r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5381
Expires: Fri, 09 Dec 2022 17:09:03 GMT
Date: Fri, 09 Dec 2022 15:39:22 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9615
Expires: Fri, 09 Dec 2022 18:19:37 GMT
Date: Fri, 09 Dec 2022 15:39:22 GMT
Connection: keep-alive
1kora.koooora-live.com/2022/12/croatia-vs-brazil.html
142.250.74.19301 Moved Permanently 200 B URL HTTP/1.1 1kora.koooora-live.com/2022/12/croatia-vs-brazil.html
IP 142.250.74.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 02d056b1a5aab185fd053de5a793d1f9
e2240521df5ffb16e990adbe249602954e14f03e
37ab01945a28b44282ce8e8cc46c4ab05c6f87dc8dfe55e55f257b0d207ac0d0
GET /2022/12/croatia-vs-brazil.html HTTP/1.1
Host: 1kora.koooora-live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://1kora.koooora-live.com/2022/12/croatia-vs-brazil.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Fri, 09 Dec 2022 15:39:22 GMT
Expires: Fri, 09 Dec 2022 15:39:22 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 200
Server: GSE
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 15:33:14 GMT
content-type: application/json
age: 368
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12056
Expires: Fri, 09 Dec 2022 19:00:18 GMT
Date: Fri, 09 Dec 2022 15:39:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GMmjM0O44g30etEO0N9d0wCfc7caQxmBh4pqj6XhnCcJLlGtdw78HgUIP+fETcsw8OF+MoynAcw=
x-amz-request-id: 8Y5FZ0G4CJANWC70
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 14:48:22 GMT
age: 3060
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/_V0wJVQeYzc
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/_V0wJVQeYzc
IP 142.250.74.131:0
Hash 0ea62604ad51e17a5cb8315f730b8efb
c649adaf56086d23398b02bbbe594dcf8a391092
37a660f21a4b5cdd5bb85f7da632c0f672bf0178f447064b92c8f80d88d18a6d
POST /s/gts1d4/_V0wJVQeYzc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 15:39:22 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
1kora.koooora-live.com/2022/12/croatia-vs-brazil.html
142.250.74.19200 OK 53 kB URL HTTP/2 1kora.koooora-live.com/2022/12/croatia-vs-brazil.html
IP 142.250.74.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12236)
Hash 696bf4e53b8a9a5cf98dfe272fee13b6
2ed816d9dddd170b10a9c975ff30f7d6250b8318
7fa9853a353dfe2fc2600b939b15dd26d38829a5abd30fefa4c0d8cdefa0cd63
GET /2022/12/croatia-vs-brazil.html HTTP/1.1
Host: 1kora.koooora-live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-robots-tag: all
content-type: text/html; charset=UTF-8
expires: Fri, 09 Dec 2022 15:39:22 GMT
date: Fri, 09 Dec 2022 15:39:22 GMT
cache-control: private, max-age=0
last-modified: Fri, 09 Dec 2022 15:26:18 GMT
etag: W/"1ca19ab1310622a3a871337f1c2f9650dc8fb71540fb14a814c89688851d4ec6"
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 53324
server: GSE
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 34da737f5d8fab7415ab2d552058d653
2e28de807960cde0030e68b4f468aaeecd1b533f
bbd3063026b41b4487911d85977a7dfe8e0f62f93a48cedad2ce2448f28e2cf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 95e9ab32c2362e0fb3fa1535fa64bc4b
e3d264cee001b48ca418d5c83b861e0c7e8e75a4
d6708b88df61985bd15ffdea3f9c8a3038689ef041edcb388e57d99e7d887bf2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3458
Cache-Control: max-age=97639
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:22 GMT
Etag: "6392238f-117"
Expires: Sat, 10 Dec 2022 18:46:41 GMT
Last-Modified: Thu, 08 Dec 2022 17:49:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
api.sofascore.app/api/v1/team/4715/image
172.67.68.124200 OK 4.2 kB URL HTTP/2 api.sofascore.app/api/v1/team/4715/image
IP 172.67.68.124:0
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash c3f7e6cbca7286bdf8afa31d707acb24
09cc7a98fcc770bf7bec85f14de5cfde5a6948b6
ff44784524383d140eeb4f20a7ce3afc1070e51cf8f372be6b74b42133cb28ef
GET /api/v1/team/4715/image HTTP/1.1
Host: api.sofascore.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:22 GMT
content-type: image/png
content-length: 4164
cache-control: max-age=604800, public
access-control-allow-origin: *
etag: "c3f7e6cbca"
x-app: web-web-6lv6b
route: app_api_v1_team_image
x-backend: gra-srv29
x-varnish: 459862379, 768725313 30241885
via: 1.1 varnish (Varnish/7.1), 1.1 varnish (Varnish/6.6)
x-director: rbx-srv20
x-hitmiss: hit
x-executiontime: 1
cf-cache-status: HIT
age: 183844
