send.cm/d/GHOg
104.26.2.171301 Moved Permanently 0 B IP 104.26.2.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d/GHOg HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Nov 2022 21:55:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 23 Nov 2022 22:55:19 GMT
Location: https://send.cm/d/GHOg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8teP5QyED%2ByagI1pdrrWlTPOENPrh3PD9tLZ6ixT1acmjXCk4NtktJVxVgJqKPBcXErFTJ8P%2BU%2Fz6V7F8MAQbmEddTLjE%2BfpYKcbjjuVCGuCQKS8SY3W3Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ed26002d1ab503-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11388
Expires: Thu, 24 Nov 2022 01:05:07 GMT
Date: Wed, 23 Nov 2022 21:55:19 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6526
Cache-Control: max-age=138283
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:19 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 12:20:02 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 21:18:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2190
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 543578453383fdc4c3044a9673f8c574
1074d9ecbf1d75437c9ff8542b429ac41f932c41
b10768519e27d1d053bea2d14cc68ddcde341ba24a1aa029410b45b4a018f8c2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5819
Cache-Control: max-age=87504
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:20 GMT
Etag: "637d32dd-118"
Expires: Thu, 24 Nov 2022 22:13:44 GMT
Last-Modified: Tue, 22 Nov 2022 20:36:45 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a6c553d89cb6fd1de4787fee2a0e0dc
b974e022ea8675c0a09f58864cc99df05b5b1241
a62ecedcb0953814f982237818a3d902fdca501f82b675629d28b5d476e0fbfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A62ECEDCB0953814F982237818A3D902FDCA501F82B675629D28B5D476E0FBFA"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13031
Expires: Thu, 24 Nov 2022 01:32:31 GMT
Date: Wed, 23 Nov 2022 21:55:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nkvTzxD2dfDQjb7J20xJGRE03urvgII2dTUFBPuAuYLoC7LNCL5Wy+9j00+XSSLgaKaFjv/2uyo=
x-amz-request-id: 5TYBF3MY6EJAWG4H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 21:43:08 GMT
age: 732
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 21:55:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 543578453383fdc4c3044a9673f8c574
1074d9ecbf1d75437c9ff8542b429ac41f932c41
b10768519e27d1d053bea2d14cc68ddcde341ba24a1aa029410b45b4a018f8c2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5819
Cache-Control: max-age=87504
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:20 GMT
Etag: "637d32dd-118"
Expires: Thu, 24 Nov 2022 22:13:44 GMT
Last-Modified: Tue, 22 Nov 2022 20:36:45 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
godpvqnszo.com/aas/r45d/vki/1951167/07cbb3ce.js
62.122.171.6200 OK 27 kB URL HTTP/2 godpvqnszo.com/aas/r45d/vki/1951167/07cbb3ce.js
IP 62.122.171.6:0
Hash 5b2632b314f810ef21f61f77b5aa2171
13d46048fbff7d8550cbbd5a4e0ff21a15a56523
63b855b3b2d01435691286f9d28b857f7ba254624de63c97cfef20b5c517ce7c
Analyzer Verdict Alert quad9 Sinkholed
GET /aas/r45d/vki/1951167/07cbb3ce.js HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 21:55:20 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-10f52"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
godpvqnszo.com/solid.gif?z=1951167&abvar=0
62.122.171.6200 OK 3.9 kB URL HTTP/2 godpvqnszo.com/solid.gif?z=1951167&abvar=0
IP 62.122.171.6:0
File type gzip compressed data, from Unix\012- data
Hash 8ed3afc9c9c56fa93b046a8987334279
f28890289f1f29d8028622c759f2ca6e7e5d47ce
13d0d33db9dcc3668b78acbf42f0ae94101c96ca5d9553bbae76710eb6aea748
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1951167&abvar=0 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 21:55:20 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 86ac1e774bb2478f68e2060905963bbe
479ea778d3e940dbb37f496c72b870d3da500d43
a39eb2d2fa5ad14dd5871de74350ad92531f35b1fe908449c5601137f42571eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6576
Cache-Control: max-age=103777
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:20 GMT
Etag: "637d6f79-118"
Expires: Fri, 25 Nov 2022 02:44:57 GMT
Last-Modified: Wed, 23 Nov 2022 00:55:21 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2440
Cache-Control: max-age=129133
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:20 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 09:47:33 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 86ac1e774bb2478f68e2060905963bbe
479ea778d3e940dbb37f496c72b870d3da500d43
a39eb2d2fa5ad14dd5871de74350ad92531f35b1fe908449c5601137f42571eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6576
Cache-Control: max-age=103777
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:20 GMT
Etag: "637d6f79-118"
Expires: Fri, 25 Nov 2022 02:44:57 GMT
Last-Modified: Wed, 23 Nov 2022 00:55:21 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
godpvqnszo.com/get/1951167?zoneid=1951167&jp=_clog2h611way6mv9qm5joh&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7709219717969920
62.122.171.6200 OK 1.3 kB URL HTTP/2 godpvqnszo.com/get/1951167?zoneid=1951167&jp=_clog2h611way6mv9qm5joh&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7709219717969920
IP 62.122.171.6:0
Hash ed4ced9391fa92b1067adc05437d9717
e55c94fbf7e533103ec641816bee0d203500b7ea
c611f46e60e18c909be98ba892ecadfd3b15594814b8fd3d6cf9b52d4628f0c0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1951167?zoneid=1951167&jp=_clog2h611way6mv9qm5joh&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7709219717969920 HTTP/1.1
Host: godpvqnszo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 21:55:20 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=221123165515c36967051a4f13b77b85c7dc; Path=/; Expires=Thu, 23 Nov 2023 21:55:20 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1951167/?pb=e9d24f6d892e0ce3f43ade14c09daba91669247720&psp=yvPrI2dIMn6SF0cQkFnrQNIZCBugaawtm3G2gLRYeprUm2EDEr48TV-2stFz2zY_Aa5oD7kaHhMO59g47wPWLfXgbetzXwQ8ST0ntHO13qp-OlGH11LRR5AfZAZR9DM0C7YspYjqZlMJ8vpHN-PTdZE35bOA54VArzMV2gcc2Gte-Hv9-T9ajDhDhsn5z9z9eULNIpXHCya5v1gkZhHpvm1qV5_rf4icBeW4iG3kBmg0RDpFV0cyz79AFqmQik9FUyjU90dnRnZghdWs0KVf43Uiht6ViON8pHPtP2VFlCjnwbSsbktLpaUfeNDB-aw7RG0oNR3YCT-lEM2JqtMszDGHNrII-4OBdabKBRucpRO_68PH8hW5dXrqvh1tSlFOqa8Xb-ZoUx49F9bFpLm8snQLOWUBxjassviEb-E8GbVhag5unlud0oYnCDz43oV_tWUCQX9exXEVDfI=&cb=_cl479mno5c6uvevsrk9ywr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1951167/?pb=e9d24f6d892e0ce3f43ade14c09daba91669247720&psp=yvPrI2dIMn6SF0cQkFnrQNIZCBugaawtm3G2gLRYeprUm2EDEr48TV-2stFz2zY_Aa5oD7kaHhMO59g47wPWLfXgbetzXwQ8ST0ntHO13qp-OlGH11LRR5AfZAZR9DM0C7YspYjqZlMJ8vpHN-PTdZE35bOA54VArzMV2gcc2Gte-Hv9-T9ajDhDhsn5z9z9eULNIpXHCya5v1gkZhHpvm1qV5_rf4icBeW4iG3kBmg0RDpFV0cyz79AFqmQik9FUyjU90dnRnZghdWs0KVf43Uiht6ViON8pHPtP2VFlCjnwbSsbktLpaUfeNDB-aw7RG0oNR3YCT-lEM2JqtMszDGHNrII-4OBdabKBRucpRO_68PH8hW5dXrqvh1tSlFOqa8Xb-ZoUx49F9bFpLm8snQLOWUBxjassviEb-E8GbVhag5unlud0oYnCDz43oV_tWUCQX9exXEVDfI=&cb=_cl479mno5c6uvevsrk9ywr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1951167/?pb=e9d24f6d892e0ce3f43ade14c09daba91669247720&psp=yvPrI2dIMn6SF0cQkFnrQNIZCBugaawtm3G2gLRYeprUm2EDEr48TV-2stFz2zY_Aa5oD7kaHhMO59g47wPWLfXgbetzXwQ8ST0ntHO13qp-OlGH11LRR5AfZAZR9DM0C7YspYjqZlMJ8vpHN-PTdZE35bOA54VArzMV2gcc2Gte-Hv9-T9ajDhDhsn5z9z9eULNIpXHCya5v1gkZhHpvm1qV5_rf4icBeW4iG3kBmg0RDpFV0cyz79AFqmQik9FUyjU90dnRnZghdWs0KVf43Uiht6ViON8pHPtP2VFlCjnwbSsbktLpaUfeNDB-aw7RG0oNR3YCT-lEM2JqtMszDGHNrII-4OBdabKBRucpRO_68PH8hW5dXrqvh1tSlFOqa8Xb-ZoUx49F9bFpLm8snQLOWUBxjassviEb-E8GbVhag5unlud0oYnCDz43oV_tWUCQX9exXEVDfI=&cb=_cl479mno5c6uvevsrk9ywr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 21:55:21 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22112316553e41da7294aa49c5a263179c2d; Path=/; Expires=Thu, 23 Nov 2023 21:55:21 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1951167/?pb=e9d24f6d892e0ce3f43ade14c09daba91669247720&psp=yvPrI2dIMn6SF0cQkFnrQNIZCBugaawtm3G2gLRYeprUm2EDEr48TV-2stFz2zY_Aa5oD7kaHhMO59g47wPWLfXgbetzXwQ8ST0ntHO13qp-OlGH11LRR5AfZAZR9DM0C7YspYjqZlMJ8vpHN-PTdZE35bOA54VArzMV2gcc2Gte-Hv9-T9ajDhDhsn5z9z9eULNIpXHCya5v1gkZhHpvm1qV5_rf4icBeW4iG3kBmg0RDpFV0cyz79AFqmQik9FUyjU90dnRnZghdWs0KVf43Uiht6ViON8pHPtP2VFlCjnwbSsbktLpaUfeNDB-aw7RG0oNR3YCT-lEM2JqtMszDGHNrII-4OBdabKBRucpRO_68PH8hW5dXrqvh1tSlFOqa8Xb-ZoUx49F9bFpLm8snQLOWUBxjassviEb-E8GbVhag5unlud0oYnCDz43oV_tWUCQX9exXEVDfI=&cb=_cl479mno5c6uvevsrk9ywr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1951167/?pb=e9d24f6d892e0ce3f43ade14c09daba91669247720&psp=yvPrI2dIMn6SF0cQkFnrQNIZCBugaawtm3G2gLRYeprUm2EDEr48TV-2stFz2zY_Aa5oD7kaHhMO59g47wPWLfXgbetzXwQ8ST0ntHO13qp-OlGH11LRR5AfZAZR9DM0C7YspYjqZlMJ8vpHN-PTdZE35bOA54VArzMV2gcc2Gte-Hv9-T9ajDhDhsn5z9z9eULNIpXHCya5v1gkZhHpvm1qV5_rf4icBeW4iG3kBmg0RDpFV0cyz79AFqmQik9FUyjU90dnRnZghdWs0KVf43Uiht6ViON8pHPtP2VFlCjnwbSsbktLpaUfeNDB-aw7RG0oNR3YCT-lEM2JqtMszDGHNrII-4OBdabKBRucpRO_68PH8hW5dXrqvh1tSlFOqa8Xb-ZoUx49F9bFpLm8snQLOWUBxjassviEb-E8GbVhag5unlud0oYnCDz43oV_tWUCQX9exXEVDfI=&cb=_cl479mno5c6uvevsrk9ywr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1951167/?pb=e9d24f6d892e0ce3f43ade14c09daba91669247720&psp=yvPrI2dIMn6SF0cQkFnrQNIZCBugaawtm3G2gLRYeprUm2EDEr48TV-2stFz2zY_Aa5oD7kaHhMO59g47wPWLfXgbetzXwQ8ST0ntHO13qp-OlGH11LRR5AfZAZR9DM0C7YspYjqZlMJ8vpHN-PTdZE35bOA54VArzMV2gcc2Gte-Hv9-T9ajDhDhsn5z9z9eULNIpXHCya5v1gkZhHpvm1qV5_rf4icBeW4iG3kBmg0RDpFV0cyz79AFqmQik9FUyjU90dnRnZghdWs0KVf43Uiht6ViON8pHPtP2VFlCjnwbSsbktLpaUfeNDB-aw7RG0oNR3YCT-lEM2JqtMszDGHNrII-4OBdabKBRucpRO_68PH8hW5dXrqvh1tSlFOqa8Xb-ZoUx49F9bFpLm8snQLOWUBxjassviEb-E8GbVhag5unlud0oYnCDz43oV_tWUCQX9exXEVDfI=&cb=_cl479mno5c6uvevsrk9ywr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Cookie: UID=22112316553e41da7294aa49c5a263179c2d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 21:55:21 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BtTsOhGHxkLkSickaOf2iA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0A9vrP3srz4WXrD8tzAU1lH9MeU=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6aa85f7d0fce4740d630fa81887f4ae1
cec31b64e0275cfe9d9225a0108c6b89dc1f46fa
5110730dae7ef765019bf21b6929fc43b0202a01ce413a0f4aac1202a696721e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1164
Cache-Control: max-age=128251
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:21 GMT
Etag: "637de438-117"
Expires: Fri, 25 Nov 2022 09:32:52 GMT
Last-Modified: Wed, 23 Nov 2022 09:13:28 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b2b92f1110c82662bfa1addc9bab3130
d6f86300cbfd5b21b3d505c08ffd6edef34b654a
6914944644172d563d0d7c2a5084690fce86ead13949ff29f42842d4bb6e0734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/tag/js/gpt.js
216.58.207.194200 OK 27 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (40310)
Hash 3097863d148e6cdfee35da37197a4199
af9c3a80ff613a6a0410ab252f5e2cb06343c85d
59466fd91db19a9c60aa70b5a2b48e21638d0dc554bff4d96a34bf678e174692
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27210
date: Wed, 23 Nov 2022 21:55:21 GMT
expires: Wed, 23 Nov 2022 21:55:21 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1401 / 917 of 1000 / last-modified: 1669205225"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b2b92f1110c82662bfa1addc9bab3130
d6f86300cbfd5b21b3d505c08ffd6edef34b654a
6914944644172d563d0d7c2a5084690fce86ead13949ff29f42842d4bb6e0734
