-a-vpn/white/logo-mac%20(2).png HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 2386
last-modified: Thu, 17 Nov 2022 14:11:17 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "aa4fe78bb188b19eec396655989ee542"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VZJuptOfacF9ctxUgJZ1F1mEKQDis3OmmOxVVM778Xh3LrboOvXpsQ==
age: 74578
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 87 x 73, 8-bit/color RGBA, non-interlaced\012- data
Size:   2386
Md5:    aa4fe78bb188b19eec396655989ee542
Sha1:   5caaf9a162b80a2f40db633e044a6e75d4b13589
Sha256: ae5b9277f6727e40210b593fa8eea1c664a815d6eb1e0025eb96567999abf970
                                        
                                            GET /assets/images/what-is-a-vpn/white/ios.png HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1783
last-modified: Thu, 17 Nov 2022 14:11:17 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "7029ed636afabeb9f2cc0e9008700001"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Sog1PrLysXRd6W1WMNIHFYEVbc-I_jR6L-mnj1F0lM8C59c-SGU34g==
age: 6991
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 61 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size:   1783
Md5:    7029ed636afabeb9f2cc0e9008700001
Sha1:   5401e27e72dfc23090d40baa4f7da4b674054b8c
Sha256: 86fdf40d31ae2af39762ea99c44c14c2c6ed2abc48e398df780ff96e2d654076
                                        
                                            GET /assets/images/what-is-a-vpn/white/androidW.png HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1648
last-modified: Thu, 17 Nov 2022 14:11:17 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "505f8188e026c71b5b5717997c9db5d4"
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sskJE3HnhVPMBqfpz4A7xWv0ZClJuBTpDhMGvqA60x-Feq03F4SomQ==
age: 6991
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 63 x 73, 8-bit/color RGBA, non-interlaced\012- data
Size:   1648
Md5:    505f8188e026c71b5b5717997c9db5d4
Sha1:   c3e91ed7b3cb76ee4099353cc62d6dc2f4ac9b72
Sha256: 1c323a0ba93e660c4de53d3cd64fc427e131831e1c2efd0ce2f5aec87bf6dfce
                                        
                                            GET /assets/images/what-is-a-vpn/white/winsows.png HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1025
last-modified: Thu, 17 Nov 2022 14:11:17 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: "ab6f57d791664b9ee7872f60715a9d06"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qmHZsgqlV9QDt8fPJhiYcR_Ts1JjU3HbPMxejNiVd7WqqSIlODvp_Q==
age: 6991
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 73 x 73, 8-bit/color RGBA, non-interlaced\012- data
Size:   1025
Md5:    ab6f57d791664b9ee7872f60715a9d06
Sha1:   599151a9768910c9a33fb46f93de99fd78ca6581
Sha256: 470093e42349d068cc02141ea24046779645d1f8c72ec971bd81a23cdf912f4e
                                        
                                            GET /assets/images/header/grey/windows.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 353
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 28 Nov 2022 19:09:59 GMT
etag: "ed524bf1dedd6f3660e4c230f6ab2ebf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n13iQ3jgTcAHCK6oKityu2UGrohJ-mQLiQ0Dj-mDctchXJ-NGr2dSQ==
age: 68759
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   353
Md5:    ed524bf1dedd6f3660e4c230f6ab2ebf
Sha1:   d33166ff4c495e1f6e0f4bfa2e20147c6217d3c5
Sha256: 78c3d1c32bfb7fc03612359e6cbb808c1dc018659eead4d4727d6696c2144636
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143268
Date: Tue, 29 Nov 2022 14:15:57 GMT
Etag: "6385921a-1d7"
Expires: Thu, 01 Dec 2022 06:03:45 GMT
Last-Modified: Tue, 29 Nov 2022 05:01:14 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: od7kOQUCjt6Ookxg7qrLY-H1e9B9nj-Krck-EiYxiSnTr3WfXy1VOQ==
Age: 3751

                                        
                                            GET /assets/images/footer/Google%20play.png HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 7609
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 28 Nov 2022 19:09:59 GMT
etag: "7c1b5c7a30992d96b575b3bfa9ba0c5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JpjNQ6l-DNYsagUWpbZxNFQHXXsch0MJ87Hrv1T3596MbUJhExYPtA==
age: 68759
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 217 x 71, 8-bit/color RGBA, non-interlaced\012- data
Size:   7609
Md5:    7c1b5c7a30992d96b575b3bfa9ba0c5b
Sha1:   fa070413dd5bb97fdc3ef873089b2ee8560bc847
Sha256: 99ee3647ece1055c38d3337b1a74b9feee1b6414f5cbfae54ba57715fee84193
                                        