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLPmDQzSl5zQQ8dVzQUzezV1SKZOGxICrljgY%2B5knrwcndZ6bBS%2FVCPhW1NlimPCucHDvtCHb%2FmT2YTtrr9KgE1x8jRQDIs2FdEcYlAbd%2FgchmTq9rjEm0g1wiV6PJHinJ3w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ed54b9fbab511-OSL
X-Firefox-Spdy: h2
api.sofascore.app/api/v1/team/4748/image
172.67.68.124200 OK 2.7 kB URL HTTP/2 api.sofascore.app/api/v1/team/4748/image
IP 172.67.68.124:0
File type PNG image data, 150 x 150, 8-bit colormap, non-interlaced\012- data
Hash 6a578aca5fb22a7ab180463aad4744b8
d195c320dc716d52a525e3b5f30d6be07a9f4c78
24884ac405cc013fed6301f2e7fface69764343cc55eb0e47de7025b9eaa346d
GET /api/v1/team/4748/image HTTP/1.1
Host: api.sofascore.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:22 GMT
content-type: image/png
content-length: 2650
cache-control: max-age=604800, public
access-control-allow-origin: *
etag: "6a578aca5f"
x-app: web-web-qw4gk
route: app_api_v1_team_image
x-backend: gra-srv25
x-varnish: 123323468 123668015, 572774330 466232845
via: 1.1 varnish (Varnish/7.1), 1.1 varnish (Varnish/6.6)
x-director: rbx-srv25
x-hitmiss: hit
x-executiontime: 1
cf-cache-status: HIT
age: 336779
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1ohSt35fhIs80drn%2FgnzPOpqyQQXFFzHY0iOnRxuFE1lenwKOrRTwbdQxwdtNpEZ59aASjCyy4tPjiiZtMcfMz2IdNaheGBVOMFwUJP7JSvMIqF6dv%2BxDvzJZorDN%2BYq1O5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ed54b9fbeb511-OSL
X-Firefox-Spdy: h2
1.bp.blogspot.com/-saD4uFlCwYs/YHXMciFnZfI/AAAAAAAADFI/e0G_TPp6OeYOpKyb5bbu2SXNNMaNJxgLQCK4BGAYYCw/s150/%25D9%2583%25D9%2588%25D8%25B1%25D8%25A9%2B%25D9%2584%25D8%25A7%25D9%258A%25D9%2581.jpg
142.250.74.65200 OK 3.5 kB URL HTTP/2 1.bp.blogspot.com/-saD4uFlCwYs/YHXMciFnZfI/AAAAAAAADFI/e0G_TPp6OeYOpKyb5bbu2SXNNMaNJxgLQCK4BGAYYCw/s150/%25D9%2583%25D9%2588%25D8%25B1%25D8%25A9%2B%25D9%2584%25D8%25A7%25D9%258A%25D9%2581.jpg
IP 142.250.74.65:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 150x56, components 3\012- data
Hash f1f3593ee35f8795aa87b5a88196a922
40fbff945641a6d1d019ea4444bc79c40a947039
ef03f869e3c8eb4808002260195b6990be66e196cd418731cc4fed7346a38947
GET /-saD4uFlCwYs/YHXMciFnZfI/AAAAAAAADFI/e0G_TPp6OeYOpKyb5bbu2SXNNMaNJxgLQCK4BGAYYCw/s150/%25D9%2583%25D9%2588%25D8%25B1%25D8%25A9%2B%25D9%2584%25D8%25A7%25D9%258A%25D9%2581.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="____ ____.jpg";filename*=UTF-8''%D9%83%D9%88%D8%B1%D8%A9%20%D9%84%D8%A7%D9%8A%D9%81.jpg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3451
x-xss-protection: 0
date: Fri, 09 Dec 2022 14:14:12 GMT
expires: Fri, 02 Dec 2022 14:30:52 GMT
cache-control: public, max-age=86400, no-transform
age: 5110
etag: "vc53"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1kora.koooora-live.com/p/bein-sport-max1.html?m=1
142.250.74.19200 OK 7.9 kB URL HTTP/2 1kora.koooora-live.com/p/bein-sport-max1.html?m=1
IP 142.250.74.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9624)
Hash 2ecd8436bc7c5b10ed91d3ac759a5090
371ff85c1eb422493cd4c410d308ef0e0e7091c8
2b4ffbeb1b9d42e32ff801bfeabdc07b68658e4250a3333c7d2d4f97b588db7e
GET /p/bein-sport-max1.html?m=1 HTTP/1.1
Host: 1kora.koooora-live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/2022/12/croatia-vs-brazil.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-robots-tag: nofollow,noindex
content-type: text/html; charset=UTF-8
expires: Fri, 09 Dec 2022 15:39:22 GMT
date: Fri, 09 Dec 2022 15:39:22 GMT
cache-control: private, max-age=0
last-modified: Fri, 09 Dec 2022 15:39:01 GMT
etag: W/"e37e2096a78edec7caaa357d00c82597b2324881adf3edcf4a828b9fab877863"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 7923
server: GSE
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 34da737f5d8fab7415ab2d552058d653
2e28de807960cde0030e68b4f468aaeecd1b533f
bbd3063026b41b4487911d85977a7dfe8e0f62f93a48cedad2ce2448f28e2cf0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tg1.modoro360.com/api/adserver/spt?AV_TAGID=63033820c522981be045eb94&AV_PUBLISHERID=6301deeaa893c81325025604
95.101.10.91200 OK 6.4 kB URL HTTP/1.1 tg1.modoro360.com/api/adserver/spt?AV_TAGID=63033820c522981be045eb94&AV_PUBLISHERID=6301deeaa893c81325025604
IP 95.101.10.91:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2004)
Hash c49dd6f883aea3149a93e88580de84fb
5693a7101120d09721608372e43f774fc1f54411
9e1fdae474ceed7bab3aeb463051ba6b06f04cf9a813ada1ef59cd9a7e6b32db
GET /api/adserver/spt?AV_TAGID=63033820c522981be045eb94&AV_PUBLISHERID=6301deeaa893c81325025604 HTTP/1.1