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c04aed338f8610ba6b0acc4ab749c52e
9cce76bf45ca7cb7e101d6c5c8013ecc83f188a4
4d4e0d35a6f2357ff749b146e4f0fdff7f5f8631b3e6efee952f5c82fb256fbd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8069f5e67c25fc0b7388ba5d4decd8c9
64a85ba44c80ea206f4382f573c3d61e4f607ccf
7587cd04333ddf1cff15ae219cb8fca0618786a9fe4cee989975f4d50889e72a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=send.cm
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=send.cm
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=send.cm HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 23 Nov 2022 21:55:22 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=send.cm
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=send.cm
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=send.cm HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 23 Nov 2022 21:55:22 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secureads.increaserev.com/InvalidAds/getcookietime.php?domain=send.cm
172.67.74.114200 OK 631 B URL HTTP/2 secureads.increaserev.com/InvalidAds/getcookietime.php?domain=send.cm
IP 172.67.74.114:0
File type JSON data\012- , ASCII text, with very long lines (366), with no line terminators
Hash fe971b0fffcb56bc55fcf08771f5c244
e50e1258fb8ecc26f34c98025f6459fc764826cc
6543f202b6f57d7d823e17c59acf8162643be7274a25886f9240b7d933088e09
GET /InvalidAds/getcookietime.php?domain=send.cm HTTP/1.1
Host: secureads.increaserev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 21:55:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
x-varnish: 386435752
age: 0
x-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EsQ2gsIJVylC6YrCQDfhXWn8gAY%2FK2AYJmyhiJq5U12jY%2FyJr2oCrNUjg8r%2BJtwNqC%2FmmpR9DjLkScpmf%2BgmlZk%2FKt0TlFPJgYrSlrnG9H0YEvyAE7UyBRpi%2FeaobwLL%2BNDDrVdt4luzF1Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ed26097f70b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8069f5e67c25fc0b7388ba5d4decd8c9
64a85ba44c80ea206f4382f573c3d61e4f607ccf
7587cd04333ddf1cff15ae219cb8fca0618786a9fe4cee989975f4d50889e72a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
142.250.74.66200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
IP 142.250.74.66:0
File type JSON data\012- , ASCII text, with very long lines (14638), with no line terminators
Hash ffa85dd1a47eb0411eec39f9dedcfafa
ad2e73693502ae49eb36fc27e798c8fee47c5445
a0a8ee39434bfa6f446a4d0522b7d9e0ec7df13a61d16f67b50f64a818ed6888
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Wed, 23 Nov 2022 21:55:22 GMT
server: cafe
content-length: 11054
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.65200 OK 2.7 kB URL HTTP/2 b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Wed, 23 Nov 2022 21:55:22 GMT
expires: Thu, 23 Nov 2023 21:55:22 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.cloudflare.com/cdn-cgi/trace?format=json
104.16.123.96200 OK 704 B URL HTTP/2 www.cloudflare.com/cdn-cgi/trace?format=json
IP 104.16.123.96:0
Hash d1a1c4a1872a4f6eb81a6031c6e98d81
715391066ee88e78293cba92667bd2992781b5ba
46759fb7332337fd3f4196110eb14404924a76648117824a44b83fb5b39b0050
GET /cdn-cgi/trace?format=json HTTP/1.1
Host: www.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 21:55:21 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 76ed26099afbb4fd-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12273
Expires: Thu, 24 Nov 2022 01:19:55 GMT
Date: Wed, 23 Nov 2022 21:55:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12273
Expires: Thu, 24 Nov 2022 01:19:55 GMT
Date: Wed, 23 Nov 2022 21:55:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12273
Expires: Thu, 24 Nov 2022 01:19:55 GMT
Date: Wed, 23 Nov 2022 21:55:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12273
Expires: Thu, 24 Nov 2022 01:19:55 GMT
Date: Wed, 23 Nov 2022 21:55:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12273
Expires: Thu, 24 Nov 2022 01:19:55 GMT
Date: Wed, 23 Nov 2022 21:55:22 GMT
Connection: keep-alive
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Wed, 23 Nov 2022 21:55:22 GMT
expires: Wed, 23 Nov 2022 21:55:22 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Or1B6k7o4cYqVXfndjJsKLOV-aYKX8bfHCQIUqNzvofjQSnIf8f04A==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:52:50 GMT
age: 152
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 175363fa-bb7a-4c95-8aa4-ebb3f16f3745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1lI3HaqIAMFmTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63788238-1bb736b52bbae37c5e19486f;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 39Lmple6qq9vrKeKJ4lcditVdK5XfRFtv3Cs0_R8B7pVDYPiRAGFtg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:13:08 GMT
age: 85334
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZtjzvMh_vqVaOqm8xPfZ2EWGGl0X7Iv8GK40Z32EbKM4wk6tGPnlYA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:27:21 GMT
age: 84481
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d2c986e076309d51d199332caebb07a
343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: X01U1sW6euqL-a8kJ6tc3ISmJd6Wc6m81Vg2ot6AfMv6h2VCVbPIDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:52 GMT
age: 570
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F559c6770-d162-460d-b372-5ff036a364d6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F559c6770-d162-460d-b372-5ff036a364d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9defa28d124bae7e5ef29a1fb165ee02
2afe813f0fefae511064297ccff9a6de548104e8
8cfdd12386dcc87cfd874ed0c2d42cd33ae2a05cb35127f1a94e163d17bd5b31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F559c6770-d162-460d-b372-5ff036a364d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11576
x-amzn-requestid: 9dd2cb2e-de79-4937-b525-05be9d57c03b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-IrdFuxoAMFa9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637bee49-5437ea0f1568967278fe96ad;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 21:31:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1daKtJmaZARpzMRiPQaWttMITAndRqZt0VwhiBzbxzxBvw4a28a2sg==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:03:20 GMT
age: 85922
etag: "2afe813f0fefae511064297ccff9a6de548104e8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xvl32dFAYPWahdcLHkZfWex76uFDiR9Qfk5MEqilDYxbyYfxvr492Q==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:45:52 GMT
age: 570
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 20:10:36 GMT
expires: Wed, 22 Nov 2023 20:10:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 92686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ae7674294f5a17ef8761b33ac4dad848
30a771e623dd1e3cb8694bb5f71393aaa9e87b6a
cac85ed50ce25c45d5093aaaa231a0d1cd9667f47bd2312947070ba202c5d96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 4fd7ddab0f6a95ee06956b04bd9eb4f8
8632b7d1d8f23b8d41fe67f5b01e488edb2fc9f2
35f9f2678be56b7468a20831f70b2db609cef1f48fc3202ae76b1ec2e8455ace
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 23 Nov 2022 21:55:22 GMT
date: Wed, 23 Nov 2022 21:55:22 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-zjaVNxOSFbFGWhAkvpKBTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secureads.increaserev.com/InvalidAds/checkblock.php?ip=91.90.42.154&domain=send.cm
172.67.74.114200 OK 36 B URL HTTP/2 secureads.increaserev.com/InvalidAds/checkblock.php?ip=91.90.42.154&domain=send.cm
IP 172.67.74.114:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c73ffde9d897783e6dd4ec09ab263de
60dc508608939a162f4324d6c031570452442123
cc64aa3aee9fac5e1a5c55abef2ac1d932236af2edf573660030735c246a6ab0
GET /InvalidAds/checkblock.php?ip=91.90.42.154&domain=send.cm HTTP/1.1
Host: secureads.increaserev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 23 Nov 2022 21:55:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
x-varnish: 372001419
age: 0
x-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6vFu8XkXfxib7uulkbolwpAN5utMoX6hjqHwwgloL%2FvYi4heovtuR5o4isqM6G2eoZHGy%2BJIesQskl1wMDdvreYEyc8D3CvAHA1K1elEaipsfDC%2F%2FNFIIGSd7LEbWs7C%2Fhk3EgwwN%2B4cVI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ed260d9d6ab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUUpiWF70_8XH9f8afcShe_GrnhpTCawIGpeVQPm6GOG5lJ800RJLGXBDGGLnfM_PQz0Dd0DKbZUMdDwexM1K_qlYs3MOvYZA-MnXLV_oMyEGC5XDBgDx4WZEaLJt6bxS8V6YV4p_sL9zzbEJAsy_116lf8NSQYagI88uNHl7PABJCskM&cry=1&dbm_d=AKAmf-DkYStKWu_OBpF8WXE5oeDKtf7ONmRG-w9mkbz3dAZqyhqpFLDh7miGsqikdMwCbPZoGTQuIheqDddYtHj5D0kXzBCT4jxFrTdVi_bSgjM7xfCkZXYTHVQQ5y7zdo7NyiiBiN8abeixwDLsvIrG9cjcisez5Euq98zjBb3j02NWBEJVAmJaZhFcFhHgejAhZ6N65TSA7tJgjndKEEwdPC0L_38Izjgpbu5RxEuVulnwWXjvVAsb-sEN17BB4EFXgdZybSRCbNg_Cg5f-2_AMmcAsT8Plhgot98MJfvx2nq1yp4vujV_IgUu3xpnocyCMJT8b3614sbn3TtP7Tt9ykK9vV7fb_tkUThsPTb9cVzmn4dC-0y4QPX1wx4aKZA9Pp-zJXhmVTIldic3jFPFSIv5fEaod6EXEkUD9durMJen-U3Tez-TMtgB6sWnN0Y3nQAW87_FXiqMumukh-QVFxuO4aYpMiQZ9Wy3OAlhXHo7hVgk8JohfBei4YDQiwS_xmag7i-sLlVsjp3Scjl1DWtFeCSaqfKhO98eTMkSZ1sO5h1DHOnaP35p7eYWdgw5ZNmNRAFrn-XMiJUcsnl5dL2YMu9J9IZXsn_mcbl2lUfDpojbV-3G9UIf0xMq1vym85R3QcNwwD-eOkZwb4WhOYKKP0H3XSiYZ5JY0RCQIV_4mXekGI0STkE4ocYVgvWmSpPKhahjfwiMBvrzbZ_FiApFE9zUETMU9Y_RmCy95SEkBkhGyEY5rkI-YoHQokARSQfg6A0opozhQS7_nixVwGDzp_4c-MKFL-OpsOmBbwkAwBSkIXGud2Hot9hICRMCTv44W9I1UezVjCdRo-B9IY2DxMAzzV21j6i7IikAgaw_b9-gCx0uguCNuY4rxE1kFJmtE0xL2w9KBIBjUt_wWzgtb7WvPf4ap0TnhirPKsCD3RAeldoY_szgMY2rOHgR3K6NrKBMkrapQ4vGQev6GOaZCRqsi71HJhBHGRZYJVFBhbhuvEF7AfgUy-eD1PNyg4qUrsuQPdYYU2cI0Rls9QXIfWyoguAKNVGY9RhfhmhzEaBrjGUjGY7rlkBpXzGjpm-ynkT9FhfxThPaYouLMBGJ3uSVCGRcPZcGM73O1jXUkOT_SkJY5esrCcf3v8vCIRZm2oKBn5qYcFchextmls37iDaD8Tnu79xLsxD07TEd1VcIUULtYLCrUa6kUk5YeK8aEyUUY5w31Yo4acasMhfsSsa3vIX0DG8nB_EJatjxi6S02044ya66Gy-tSvaXjpMmfah3yS_gIhhpgnthRO6GakIz0FCXgn5i8c-SGSTH3o5IYfJ0-ktF2DPuNXuEbDHFJt8ld4OruOOisuK7dDSII1SixcUlXMRpWESHJHhod7i9s232Ho9sOs5mdsN37-JCxL45tKQaBaqz9LwXKlh0IcHtA8wdv52J4Zz2vVTVqCVaBz5berSbH-ZrQXR9-98sKTL7P5l0v1niiT2q__tWyylkUNiq0IEcg78fFIMkLXuQbCeg8K6HbQaLnP9-tpZFS2dm-paoAnOzZn4FDQyQ3kkaVDeXx0fQEOIJaDW_G97NAebFG-3RZylEU7dxDlJiukWCqDsdEi2AmnC9IdZMAybdUBFa865blcmGa2qOc4_NxayxjtNMrZUGny5KL7dCXptjpCJ5kRJC6KYb66SNi9x3RE57B01zZhHystj3wfMSwa15FB9iVCe_pK4gdHzaV0eNrhUUQ0-Jj9ubCeJusENVJZ9DAG6IerJx40aB1b3sQ-5Jt1DYWBQIgQjhnRFtu9IJ3NII4C5BpuLTf3j_Su43Nr4C41C2Q8aCswhOo4J8p_9DvwxdKGldNrEhEm6gU3DeXMGYdlD0ZEEWBWjrqXVQkA2hRmxA3KJ1IlEkGEErmj1-l4IrMwYlwjryPHjhEG64Ib03_WiRRCMsEMmZbjpPt5PDabnxlxKDP9eOW2I6t-8XrnZWhNwV97kbnyWyGJBraBFm_MJf-bUpQl2p14_sjkNVNeV9umymdL3rUK4Ab8EETSy9wR_EKk-gI7JojN3OetXVLgu-Xl2x_vR3-Ee-czMzWROmeAhNXixCNZSpY9Ssx__MoNlvB4l40i5PeiwmJkLDtNiIvh7GPk--_627Nk2ppuCU7hqmbpO7ASLdZwZPoOCFuOKPwK-MS5b0bvf7NQd3wIpi_7RxAKMGI48hTgTIK9LtD9Y45bow3Rghhnz3nglt4TxDxWZISAgKEKLGVlq6Q5Of1Q8V5i4VJol6DtZ9MvAlxJVYwXZwnZhWOJsWroySN92TPX9zSCagHSrQQc6HTTebKnkGCmGVN_8Ot2gT0n-4h-ZsGYB32pyrg1MRjJEovAzFUNznO3TchFXrSKHodWfpKOOXmGKKkxm1C4BjcdlOf6ir_rsmfJ2ZwZ0Kk6wWsRtc1AOzJS8W1cmAQ9eeFeHgagAQ2UyL9NYQtKZA8FpvdUWCuWVJQ3BLKinGcKMMpVPzJzZm30fPrdLYd7oaP6UWZEnFzPMp58X4AhnCD1YPaatSQ0qWL22Pxy6rHfeA-tNIohBr5MxtR6GNqmk2krZ1LC0sTRwo6UZnDd2NBV9oC8xMp3Pemk6J9F2s2raO6CJDhgl07faXio6O3_mnZBc8efkbQMq508f3CiD60XwBLdNsSAbHGRtQ2wUkyukjVLwnB3xSyLM6PGKoSrUz7vD_64RNuIFKPdjw0RkJGCimEPmFdIJQWuocX2QOE_wUcaipZswiHkR7h48X803shgLECcdQdYbBmIAXpNMBDAYHjU3zah2_liGwMwlIBB58diTjGQZKcv9RjBkXD-9c77E_SfrfU9OgLbLCLqCqIBoshOiyMPjf9o3ljd4V6NE0bnBN2UsO9OENJD6KaSt1hXOIYxomJZFEaeWKIp2VJ9cCpjsR-mgpqUSuaLXHpRruVvUvxCLjT1xNYqPt2ab880fEW7LRNHGSOcG0uNaYQYrsEVneUtUOD5jpJ0kA4jbSeMlfUBwy84IBtzccUC1YUnz4EH5WLWUTnGRxkKyrSO62kyOL2LzcBPm2VO-j4UC28yXE6MIWFJ9cJ9PsbyiPDccX4NW4B_RscoIzIY2XnFQITWLoTOoTgqbCQVhgPQDQUW1sRhq1PlfoDhMbtjYfNJYugaMaK-bwD9ieaPH23h49osuH_D_kMqTrlBjOWyxGFFZDGe8zxXFT4xr1uE6sQd5_GeBNNJ2DJUqBGXp5QPVm72XMtVNmH-PeCCbFLFJdUrl4aIqvs_9rgJV45Bjk4ve1uN4vKUXklNnxKvSHWnJHgKVjRG0ag3MnUgoJQx_VczP-O0kJe2S0BI898oldE6TRI6-Wy0TnQ_H71bD7iQ3_zVDoLUkRoP_sHUY&cid=CAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT&rfl=1%2Chttps%253A%252F%252Fsend.cm%252F%240