                                            GET /aos@3.0.0-beta.6/dist/aos.css HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotvpn.io/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.125.175
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 29 Nov 2022 14:15:57 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"705d-miajSdIaS4cfRd/RJKQ/raT5S5g"
via: 1.1 fly.io
fly-request-id: 01F529PAQ8FBT7QKGWC0ES5DBR
cf-cache-status: HIT
age: 17841664
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771bf5558ee7b515-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (28765), with no line terminators
Size:   62642
Md5:    e1496d3e52a82b5b29a8d05c24c6f996
Sha1:   d55d2ddb0c396884c7d05a26d436e47bb579e4c3
Sha256: 80c2be2cdf0ba6ee6ebc527050b6f8cf3bee00cb6e68e806a022bf4b2da4eebf
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/images/landing%20page/30%20days.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: W/"5e4e31218bc904cc24af9aff698df180"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EOXnoBIZDO9RYuA3KfZLth6nwPzZEnYU44RfOHDyE_MYSdhFJNJwkg==
age: 74578
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3346
Md5:    14d965ad2920b1ff50eab15cc2ed1f3a
Sha1:   42c9425efefd94777cd046504d0ba7816911a258
Sha256: ef5941dca1bc3281f053273a1271ad7573b5c94bcfc40c5a92f5b7c57f675f1e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/images/flag.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Thu, 17 Nov 2022 14:11:02 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 14:15:57 GMT
etag: W/"570be0d1dfc23a7f8a153ef581fcffaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7RmdZtAWgF4JXzh8sVgA1tUSKzO6JpDPvYXOWrTtYfugv81IsXleaw==
age: 14998
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   31236
Md5:    0f9fe967a54d309d6efe23ece38199db
Sha1:   b347658336f7f033ffaf93ae73d72f63049d91bd
Sha256: 450155db262f0726ffff4a581b7bad3e05392133aaa4e2bcca8140ce1105bcc3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /assets/images/stars.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Thu, 17 Nov 2022 14:11:16 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 12:19:27 GMT
etag: W/"02afbfecfe7a31940923b538364e2a86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IqDmFc7QXmWY-EzMjUVradinPCR9BUZe3hYF0RPwO1ufyYuVF_K1zQ==
age: 6991
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1787
Md5:    5f2352f40d3da55216b0d70259cc8a0b
Sha1:   44d247b840af001f801b6edeba06ef70706a5f15
Sha256: b3cd7e68d8e1d5f60b2e8ba94adb0f9bd8c321c546f6e46ecbbda8d0d9fbbd5c
                                        
                                            GET /muse/analytics/index.html HTTP/1.1 
Host: www.paypalobjects.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.86.133
HTTP/2 200 OK
content-type: text/html
                                        
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
etag: W/"6271663d-d994"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 50b39f10d2761
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 29 Nov 2022 14:15:57 GMT
x-served-by: cache-sjc10077-SJC, cache-bma1641-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 110806
x-timer: S1669731358.964814,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 16791
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (55410)
Size:   16791
Md5:    56fc10c2e8100a7e4418dc987c23d7a5
Sha1:   5c11880437f36368f82da60522bfcb0d57b395cf
Sha256: 326df6156907ef357f13bf48a5a3798dd4e692345d04fb4edad8370058d1198a
                                        
                                            GET /random-conversation-id HTTP/1.1 
Host: chat-support-marketing66.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.241.115.67
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 35
Etag: W/"23-06qaLd3Xf1GG5AdExpMAew6bh50"
Date: Tue, 29 Nov 2022 14:15:58 GMT
Via: 1.1 vegur


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   35
Md5:    6c532985f602c5fc28c4adc79ca90eba
Sha1:   d3aa9a2dddd77f5186e40744c693007b0e9b879d
Sha256: 86150d993b6377ce6c8b8cab0af4adbfc7ee305fceefa309fa294fb164d28cc4
                                        
                                            GET /random-conversation-id HTTP/1.1 
Host: chat-support-marketing66.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.241.115.67
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 35
Etag: W/"23-bu9qpAZAaBzV6GcG9twFwlXHxxc"
Date: Tue, 29 Nov 2022 14:15:58 GMT
Via: 1.1 vegur