Host: tg1.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS, INDEX
Access-Control-Allow-Headers: Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Content-Length: 6395
Cache-Control: max-age=300
Expires: Fri, 09 Dec 2022 15:44:22 GMT
Date: Fri, 09 Dec 2022 15:39:22 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 95e9ab32c2362e0fb3fa1535fa64bc4b
e3d264cee001b48ca418d5c83b861e0c7e8e75a4
d6708b88df61985bd15ffdea3f9c8a3038689ef041edcb388e57d99e7d887bf2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3458
Cache-Control: max-age=97639
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:22 GMT
Etag: "6392238f-117"
Expires: Sat, 10 Dec 2022 18:46:41 GMT
Last-Modified: Thu, 08 Dec 2022 17:49:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
live.demand.supply/e/e.js?e=ll&d=172&cs=c&dsReferer=MWtvcmEua29vb29yYS1saXZlLmNvbS8yMDIyLzEyL2Nyb2F0aWEtdnMtYnJhemlsLmh0bWw=
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/e/e.js?e=ll&d=172&cs=c&dsReferer=MWtvcmEua29vb29yYS1saXZlLmNvbS8yMDIyLzEyL2Nyb2F0aWEtdnMtYnJhemlsLmh0bWw=
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /e/e.js?e=ll&d=172&cs=c&dsReferer=MWtvcmEua29vb29yYS1saXZlLmNvbS8yMDIyLzEyL2Nyb2F0aWEtdnMtYnJhemlsLmh0bWw= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:22 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
x-nf-request-id: 01GFVMQDJXCA82YHZ3YFENZV1G
cf-cache-status: HIT
age: 1648593
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ed54c7e57b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/x/e.js?ce=od&pp=DIV&dsReferer=MWtvcmEua29vb29yYS1saXZlLmNvbS8yMDIyLzEyL2Nyb2F0aWEtdnMtYnJhemlsLmh0bWw=
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/x/e.js?ce=od&pp=DIV&dsReferer=MWtvcmEua29vb29yYS1saXZlLmNvbS8yMDIyLzEyL2Nyb2F0aWEtdnMtYnJhemlsLmh0bWw=
IP 104.16.133.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /x/e.js?ce=od&pp=DIV&dsReferer=MWtvcmEua29vb29yYS1saXZlLmNvbS8yMDIyLzEyL2Nyb2F0aWEtdnMtYnJhemlsLmh0bWw= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:22 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
etag: "8a9dc9c7d095d16caa762d82212746e7-ssl"
x-nf-request-id: 01GFVMQDJKS788VX0BZZFVFMFR
cf-cache-status: HIT
age: 1648593
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ed54cae8ab4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 39f7a852bbae05f09dc53ef10c0d1160
d57c5d32435b7f3d28a09b8d9c6dc74c69137f90
3eb99977809e58f9babd580d0c58bccbf19b3056a885fe90ae3dcc4fcf9424a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
player.avplayer.com/script/2/v/avcplayer.js
95.101.10.171200 OK 61 kB URL HTTP/2 player.avplayer.com/script/2/v/avcplayer.js
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9dff0335699f04080269947f40c366ae
8447df4f8b168d9c506630f96ef95002c2c6eb28
157b5912ad26a879f38d0dafb1fce2def6df3168a08f991d6203463375fa32fc
GET /script/2/v/avcplayer.js HTTP/1.1
Host: player.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtZ2x7QcCjowFwcgLYXUBzUI8DF40J2wcIgC0alJF1a4mWq2YhfFMaDZbLWP1fid-4S0D62yU8xaNB8EJY5KJRnvrlX0A
last-modified: Thu, 03 Mar 2022 17:18:44 GMT
etag: "9dff0335699f04080269947f40c366ae"
x-goog-generation: 1646327924579580
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 61326
content-type: application/javascript
content-encoding: gzip
content-language: en
x-goog-hash: crc32c=DITkQg==, md5=nf8DNWmfBAgCaZR/QMNmrg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 61326
server: UploadServer
unused62: 8096267
cache-control: public, max-age=300
expires: Fri, 09 Dec 2022 15:44:23 GMT
date: Fri, 09 Dec 2022 15:39:23 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=63033820c522981be045eb94&pid=6301deeaa893c81325025604&cid=630336c8a7daf57186436eb6&AV_TEMPID=6192229fa59e3976bb4400aa&AV_PUBLISHERID=6301deeaa893c81325025604
95.101.10.130200 OK 667 B URL HTTP/2 feed.avplayer.com/backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=63033820c522981be045eb94&pid=6301deeaa893c81325025604&cid=630336c8a7daf57186436eb6&AV_TEMPID=6192229fa59e3976bb4400aa&AV_PUBLISHERID=6301deeaa893c81325025604
IP 95.101.10.130:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with very long lines (4920), with no line terminators
Hash ea8fd3815b8eb55245e7f84a0c5ab84a
35d23258eaa2dca6afa65ee5a709b0070d244099
7f5098cc0dfad55196deee30e6b2009b372eecaaba363cb1130bdd531838b60e
GET /backend/get?cmsType=playlist&id=631a2480b3d08269680f4be2&AV_TAGID=63033820c522981be045eb94&pid=6301deeaa893c81325025604&cid=630336c8a7daf57186436eb6&AV_TEMPID=6192229fa59e3976bb4400aa&AV_PUBLISHERID=6301deeaa893c81325025604 HTTP/1.1