142.250.74.34200 OK 11 kB URL HTTP/2 googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CUUpiWF70_8XH9f8afcShe_GrnhpTCawIGpeVQPm6GOG5lJ800RJLGXBDGGLnfM_PQz0Dd0DKbZUMdDwexM1K_qlYs3MOvYZA-MnXLV_oMyEGC5XDBgDx4WZEaLJt6bxS8V6YV4p_sL9zzbEJAsy_116lf8NSQYagI88uNHl7PABJCskM&cry=1&dbm_d=AKAmf-DkYStKWu_OBpF8WXE5oeDKtf7ONmRG-w9mkbz3dAZqyhqpFLDh7miGsqikdMwCbPZoGTQuIheqDddYtHj5D0kXzBCT4jxFrTdVi_bSgjM7xfCkZXYTHVQQ5y7zdo7NyiiBiN8abeixwDLsvIrG9cjcisez5Euq98zjBb3j02NWBEJVAmJaZhFcFhHgejAhZ6N65TSA7tJgjndKEEwdPC0L_38Izjgpbu5RxEuVulnwWXjvVAsb-sEN17BB4EFXgdZybSRCbNg_Cg5f-2_AMmcAsT8Plhgot98MJfvx2nq1yp4vujV_IgUu3xpnocyCMJT8b3614sbn3TtP7Tt9ykK9vV7fb_tkUThsPTb9cVzmn4dC-0y4QPX1wx4aKZA9Pp-zJXhmVTIldic3jFPFSIv5fEaod6EXEkUD9durMJen-U3Tez-TMtgB6sWnN0Y3nQAW87_FXiqMumukh-QVFxuO4aYpMiQZ9Wy3OAlhXHo7hVgk8JohfBei4YDQiwS_xmag7i-sLlVsjp3Scjl1DWtFeCSaqfKhO98eTMkSZ1sO5h1DHOnaP35p7eYWdgw5ZNmNRAFrn-XMiJUcsnl5dL2YMu9J9IZXsn_mcbl2lUfDpojbV-3G9UIf0xMq1vym85R3QcNwwD-eOkZwb4WhOYKKP0H3XSiYZ5JY0RCQIV_4mXekGI0STkE4ocYVgvWmSpPKhahjfwiMBvrzbZ_FiApFE9zUETMU9Y_RmCy95SEkBkhGyEY5rkI-YoHQokARSQfg6A0opozhQS7_nixVwGDzp_4c-MKFL-OpsOmBbwkAwBSkIXGud2Hot9hICRMCTv44W9I1UezVjCdRo-B9IY2DxMAzzV21j6i7IikAgaw_b9-gCx0uguCNuY4rxE1kFJmtE0xL2w9KBIBjUt_wWzgtb7WvPf4ap0TnhirPKsCD3RAeldoY_szgMY2rOHgR3K6NrKBMkrapQ4vGQev6GOaZCRqsi71HJhBHGRZYJVFBhbhuvEF7AfgUy-eD1PNyg4qUrsuQPdYYU2cI0Rls9QXIfWyoguAKNVGY9RhfhmhzEaBrjGUjGY7rlkBpXzGjpm-ynkT9FhfxThPaYouLMBGJ3uSVCGRcPZcGM73O1jXUkOT_SkJY5esrCcf3v8vCIRZm2oKBn5qYcFchextmls37iDaD8Tnu79xLsxD07TEd1VcIUULtYLCrUa6kUk5YeK8aEyUUY5w31Yo4acasMhfsSsa3vIX0DG8nB_EJatjxi6S02044ya66Gy-tSvaXjpMmfah3yS_gIhhpgnthRO6GakIz0FCXgn5i8c-SGSTH3o5IYfJ0-ktF2DPuNXuEbDHFJt8ld4OruOOisuK7dDSII1SixcUlXMRpWESHJHhod7i9s232Ho9sOs5mdsN37-JCxL45tKQaBaqz9LwXKlh0IcHtA8wdv52J4Zz2vVTVqCVaBz5berSbH-ZrQXR9-98sKTL7P5l0v1niiT2q__tWyylkUNiq0IEcg78fFIMkLXuQbCeg8K6HbQaLnP9-tpZFS2dm-paoAnOzZn4FDQyQ3kkaVDeXx0fQEOIJaDW_G97NAebFG-3RZylEU7dxDlJiukWCqDsdEi2AmnC9IdZMAybdUBFa865blcmGa2qOc4_NxayxjtNMrZUGny5KL7dCXptjpCJ5kRJC6KYb66SNi9x3RE57B01zZhHystj3wfMSwa15FB9iVCe_pK4gdHzaV0eNrhUUQ0-Jj9ubCeJusENVJZ9DAG6IerJx40aB1b3sQ-5Jt1DYWBQIgQjhnRFtu9IJ3NII4C5BpuLTf3j_Su43Nr4C41C2Q8aCswhOo4J8p_9DvwxdKGldNrEhEm6gU3DeXMGYdlD0ZEEWBWjrqXVQkA2hRmxA3KJ1IlEkGEErmj1-l4IrMwYlwjryPHjhEG64Ib03_WiRRCMsEMmZbjpPt5PDabnxlxKDP9eOW2I6t-8XrnZWhNwV97kbnyWyGJBraBFm_MJf-bUpQl2p14_sjkNVNeV9umymdL3rUK4Ab8EETSy9wR_EKk-gI7JojN3OetXVLgu-Xl2x_vR3-Ee-czMzWROmeAhNXixCNZSpY9Ssx__MoNlvB4l40i5PeiwmJkLDtNiIvh7GPk--_627Nk2ppuCU7hqmbpO7ASLdZwZPoOCFuOKPwK-MS5b0bvf7NQd3wIpi_7RxAKMGI48hTgTIK9LtD9Y45bow3Rghhnz3nglt4TxDxWZISAgKEKLGVlq6Q5Of1Q8V5i4VJol6DtZ9MvAlxJVYwXZwnZhWOJsWroySN92TPX9zSCagHSrQQc6HTTebKnkGCmGVN_8Ot2gT0n-4h-ZsGYB32pyrg1MRjJEovAzFUNznO3TchFXrSKHodWfpKOOXmGKKkxm1C4BjcdlOf6ir_rsmfJ2ZwZ0Kk6wWsRtc1AOzJS8W1cmAQ9eeFeHgagAQ2UyL9NYQtKZA8FpvdUWCuWVJQ3BLKinGcKMMpVPzJzZm30fPrdLYd7oaP6UWZEnFzPMp58X4AhnCD1YPaatSQ0qWL22Pxy6rHfeA-tNIohBr5MxtR6GNqmk2krZ1LC0sTRwo6UZnDd2NBV9oC8xMp3Pemk6J9F2s2raO6CJDhgl07faXio6O3_mnZBc8efkbQMq508f3CiD60XwBLdNsSAbHGRtQ2wUkyukjVLwnB3xSyLM6PGKoSrUz7vD_64RNuIFKPdjw0RkJGCimEPmFdIJQWuocX2QOE_wUcaipZswiHkR7h48X803shgLECcdQdYbBmIAXpNMBDAYHjU3zah2_liGwMwlIBB58diTjGQZKcv9RjBkXD-9c77E_SfrfU9OgLbLCLqCqIBoshOiyMPjf9o3ljd4V6NE0bnBN2UsO9OENJD6KaSt1hXOIYxomJZFEaeWKIp2VJ9cCpjsR-mgpqUSuaLXHpRruVvUvxCLjT1xNYqPt2ab880fEW7LRNHGSOcG0uNaYQYrsEVneUtUOD5jpJ0kA4jbSeMlfUBwy84IBtzccUC1YUnz4EH5WLWUTnGRxkKyrSO62kyOL2LzcBPm2VO-j4UC28yXE6MIWFJ9cJ9PsbyiPDccX4NW4B_RscoIzIY2XnFQITWLoTOoTgqbCQVhgPQDQUW1sRhq1PlfoDhMbtjYfNJYugaMaK-bwD9ieaPH23h49osuH_D_kMqTrlBjOWyxGFFZDGe8zxXFT4xr1uE6sQd5_GeBNNJ2DJUqBGXp5QPVm72XMtVNmH-PeCCbFLFJdUrl4aIqvs_9rgJV45Bjk4ve1uN4vKUXklNnxKvSHWnJHgKVjRG0ag3MnUgoJQx_VczP-O0kJe2S0BI898oldE6TRI6-Wy0TnQ_H71bD7iQ3_zVDoLUkRoP_sHUY&cid=CAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT&rfl=1%2Chttps%253A%252F%252Fsend.cm%252F%240
IP 142.250.74.34:0
File type ASCII text, with very long lines (15152), with no line terminators
Hash 7d6dcf5626bcca89df55b526ae664c6c
5cc1e3739bb22d5f81188aee91d5c873ec54b7c8
876c718da1d95269e04c6312c3a22eb025e5ea95dcb2bf0bf380f7d903ec5f25
GET /dbm/ad?dbm_c=AKAmf-CUUpiWF70_8XH9f8afcShe_GrnhpTCawIGpeVQPm6GOG5lJ800RJLGXBDGGLnfM_PQz0Dd0DKbZUMdDwexM1K_qlYs3MOvYZA-MnXLV_oMyEGC5XDBgDx4WZEaLJt6bxS8V6YV4p_sL9zzbEJAsy_116lf8NSQYagI88uNHl7PABJCskM&cry=1&dbm_d=AKAmf-DkYStKWu_OBpF8WXE5oeDKtf7ONmRG-w9mkbz3dAZqyhqpFLDh7miGsqikdMwCbPZoGTQuIheqDddYtHj5D0kXzBCT4jxFrTdVi_bSgjM7xfCkZXYTHVQQ5y7zdo7NyiiBiN8abeixwDLsvIrG9cjcisez5Euq98zjBb3j02NWBEJVAmJaZhFcFhHgejAhZ6N65TSA7tJgjndKEEwdPC0L_38Izjgpbu5RxEuVulnwWXjvVAsb-sEN17BB4EFXgdZybSRCbNg_Cg5f-2_AMmcAsT8Plhgot98MJfvx2nq1yp4vujV_IgUu3xpnocyCMJT8b3614sbn3TtP7Tt9ykK9vV7fb_tkUThsPTb9cVzmn4dC-0y4QPX1wx4aKZA9Pp-zJXhmVTIldic3jFPFSIv5fEaod6EXEkUD9durMJen-U3Tez-TMtgB6sWnN0Y3nQAW87_FXiqMumukh-QVFxuO4aYpMiQZ9Wy3OAlhXHo7hVgk8JohfBei4YDQiwS_xmag7i-sLlVsjp3Scjl1DWtFeCSaqfKhO98eTMkSZ1sO5h1DHOnaP35p7eYWdgw5ZNmNRAFrn-XMiJUcsnl5dL2YMu9J9IZXsn_mcbl2lUfDpojbV-3G9UIf0xMq1vym85R3QcNwwD-eOkZwb4WhOYKKP0H3XSiYZ5JY0RCQIV_4mXekGI0STkE4ocYVgvWmSpPKhahjfwiMBvrzbZ_FiApFE9zUETMU9Y_RmCy95SEkBkhGyEY5rkI-YoHQokARSQfg6A0opozhQS7_nixVwGDzp_4c-MKFL-OpsOmBbwkAwBSkIXGud2Hot9hICRMCTv44W9I1UezVjCdRo-B9IY2DxMAzzV21j6i7IikAgaw_b9-gCx0uguCNuY4rxE1kFJmtE0xL2w9KBIBjUt_wWzgtb7WvPf4ap0TnhirPKsCD3RAeldoY_szgMY2rOHgR3K6NrKBMkrapQ4vGQev6GOaZCRqsi71HJhBHGRZYJVFBhbhuvEF7AfgUy-eD1PNyg4qUrsuQPdYYU2cI0Rls9QXIfWyoguAKNVGY9RhfhmhzEaBrjGUjGY7rlkBpXzGjpm-ynkT9FhfxThPaYouLMBGJ3uSVCGRcPZcGM73O1jXUkOT_SkJY5esrCcf3v8vCIRZm2oKBn5qYcFchextmls37iDaD8Tnu79xLsxD07TEd1VcIUULtYLCrUa6kUk5YeK8aEyUUY5w31Yo4acasMhfsSsa3vIX0DG8nB_EJatjxi6S02044ya66Gy-tSvaXjpMmfah3yS_gIhhpgnthRO6GakIz0FCXgn5i8c-SGSTH3o5IYfJ0-ktF2DPuNXuEbDHFJt8ld4OruOOisuK7dDSII1SixcUlXMRpWESHJHhod7i9s232Ho9sOs5mdsN37-JCxL45tKQaBaqz9LwXKlh0IcHtA8wdv52J4Zz2vVTVqCVaBz5berSbH-ZrQXR9-98sKTL7P5l0v1niiT2q__tWyylkUNiq0IEcg78fFIMkLXuQbCeg8K6HbQaLnP9-tpZFS2dm-paoAnOzZn4FDQyQ3kkaVDeXx0fQEOIJaDW_G97NAebFG-3RZylEU7dxDlJiukWCqDsdEi2AmnC9IdZMAybdUBFa865blcmGa2qOc4_NxayxjtNMrZUGny5KL7dCXptjpCJ5kRJC6KYb66SNi9x3RE57B01zZhHystj3wfMSwa15FB9iVCe_pK4gdHzaV0eNrhUUQ0-Jj9ubCeJusENVJZ9DAG6IerJx40aB1b3sQ-5Jt1DYWBQIgQjhnRFtu9IJ3NII4C5BpuLTf3j_Su43Nr4C41C2Q8aCswhOo4J8p_9DvwxdKGldNrEhEm6gU3DeXMGYdlD0ZEEWBWjrqXVQkA2hRmxA3KJ1IlEkGEErmj1-l4IrMwYlwjryPHjhEG64Ib03_WiRRCMsEMmZbjpPt5PDabnxlxKDP9eOW2I6t-8XrnZWhNwV97kbnyWyGJBraBFm_MJf-bUpQl2p14_sjkNVNeV9umymdL3rUK4Ab8EETSy9wR_EKk-gI7JojN3OetXVLgu-Xl2x_vR3-Ee-czMzWROmeAhNXixCNZSpY9Ssx__MoNlvB4l40i5PeiwmJkLDtNiIvh7GPk--_627Nk2ppuCU7hqmbpO7ASLdZwZPoOCFuOKPwK-MS5b0bvf7NQd3wIpi_7RxAKMGI48hTgTIK9LtD9Y45bow3Rghhnz3nglt4TxDxWZISAgKEKLGVlq6Q5Of1Q8V5i4VJol6DtZ9MvAlxJVYwXZwnZhWOJsWroySN92TPX9zSCagHSrQQc6HTTebKnkGCmGVN_8Ot2gT0n-4h-ZsGYB32pyrg1MRjJEovAzFUNznO3TchFXrSKHodWfpKOOXmGKKkxm1C4BjcdlOf6ir_rsmfJ2ZwZ0Kk6wWsRtc1AOzJS8W1cmAQ9eeFeHgagAQ2UyL9NYQtKZA8FpvdUWCuWVJQ3BLKinGcKMMpVPzJzZm30fPrdLYd7oaP6UWZEnFzPMp58X4AhnCD1YPaatSQ0qWL22Pxy6rHfeA-tNIohBr5MxtR6GNqmk2krZ1LC0sTRwo6UZnDd2NBV9oC8xMp3Pemk6J9F2s2raO6CJDhgl07faXio6O3_mnZBc8efkbQMq508f3CiD60XwBLdNsSAbHGRtQ2wUkyukjVLwnB3xSyLM6PGKoSrUz7vD_64RNuIFKPdjw0RkJGCimEPmFdIJQWuocX2QOE_wUcaipZswiHkR7h48X803shgLECcdQdYbBmIAXpNMBDAYHjU3zah2_liGwMwlIBB58diTjGQZKcv9RjBkXD-9c77E_SfrfU9OgLbLCLqCqIBoshOiyMPjf9o3ljd4V6NE0bnBN2UsO9OENJD6KaSt1hXOIYxomJZFEaeWKIp2VJ9cCpjsR-mgpqUSuaLXHpRruVvUvxCLjT1xNYqPt2ab880fEW7LRNHGSOcG0uNaYQYrsEVneUtUOD5jpJ0kA4jbSeMlfUBwy84IBtzccUC1YUnz4EH5WLWUTnGRxkKyrSO62kyOL2LzcBPm2VO-j4UC28yXE6MIWFJ9cJ9PsbyiPDccX4NW4B_RscoIzIY2XnFQITWLoTOoTgqbCQVhgPQDQUW1sRhq1PlfoDhMbtjYfNJYugaMaK-bwD9ieaPH23h49osuH_D_kMqTrlBjOWyxGFFZDGe8zxXFT4xr1uE6sQd5_GeBNNJ2DJUqBGXp5QPVm72XMtVNmH-PeCCbFLFJdUrl4aIqvs_9rgJV45Bjk4ve1uN4vKUXklNnxKvSHWnJHgKVjRG0ag3MnUgoJQx_VczP-O0kJe2S0BI898oldE6TRI6-Wy0TnQ_H71bD7iQ3_zVDoLUkRoP_sHUY&cid=CAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT&rfl=1%2Chttps%253A%252F%252Fsend.cm%252F%240 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 21:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 11271
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 23-Nov-2022 22:10:22 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 26ecd5e6411db547cc276b32e7c09c41
6923de376b1b0f3ffbbb9157f632ad19cf1bad2b
41f5522710470f7779ef31fa55ae24c535c7eaa6ca9a47df0c4d4689282acb0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41F5522710470F7779EF31FA55AE24C535C7EAA6CA9A47DF0C4D4689282ACB0E"
Last-Modified: Mon, 21 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11697
Expires: Thu, 24 Nov 2022 01:10:20 GMT
Date: Wed, 23 Nov 2022 21:55:23 GMT
Connection: keep-alive
cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=4254522&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gEPJJo74uXxMHBSrqlpsSA&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210771031&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1182693655087&turl=https://send.cm/d/GHOg&DVP_PP_BUNDLE_ID=&dvregion=0&unit=728x90
23.33.119.19200 OK 1.2 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=4254522&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gEPJJo74uXxMHBSrqlpsSA&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210771031&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1182693655087&turl=https://send.cm/d/GHOg&DVP_PP_BUNDLE_ID=&dvregion=0&unit=728x90
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (536)
Hash b974c4683c6725f577ee625986e65a76
217fbdcf62a25d594b02f8ba8fe4a15972edefb4
ff229c4f0b8ae55be880d63b94b37c6890a08f6c617f779e869ba1bdab60d86c
GET /dvbs_src.js?ctx=1828362&cmp=115739&plc=4254522&sid=18330&DVP_PROG_REP=1&prr=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gEPJJo74uXxMHBSrqlpsSA&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210771031&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1182693655087&turl=https://send.cm/d/GHOg&DVP_PP_BUNDLE_ID=&dvregion=0&unit=728x90 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=86400
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:55:21 GMT
Accept-Ranges: bytes
ETag: "42b02eb945ecd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Timing-Allow-Origin: *
Content-Length: 1170
Date: Wed, 23 Nov 2022 21:55:23 GMT
Connection: keep-alive
cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gEPJJo74uXxMHBSrqlpsSA&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210771031&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1182693655087&turl=https://send.cm/d/GHOg&DVP_PP_BUNDLE_ID=
23.33.119.19200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gEPJJo74uXxMHBSrqlpsSA&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210771031&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1182693655087&turl=https://send.cm/d/GHOg&DVP_PP_BUNDLE_ID=
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (7951)
Hash 9b7ce23aa4ed2d545251051de21faa86
e28916ece42e6fd50e00245de0b8bd37010b87a4
caf980ab1ffa6adf92204724f64b3870cd37f012a00d5128f81c0447fc8e8b0e