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   35
Md5:    45ae6bb1abe4c0f262986f9037a565d5
Sha1:   6eef6aa40640681cd5e86706f6dc05c255c7c717
Sha256: f035656bd48168557ebcf639b9dd11092faf7e27021ca380497a92bae3c34945
                                        
                                            GET /assets/images/flags/svg/NO.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-length: 340
last-modified: Thu, 17 Nov 2022 14:11:12 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 29 Nov 2022 14:15:44 GMT
etag: "b884cec9fb2d4762a79626f841796979"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mpv7OcHMm2uqa6i8dtZjFYSh2LevRb0EUCPSXRPr_LV5o4_q7XiPrg==
age: 15
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   340
Md5:    b884cec9fb2d4762a79626f841796979
Sha1:   33d80190dba81f56da7c543ce33048d3e0137fa0
Sha256: 7c0bbcbb75427a982b1c478b32cf8f6d93405e129f0af424d00d6bf3fd7be367
                                        
                                            GET /support_chat_hotvpn.css HTTP/1.1 
Host: chat-support-marketing66.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.241.115.67
HTTP/1.1 200 OK
Content-Type: text/css; charset=UTF-8
                                        
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 06 Oct 2022 13:42:38 GMT
Etag: W/"209d-183ad88a8b0"
Content-Length: 8349
Date: Tue, 29 Nov 2022 14:15:58 GMT
Via: 1.1 vegur


--- Additional Info ---
Magic:  ASCII text
Size:   8349
Md5:    84516f5cee03e7dd17ae4f0508750657
Sha1:   bac728cb24539d19eab82c86b53451c795bfd6ea
Sha256: eee446b060475634dceeaea23604a3346c7e6a2635f6bc1303f45c49ccf4a575
                                        
                                            POST /get_fromsupport_notread?appname=HOTVPN HTTP/1.1 
Host: chat-support-marketing66.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 29
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.241.115.67
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 14
Etag: W/"e-AnVsTWe3xxLEg608oHD46gQ1iog"
Date: Tue, 29 Nov 2022 14:15:58 GMT
Via: 1.1 vegur


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   14
Md5:    bab3e657fe24918a9dbdaf0512a91690
Sha1:   02756c4d67b7c712c483ad3ca070f8ea04358a88
Sha256: add4663d52bdb001123f209eea844c0b189322a67fb7d014559efbeee6e72edb
                                        
                                            GET /socket.io.js HTTP/1.1 
Host: chat-support-marketing66.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.241.115.67
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
                                        
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 06 Oct 2022 13:42:49 GMT
Etag: W/"f3d5-183ad88d3a8"
Content-Length: 62421
Date: Tue, 29 Nov 2022 14:15:58 GMT
Via: 1.1 vegur


--- Additional Info ---
Magic:  ASCII text, with very long lines (32031)
Size:   62421
Md5:    ad682b888ad99cbd0a1e17bf68b97204
Sha1:   2c7440696029e79b94a93c4db05c579439691a1e
Sha256: cabe1f464fc65357a16093c0b3c3f82654e0bb41ddb29e192abc7c6c31030b72
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2657
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 14:15:58 GMT
Connection: keep-alive

                                        
                                            OPTIONS /targeting/graphql HTTP/1.1 
Host: www.paypal.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.paypalobjects.com/
Origin: https://www.paypalobjects.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.1.21
HTTP/2 204 No Content
                                        
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f6159305af257
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 29 Nov 2022 23:01:54 GMT; HttpOnly; Secure enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 29 Nov 2023 14:15:58 GMT; Secure x-pp-s=eyJ0IjoiMTY2OTczMTM1ODUzMiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure nsid=s%3AP2wJ9m71gdOhfDxgvkl9EvEQJezm0txx.MhcdJR%2Bbao6aV5tXyaqXMTYLG83l5SYWxzYxAr1eH1I; Path=/; HttpOnly; Secure l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Tue, 29 Nov 2022 14:45:58 GMT; HttpOnly; Secure ts=vreXpYrS%3D1764425758%26vteXpYrS%3D1669733158%26vr%3Dc3be972e1840a7885b2d990efd9ed09f%26vt%3Dc3be972e1840a7885b2d990efd9ed09e%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; HttpOnly; Secure ts_c=vr%3Dc3be972e1840a7885b2d990efd9ed09f%26vt%3Dc3be972e1840a7885b2d990efd9ed09e; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; Secure
traceparent: 00-0000000000000000000f6159305af257-722fde247d121b18-01
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 29 Nov 2022 14:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11560-HHN, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669731358.428006,VS0,VE196
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2657
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 14:15:58 GMT
Connection: keep-alive