Host: feed.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
content-type: application/json; charset=utf-8
x-powered-by: PHP/8.1.12
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-envoy-upstream-service-time: 19
vary: Accept-Encoding
content-encoding: gzip
cache-control: private, max-age=3600
expires: Fri, 09 Dec 2022 16:39:23 GMT
date: Fri, 09 Dec 2022 15:39:23 GMT
content-length: 667
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 15:07:55 GMT
age: 1888
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=992700647619643418&zx=7beab03b-a30b-44df-9fcc-85958564008b
142.250.74.73200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=992700647619643418&zx=7beab03b-a30b-44df-9fcc-85958564008b
IP 142.250.74.73:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=992700647619643418&zx=7beab03b-a30b-44df-9fcc-85958564008b HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 15:39:23 GMT
last-modified: Fri, 09 Dec 2022 15:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 39f7a852bbae05f09dc53ef10c0d1160
d57c5d32435b7f3d28a09b8d9c6dc74c69137f90
3eb99977809e58f9babd580d0c58bccbf19b3056a885fe90ae3dcc4fcf9424a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6419
Cache-Control: max-age=155671
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:23 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:53:54 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 8edba3e553d0576c0766be0886cc724e
599210eeecc28f2f023865e16c0bf675533e83ab
6244d2e487cb34f8a150cc03435cdccfdaa4e013f0f17fbfa4d4735a61208b57
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=130443
Date: Fri, 09 Dec 2022 15:39:23 GMT
Etag: "63929b03-1d7"
Expires: Sun, 11 Dec 2022 03:53:26 GMT
Last-Modified: Fri, 09 Dec 2022 02:18:43 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Qr3ZGZZT3wVYuGQ75r3ncvT-Mpj1OKOw-AC5DFQmbu_JnkSpcApQNw==
Age: 5683
content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
69.16.175.10200 OK 17 kB URL HTTP/1.1 content1.avplayer.com/60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg
IP 69.16.175.10:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.18.100", baseline, precision 8, 640x360, components 3\012- data
Hash 0ee97d2dcd219d582aee0cecbb70cafd
16ba027494a626e2cec019fed6af4e257c041fcf
9f66145fbaf681859fb04fc4cdedf358806d85dd27355199545b97db90d48829
GET /60095c900c0799791c46d8d4/videos/631a0c74c080af4ad20201d2/large-poster.jpg HTTP/1.1
Host: content1.avplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:39:23 GMT
Connection: Keep-Alive
Content-Length: 16959
Content-Type: image/jpeg
Last-Modified: Thu, 08 Sep 2022 15:38:37 GMT
Accept-Ranges: bytes
X-GUploader-UploadID: ADPycdsQvDo1RAAa45TzsCytmQBByUwQekZwUpeuPeieh2Xsn8s7Ds7GATKbUi8Qg8jLm7qiuRrOpfw6II4y6zEFlQ42RcpJm5jg
ETag: "0ee97d2dcd219d582aee0cecbb70cafd"
x-goog-generation: 1662651517684609
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 16959
x-goog-hash: crc32c=SZ/7Cg==, md5=Dul9Lc0hnVgq7gzsu3DK/Q==
x-goog-storage-class: STANDARD
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, range
Server: UploadServer
X-HW: 1670600363.dop229.sk1.t,1670600363.cds221.sk1.shn,1670600363.dop229.sk1.t,1670600363.cds262.sk1.c
Cache-Control: public, max-age=2592000
1kora.koooora-live.com/p/max1.html
142.250.74.19200 OK 114 kB URL HTTP/2 1kora.koooora-live.com/p/max1.html
IP 142.250.74.19:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (33026)
Size 114 kB (113501 bytes)
Hash 8fa590f0a1813aefdb86e9d35cac129e
dc7ef1def6b5337f9fd9b3975bb4cd3cafff8f9b
4c1f9143691d2324d67c355bc0a6c52133e07fd85f5a2f2186f982d58acc48db
GET /p/max1.html HTTP/1.1
Host: 1kora.koooora-live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/p/bein-sport-max1.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-robots-tag: nofollow,noindex
content-type: text/html; charset=UTF-8
expires: Fri, 09 Dec 2022 15:39:23 GMT
date: Fri, 09 Dec 2022 15:39:23 GMT
cache-control: private, max-age=0
last-modified: Fri, 09 Dec 2022 15:17:57 GMT
etag: W/"fae7c116001bd2c37ba9e92db27a40889b11d5b47f1d2246ec98581066fe7422"
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 113501
server: GSE
X-Firefox-Spdy: h2
servt.modoro360.com/track?pid=6301deeaa893c81325025604&cid=630336c8a7daf57186436eb6&cb=1670600361980&r=1kora.koooora-live.com&stagid=63033820c522981be045eb94&stplid=6192229fa59e3976bb4400aa&d35=&d65=Test1&d66=7&e=playerLoaded