GET /dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gEPJJo74uXxMHBSrqlpsSA&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210771031&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1182693655087&turl=https://send.cm/d/GHOg&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2022 11:10:24 GMT
Accept-Ranges: bytes
ETag: "0509c463fed81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3314
Date: Wed, 23 Nov 2022 21:55:23 GMT
Connection: keep-alive
hal9000.redintelligence.net/zone/p4vicekg7740?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGg2EypZ-Y6OgG4WoZq_xsxDJuaKcacy8zc7VD_AuEAEg8tO5e2DDhICAmBjIAQmpAtMPUUGDYrE-qAMBqgThAU_QvBWjGQgW4oZuf6FACapRUHmXnbUi98gaEQpTV6tyMSoGKrvzB7n7jb7rJ7OTMeV3m8Z0PpfVqDBprugh0ZQLmIAK9G5T-Ya6QcX2nQN9ek5Scf-vrOgAfO9L8MjtyrGk8Cv5akuTFATIPgH9XQZlFqN7jV6ofazSsJO7bfgeVjJUfeMwuwVWiiO7-VUjykE9tfbBY5Zey2FVT3dYTzCYZiyvqK_wuK0hBbQ-1cxIhtBAcwihmN9xpr4ey3T6ZKpQ8610I4Thyc0q0CGWjzFgq2doZEwIf3p3TClSY-IOysAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT%26sig%3DAOD64_3ti4QQs3j3N0gOlgsFvr2TVRjNkw%26client%3Dca-pub-5413329544040947%26dbm_c%3DAKAmf-A7UDUCrTjWgRQMNw35NnOYXAX9wXkkDwlxJsL8CYUVr-mcF88BgxcJ_08OcTOAEgDtB78yo9EoVttoLMF_58ZdeO08nuT4f7eV2sxmo6E5fW_sexOiRBa3Bc5aiJrQv3AIlmUccPxhQGRnvhG4VLErS4MRPLt9zamibWzFHQUbK5_lcO4%26cry%3D1%26dbm_d%3DAKAmf-AXg8_4BnaMiuPGnjaGEQBI2--8SALe29J89ZogQXKsnFPwCJdv9atcjWHR6cdu2oYJEI2sLBoOyOFaj327mAKB8PyiM_yK6Ka9rof1iOrWUec9H21_LaV0TaeQa3IdtqH5oAyEDKyxuCIaMztabLom7XD4nVLq63LkMusblQeY8YXqlROzLeyPygR2099Wj2uElguWIeG70QGYjVKw8SMYRLNUS-j_4Fgx67mxTghmWXU78eWUhSBxRQuYqjtjDCEVOWSc9nZQJFVdtiDVHrgDqbXuNCvcSdQr17jD5DDMHifJTKqpMpGqLnj0HsjdBlFkjqZOZQDVbuTRs7JPSVQJQ8Fr0pvw634WS40JejCkbBUi_KYu_zk724Wc47QJTPWyVf15bpz-vTaYEegM4zyhYUpPwshgLdnoXRGKhhnyWyok7qhRsZqzC6F01p-WFNXvhKGiOFTN5zRRRog8PxwHB6Ca8MB3fu7kDvRdnU4bT86GORIFdusIP_LQuXZigqFUPVQ-PHVA6JB9J3mvYH8aarZJ-nqctUwn9RxPaQAMvchk50c%26adurl%3D
88.99.219.174200 OK 4.1 kB URL HTTP/1.1 hal9000.redintelligence.net/zone/p4vicekg7740?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGg2EypZ-Y6OgG4WoZq_xsxDJuaKcacy8zc7VD_AuEAEg8tO5e2DDhICAmBjIAQmpAtMPUUGDYrE-qAMBqgThAU_QvBWjGQgW4oZuf6FACapRUHmXnbUi98gaEQpTV6tyMSoGKrvzB7n7jb7rJ7OTMeV3m8Z0PpfVqDBprugh0ZQLmIAK9G5T-Ya6QcX2nQN9ek5Scf-vrOgAfO9L8MjtyrGk8Cv5akuTFATIPgH9XQZlFqN7jV6ofazSsJO7bfgeVjJUfeMwuwVWiiO7-VUjykE9tfbBY5Zey2FVT3dYTzCYZiyvqK_wuK0hBbQ-1cxIhtBAcwihmN9xpr4ey3T6ZKpQ8610I4Thyc0q0CGWjzFgq2doZEwIf3p3TClSY-IOysAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT%26sig%3DAOD64_3ti4QQs3j3N0gOlgsFvr2TVRjNkw%26client%3Dca-pub-5413329544040947%26dbm_c%3DAKAmf-A7UDUCrTjWgRQMNw35NnOYXAX9wXkkDwlxJsL8CYUVr-mcF88BgxcJ_08OcTOAEgDtB78yo9EoVttoLMF_58ZdeO08nuT4f7eV2sxmo6E5fW_sexOiRBa3Bc5aiJrQv3AIlmUccPxhQGRnvhG4VLErS4MRPLt9zamibWzFHQUbK5_lcO4%26cry%3D1%26dbm_d%3DAKAmf-AXg8_4BnaMiuPGnjaGEQBI2--8SALe29J89ZogQXKsnFPwCJdv9atcjWHR6cdu2oYJEI2sLBoOyOFaj327mAKB8PyiM_yK6Ka9rof1iOrWUec9H21_LaV0TaeQa3IdtqH5oAyEDKyxuCIaMztabLom7XD4nVLq63LkMusblQeY8YXqlROzLeyPygR2099Wj2uElguWIeG70QGYjVKw8SMYRLNUS-j_4Fgx67mxTghmWXU78eWUhSBxRQuYqjtjDCEVOWSc9nZQJFVdtiDVHrgDqbXuNCvcSdQr17jD5DDMHifJTKqpMpGqLnj0HsjdBlFkjqZOZQDVbuTRs7JPSVQJQ8Fr0pvw634WS40JejCkbBUi_KYu_zk724Wc47QJTPWyVf15bpz-vTaYEegM4zyhYUpPwshgLdnoXRGKhhnyWyok7qhRsZqzC6F01p-WFNXvhKGiOFTN5zRRRog8PxwHB6Ca8MB3fu7kDvRdnU4bT86GORIFdusIP_LQuXZigqFUPVQ-PHVA6JB9J3mvYH8aarZJ-nqctUwn9RxPaQAMvchk50c%26adurl%3D
IP 88.99.219.174:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1654), with CRLF line terminators
Hash 551393c9adc1b2fb6e2e0a03c52eb593
c4ce45e873c13de84c500240d4e7ab33a5dd2b05
aedb93b4800b66bbaf999cba2e56f8af875af74fe88635471aa996e4c2c7d49f
GET /zone/p4vicekg7740?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGg2EypZ-Y6OgG4WoZq_xsxDJuaKcacy8zc7VD_AuEAEg8tO5e2DDhICAmBjIAQmpAtMPUUGDYrE-qAMBqgThAU_QvBWjGQgW4oZuf6FACapRUHmXnbUi98gaEQpTV6tyMSoGKrvzB7n7jb7rJ7OTMeV3m8Z0PpfVqDBprugh0ZQLmIAK9G5T-Ya6QcX2nQN9ek5Scf-vrOgAfO9L8MjtyrGk8Cv5akuTFATIPgH9XQZlFqN7jV6ofazSsJO7bfgeVjJUfeMwuwVWiiO7-VUjykE9tfbBY5Zey2FVT3dYTzCYZiyvqK_wuK0hBbQ-1cxIhtBAcwihmN9xpr4ey3T6ZKpQ8610I4Thyc0q0CGWjzFgq2doZEwIf3p3TClSY-IOysAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT%26sig%3DAOD64_3ti4QQs3j3N0gOlgsFvr2TVRjNkw%26client%3Dca-pub-5413329544040947%26dbm_c%3DAKAmf-A7UDUCrTjWgRQMNw35NnOYXAX9wXkkDwlxJsL8CYUVr-mcF88BgxcJ_08OcTOAEgDtB78yo9EoVttoLMF_58ZdeO08nuT4f7eV2sxmo6E5fW_sexOiRBa3Bc5aiJrQv3AIlmUccPxhQGRnvhG4VLErS4MRPLt9zamibWzFHQUbK5_lcO4%26cry%3D1%26dbm_d%3DAKAmf-AXg8_4BnaMiuPGnjaGEQBI2--8SALe29J89ZogQXKsnFPwCJdv9atcjWHR6cdu2oYJEI2sLBoOyOFaj327mAKB8PyiM_yK6Ka9rof1iOrWUec9H21_LaV0TaeQa3IdtqH5oAyEDKyxuCIaMztabLom7XD4nVLq63LkMusblQeY8YXqlROzLeyPygR2099Wj2uElguWIeG70QGYjVKw8SMYRLNUS-j_4Fgx67mxTghmWXU78eWUhSBxRQuYqjtjDCEVOWSc9nZQJFVdtiDVHrgDqbXuNCvcSdQr17jD5DDMHifJTKqpMpGqLnj0HsjdBlFkjqZOZQDVbuTRs7JPSVQJQ8Fr0pvw634WS40JejCkbBUi_KYu_zk724Wc47QJTPWyVf15bpz-vTaYEegM4zyhYUpPwshgLdnoXRGKhhnyWyok7qhRsZqzC6F01p-WFNXvhKGiOFTN5zRRRog8PxwHB6Ca8MB3fu7kDvRdnU4bT86GORIFdusIP_LQuXZigqFUPVQ-PHVA6JB9J3mvYH8aarZJ-nqctUwn9RxPaQAMvchk50c%26adurl%3D HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:55:23 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4076
Connection: close
Content-Type: text/html; charset=UTF-8
cdn.doubleverify.com/dvbs_src_internal113.js
23.33.119.19200 OK 19 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src_internal113.js
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2636), with CRLF, LF line terminators
Hash d66be7d7dd010ff660d5fe2b671011a2
b75b84ac9f612a3e352eb87f4946841042b2c0cc
b137a6abe42b5d609f347d9cec11d342c2320c4efa0c3ab72acc69b5f4b8be3e
GET /dvbs_src_internal113.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sun, 30 Oct 2022 09:56:00 GMT
Accept-Ranges: bytes
ETag: "0b85bd045ecd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 19448
Date: Wed, 23 Nov 2022 21:55:23 GMT
Connection: keep-alive
ocsp.netsolssl.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 3da202ef1af748b68a34ccab5e90ed4f
97e49283992d77b75be3b387b5e97289abf4a1fd
155e7bee3180ac596d27606d9d7610e52a0b40d6049daf446bbfc681840957c8
POST / HTTP/1.1
Host: ocsp.netsolssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:55:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 20 Nov 2022 12:10:19 GMT
Expires: Sun, 27 Nov 2022 12:10:18 GMT
Etag: "97e49283992d77b75be3b387b5e97289abf4a1fd"
Cache-Control: max-age=309894,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ed2616498cb50f-OSL
hal900018.redintelligence.net/request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=21f52334b6&subid=&uid=4baf138b5b4d41bc&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGg2EypZ-Y6OgG4WoZq_xsxDJuaKcacy8zc7VD_AuEAEg8tO5e2DDhICAmBjIAQmpAtMPUUGDYrE-qAMBqgThAU_QvBWjGQgW4oZuf6FACapRUHmXnbUi98gaEQpTV6tyMSoGKrvzB7n7jb7rJ7OTMeV3m8Z0PpfVqDBprugh0ZQLmIAK9G5T-Ya6QcX2nQN9ek5Scf-vrOgAfO9L8MjtyrGk8Cv5akuTFATIPgH9XQZlFqN7jV6ofazSsJO7bfgeVjJUfeMwuwVWiiO7-VUjykE9tfbBY5Zey2FVT3dYTzCYZiyvqK_wuK0hBbQ-1cxIhtBAcwihmN9xpr4ey3T6ZKpQ8610I4Thyc0q0CGWjzFgq2doZEwIf3p3TClSY-IOysAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT%26sig%3DAOD64_3ti4QQs3j3N0gOlgsFvr2TVRjNkw%26client%3Dca-pub-5413329544040947%26dbm_c%3DAKAmf-A7UDUCrTjWgRQMNw35NnOYXAX9wXkkDwlxJsL8CYUVr-mcF88BgxcJ_08OcTOAEgDtB78yo9EoVttoLMF_58ZdeO08nuT4f7eV2sxmo6E5fW_sexOiRBa3Bc5aiJrQv3AIlmUccPxhQGRnvhG4VLErS4MRPLt9zamibWzFHQUbK5_lcO4%26cry%3D1%26dbm_d%3DAKAmf-AXg8_4BnaMiuPGnjaGEQBI2--8SALe29J89ZogQXKsnFPwCJdv9atcjWHR6cdu2oYJEI2sLBoOyOFaj327mAKB8PyiM_yK6Ka9rof1iOrWUec9H21_LaV0TaeQa3IdtqH5oAyEDKyxuCIaMztabLom7XD4nVLq63LkMusblQeY8YXqlROzLeyPygR2099Wj2uElguWIeG70QGYjVKw8SMYRLNUS-j_4Fgx67mxTghmWXU78eWUhSBxRQuYqjtjDCEVOWSc9nZQJFVdtiDVHrgDqbXuNCvcSdQr17jD5DDMHifJTKqpMpGqLnj0HsjdBlFkjqZOZQDVbuTRs7JPSVQJQ8Fr0pvw634WS40JejCkbBUi_KYu_zk724Wc47QJTPWyVf15bpz-vTaYEegM4zyhYUpPwshgLdnoXRGKhhnyWyok7qhRsZqzC6F01p-WFNXvhKGiOFTN5zRRRog8PxwHB6Ca8MB3fu7kDvRdnU4bT86GORIFdusIP_LQuXZigqFUPVQ-PHVA6JB9J3mvYH8aarZJ-nqctUwn9RxPaQAMvchk50c%26adurl%3D&documentReferer=https%3A%2F%2Fsend.cm%2F&ancestorOrigins=null&random=3136608161160&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
144.76.91.199302 Found 0 B URL HTTP/1.1 hal900018.redintelligence.net/request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=21f52334b6&subid=&uid=4baf138b5b4d41bc&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGg2EypZ-Y6OgG4WoZq_xsxDJuaKcacy8zc7VD_AuEAEg8tO5e2DDhICAmBjIAQmpAtMPUUGDYrE-qAMBqgThAU_QvBWjGQgW4oZuf6FACapRUHmXnbUi98gaEQpTV6tyMSoGKrvzB7n7jb7rJ7OTMeV3m8Z0PpfVqDBprugh0ZQLmIAK9G5T-Ya6QcX2nQN9ek5Scf-vrOgAfO9L8MjtyrGk8Cv5akuTFATIPgH9XQZlFqN7jV6ofazSsJO7bfgeVjJUfeMwuwVWiiO7-VUjykE9tfbBY5Zey2FVT3dYTzCYZiyvqK_wuK0hBbQ-1cxIhtBAcwihmN9xpr4ey3T6ZKpQ8610I4Thyc0q0CGWjzFgq2doZEwIf3p3TClSY-IOysAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT%26sig%3DAOD64_3ti4QQs3j3N0gOlgsFvr2TVRjNkw%26client%3Dca-pub-5413329544040947%26dbm_c%3DAKAmf-A7UDUCrTjWgRQMNw35NnOYXAX9wXkkDwlxJsL8CYUVr-mcF88BgxcJ_08OcTOAEgDtB78yo9EoVttoLMF_58ZdeO08nuT4f7eV2sxmo6E5fW_sexOiRBa3Bc5aiJrQv3AIlmUccPxhQGRnvhG4VLErS4MRPLt9zamibWzFHQUbK5_lcO4%26cry%3D1%26dbm_d%3DAKAmf-AXg8_4BnaMiuPGnjaGEQBI2--8SALe29J89ZogQXKsnFPwCJdv9atcjWHR6cdu2oYJEI2sLBoOyOFaj327mAKB8PyiM_yK6Ka9rof1iOrWUec9H21_LaV0TaeQa3IdtqH5oAyEDKyxuCIaMztabLom7XD4nVLq63LkMusblQeY8YXqlROzLeyPygR2099Wj2uElguWIeG70QGYjVKw8SMYRLNUS-j_4Fgx67mxTghmWXU78eWUhSBxRQuYqjtjDCEVOWSc9nZQJFVdtiDVHrgDqbXuNCvcSdQr17jD5DDMHifJTKqpMpGqLnj0HsjdBlFkjqZOZQDVbuTRs7JPSVQJQ8Fr0pvw634WS40JejCkbBUi_KYu_zk724Wc47QJTPWyVf15bpz-vTaYEegM4zyhYUpPwshgLdnoXRGKhhnyWyok7qhRsZqzC6F01p-WFNXvhKGiOFTN5zRRRog8PxwHB6Ca8MB3fu7kDvRdnU4bT86GORIFdusIP_LQuXZigqFUPVQ-PHVA6JB9J3mvYH8aarZJ-nqctUwn9RxPaQAMvchk50c%26adurl%3D&documentReferer=https%3A%2F%2Fsend.cm%2F&ancestorOrigins=null&random=3136608161160&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
IP 144.76.91.199:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=21f52334b6&subid=&uid=4baf138b5b4d41bc&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGg2EypZ-Y6OgG4WoZq_xsxDJuaKcacy8zc7VD_AuEAEg8tO5e2DDhICAmBjIAQmpAtMPUUGDYrE-qAMBqgThAU_QvBWjGQgW4oZuf6FACapRUHmXnbUi98gaEQpTV6tyMSoGKrvzB7n7jb7rJ7OTMeV3m8Z0PpfVqDBprugh0ZQLmIAK9G5T-Ya6QcX2nQN9ek5Scf-vrOgAfO9L8MjtyrGk8Cv5akuTFATIPgH9XQZlFqN7jV6ofazSsJO7bfgeVjJUfeMwuwVWiiO7-VUjykE9tfbBY5Zey2FVT3dYTzCYZiyvqK_wuK0hBbQ-1cxIhtBAcwihmN9xpr4ey3T6ZKpQ8610I4Thyc0q0CGWjzFgq2doZEwIf3p3TClSY-IOysAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT%26sig%3DAOD64_3ti4QQs3j3N0gOlgsFvr2TVRjNkw%26client%3Dca-pub-5413329544040947%26dbm_c%3DAKAmf-A7UDUCrTjWgRQMNw35NnOYXAX9wXkkDwlxJsL8CYUVr-mcF88BgxcJ_08OcTOAEgDtB78yo9EoVttoLMF_58ZdeO08nuT4f7eV2sxmo6E5fW_sexOiRBa3Bc5aiJrQv3AIlmUccPxhQGRnvhG4VLErS4MRPLt9zamibWzFHQUbK5_lcO4%26cry%3D1%26dbm_d%3DAKAmf-AXg8_4BnaMiuPGnjaGEQBI2--8SALe29J89ZogQXKsnFPwCJdv9atcjWHR6cdu2oYJEI2sLBoOyOFaj327mAKB8PyiM_yK6Ka9rof1iOrWUec9H21_LaV0TaeQa3IdtqH5oAyEDKyxuCIaMztabLom7XD4nVLq63LkMusblQeY8YXqlROzLeyPygR2099Wj2uElguWIeG70QGYjVKw8SMYRLNUS-j_4Fgx67mxTghmWXU78eWUhSBxRQuYqjtjDCEVOWSc9nZQJFVdtiDVHrgDqbXuNCvcSdQr17jD5DDMHifJTKqpMpGqLnj0HsjdBlFkjqZOZQDVbuTRs7JPSVQJQ8Fr0pvw634WS40JejCkbBUi_KYu_zk724Wc47QJTPWyVf15bpz-vTaYEegM4zyhYUpPwshgLdnoXRGKhhnyWyok7qhRsZqzC6F01p-WFNXvhKGiOFTN5zRRRog8PxwHB6Ca8MB3fu7kDvRdnU4bT86GORIFdusIP_LQuXZigqFUPVQ-PHVA6JB9J3mvYH8aarZJ-nqctUwn9RxPaQAMvchk50c%26adurl%3D&documentReferer=https%3A%2F%2Fsend.cm%2F&ancestorOrigins=null&random=3136608161160&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP/1.1