                                        
                                            GET /ts?pgrp=muse%3Aoffer%3A%3A%3AHWS36JWC6K8UJ-1&page=muse%3Aoffer%3A%3A%3AHWS36JWC6K8UJ-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=02852b0b-5823-4148-a6f5-931ea32a1ad1&es=visitorInfoFlowStarted&mrid=HWS36JWC6K8UJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1669731357499&g=0&completeurl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1 HTTP/1.1 
Host: t.paypal.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         192.229.221.25
HTTP/2 200 OK
content-type: image/gif
                                        
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 29 Nov 2022 14:15:58 GMT
expires: Tue, 29 Nov 2022 14:15:58 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 5e65fcc5ee3ae
pragma: no-cache
server: ECAcc (lhd/35F0)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=211
set-cookie: ts=vreXpYrS%3D1764425758%26vteXpYrS%3D1669733158%26vr%3Dc3be97551840a570acf562afffffffff%26vt%3Dc3be97551840a570acf562affffffffe; Expires=Sat, 29 Nov 2025 14:15:58 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly ts_c=vr%3Dc3be97551840a570acf562afffffffff%26vt%3Dc3be97551840a570acf562affffffffe; Expires=Sat, 29 Nov 2025 14:15:58 GMT; Domain=.paypal.com; Path=/; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000005e65fcc5ee3ae-5298e5df12158d94-01
content-length: 42
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    b4682377ddfbe4e7dabfddb2e543e842
Sha1:   328e472721a93345801ed5533240eac2d1f8498c
Sha256: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2657
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 14:15:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2657
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 14:15:58 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9fRfgj9_S00P8fI_T-tVt7khJ1kYZux_55K_yLYUsiyVEoiWRM9QAw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:07:26 GMT
age: 58112
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4803
Md5:    cc0a257323f882caff067adb86d906e4
Sha1:   cedf2f21be7cd366bd46055b62b5513db3011dfc
Sha256: c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 39467
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4916
Md5:    83c1fedec73299637cc7dc47c48af758
Sha1:   2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
Sha256: 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:45:15 GMT
age: 34243
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3004
Md5:    22e7d3e11e78242383e452adb9299016
Sha1:   035a1b4a2a7889787532ec2637d5c21e06daf672
Sha256: 990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 59344
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4417
Md5:    a2a5c8d4113d282600462749315f2c4f
Sha1:   e2b4d2e15bb7c086333c0da438873e4c139ba931
Sha256: 9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:01:55 GMT
age: 58443
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9430
Md5:    1f434933b5bd6377d299ada22d1ae7ef
Sha1:   075531f525e625b117b2497f31139c9824d0e9c5
Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
                                        
                                            GET /assets/images/trust-pilot-stars.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Thu, 17 Nov 2022 14:11:16 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 09:39:16 GMT
etag: W/"bf87087b66c1a7338592085d092fbe63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iwfBVgmYMQsGEuUr0R6ZUFPflUbRMiK-e0TgN4by0bj1CNPZM_wMDw==
age: 16602
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1843145
Md5:    8dc1534a9de556940ebf9b80e97f2e4a
Sha1:   321445a6515b7cc57edf097a98903bed5af99dac
Sha256: bc16a62bb6a9fae2adb0a944fa066ece1c33e36591fb82ebd883450747746ffd
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6374
Cache-Control: max-age=168559
Date: Tue, 29 Nov 2022 14:15:58 GMT
Etag: "6385eaa7-1d7"
Expires: Thu, 01 Dec 2022 13:05:17 GMT
Last-Modified: Tue, 29 Nov 2022 11:19:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 12:41:08 GMT
expires: Tue, 29 Nov 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 5690
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: R5WDDv7zFW4T9o/sRKtgZVtYLn3wWuQCs009XLnPx/cS8rI6RRUYR7PHZAiS/crjLQdau+of0NSIEw0we3cvdw==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Tue, 29 Nov 2022 14:15:58 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   27340
Md5:    44ecaa3c2a4929a40141edc4540aaf84
Sha1:   f29a573182333b2500d41bfc389d6c5232dfb348
Sha256: 6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6374
Cache-Control: max-age=168559
Date: Tue, 29 Nov 2022 14:15:58 GMT
Etag: "6385eaa7-1d7"
Expires: Thu, 01 Dec 2022 13:05:17 GMT
Last-Modified: Tue, 29 Nov 2022 11:19:03 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /pagead/viewthroughconversion/852685511/?random=1669731357614&cv=11&fst=1669731357614&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&auid=1191306534.1669731358&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.162
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 14:15:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 965
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Nov-2022 14:30:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2044), with no line terminators
Size:   965
Md5:    867f874888ab49ef3a735fe20465f9ae
Sha1:   f47611842ce1951f1aabc6a58e680b0afdc25256
Sha256: e10b3c980784b18d118d2ef0eeed3885cee7260be29556c94e8b9f53f2b82c04
                                        