34.195.251.147200 OK 0 B URL HTTP/2 servt.modoro360.com/track?pid=6301deeaa893c81325025604&cid=630336c8a7daf57186436eb6&cb=1670600361980&r=1kora.koooora-live.com&stagid=63033820c522981be045eb94&stplid=6192229fa59e3976bb4400aa&d35=&d65=Test1&d66=7&e=playerLoaded
IP 34.195.251.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?pid=6301deeaa893c81325025604&cid=630336c8a7daf57186436eb6&cb=1670600361980&r=1kora.koooora-live.com&stagid=63033820c522981be045eb94&stplid=6192229fa59e3976bb4400aa&d35=&d65=Test1&d66=7&e=playerLoaded HTTP/1.1
Host: servt.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:23 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 8d4c24db639beda2797fd91918113fc7
bb9ccfd3cd88add9a45627546c847e0e9ba7f61e
a425bbe3e5b085725c985a04eb884a1d3fd91ef9813ac19d8f78e9a2fe2ffe76
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:39:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Dec 2022 07:03:28 GMT
Expires: Fri, 16 Dec 2022 07:03:27 GMT
Etag: "bb9ccfd3cd88add9a45627546c847e0e9ba7f61e"
Cache-Control: max-age=573243,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776ed54f1f8b0afa-OSL
player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6301deeaa893c81325025604
2.18.173.99200 OK 116 kB URL HTTP/2 player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=6301deeaa893c81325025604
IP 2.18.173.99:0
File type Unicode text, UTF-8 text, with very long lines (24431), with LF, NEL line terminators
Size 116 kB (116427 bytes)
Hash 5648139f7b5a48bcb4cea1d2ffeeead0
a2343a60b87b275a656f5f4070b1a15f5291d03f
e5a50f577b212cfec99d6a32c94daa08fc7ad464dc2e21c73444c7753427ab82
GET /script/6.1/AVmanager.js?v=1.0&type=s&pid=6301deeaa893c81325025604 HTTP/1.1
Host: player.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduEmvxUwTIAujhfc1S4Pp8Ry3PCsNrs8jmOfYCEL0A0uM8CyhV-l-N54Y-z3reSvhoae6MQM873fwM9Yj9DMXkpzg
last-modified: Sun, 04 Dec 2022 11:44:22 GMT
etag: "5648139f7b5a48bcb4cea1d2ffeeead0"
x-goog-generation: 1670154262270598
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 116427
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=iXwvkA==, md5=VkgTn3taSLy0zqHS/+7q0A==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 116427
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
cache-control: public, max-age=600
expires: Fri, 09 Dec 2022 15:49:23 GMT
date: Fri, 09 Dec 2022 15:39:23 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
141.95.4.200200 OK 15 kB URL HTTP/1.1 storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
IP 141.95.4.200:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 7bf4f6782dee3b520a65ff84286e3691
f3d9a3c61e38006d07e182939838e4673e32805e
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
GET /v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico HTTP/1.1
Host: storage.de.cloud.ovh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Length: 15086
Accept-Ranges: bytes
Last-Modified: Sun, 31 Jan 2021 12:57:34 GMT
Etag: 7bf4f6782dee3b520a65ff84286e3691
X-Timestamp: 1612097853.12655
Content-Type: image/x-icon
X-Trans-Id: tx7e775c29474f4ef88a18d-00639356ab
X-Openstack-Request-Id: tx7e775c29474f4ef88a18d-00639356ab
Date: Fri, 09 Dec 2022 15:39:23 GMT
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fb8568d1b03d4cd2cc7f423aef817e2e
6a1f75627351f8adae5f4f40d85dc91b4ac6b3d5
b40d4018a0f0692d5847ec8d8f1d2a5a34c2c9ddafa7f28632aab373eeb6f5e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f7aef7109978f8c1c53298563756a403
d610bb812b080710945dd47f9cccd794af9fe2f7
6366bc97e3f9ac9a6e8a294da60f2d961d2106180fd8ffaae97bc82ea399edb9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 09 Dec 2022 15:34:02 GMT
expires: Fri, 09 Dec 2022 17:34:02 GMT
cache-control: public, max-age=7200
age: 321
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.71.202.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.71.202.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qc57R3QzhrfvGbVaKFUxmw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: by2uxQY4vHptHSMZ1qdqyIXO/YQ=
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (40253)
Hash cd91a1fd2b9bfe67d515cc36b3c34903
7f8286b85da37718308c6c0cd6608df953fbed5d
e6099f220b91443cb5a9123857f74574f2bab9bf5afc00de0bc59e44cb5f42a5
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27542
date: Fri, 09 Dec 2022 15:39:23 GMT