Host: hal900018.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 23 Nov 2022 21:55:23 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 23 Nov 2022 21:55:23 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=fb8233456d136201; expires=Tue, 21-Feb-2023 21:55:23 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=21f52334b6&subid=&uid=4baf138b5b4d41bc&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGg2EypZ-Y6OgG4WoZq_xsxDJuaKcacy8zc7VD_AuEAEg8tO5e2DDhICAmBjIAQmpAtMPUUGDYrE-qAMBqgThAU_QvBWjGQgW4oZuf6FACapRUHmXnbUi98gaEQpTV6tyMSoGKrvzB7n7jb7rJ7OTMeV3m8Z0PpfVqDBprugh0ZQLmIAK9G5T-Ya6QcX2nQN9ek5Scf-vrOgAfO9L8MjtyrGk8Cv5akuTFATIPgH9XQZlFqN7jV6ofazSsJO7bfgeVjJUfeMwuwVWiiO7-VUjykE9tfbBY5Zey2FVT3dYTzCYZiyvqK_wuK0hBbQ-1cxIhtBAcwihmN9xpr4ey3T6ZKpQ8610I4Thyc0q0CGWjzFgq2doZEwIf3p3TClSY-IOysAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT%26sig%3DAOD64_3ti4QQs3j3N0gOlgsFvr2TVRjNkw%26client%3Dca-pub-5413329544040947%26dbm_c%3DAKAmf-A7UDUCrTjWgRQMNw35NnOYXAX9wXkkDwlxJsL8CYUVr-mcF88BgxcJ_08OcTOAEgDtB78yo9EoVttoLMF_58ZdeO08nuT4f7eV2sxmo6E5fW_sexOiRBa3Bc5aiJrQv3AIlmUccPxhQGRnvhG4VLErS4MRPLt9zamibWzFHQUbK5_lcO4%26cry%3D1%26dbm_d%3DAKAmf-AXg8_4BnaMiuPGnjaGEQBI2--8SALe29J89ZogQXKsnFPwCJdv9atcjWHR6cdu2oYJEI2sLBoOyOFaj327mAKB8PyiM_yK6Ka9rof1iOrWUec9H21_LaV0TaeQa3IdtqH5oAyEDKyxuCIaMztabLom7XD4nVLq63LkMusblQeY8YXqlROzLeyPygR2099Wj2uElguWIeG70QGYjVKw8SMYRLNUS-j_4Fgx67mxTghmWXU78eWUhSBxRQuYqjtjDCEVOWSc9nZQJFVdtiDVHrgDqbXuNCvcSdQr17jD5DDMHifJTKqpMpGqLnj0HsjdBlFkjqZOZQDVbuTRs7JPSVQJQ8Fr0pvw634WS40JejCkbBUi_KYu_zk724Wc47QJTPWyVf15bpz-vTaYEegM4zyhYUpPwshgLdnoXRGKhhnyWyok7qhRsZqzC6F01p-WFNXvhKGiOFTN5zRRRog8PxwHB6Ca8MB3fu7kDvRdnU4bT86GORIFdusIP_LQuXZigqFUPVQ-PHVA6JB9J3mvYH8aarZJ-nqctUwn9RxPaQAMvchk50c%26adurl%3D&documentReferer=https%3A%2F%2Fsend.cm%2F&ancestorOrigins=null&random=3136608161160&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_904629501270&jsTagObjCallback=__tagObject_callback_904629501270&num=6&ctx=1828362&cmp=115739&plc=4254522&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=904629501270&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://send.cm/d/GHOg&chro=0&hist=1&winh=90&winw=970&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gEPJJo74uXxMHBSrqlpsSA&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210771031&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1182693655087&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETauU2%26C%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETau5Tauvw~8&dvp_exetime=9.00&callbackName=__verify_callback_904629501270
34.149.12.213200 OK 264 B URL HTTP/1.1 rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_904629501270&jsTagObjCallback=__tagObject_callback_904629501270&num=6&ctx=1828362&cmp=115739&plc=4254522&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=904629501270&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://send.cm/d/GHOg&chro=0&hist=1&winh=90&winw=970&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gEPJJo74uXxMHBSrqlpsSA&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210771031&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1182693655087&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETauU2%26C%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETau5Tauvw~8&dvp_exetime=9.00&callbackName=__verify_callback_904629501270
IP 34.149.12.213:0
Hash b7dbbad3c3bbf268e7f5e78447772d7a
af6aeb945090d48b074d28e768023357e1b59227
44d6086286a74d4f2d6d88850a36b6cd02f5d1674b2012c1d8771365cc9afc88
GET /verify.js?flvr=0&jsCallback=__verify_callback_904629501270&jsTagObjCallback=__tagObject_callback_904629501270&num=6&ctx=1828362&cmp=115739&plc=4254522&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=904629501270&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://send.cm/d/GHOg&chro=0&hist=1&winh=90&winw=970&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVP_PP_IMP_ID=ABAjH0gEPJJo74uXxMHBSrqlpsSA&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210771031&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1182693655087&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=161&eparams=DC4FC%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETauU2%26C%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETau5Tauvw~8&dvp_exetime=9.00&callbackName=__verify_callback_904629501270 HTTP/1.1
Host: rtb0.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:55:23 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=0
Content-Encoding: br
Expires: 11/22/2022 21:55:23
Pragma: no-cache
Vary: Accept-Encoding
X-DV-Response: 0
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5e60ad309112b9e615def33501e91a12
fb7ef3b54b1176d27c7e94008e06eb96f6514019
84edacbc08e5da64ac6fcfa75b3b8ab52bd7cf42d83e64bbde1c7a9e9b542a78
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5232
Cache-Control: max-age=121125
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:23 GMT
Etag: "637db880-1d7"
Expires: Fri, 25 Nov 2022 07:34:08 GMT
Last-Modified: Wed, 23 Nov 2022 06:06:56 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
hal900018.redintelligence.net/request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=21f52334b6&subid=&uid=4baf138b5b4d41bc&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGg2EypZ-Y6OgG4WoZq_xsxDJuaKcacy8zc7VD_AuEAEg8tO5e2DDhICAmBjIAQmpAtMPUUGDYrE-qAMBqgThAU_QvBWjGQgW4oZuf6FACapRUHmXnbUi98gaEQpTV6tyMSoGKrvzB7n7jb7rJ7OTMeV3m8Z0PpfVqDBprugh0ZQLmIAK9G5T-Ya6QcX2nQN9ek5Scf-vrOgAfO9L8MjtyrGk8Cv5akuTFATIPgH9XQZlFqN7jV6ofazSsJO7bfgeVjJUfeMwuwVWiiO7-VUjykE9tfbBY5Zey2FVT3dYTzCYZiyvqK_wuK0hBbQ-1cxIhtBAcwihmN9xpr4ey3T6ZKpQ8610I4Thyc0q0CGWjzFgq2doZEwIf3p3TClSY-IOysAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT%26sig%3DAOD64_3ti4QQs3j3N0gOlgsFvr2TVRjNkw%26client%3Dca-pub-5413329544040947%26dbm_c%3DAKAmf-A7UDUCrTjWgRQMNw35NnOYXAX9wXkkDwlxJsL8CYUVr-mcF88BgxcJ_08OcTOAEgDtB78yo9EoVttoLMF_58ZdeO08nuT4f7eV2sxmo6E5fW_sexOiRBa3Bc5aiJrQv3AIlmUccPxhQGRnvhG4VLErS4MRPLt9zamibWzFHQUbK5_lcO4%26cry%3D1%26dbm_d%3DAKAmf-AXg8_4BnaMiuPGnjaGEQBI2--8SALe29J89ZogQXKsnFPwCJdv9atcjWHR6cdu2oYJEI2sLBoOyOFaj327mAKB8PyiM_yK6Ka9rof1iOrWUec9H21_LaV0TaeQa3IdtqH5oAyEDKyxuCIaMztabLom7XD4nVLq63LkMusblQeY8YXqlROzLeyPygR2099Wj2uElguWIeG70QGYjVKw8SMYRLNUS-j_4Fgx67mxTghmWXU78eWUhSBxRQuYqjtjDCEVOWSc9nZQJFVdtiDVHrgDqbXuNCvcSdQr17jD5DDMHifJTKqpMpGqLnj0HsjdBlFkjqZOZQDVbuTRs7JPSVQJQ8Fr0pvw634WS40JejCkbBUi_KYu_zk724Wc47QJTPWyVf15bpz-vTaYEegM4zyhYUpPwshgLdnoXRGKhhnyWyok7qhRsZqzC6F01p-WFNXvhKGiOFTN5zRRRog8PxwHB6Ca8MB3fu7kDvRdnU4bT86GORIFdusIP_LQuXZigqFUPVQ-PHVA6JB9J3mvYH8aarZJ-nqctUwn9RxPaQAMvchk50c%26adurl%3D&documentReferer=https%3A%2F%2Fsend.cm%2F&ancestorOrigins=null&random=3136608161160&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
144.76.91.199200 OK 514 B URL HTTP/1.1 hal900018.redintelligence.net/request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=21f52334b6&subid=&uid=4baf138b5b4d41bc&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGg2EypZ-Y6OgG4WoZq_xsxDJuaKcacy8zc7VD_AuEAEg8tO5e2DDhICAmBjIAQmpAtMPUUGDYrE-qAMBqgThAU_QvBWjGQgW4oZuf6FACapRUHmXnbUi98gaEQpTV6tyMSoGKrvzB7n7jb7rJ7OTMeV3m8Z0PpfVqDBprugh0ZQLmIAK9G5T-Ya6QcX2nQN9ek5Scf-vrOgAfO9L8MjtyrGk8Cv5akuTFATIPgH9XQZlFqN7jV6ofazSsJO7bfgeVjJUfeMwuwVWiiO7-VUjykE9tfbBY5Zey2FVT3dYTzCYZiyvqK_wuK0hBbQ-1cxIhtBAcwihmN9xpr4ey3T6ZKpQ8610I4Thyc0q0CGWjzFgq2doZEwIf3p3TClSY-IOysAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT%26sig%3DAOD64_3ti4QQs3j3N0gOlgsFvr2TVRjNkw%26client%3Dca-pub-5413329544040947%26dbm_c%3DAKAmf-A7UDUCrTjWgRQMNw35NnOYXAX9wXkkDwlxJsL8CYUVr-mcF88BgxcJ_08OcTOAEgDtB78yo9EoVttoLMF_58ZdeO08nuT4f7eV2sxmo6E5fW_sexOiRBa3Bc5aiJrQv3AIlmUccPxhQGRnvhG4VLErS4MRPLt9zamibWzFHQUbK5_lcO4%26cry%3D1%26dbm_d%3DAKAmf-AXg8_4BnaMiuPGnjaGEQBI2--8SALe29J89ZogQXKsnFPwCJdv9atcjWHR6cdu2oYJEI2sLBoOyOFaj327mAKB8PyiM_yK6Ka9rof1iOrWUec9H21_LaV0TaeQa3IdtqH5oAyEDKyxuCIaMztabLom7XD4nVLq63LkMusblQeY8YXqlROzLeyPygR2099Wj2uElguWIeG70QGYjVKw8SMYRLNUS-j_4Fgx67mxTghmWXU78eWUhSBxRQuYqjtjDCEVOWSc9nZQJFVdtiDVHrgDqbXuNCvcSdQr17jD5DDMHifJTKqpMpGqLnj0HsjdBlFkjqZOZQDVbuTRs7JPSVQJQ8Fr0pvw634WS40JejCkbBUi_KYu_zk724Wc47QJTPWyVf15bpz-vTaYEegM4zyhYUpPwshgLdnoXRGKhhnyWyok7qhRsZqzC6F01p-WFNXvhKGiOFTN5zRRRog8PxwHB6Ca8MB3fu7kDvRdnU4bT86GORIFdusIP_LQuXZigqFUPVQ-PHVA6JB9J3mvYH8aarZJ-nqctUwn9RxPaQAMvchk50c%26adurl%3D&documentReferer=https%3A%2F%2Fsend.cm%2F&ancestorOrigins=null&random=3136608161160&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
IP 144.76.91.199:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash ace70a740bfe4d626086001796804ff4
628fc345af8fabba2f02a89b1683d0b20a545937
ec31787fa3d2dea3e038619a553640b421e354b51b0e1f80ac28120082cd0bd2
GET /request.php?zone=p4vicekg7740&nw=20&renderingType=javascript&namespace=21f52334b6&subid=&uid=4baf138b5b4d41bc&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=336x280&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGg2EypZ-Y6OgG4WoZq_xsxDJuaKcacy8zc7VD_AuEAEg8tO5e2DDhICAmBjIAQmpAtMPUUGDYrE-qAMBqgThAU_QvBWjGQgW4oZuf6FACapRUHmXnbUi98gaEQpTV6tyMSoGKrvzB7n7jb7rJ7OTMeV3m8Z0PpfVqDBprugh0ZQLmIAK9G5T-Ya6QcX2nQN9ek5Scf-vrOgAfO9L8MjtyrGk8Cv5akuTFATIPgH9XQZlFqN7jV6ofazSsJO7bfgeVjJUfeMwuwVWiiO7-VUjykE9tfbBY5Zey2FVT3dYTzCYZiyvqK_wuK0hBbQ-1cxIhtBAcwihmN9xpr4ey3T6ZKpQ8610I4Thyc0q0CGWjzFgq2doZEwIf3p3TClSY-IOysAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT%26sig%3DAOD64_3ti4QQs3j3N0gOlgsFvr2TVRjNkw%26client%3Dca-pub-5413329544040947%26dbm_c%3DAKAmf-A7UDUCrTjWgRQMNw35NnOYXAX9wXkkDwlxJsL8CYUVr-mcF88BgxcJ_08OcTOAEgDtB78yo9EoVttoLMF_58ZdeO08nuT4f7eV2sxmo6E5fW_sexOiRBa3Bc5aiJrQv3AIlmUccPxhQGRnvhG4VLErS4MRPLt9zamibWzFHQUbK5_lcO4%26cry%3D1%26dbm_d%3DAKAmf-AXg8_4BnaMiuPGnjaGEQBI2--8SALe29J89ZogQXKsnFPwCJdv9atcjWHR6cdu2oYJEI2sLBoOyOFaj327mAKB8PyiM_yK6Ka9rof1iOrWUec9H21_LaV0TaeQa3IdtqH5oAyEDKyxuCIaMztabLom7XD4nVLq63LkMusblQeY8YXqlROzLeyPygR2099Wj2uElguWIeG70QGYjVKw8SMYRLNUS-j_4Fgx67mxTghmWXU78eWUhSBxRQuYqjtjDCEVOWSc9nZQJFVdtiDVHrgDqbXuNCvcSdQr17jD5DDMHifJTKqpMpGqLnj0HsjdBlFkjqZOZQDVbuTRs7JPSVQJQ8Fr0pvw634WS40JejCkbBUi_KYu_zk724Wc47QJTPWyVf15bpz-vTaYEegM4zyhYUpPwshgLdnoXRGKhhnyWyok7qhRsZqzC6F01p-WFNXvhKGiOFTN5zRRRog8PxwHB6Ca8MB3fu7kDvRdnU4bT86GORIFdusIP_LQuXZigqFUPVQ-PHVA6JB9J3mvYH8aarZJ-nqctUwn9RxPaQAMvchk50c%26adurl%3D&documentReferer=https%3A%2F%2Fsend.cm%2F&ancestorOrigins=null&random=3136608161160&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 HTTP/1.1
Host: hal900018.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=fb8233456d136201
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:55:23 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 23 Nov 2022 21:55:23 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=fb8233456d136201; expires=Tue, 21-Feb-2023 21:55:23 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
X-NEORY-SubId: 76339600157420704438340012152018
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 514
Connection: close
Content-Type: application/x-javascript; charset=utf-8
adobe.demdex.net/event?d_stuff=1&d_rtbd=json&d_cb=fltk
3.248.127.202302 Found 0 B URL HTTP/1.1 adobe.demdex.net/event?d_stuff=1&d_rtbd=json&d_cb=fltk
IP 3.248.127.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?d_stuff=1&d_rtbd=json&d_cb=fltk HTTP/1.1