                                            POST /j/collect?v=1&_v=j98&a=126950372&t=pageview&_s=1&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&ul=en-us&de=UTF-8&dt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAUABAAAAACAAI~&jid=752217446&gjid=909790306&cid=1187608851.1669731358&tid=UA-151425496-1&_gid=1912338173.1669731358&_r=1&gtm=2oub90&z=133441750 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://hotvpn.io
date: Tue, 29 Nov 2022 14:15:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1 
Host: vars.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         143.204.55.101
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 06j99ur1czd7ZoPkwlAkkr5cgASGBVkcqCJSXRK0hqlb5Tnz2akNTw==
age: 522352
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size:   1035
Md5:    e0652b84b7b3b650769c759fc520c3f8
Sha1:   0b55d6e28613350c7f41b88f19e726e6751ad03b
Sha256: 94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
                                        
                                            GET /pagead/viewthroughconversion/852685511/?random=1669731357596&cv=11&fst=1669731357596&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&auid=1191306534.1669731358&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.162
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 14:15:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 930
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Nov-2022 14:30:58 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2013), with no line terminators
Size:   930
Md5:    7f8ec88595f6c23f986cf30002325aa5
Sha1:   2bb96e3bdf25b90803128203d6d9b64292b2ab20
Sha256: ece72a2a6640f02b2b1cecd4b364af62b8f0bf7e4459b6aa26c78c0182dad46a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /modules.fb61877307ee2cbdddd8.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.96
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 68686
date: Tue, 29 Nov 2022 13:13:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "83b19b8f1226afd21aa19be455afda7e"
last-modified: Tue, 29 Nov 2022 13:12:54 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eHpiqpG9kqBVhAkCn4C1q1uX3gCT2nFRNJDQ2P4jd_aKVw0NCwG5qg==
age: 3773
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48714)
Size:   68686
Md5:    83b19b8f1226afd21aa19be455afda7e
Sha1:   fae192c39c07152703f176652331b0012c642d64
Sha256: 29d4b3c00c20eefcbe98d8e99a16a64314bfb599eaf90153754c5a3c6375f87a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/1p-user-list/852685511/?random=1669731357614&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&fmt=3&is_vtc=1&random=2470291529&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 14:15:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/852685511/?random=1669731357596&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3780943724&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 14:15:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/852685511/?random=1669731357596&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1&gtm=2oab90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3780943724&rmt_tld=0&ipr=y HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 14:15:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/852685511/?random=1669731357614&cv=11&fst=1669730400000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&fmt=3&is_vtc=1&random=2470291529&rmt_tld=0&ipr=y HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 14:15:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /g/collect?v=2&tid=G-6705X2P2FH&gtm=2oeb90&_p=126950372&cid=1187608851.1669731358&ul=en-us&sr=1280x1024&_s=1&sid=1669731357&sct=1&seg=0&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&dt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://hotvpn.io
date: Tue, 29 Nov 2022 14:15:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 14:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /tr/?id=821702848785505&ev=PageView&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&rl=&if=false&ts=1669731358231&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1669731358229.1067430962&it=1669731357942&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Nov 2022 14:15:59 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.158
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 14:15:59 GMT
Last-Modified: Tue, 29 Nov 2022 12:35:06 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: HNncEbDDYQDtATI7phI3NeiiV3UPC2AYCnZTP-0tpZTAb9Pu2yIlMw==
Age: 6054

                                        
                                            GET /socket.io/?conversation_id=1669731358215&EIO=3&transport=polling&t=OJ3lgTQ HTTP/1.1 
Host: chat-support-marketing66.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.241.115.67
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Server: Cowboy
Connection: keep-alive
Content-Length: 103
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hotvpn.io
Set-Cookie: io=b5z_nc_yY5lnGBJ9AArN; Path=/; HttpOnly
Date: Tue, 29 Nov 2022 14:16:03 GMT
Via: 1.1 vegur