expires: Fri, 09 Dec 2022 15:39:23 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1416 / 89 of 1000 / last-modified: 1670587517"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 681 B IP 142.250.74.131:0
Hash efae4fefee2e0835a31c7303e3308c76
31cf0b8060c3ae58fe5f70e563d5862e267c1e00
83601ea186c0eeff1e8ab34a830f967ee638ce44b354adc900a75411227eab32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/-H2NcqSuGwaI/X7wouN-VNvI/AAAAAAAAZdM/j1FtKpGqaz8htKcymV0DSQPJpyps0dxcACLcBGAsYHQ/s0/b.jpg
142.250.74.97403 Forbidden 881 B URL HTTP/2 lh3.googleusercontent.com/-H2NcqSuGwaI/X7wouN-VNvI/AAAAAAAAZdM/j1FtKpGqaz8htKcymV0DSQPJpyps0dxcACLcBGAsYHQ/s0/b.jpg
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1644), with CRLF, LF line terminators
Hash a9efb839f495d81d28f065679eb7fe50
6b442e2e6b9157f10920fdda29a25e9ac8fd6dce
e891ca9c00fda050fdcf83efd19c0c65b19b5d0f4359daf3b8cc0eeadf9474b1
GET /-H2NcqSuGwaI/X7wouN-VNvI/AAAAAAAAZdM/j1FtKpGqaz8htKcymV0DSQPJpyps0dxcACLcBGAsYHQ/s0/b.jpg HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 09 Dec 2022 15:39:23 GMT
server: fife
cache-control: private
content-length: 881
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
servt.modoro360.com/track?r=1kora.koooora-live.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.66&apppkg=&fv=3&proto=https&d65=Test1&clsid=9c53df3a-a459-45f6-aefa-b3235e8f9f52&rando=36&pid=6301deeaa893c81325025604&cid=630336c8a7daf57186436eb6&stagid=63033820c522981be045eb94&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=0&cb=1670600362601
34.195.251.147200 OK 0 B URL HTTP/2 servt.modoro360.com/track?r=1kora.koooora-live.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.66&apppkg=&fv=3&proto=https&d65=Test1&clsid=9c53df3a-a459-45f6-aefa-b3235e8f9f52&rando=36&pid=6301deeaa893c81325025604&cid=630336c8a7daf57186436eb6&stagid=63033820c522981be045eb94&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=0&cb=1670600362601
IP 34.195.251.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track?r=1kora.koooora-live.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.66&apppkg=&fv=3&proto=https&d65=Test1&clsid=9c53df3a-a459-45f6-aefa-b3235e8f9f52&rando=36&pid=6301deeaa893c81325025604&cid=630336c8a7daf57186436eb6&stagid=63033820c522981be045eb94&stplid=6192229fa59e3976bb4400aa&e=inventory&vi=0&cb=1670600362601 HTTP/1.1
Host: servt.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:23 GMT
content-length: 0
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
1kora.koooora-live.com/favicon.ico
142.250.74.19200 OK 622 B URL HTTP/2 1kora.koooora-live.com/favicon.ico
IP 142.250.74.19:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 7b6ae7b5466f987cdd5bdaa1aa28fcea
785fb14a2d4cc8be193d873d0dd1544378f1bb58
1a8fbf80184d723f3b7b44d188adecf3eeee93431c590f7bd6dce1132a4273b5
GET /favicon.ico HTTP/1.1
Host: 1kora.koooora-live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/2022/12/croatia-vs-brazil.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
expires: Fri, 09 Dec 2022 15:39:23 GMT
date: Fri, 09 Dec 2022 15:39:23 GMT
cache-control: private, max-age=86400
last-modified: Fri, 09 Dec 2022 15:26:18 GMT
etag: W/"1ca19ab1310622a3a871337f1c2f9650dc8fb71540fb14a814c89688851d4ec6"
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 622
server: GSE
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2556512b197b09798af71bea10bb4bbb
23b647aca5f8294ae82fa8cc7e2215ebe3347b60
3b5bd592342d978bcf8919d1a1e2f87295e2e4af5b5b266e6017b7a25725d08d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 79e4dcf1ddb7714bdb31f112b08b4542
67bb3241efc1c520ee61c3bbca2d545bf686b7c0
c4268247be47518955219257b3c56a38024b7b10a61a01b83dae85c6b345dcbd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4268247BE47518955219257B3C56A38024B7B10A61A01B83DAE85C6B345DCBD"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16910
Expires: Fri, 09 Dec 2022 20:21:13 GMT
Date: Fri, 09 Dec 2022 15:39:23 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fb8568d1b03d4cd2cc7f423aef817e2e
6a1f75627351f8adae5f4f40d85dc91b4ac6b3d5
b40d4018a0f0692d5847ec8d8f1d2a5a34c2c9ddafa7f28632aab373eeb6f5e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCxTV76f2-44u_WiKsWvsFR30lu-i1JJqL53uJxtkXvjAqHoimaZPsLcfjIL_X9tuHeqZO8rxRYW7QmRG0TV15fPBklh9EZCv7QTokg6U9nMbSb4R02DiI4y1PDfanFHw3I5wkB2S-Y5J1HO_9Vy5BfLdeymlSM5z9KJj1FmqS4RLkolqN2Os3ZRn-Ww/w640-h426/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%20%D9%88%D9%83%D8%B1%D9%88%D8%A7%D8%AA%D9%8A%D8%A7%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE%209-12-2022%20%D9%83%D8%A3%D8%B3%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%202022.jpg