Host: adobe.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0c67d0b74.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://adobe.demdex.net/firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=42835252055903607001438719585882407333; Max-Age=15552000; Expires=Mon, 22 May 2023 21:55:23 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: FPf/ShTpS/s=
Content-Length: 0
Connection: keep-alive
adobe.demdex.net/firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk
3.248.127.202200 OK 34 B URL HTTP/1.1 adobe.demdex.net/firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk
IP 3.248.127.202:0
File type ASCII text, with no line terminators
Hash 172c41d6e5091275076fb86a0c069146
ad6111551bc17f301d183e5d1696dd965869cc93
40942d4c9bf4671bd978b99d2b41ad7f72196651baa180fa808ecd679828b10b
GET /firstevent?d_stuff=1&d_rtbd=json&d_cb=fltk HTTP/1.1
Host: adobe.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/javascript;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0fb9f79b9.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: hTYPseu4SaE=
Content-Length: 34
Connection: keep-alive
servedby.flashtalking.com/imp/8/115739;4254522;201;js;DV360;DV360FY20EDUBEHCustomIntentNODSKBAN728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fb99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ft_section=undefined__&cachebuster=210701.53776985302
2.23.132.54200 OK 682 B URL HTTP/1.1 servedby.flashtalking.com/imp/8/115739;4254522;201;js;DV360;DV360FY20EDUBEHCustomIntentNODSKBAN728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fb99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ft_section=undefined__&cachebuster=210701.53776985302
IP 2.23.132.54:0
ASN #1299 Telia Company AB
File type ASCII text, with CRLF, CR, LF line terminators
Hash a1b8f3be8d889ecd65595970051ec2e5
491114ee6ea6aefb9af05742dc7dff3ff719b89a
5738d8a6a663b6bd04cfdb6d3e7a8ea2fa00641bc83c3ce9b3b7ebd95d4468b1
GET /imp/8/115739;4254522;201;js;DV360;DV360FY20EDUBEHCustomIntentNODSKBAN728x90/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fb99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ft_section=undefined__&cachebuster=210701.53776985302 HTTP/1.1
Host: servedby.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=ISO-8859-1
Server: prod-xre-app3.frk11
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Wed, 23 Nov 2022 21:55:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 23 Nov 2022 21:55:23 GMT
Content-Length: 682
Connection: keep-alive
Strict-Transport-Security: max-age=86400
cdn.flashtalking.com/xre/425/4254522/4118280/js/j-4254522-4118280.js
23.38.200.44200 OK 15 kB URL HTTP/1.1 cdn.flashtalking.com/xre/425/4254522/4118280/js/j-4254522-4118280.js
IP 23.38.200.44:0
File type ASCII text, with very long lines (2897), with CRLF, CR, LF line terminators
Hash 9695517b2e11ca7280334ba66d4dc9ee
e5e5f2a2e8dfe38ee5177b9aef85cebbc8a01b91
3f6cf4caa9486ce37b1ec3d0caaf07fbc707110c5471991f58112fdf8b25aa2b
GET /xre/425/4254522/4118280/js/j-4254522-4118280.js HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 10 Nov 2022 11:37:54 GMT
Content-Type: text/javascript; charset=utf-8
ETag: W/"870bb82cb634694a8fc83cac060f83a2"
X-Varnish: 629203866
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Wed, 23 Nov 2022 22:15:23 GMT
Date: Wed, 23 Nov 2022 21:55:23 GMT
Content-Length: 15219
Connection: keep-alive
Server: Flashtalking (AKA)
cdn.doubleverify.com/dv-measurements3225.js
23.33.119.19200 OK 107 kB URL HTTP/1.1 cdn.doubleverify.com/dv-measurements3225.js
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 107 kB (107051 bytes)
Hash 91ae00b659005c9ae9ab9a3e80f8fc0c
524b8dd3a0a1beeb52d875f907a76a16b9e2d1e6
119a00e46e5ec2cc579840435b0f501d92f2727b51631638147c48067e48b161
GET /dv-measurements3225.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2022 09:55:39 GMT
Accept-Ranges: bytes
ETag: "809f579358fed81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 107051
Date: Wed, 23 Nov 2022 21:55:23 GMT
Connection: keep-alive
hal900018.redintelligence.net/request_content.php?s=76339600157420704438340012152018&a=7ac2f2a4
144.76.91.199200 OK 1.4 kB URL HTTP/1.1 hal900018.redintelligence.net/request_content.php?s=76339600157420704438340012152018&a=7ac2f2a4
IP 144.76.91.199:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d613f44efcc716687f7cd65f2769d9be
74e1057f425e7797bbf83edc6e4537fadb81ea96
8be3d07f3a2ca4266bdbccce6ff8f8c2c04c45fea439c94cc19f17385926d5d1
GET /request_content.php?s=76339600157420704438340012152018&a=7ac2f2a4 HTTP/1.1
Host: hal900018.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Cookie: 8lcfmzhxc8d6_uid=fb8233456d136201
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:55:23 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 23 Nov 2022 21:55:23 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1414
Connection: close
Content-Type: text/html; charset=utf-8
cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115739&sid=18330&plc=4254522&num=&adid=&advid=&adsrv=29&btreg=4254522&btadsrv=flashtalking&crt=4118280&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=B23AE0AF-B96F-527B-2B9E-3DABA1980509&auevent=&978761824
23.33.119.19200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115739&sid=18330&plc=4254522&num=&adid=&advid=&adsrv=29&btreg=4254522&btadsrv=flashtalking&crt=4118280&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=B23AE0AF-B96F-527B-2B9E-3DABA1980509&auevent=&978761824
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (7951)
Hash 9b7ce23aa4ed2d545251051de21faa86
e28916ece42e6fd50e00245de0b8bd37010b87a4
caf980ab1ffa6adf92204724f64b3870cd37f012a00d5128f81c0447fc8e8b0e
GET /dvtp_src.js?ctx=1828362&cmp=115739&sid=18330&plc=4254522&num=&adid=&advid=&adsrv=29&btreg=4254522&btadsrv=flashtalking&crt=4118280&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=B23AE0AF-B96F-527B-2B9E-3DABA1980509&auevent=&978761824 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2022 11:10:24 GMT
Accept-Ranges: bytes
ETag: "0509c463fed81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3314
Date: Wed, 23 Nov 2022 21:55:24 GMT
Connection: keep-alive
secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
23.38.200.44200 OK 1.3 kB URL HTTP/1.1 secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
IP 23.38.200.44:0
File type PNG image data, 19 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash db320ef6f3c45ab5c90887ef618de2bb
7d4bd175166545ea775fcb69b406eba11f7fa3ec
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
GET /oba/icon/iconc.png?EDAA_icon=y HTTP/1.1
Host: secure.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 12 Apr 2014 19:14:32 GMT
Content-Type: image/png
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-Varnish: 440713868 434560932
Accept-Ranges: bytes
Content-Length: 1308
Cache-Control: max-age=905988
Expires: Sun, 04 Dec 2022 09:35:12 GMT
Date: Wed, 23 Nov 2022 21:55:24 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
cdn.flashtalking.com/xre/425/4254522/4118280/image/4118280.gif?754851315
23.38.200.44200 OK 20 kB URL HTTP/1.1 cdn.flashtalking.com/xre/425/4254522/4118280/image/4118280.gif?754851315
IP 23.38.200.44:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 728x90, components 3\012- data
Hash 92f9a4fd147b3bceddb08ea4c46bc449
8f2d84a7d8bda1c3fb8b1c367cfa433a6e1d1483
af4f6322baeaeed4893dff03f4357ee3ba7f8f695e2c39094a6ed92d8ed3afc9
GET /xre/425/4254522/4118280/image/4118280.gif?754851315 HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 10 Nov 2022 11:37:54 GMT
Content-Type: image/gif
ETag: W/"92f9a4fd147b3bceddb08ea4c46bc449"
X-Varnish: 628851058
Accept-Ranges: bytes
Content-Length: 20015
Cache-Control: max-age=1200
Expires: Wed, 23 Nov 2022 22:15:24 GMT
Date: Wed, 23 Nov 2022 21:55:24 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
23.38.200.44200 OK 6.0 kB URL HTTP/1.1 secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
IP 23.38.200.44:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash d675694ab4d4d2eb56cca854c25d9c36
34174b9397a3cb289f892f1f98ccc51a63698360
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
GET /oba/icon/consumer-privacy-logo.png HTTP/1.1
Host: secure.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Content-Type: image/png
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-Varnish: 135911143 136579284
Accept-Ranges: bytes
Content-Length: 5953
Cache-Control: max-age=885
Expires: Wed, 23 Nov 2022 22:10:09 GMT
Date: Wed, 23 Nov 2022 21:55:24 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
hal900018.redintelligence.net/viewability?s=76339600157420704438340012152018&a=b33448d3&vb=m
144.76.91.199200 OK 0 B URL HTTP/1.1 hal900018.redintelligence.net/viewability?s=76339600157420704438340012152018&a=b33448d3&vb=m
IP 144.76.91.199:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=76339600157420704438340012152018&a=b33448d3&vb=m HTTP/1.1
Host: hal900018.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900018.redintelligence.net/request_content.php?s=76339600157420704438340012152018&a=7ac2f2a4
Cookie: 8lcfmzhxc8d6_uid=fb8233456d136201
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:55:24 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
cdn.contentspread.net/24i/content/soberfb/EN/S-336x280.gif
51.75.147.170200 OK 79 kB URL HTTP/1.1 cdn.contentspread.net/24i/content/soberfb/EN/S-336x280.gif
IP 51.75.147.170:0
File type GIF image data, version 89a, 336 x 280\012- data
Hash 2d8f4084666e5bd2e4b050d82b791c0e
1f9f90f623398be4f3b4c198c602ca127243d4e3
0a946d52ac8890900833e2996c926ddabba3d9aa7dd4d9d7a1b4e5cd1db8dd34
GET /24i/content/soberfb/EN/S-336x280.gif HTTP/1.1
Host: cdn.contentspread.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900018.redintelligence.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 21:55:24 GMT
Content-Type: image/gif
Content-Length: 79127
Last-Modified: Mon, 23 Jul 2018 15:19:52 GMT
Connection: close
ETag: "5b55f218-13517"
Accept-Ranges: bytes
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash b6bd65063904c5398bbff9f726b1c506
2c451a4bffcda8303ab615b7a8ee0f0cbaa387df
094ed82af45fc1592bafc52278a8ee151386a26cbee4ff3dc26e4096cd5de8b4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 23 Nov 2022 21:55:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 23 Nov 2022 20:40:04 GMT
Expires: Thu, 24 Nov 2022 20:40:04 GMT
ETag: "2c451a4bffcda8303ab615b7a8ee0f0cbaa387df"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash b6bd65063904c5398bbff9f726b1c506
2c451a4bffcda8303ab615b7a8ee0f0cbaa387df
094ed82af45fc1592bafc52278a8ee151386a26cbee4ff3dc26e4096cd5de8b4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 23 Nov 2022 21:55:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 23 Nov 2022 20:40:04 GMT
Expires: Thu, 24 Nov 2022 20:40:04 GMT
ETag: "2c451a4bffcda8303ab615b7a8ee0f0cbaa387df"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=183&ttfrms=17&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETauU2%26C%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETau5Tauvw~8&srcurlD=0&aUrlD=-1&ssl=https:&dfs=872&ddur=164&uid=1669240524167695&jsCallback=dvCallback_1669240524167483&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&fcifrms=5&brh=1&sdf=2&dvp_epl=87&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115739&sid=18330&plc=4254522&crt=4118280&btreg=4254522&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=B23AE0AF-B96F-527B-2B9E-3DABA1980509&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=177122320.00365013&dvp_tukv=70403151.75167535&dvp_uuid=1299068624629.712&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=1285610732825