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   103
Md5:    47eb4d6a0dd071526969e46937a5be7d
Sha1:   f1d5471f11b09ff210d8b7a44c1ba760d78f4111
Sha256: 6f28d535878ee65aacee6cfd9ef1688bea809ed45b7d88bf14d261c0b7d2f404
                                        
                                            OPTIONS /xoplatform/logger/api/logger HTTP/1.1 
Host: www.paypal.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotvpn.io/
Origin: https://hotvpn.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.1.21
HTTP/2 200 OK
                                        
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://hotvpn.io
cache-control: max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id: f8001409a0742
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 29 Nov 2022 23:01:54 GMT; HttpOnly; Secure enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 29 Nov 2023 14:15:58 GMT; Secure x-pp-s=eyJ0IjoiMTY2OTczMTM1ODY4MCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure tsrce=loggernodeweb; Domain=.paypal.com; Path=/; Expires=Fri, 02 Dec 2022 14:15:58 GMT; HttpOnly; Secure; SameSite=None l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Tue, 29 Nov 2022 14:45:58 GMT; HttpOnly; Secure ts=vreXpYrS%3D1764425758%26vteXpYrS%3D1669733158%26vr%3Dc3be97b61840ad0096e367fcfdd49849%26vt%3Dc3be97b61840ad0096e367fcfdd49848%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; HttpOnly; Secure ts_c=vr%3Dc3be97b61840ad0096e367fcfdd49849%26vt%3Dc3be97b61840ad0096e367fcfdd49848; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; Secure
traceparent: 00-0000000000000000000f8001409a0742-d4ccf91d099d2804-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 29 Nov 2022 14:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4053-HHN, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669731359.538641,VS0,VE231
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
                                        
                                            GET /socket.io/?conversation_id=1669731358215&EIO=3&transport=polling&t=OJ3lgUG&sid=b5z_nc_yY5lnGBJ9AArN HTTP/1.1 
Host: chat-support-marketing66.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.241.115.67
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Server: Cowboy
Connection: keep-alive
Content-Length: 38
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hotvpn.io
Set-Cookie: io=b5z_nc_yY5lnGBJ9AArN; Path=/; HttpOnly
Date: Tue, 29 Nov 2022 14:16:03 GMT
Via: 1.1 vegur


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   38
Md5:    a9482f5f2f9c6ce003861662854e78a1
Sha1:   3b15bd2eb60c8be297f2bea9eda897a2b391dc9f
Sha256: 1bb16fbb679f44f5543e23c9ec0791bf3c0342f4d6ed1ad83909a9549fca7670
                                        
                                            GET /socket.io/?conversation_id=1669731358215&EIO=3&transport=websocket&sid=b5z_nc_yY5lnGBJ9AArN HTTP/1.1 
Host: chat-support-marketing66.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://hotvpn.io
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dLYDp2vygHOknIdEzVOAvg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.241.115.67
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-Websocket-Accept: yGqxNhSPM8+J+mfuy/GCbZ+hwDE=
Sec-Websocket-Extensions: permessage-deflate
Via: 1.1 vegur

                                        
                                            GET /socket.io/?conversation_id=1669731358215&EIO=3&transport=polling&t=OJ3lgV6&sid=b5z_nc_yY5lnGBJ9AArN HTTP/1.1 
Host: chat-support-marketing66.herokuapp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.241.115.67
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
                                        
Server: Cowboy
Connection: keep-alive
Content-Length: 3
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hotvpn.io
Set-Cookie: io=b5z_nc_yY5lnGBJ9AArN; Path=/; HttpOnly
Date: Tue, 29 Nov 2022 14:16:03 GMT
Via: 1.1 vegur


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   3
Md5:    9b9065b3ba2c3c87f1e30fdf998d791e
Sha1:   cc471c1ac39e9f79d65111b47de18d7bf187f1ed
Sha256: 62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
                                        
                                            GET /main.4557e971c45388af.js HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: application/javascript
                                        