142.250.74.97200 OK 14 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCxTV76f2-44u_WiKsWvsFR30lu-i1JJqL53uJxtkXvjAqHoimaZPsLcfjIL_X9tuHeqZO8rxRYW7QmRG0TV15fPBklh9EZCv7QTokg6U9nMbSb4R02DiI4y1PDfanFHw3I5wkB2S-Y5J1HO_9Vy5BfLdeymlSM5z9KJj1FmqS4RLkolqN2Os3ZRn-Ww/w640-h426/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%20%D9%88%D9%83%D8%B1%D9%88%D8%A7%D8%AA%D9%8A%D8%A7%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE%209-12-2022%20%D9%83%D8%A3%D8%B3%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%202022.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 600x400, components 3\012- data
Hash 08df26c8cd998959862ec7e5b7d6f033
c7fbeac2806bddf999a8cc4600e6254b4af9d01f
2307a78ef8c2d5869fbec079e9494b0745bbf9263b4789bb9805daf1b3cab263
GET /img/b/R29vZ2xl/AVvXsEiCxTV76f2-44u_WiKsWvsFR30lu-i1JJqL53uJxtkXvjAqHoimaZPsLcfjIL_X9tuHeqZO8rxRYW7QmRG0TV15fPBklh9EZCv7QTokg6U9nMbSb4R02DiI4y1PDfanFHw3I5wkB2S-Y5J1HO_9Vy5BfLdeymlSM5z9KJj1FmqS4RLkolqN2Os3ZRn-Ww/w640-h426/%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%20%D9%88%D9%83%D8%B1%D9%88%D8%A7%D8%AA%D9%8A%D8%A7%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE%209-12-2022%20%D9%83%D8%A3%D8%B3%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%202022.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7f7"
expires: Sat, 10 Dec 2022 15:39:23 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="______ ______ ________ ________ _____ ______ 9-12-2022 ___ ______ 2022.jpg";filename*=UTF-8''%D9%85%D8%B4%D8%A7%D9%87%D8%AF%D8%A9%20%D9%85%D8%A8%D8%A7%D8%B1%D8%A7%D8%A9%20%D8%A7%D9%84%D8%A8%D8%B1%D8%A7%D8%B2%D9%8A%D9%84%20%D9%88%D9%83%D8%B1%D9%88%D8%A7%D8%AA%D9%8A%D8%A7%20%D8%A7%D9%84%D9%8A%D9%88%D9%85%20%D8%A8%D8%AA%D8%A7%D8%B1%D9%8A%D8%AE%209-12-2022%20%D9%83%D8%A3%D8%B3%20%D8%A7%D9%84%D8%B9%D8%A7%D9%84%D9%85%202022.jpg
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 15:39:23 GMT
server: fife
content-length: 14062
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 864 B IP 142.250.74.131:0
Hash ab65e9d585be20bb3f5cbd497b5a4449
239078b9e40e6522be7c730d2b163d0b39e6d862
169f61e0d62bf9be38400bc1c79515d8db82beb3dcf9c69441fc2d3c7ee5d46a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=1kora.koooora-live.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=1kora.koooora-live.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=1kora.koooora-live.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 09 Dec 2022 15:39:24 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=1kora.koooora-live.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=1kora.koooora-live.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=1kora.koooora-live.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 09 Dec 2022 15:39:24 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 48487c86e61361cb1055f9ab315d3b4e
8bb6ce1c9bbd0315b9bf8173ba6d2c21f2c120ef
9899e720c3cf6f0b777190c161de072637351830d45236355ae08db668a98eba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5496e18a30e039b44989d9a0e932d4bc
c5bfb1b9ce711e38d69e78486017f07cc47fe04a
26a3ad286e479cdabfcbb5a9d3fada211c73650628a35c80944b0e7e8aad27e0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
216.58.207.193200 OK 2.7 kB URL HTTP/2 796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Fri, 09 Dec 2022 15:39:24 GMT
expires: Sat, 09 Dec 2023 15:39:24 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
2.18.173.99200 OK 56 kB URL HTTP/2 player.aniview.com/script/6.1/libs/prebid/avpb7.12.0.js
IP 2.18.173.99:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 311c348753cb3987619bfca54c2e12b3
9594747797fde2b422ebb18e6ba36a69773f0930
3f0b031837e50ba0616eec8bed006c7ab3f7402c7431d33fa95bf97b14ced9b2
GET /script/6.1/libs/prebid/avpb7.12.0.js HTTP/1.1
Host: player.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsVRA3PJ-fJQIaQjZRQYCe_ZDa9_dKaUSy43DLdEU-l281k5kTELGCihMo7B9_VD00RoI1yuEJo1brqeLjlINA45g
last-modified: Sun, 04 Dec 2022 11:44:22 GMT
etag: "311c348753cb3987619bfca54c2e12b3"
x-goog-generation: 1670154262795348
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 55951
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=u0N1Sg==, md5=MRw0h1PLOYdhm/ylTC4Ssw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 55951
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