34.149.12.213200 OK 1.0 kB URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=183&ttfrms=17&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETauU2%26C%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETau5Tauvw~8&srcurlD=0&aUrlD=-1&ssl=https:&dfs=872&ddur=164&uid=1669240524167695&jsCallback=dvCallback_1669240524167483&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&fcifrms=5&brh=1&sdf=2&dvp_epl=87&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115739&sid=18330&plc=4254522&crt=4118280&btreg=4254522&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=B23AE0AF-B96F-527B-2B9E-3DABA1980509&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=177122320.00365013&dvp_tukv=70403151.75167535&dvp_uuid=1299068624629.712&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=1285610732825
IP 34.149.12.213:0
File type ASCII text, with very long lines (2445), with no line terminators
Hash 4dd4249d4ca10f8fc1f59ddb7b0af779
6ef9060a97c4a770bd290b195a5aa8ac5338335d
034b61fe62037c8e1c5a58a0795e1180dc1ae8773c66621d2da2016766254bce
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=183&ttfrms=17&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETauU2%26C%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETau5Tauvw~8&srcurlD=0&aUrlD=-1&ssl=https:&dfs=872&ddur=164&uid=1669240524167695&jsCallback=dvCallback_1669240524167483&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&fcifrms=5&brh=1&sdf=2&dvp_epl=87&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115739&sid=18330&plc=4254522&crt=4118280&btreg=4254522&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=B23AE0AF-B96F-527B-2B9E-3DABA1980509&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=177122320.00365013&dvp_tukv=70403151.75167535&dvp_uuid=1299068624629.712&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=1285610732825 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:55:24 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=0
Content-Encoding: br
Expires: 11/22/2022 21:55:24
Pragma: no-cache
Vary: Accept-Encoding
cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=666478fd1835419db2923443ec0c150f&dup=&cbust=1669240524377865
23.33.119.19302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=666478fd1835419db2923443ec0c150f&dup=&cbust=1669240524377865
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-eu3¶m=akipv6&impid=666478fd1835419db2923443ec0c150f&dup=&cbust=1669240524377865 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-eu3.doubleverify.com/event.png?impid=666478fd1835419db2923443ec0c150f&akipv6=&dup=
Date: Wed, 23 Nov 2022 21:55:24 GMT
Connection: keep-alive
tpsc-eu3.doubleverify.com/event.png?impid=666478fd1835419db2923443ec0c150f&akipv6=&dup=
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=666478fd1835419db2923443ec0c150f&akipv6=&dup=
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=666478fd1835419db2923443ec0c150f&akipv6=&dup= HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 23 Nov 2022 21:55:24 GMT
Connection: close
Cache-Control: max-age=0
Expires: 11/22/2022 21:55:24
Pragma: no-cache
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=297&ttfrms=43&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETauU2%26C%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETau5Tauvw~8&srcurlD=0&aUrlD=-1&ssl=https:&dfs=872&ddur=164&uid=1669240524118128&jsCallback=dvCallback_1669240524118784&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&fcifrms=5&brh=1&sdf=2&dvp_epl=87&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://send.cm/d/GHOg&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gEPJJo74uXxMHBSrqlpsSA&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210771031&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1182693655087&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=177122320.00365013&dvp_tukv=1459432355.3912063&dvp_uuid=13963715886.985807&dvp_tuid=1283373293766
34.149.12.213200 OK 672 B URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=297&ttfrms=43&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETauU2%26C%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETau5Tauvw~8&srcurlD=0&aUrlD=-1&ssl=https:&dfs=872&ddur=164&uid=1669240524118128&jsCallback=dvCallback_1669240524118784&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&fcifrms=5&brh=1&sdf=2&dvp_epl=87&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://send.cm/d/GHOg&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gEPJJo74uXxMHBSrqlpsSA&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210771031&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1182693655087&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=177122320.00365013&dvp_tukv=1459432355.3912063&dvp_uuid=13963715886.985807&dvp_tuid=1283373293766
IP 34.149.12.213:0
File type ASCII text, with very long lines (1169), with no line terminators
Hash 6c284f550679720a1088ef6aca206f3f
8f54f0b8117d58aedad258121464d81c8011f94b
6d579ad07901aab8f8439bbdf78123fa4adf6d6740fedae6776068946b8f9500
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=297&ttfrms=43&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETauU2%26C%3Dl9EEADTbpTauTauD6%3F5%5D4%3ETau5Tauvw~8&srcurlD=0&aUrlD=-1&ssl=https:&dfs=872&ddur=164&uid=1669240524118128&jsCallback=dvCallback_1669240524118784&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3225&tgjsver=3225&lvvn=28&m1=13&refD=2&fcifrms=5&brh=1&sdf=2&dvp_epl=87&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://send.cm/d/GHOg&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_DV_CT=1&DVP_PP_ID=3&DVPX_PP_IMP_ID=ABAjH0gEPJJo74uXxMHBSrqlpsSA&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=34081968&DVP_DBM_4=210771031&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1182693655087&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=177122320.00365013&dvp_tukv=1459432355.3912063&dvp_uuid=13963715886.985807&dvp_tuid=1283373293766 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:55:24 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=0
Content-Encoding: br
Expires: 11/22/2022 21:55:24
Pragma: no-cache
Vary: Accept-Encoding
cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=72c23180f1b8449cb1de4dc2cc5af871&dup=&cbust=1669240524471794
23.33.119.19302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=72c23180f1b8449cb1de4dc2cc5af871&dup=&cbust=1669240524471794
IP 23.33.119.19:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-eu3¶m=akipv6&impid=72c23180f1b8449cb1de4dc2cc5af871&dup=&cbust=1669240524471794 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-eu3.doubleverify.com/event.png?impid=72c23180f1b8449cb1de4dc2cc5af871&akipv6=&dup=
Date: Wed, 23 Nov 2022 21:55:24 GMT
Connection: keep-alive
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrcRpYj-mi6T-ccRzaUBnagqszecgSsCIape_eBzt83FLDuc2FCbDqrqpxD62SlD9s_ns6BmkqlG3QSXbtT7OnHnWBPqjsG32Zo9JmuGqowQ7lmeuDNvQaykOJ&sai=AMfl-YTLiCIxMCLiA9b1RYGmeFuqZ3GjctBVlUvstOw3LSr8DAb55aSsGTErQ9Kb3AKD9hxCscgtyFZVRYjJVon3NrEHnUngwCb6IjYikmcumjWKJOTm5qmNoVI8uBR-alF9ATwgG8APbaSN84vX1OvR&sig=Cg0ArKJSzNzMtW5D14EfEAE&cid=CAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT&id=lidar2&mcvt=1005&p=204,472,484,808&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3686083070&rs=4&la=0&cr=0&vs=4&r=v&rst=1669240522672&rpt=787&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
142.250.74.66200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrcRpYj-mi6T-ccRzaUBnagqszecgSsCIape_eBzt83FLDuc2FCbDqrqpxD62SlD9s_ns6BmkqlG3QSXbtT7OnHnWBPqjsG32Zo9JmuGqowQ7lmeuDNvQaykOJ&sai=AMfl-YTLiCIxMCLiA9b1RYGmeFuqZ3GjctBVlUvstOw3LSr8DAb55aSsGTErQ9Kb3AKD9hxCscgtyFZVRYjJVon3NrEHnUngwCb6IjYikmcumjWKJOTm5qmNoVI8uBR-alF9ATwgG8APbaSN84vX1OvR&sig=Cg0ArKJSzNzMtW5D14EfEAE&cid=CAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT&id=lidar2&mcvt=1005&p=204,472,484,808&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3686083070&rs=4&la=0&cr=0&vs=4&r=v&rst=1669240522672&rpt=787&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjssrcRpYj-mi6T-ccRzaUBnagqszecgSsCIape_eBzt83FLDuc2FCbDqrqpxD62SlD9s_ns6BmkqlG3QSXbtT7OnHnWBPqjsG32Zo9JmuGqowQ7lmeuDNvQaykOJ&sai=AMfl-YTLiCIxMCLiA9b1RYGmeFuqZ3GjctBVlUvstOw3LSr8DAb55aSsGTErQ9Kb3AKD9hxCscgtyFZVRYjJVon3NrEHnUngwCb6IjYikmcumjWKJOTm5qmNoVI8uBR-alF9ATwgG8APbaSN84vX1OvR&sig=Cg0ArKJSzNzMtW5D14EfEAE&cid=CAQSTADq26N9syCwQ-YvnbVFIXtksFmHm3Z8oplheKfERFciMUaFFU5L-YXSpIOYOOPcvREZ4K2Su5qBHqlLBuHd5WqWb18wrswQEdcK_XcYASAT&id=lidar2&mcvt=1005&p=204,472,484,808&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3686083070&rs=4&la=0&cr=0&vs=4&r=v&rst=1669240522672&rpt=787&isd=0&lsd=0&met=mue&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Wed, 23 Nov 2022 21:55:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpsc-eu3.doubleverify.com/event.png?impid=72c23180f1b8449cb1de4dc2cc5af871&akipv6=&dup=
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=72c23180f1b8449cb1de4dc2cc5af871&akipv6=&dup=
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=72c23180f1b8449cb1de4dc2cc5af871&akipv6=&dup= HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Wed, 23 Nov 2022 21:55:24 GMT
Connection: close
Cache-Control: max-age=0
Expires: 11/22/2022 21:55:24
Pragma: no-cache
hal900018.redintelligence.net/viewability?s=76339600157420704438340012152018&a=b33448d3&vb=v
144.76.91.199200 OK 0 B URL HTTP/1.1 hal900018.redintelligence.net/viewability?s=76339600157420704438340012152018&a=b33448d3&vb=v
IP 144.76.91.199:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=76339600157420704438340012152018&a=b33448d3&vb=v HTTP/1.1
Host: hal900018.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900018.redintelligence.net/request_content.php?s=76339600157420704438340012152018&a=7ac2f2a4
Cookie: 8lcfmzhxc8d6_uid=fb8233456d136201
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 21:55:25 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 475 B IP 142.250.74.3:0
Hash 8e227a5e85f07a3af8e326541b90d564
0db0d22feec79e7e63e343010aa7a8d76a4691dd
a36a9682b374c15a023450e3c4235b1281b15b10e4579bf2e1e87a05a2061431
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0cad81444995839dd0adaf518298011a
97d2d4b41484082ff580dd136d4f3e4dc790846d
409e8883208535817ae29e119508475b362fe773214542a9a562923558c767e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1669240526482143
142.250.74.102302 Found 0 B URL HTTP/2 ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1669240526482143
IP 142.250.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /activity;src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1669240526482143 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 21:55:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1669240526482143&~oref=https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 23-Nov-2022 22:10:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1669240526483281
142.250.74.102302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1669240526483281
IP 142.250.74.102:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1669240526483281 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 21:55:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1669240526483281&~oref=https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 23-Nov-2022 22:10:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0cad81444995839dd0adaf518298011a