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 19:09:57 GMT
etag: W/"a320ec920f0f95a537590c90e573d89d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DIFcDcd_x8LNNXQin3cwVfra5t2rxSknVIPxirL7c2oaN9VxPIF6_A==
age: 68759
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/images/footer/facebook.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 19:09:59 GMT
etag: W/"a95acbc84137e1bdc8a43c248cae7618"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MnBy7vxXkTQJQeQ-fI185Y8Ln391QjiJZ0ghAJm-ZEYkHXiTg33H4w==
age: 68759
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /aos@3.0.0-beta.6/dist/aos.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotvpn.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.125.175
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 29 Nov 2022 14:15:57 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"35e8-44lQwbzmXp8EjjBbNWf/kKDJI+M"
via: 1.1 fly.io
fly-request-id: 01G4XPMRK60WFNVK2QWFYNAZ5A-fra
cf-cache-status: HIT
age: 15172221
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771bf5558eeeb515-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/images/footer/twitter.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 19:09:59 GMT
etag: W/"2fe4289702df9c8a942ce76034cb05cc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WYwHLT2co8gcazS6vHDSSt5jU7sHGkE5_9K4HxK2iB81LJE2Lngsig==
age: 68759
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/images/footer/instegram.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 11:23:36 GMT
etag: W/"fda72ebb78bf1ab5b62035060bc5e27a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9U0iIfQZCGAsr8ubYTlM68gMLq6tbj6RvXNsT99LEdWZ9PYU1TJmVA==
age: 10342
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/images/header/grey/android.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 19:09:59 GMT
etag: W/"c3e91803247861d5faa3d9021372f906"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QjjrqqlXce1vH_Qq0mZ2_SE8I6NCC3IYCMtMHNLCt6VHdvzUeWUtcQ==
age: 68759
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /landing-page?page=a1 HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: text/html
                                        
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 16:33:02 GMT
etag: W/"2de5b723aa3dc928e6595d8f7e8b58ee"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kwOsbDWE2qsMsAv9DEqOr39IpKPX7Rt5gR9XdYnfdZ0qP5uSm8YbRg==
age: 78175
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/images/footer/Linkedin.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 03:29:39 GMT
etag: W/"0a3751345eb8278a04a7d13636dbd1d4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zHyXaOWPQlQf6gwWv8tuG1Dqww8I89rKcHI5swhkAoR3P-Tyfa81RQ==
age: 38779
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/images/header/grey/apple.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 19:09:59 GMT
etag: W/"b7c88f903c82ea8d72656119c81e423f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2i6nliJ_Pmy2qAiSTMw0vNAXlSrKkx5QmRwkGaCouiKpY6qLVbiUjg==
age: 68759
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /targeting/graphql HTTP/1.1 
Host: www.paypal.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paypalobjects.com/
Content-Type: application/json
Origin: https://www.paypalobjects.com
Content-Length: 319
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.1.21
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-zx3CYxKb/C6QypbXNbQsGO2S2j3NXpbxItmL8S9i6uqZpqNy' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
etag: W/W/"1b3-OTYMe18vwxpGTgaok+aW3gAcm7s"
paypal-debug-id: f80014087fd4a
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 29 Nov 2022 23:01:54 GMT; HttpOnly; Secure enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 29 Nov 2023 14:15:58 GMT; Secure x-pp-s=eyJ0IjoiMTY2OTczMTM1ODgyMiIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure tsrce=targetingnodeweb; Domain=.paypal.com; Path=/; Expires=Fri, 02 Dec 2022 14:15:58 GMT; HttpOnly; Secure; SameSite=None nsid=s%3AgnKuN3s7DZH7EncqUpAZ2LtYH2lgJpvR.yluTThkvCnwHzupYy%2BvD3t5krLQRXzfZzZyQi%2BpFVX0; Path=/; HttpOnly; Secure l7_az=dcg15.slc; Path=/; Domain=paypal.com; Expires=Tue, 29 Nov 2022 14:45:58 GMT; HttpOnly; Secure ts=vreXpYrS%3D1764425758%26vteXpYrS%3D1669733158%26vr%3Dc3be98001840a78857f7d0f9fda1ad58%26vt%3Dc3be98001840a78857f7d0f9fda1ad57%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; HttpOnly; Secure ts_c=vr%3Dc3be98001840a78857f7d0f9fda1ad58%26vt%3Dc3be98001840a78857f7d0f9fda1ad57; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; Secure
traceparent: 00-0000000000000000000f80014087fd4a-ba160e2ba13bfb22-01
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Tue, 29 Nov 2022 14:15:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11544-HHN, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669731359.638092,VS0,VE273
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /xoplatform/logger/api/logger HTTP/1.1 
Host: www.paypal.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1460
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.1.21
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
access-control-allow-credentials: true
access-control-allow-origin: https://hotvpn.io
cache-control: max-age=0, no-cache, no-store, must-revalidate
etag: W/W/"3e2-+IFUzzRxpqqsG9suEBfZNrUNuWI"
paypal-debug-id: f8001404b67ad
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 29 Nov 2023 14:15:58 GMT; Secure LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Tue, 29 Nov 2022 23:01:54 GMT; HttpOnly; Secure tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Fri, 02 Dec 2022 14:15:57 GMT; HttpOnly; Secure x-pp-s=eyJ0IjoiMTY2OTczMTM1ODkwNyIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure l7_az=dcg13.slc; Path=/; Domain=paypal.com; Expires=Tue, 29 Nov 2022 14:45:58 GMT; HttpOnly; Secure ts=vreXpYrS%3D1764425758%26vteXpYrS%3D1669733158%26vr%3Dc3be98991840a2d1fd8a1bcafdf7329c%26vt%3Dc3be98991840a2d1fd8a1bcafdf7329b%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; HttpOnly; Secure ts_c=vr%3Dc3be98991840a2d1fd8a1bcafdf7329c%26vt%3Dc3be98991840a2d1fd8a1bcafdf7329b; Path=/; Domain=paypal.com; Expires=Fri, 28 Nov 2025 14:15:58 GMT; Secure
traceparent: 00-0000000000000000000f8001404b67ad-ac70c411eadd8dde-01
x-content-type-options: nosniff
dc: ccg11-origin-www-1.paypal.com
accept-ranges: none
via: 1.1 varnish, 1.1 varnish
content-encoding: br
date: Tue, 29 Nov 2022 14:15:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn11560-HHN, cache-bma1676-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669731359.782705,VS0,VE220
vary: Accept-Encoding
server-timing: content-encoding;desc="br",x-cdn;desc="fastly"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /scripts.0050e7fef10bfa2f.js HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: application/javascript
                                        