97d2d4b41484082ff580dd136d4f3e4dc790846d
409e8883208535817ae29e119508475b362fe773214542a9a562923558c767e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 21:55:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/p/src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1669240526482143&~oref=https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
142.250.74.130200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1669240526482143&~oref=https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
IP 142.250.74.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=1295336;type=cs;cat=Viewa0;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;ord=1?&cbust=1669240526482143&~oref=https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 21:55:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/p/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1669240526483281&~oref=https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
142.250.74.130200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1669240526483281&~oref=https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
IP 142.250.74.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115739;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?%20&cbust=1669240526483281&~oref=https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 21:55:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZ4qB8Y-4XeYfydTwCCvmMuYLaOkqx1LAqkjrhDFNQ7Evu2EJDSn99mBhIiJfHnQ2NgrZU8YCAmFfWeiBOrVgBp3ln_sxn9kSFxOW4AR9dFGDhNbr6XpEt6LMLhUQc18Trv86ARA&sai=AMfl-YTFNeSGXxEyWEZ1XPNQMQ4qLk0gCZFrCYJsoRcpAyZY55vJgZZy02PRdCg1QvE_GYlFf8Fn4y3JYQfhaihwbDyKAgiP9YZ0k_0uZhQ87h3FhhLjPxzaJdIhtm0iCMGyjzY0wECxnOiYBMj_2GOk&sig=Cg0ArKJSzNdKmy9Cw-UjEAE&cid=CAQSTADq26N9UQaCW6ITDAj09bP8okbxeSeRLqvnFRnbqrwMyOEi0P9lbadvSIatGB7bxG8BZW4XtIqv7ARq6w6iJrC10WS8KNvwvJFI5R0YASAT&id=lidar2&mcvt=1000&p=1046,155,1136,883&mtos=474,814,1000,1118,1288&tos=474,340,186,118,170&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3405347667&rs=4&la=0&cr=0&vs=4&r=v&rst=1669240522901&rpt=1106&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
142.250.74.66200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZ4qB8Y-4XeYfydTwCCvmMuYLaOkqx1LAqkjrhDFNQ7Evu2EJDSn99mBhIiJfHnQ2NgrZU8YCAmFfWeiBOrVgBp3ln_sxn9kSFxOW4AR9dFGDhNbr6XpEt6LMLhUQc18Trv86ARA&sai=AMfl-YTFNeSGXxEyWEZ1XPNQMQ4qLk0gCZFrCYJsoRcpAyZY55vJgZZy02PRdCg1QvE_GYlFf8Fn4y3JYQfhaihwbDyKAgiP9YZ0k_0uZhQ87h3FhhLjPxzaJdIhtm0iCMGyjzY0wECxnOiYBMj_2GOk&sig=Cg0ArKJSzNdKmy9Cw-UjEAE&cid=CAQSTADq26N9UQaCW6ITDAj09bP8okbxeSeRLqvnFRnbqrwMyOEi0P9lbadvSIatGB7bxG8BZW4XtIqv7ARq6w6iJrC10WS8KNvwvJFI5R0YASAT&id=lidar2&mcvt=1000&p=1046,155,1136,883&mtos=474,814,1000,1118,1288&tos=474,340,186,118,170&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3405347667&rs=4&la=0&cr=0&vs=4&r=v&rst=1669240522901&rpt=1106&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
IP 142.250.74.66:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsuZ4qB8Y-4XeYfydTwCCvmMuYLaOkqx1LAqkjrhDFNQ7Evu2EJDSn99mBhIiJfHnQ2NgrZU8YCAmFfWeiBOrVgBp3ln_sxn9kSFxOW4AR9dFGDhNbr6XpEt6LMLhUQc18Trv86ARA&sai=AMfl-YTFNeSGXxEyWEZ1XPNQMQ4qLk0gCZFrCYJsoRcpAyZY55vJgZZy02PRdCg1QvE_GYlFf8Fn4y3JYQfhaihwbDyKAgiP9YZ0k_0uZhQ87h3FhhLjPxzaJdIhtm0iCMGyjzY0wECxnOiYBMj_2GOk&sig=Cg0ArKJSzNdKmy9Cw-UjEAE&cid=CAQSTADq26N9UQaCW6ITDAj09bP8okbxeSeRLqvnFRnbqrwMyOEi0P9lbadvSIatGB7bxG8BZW4XtIqv7ARq6w6iJrC10WS8KNvwvJFI5R0YASAT&id=lidar2&mcvt=1000&p=1046,155,1136,883&mtos=474,814,1000,1118,1288&tos=474,340,186,118,170&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3405347667&rs=4&la=0&cr=0&vs=4&r=v&rst=1669240522901&rpt=1106&isd=0&lsd=0&met=mue&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Wed, 23 Nov 2022 21:55:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpsc-eu3.doubleverify.com/event.png?impid=666478fd1835419db2923443ec0c150f&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=196&eoid=14&msrjs=3225&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=164&tetms=7&msltms=25&vltms=196&sei=146&vetms=15&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=456&msrcannum=4&ismms=24&isumms=23&nvr=6&isgmmims=24&isgmv4mims=23&elmtp=6&isbxdms=2673&b0=1543&b2=101&b4=103&b6=100&b7=100&b8=100&b9=100&b10=202&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=16&lftb=2751&sftb=2751&msrdp=1&naral=192&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&engalms=22&dvp_dpr=1&dvp_valpct=2&b11=402&isgmpims=2372&isiabvms=2673&isuiabvms=2673&vsos=4&ttfurm=3225&cbust=1669240527377898
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=666478fd1835419db2923443ec0c150f&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=196&eoid=14&msrjs=3225&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=164&tetms=7&msltms=25&vltms=196&sei=146&vetms=15&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=456&msrcannum=4&ismms=24&isumms=23&nvr=6&isgmmims=24&isgmv4mims=23&elmtp=6&isbxdms=2673&b0=1543&b2=101&b4=103&b6=100&b7=100&b8=100&b9=100&b10=202&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=16&lftb=2751&sftb=2751&msrdp=1&naral=192&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&engalms=22&dvp_dpr=1&dvp_valpct=2&b11=402&isgmpims=2372&isiabvms=2673&isuiabvms=2673&vsos=4&ttfurm=3225&cbust=1669240527377898
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event.png?impid=666478fd1835419db2923443ec0c150f&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=196&eoid=14&msrjs=3225&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=164&tetms=7&msltms=25&vltms=196&sei=146&vetms=15&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=456&msrcannum=4&ismms=24&isumms=23&nvr=6&isgmmims=24&isgmv4mims=23&elmtp=6&isbxdms=2673&b0=1543&b2=101&b4=103&b6=100&b7=100&b8=100&b9=100&b10=202&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=16&lftb=2751&sftb=2751&msrdp=1&naral=192&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&engalms=22&dvp_dpr=1&dvp_valpct=2&b11=402&isgmpims=2372&isiabvms=2673&isuiabvms=2673&vsos=4&ttfurm=3225&cbust=1669240527377898 HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Date: Wed, 23 Nov 2022 21:55:28 GMT
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Expires: 11/22/2022 21:55:28
Pragma: no-cache
tpsc-eu3.doubleverify.com/event.png?impid=72c23180f1b8449cb1de4dc2cc5af871&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=345&eoid=15&msrjs=3225&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=164&tetms=4&msltms=15&vltms=345&sei=145&vetms=9&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=53&isumms=52&nvr=6&isgmmims=53&isgmv4mims=53&elmtp=6&isbxdms=3279&b0=1493&b1=108&b2=101&b4=100&b6=101&b7=100&b8=101&b9=104&b10=100&b11=1022&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=16&lftb=3330&sftb=3330&msrdp=2&naral=128&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isgmpims=2365&engalms=51&dvp_dpr=1&dvp_valpct=2&isiabvms=2769&isuiabvms=2769&vsos=4&ispmxpms=3279&isgmv4dpims=3279&ttfurm=3395&cbust=1669240527472417
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=72c23180f1b8449cb1de4dc2cc5af871&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=345&eoid=15&msrjs=3225&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=164&tetms=4&msltms=15&vltms=345&sei=145&vetms=9&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=53&isumms=52&nvr=6&isgmmims=53&isgmv4mims=53&elmtp=6&isbxdms=3279&b0=1493&b1=108&b2=101&b4=100&b6=101&b7=100&b8=101&b9=104&b10=100&b11=1022&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=16&lftb=3330&sftb=3330&msrdp=2&naral=128&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isgmpims=2365&engalms=51&dvp_dpr=1&dvp_valpct=2&isiabvms=2769&isuiabvms=2769&vsos=4&ispmxpms=3279&isgmv4dpims=3279&ttfurm=3395&cbust=1669240527472417
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event.png?impid=72c23180f1b8449cb1de4dc2cc5af871&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=345&eoid=15&msrjs=3225&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=164&tetms=4&msltms=15&vltms=345&sei=145&vetms=9&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=53&isumms=52&nvr=6&isgmmims=53&isgmv4mims=53&elmtp=6&isbxdms=3279&b0=1493&b1=108&b2=101&b4=100&b6=101&b7=100&b8=101&b9=104&b10=100&b11=1022&adhgt=90&adwdth=728&norwdth=728&norhgt=90&dvp_vsosnmr=16&lftb=3330&sftb=3330&msrdp=2&naral=128&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isgmpims=2365&engalms=51&dvp_dpr=1&dvp_valpct=2&isiabvms=2769&isuiabvms=2769&vsos=4&ispmxpms=3279&isgmv4dpims=3279&ttfurm=3395&cbust=1669240527472417 HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://b99f05e14d85bb91ff186ec07dde5bfd.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Date: Wed, 23 Nov 2022 21:55:28 GMT
Connection: close
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Expires: 11/22/2022 21:55:28
Pragma: no-cache
send.cm/d/GHOg
104.26.2.171200 OK 0 B IP 104.26.2.171:0
GET /d/GHOg HTTP/1.1
Host: send.cm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 23 Nov 2022 21:55:20 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=0;includeSubDomains;
expires: Tue, 22 Nov 2022 21:55:20 GMT
set-cookie: lang=english; domain=.send.cm; path=/
c_7hyj5tegwm4sd1=sjc270ydu16m; domain=.send.cm; path=/
aff=68359; domain=.send.cm; path=/; expires=Wed, 07-Dec-2022 21:55:20 GMT
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BbC69BYijqFujEmWrstYVHI7URdHgUmdxTjVoUP13d09Ed9cQrLQokyJIyuQ2px9s1Gevd%2BWtKDOknmn9ALW6WIh5KhBHoWNvVWt2riknvEnrOmR2Z8k1YU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ed26025adbb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
increaserev.com/ads/ob/tagf/send.js
104.26.1.126200 OK 0 B URL HTTP/2 increaserev.com/ads/ob/tagf/send.js
IP 104.26.1.126:0
GET /ads/ob/tagf/send.js HTTP/1.1
Host: increaserev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 21:55:20 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 12:43:53 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1259
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1peJz5XD9DQiWOKnvET5uxQBz462eQyP7O3hqxj%2Bz8REi1J7k%2F2K3XbIaFvLIhJRj9zsFecnneYVEozQzuBcMF1YYMWbSlxwlkQDQcdFoqFdqVesRK0HYrHeb0r3Ld5iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ed2606e9db0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secureads.increaserev.com/InvalidAds/track.php?ip=undefined&domain=send.cm&type=send.js___default
172.67.74.114200 OK 0 B URL HTTP/2 secureads.increaserev.com/InvalidAds/track.php?ip=undefined&domain=send.cm&type=send.js___default
IP 172.67.74.114:0
GET /InvalidAds/track.php?ip=undefined&domain=send.cm&type=send.js___default HTTP/1.1
Host: secureads.increaserev.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://send.cm
Connection: keep-alive
Referer: https://send.cm/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 23 Nov 2022 21:55:22 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
x-varnish: 363980350
age: 0
x-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HPnLfKp%2FXrOD2o5KnVdxxoAjwNiAKXUO2paIyFD3iH9XYVKA9003H6IW6FH6vKgkqNt9AC91wZx2tta1QKddXZTj7H5GE4B3EFIQF%2BD4CqKTWXgZfbBj%2F6r8bOAnYVoG6oA2kXDCu3oHqA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76ed26097f6ab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2