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 07:25:56 GMT
etag: W/"f9e24949cb40c6c413dc39b4236414b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tDrNkjEeWoJmAR9QibJhCsj9yPXF1rEPLm7NFD_1eA4lhOKsoCv3CA==
age: 24601
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/images/header/warning.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Tue, 29 Nov 2022 08:09:06 GMT
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
etag: W/"99adb8fd68e5d35a781451351a0145c4"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sJdlrIRWf2N_bk8as3TqbZms5WfCZrQcmOmQdzmHkJuKDh5QSEReYA==
age: 22012
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/images/footer/rss.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 11:23:35 GMT
etag: W/"aa19599a35ec65d011e1701f5d9a1548"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yDTPVTjfP-SLPSE9HzD7vCdqnOMVkSedeVLwII7kztqv80DhqFnW_g==
age: 10343
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /aos@next/dist/aos.js HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.125.175
HTTP/2 302 Found
content-type: text/plain; charset=utf-8
                                        
date: Tue, 29 Nov 2022 14:15:57 GMT
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /aos@3.0.0-beta.6/dist/aos.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK1VWGAJENSZSDT3SF9CRXDH-ams
cf-cache-status: HIT
age: 21
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771bf5554e87b515-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /styles.b9a4fa6e7890685a.css HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: text/css
                                        
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 29 Nov 2022 08:09:02 GMT
etag: W/"c2ee6588791c454ff9408db24725fe70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gp6mjQrec31zqtoA6PrAlXiRyNV0chBuaWe8hu7_GNk9JPpeJgvZeQ==
age: 22015
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /assets/images/hotvpn-icon.svg HTTP/1.1 
Host: hotvpn.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.23
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 28 Nov 2022 22:12:55 GMT
etag: W/"5025f7aa8aed5e41a95aaee2f12d795e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N9c4TEmL4InXx1ngGzHC5q5KyYFsfzpUaaNmmmsg_xYyZ4L3opFkGQ==
age: 57783
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/hotjar-879925.js?sv=7 HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.54
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 14:15:43 GMT
cache-control: max-age=60
etag: W/0dc4430c9e4be977eabfab7a706cfbeb
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -l1QlHZ_JWR7jVZF-OdvqsjXhK2CPDTsr4k8UoSGfxWk4e3jjhLFfA==
age: 15
X-Firefox-Spdy: h2


--- Additional Info ---