cache-control: public, max-age=600
expires: Fri, 09 Dec 2022 15:49:24 GMT
date: Fri, 09 Dec 2022 15:39:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a3.js
2.18.173.99200 OK 20 kB URL HTTP/2 player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a3.js
IP 2.18.173.99:0
File type ASCII text, with very long lines (63741), with no line terminators
Hash c8b3b84d9929d4659ba5739c95a2f0e2
e985e08cc9ad76797f8bb94dad70a8954a43dc6a
e4a8ea6dc83dfe6187a6289c470651da18d27458ea074b25bdacd9459c17c50f
GET /script/6.1/libs/prebid/avpb7.12.0a3.js HTTP/1.1
Host: player.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycduli99ph2ktAxVeRicc4DAwA1A1kGo-mp3wVDMLeskwaAdYvx-wTHG8_Wj8zRZ8LX89k5Ym5TURWk_92ZKSlVI9Dx5kyom_
last-modified: Sun, 04 Dec 2022 11:44:23 GMT
etag: "c8b3b84d9929d4659ba5739c95a2f0e2"
x-goog-generation: 1670154262956734
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 19946
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=VrgRpw==, md5=yLO4TZkp1GWbpXOclaLw4g==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 19946
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
cache-control: public, max-age=600
expires: Fri, 09 Dec 2022 15:49:24 GMT
date: Fri, 09 Dec 2022 15:39:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D
2.18.172.200200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=127816
expires: Sun, 11 Dec 2022 03:09:40 GMT
date: Fri, 09 Dec 2022 15:39:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a6.js
2.18.173.99200 OK 16 kB URL HTTP/2 player.aniview.com/script/6.1/libs/prebid/avpb7.12.0a6.js
IP 2.18.173.99:0
File type ASCII text, with very long lines (53988), with no line terminators
Hash 44ae0143a6eccaddfec5cb1ceb79da43
4d5def8eba23f07f090f5b21574ff90921c60c34
3b72644c82c9f804f504abacef190076eb70f6d403a3f2cacba4916ecb883774
GET /script/6.1/libs/prebid/avpb7.12.0a6.js HTTP/1.1
Host: player.aniview.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtflI5dAOTnYCZdNsuh8YBRW--sjLblQ2lySKC_rk2oUUFsKgDUyQzgYa-10jnJ-i28e8ci2GucBuAchOCRX7UJtA
last-modified: Sun, 04 Dec 2022 11:44:23 GMT
etag: "44ae0143a6eccaddfec5cb1ceb79da43"
x-goog-generation: 1670154262970558
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 16350
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=73kp9A==, md5=RK4BQ6bsyt3+xcsc63naQw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 16350
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
cache-control: public, max-age=600
expires: Fri, 09 Dec 2022 15:49:24 GMT
date: Fri, 09 Dec 2022 15:39:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f8d866c297a9312a63a4a04dea832006
a5f7c9ea8ecdd5d9d302b11fb81b66eae4c45eaf
d9b5f6dceb389692e73f5c7ea9df5c4046799e0d47650eadbabb543a114b910c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9B5F6DCEB389692E73F5C7EA9DF5C4046799E0D47650EADBABB543A114B910C"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11849
Expires: Fri, 09 Dec 2022 18:56:53 GMT
Date: Fri, 09 Dec 2022 15:39:24 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 1c32420e61b49ce2e4823e8cf026ab8d
65b3991345de1b8fbaddca352f370d880c1e1b43
dcd429e4f2c0c5b63ea3379f70536f91350c9719fb82ef369cd543fd3c26fbf4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:39:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 01:55:53 GMT
Expires: Wed, 14 Dec 2022 01:55:52 GMT
Etag: "65b3991345de1b8fbaddca352f370d880c1e1b43"
Cache-Control: max-age=381987,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776ed554fd080afa-OSL
csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%7Bdevice_id%7D
35.214.223.115307 Temporary Redirect 0 B URL HTTP/2 csync.loopme.me/?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%7Bdevice_id%7D
IP 35.214.223.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pubid=11455&gdpr=1&gdpr_consent=&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%7Bdevice_id%7D HTTP/1.1
Host: csync.loopme.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
set-cookie: viewer_token=20c2e1f1-8c91-491b-98b5-306530c87aa6; path=/; domain=csync.loopme.me; secure; HttpOnly; Expires=Thu, 09-Mar-2023 15:39:24 GMT; SameSite=None
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1670600364046-967178969507-006345-009-002829&key=20c2e1f1-8c91-491b-98b5-306530c87aa6&gdpr_consent=null&gdpr=1
content-length: 0
date: Fri, 09 Dec 2022 15:39:24 GMT
server: _
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash db42f7db087ffb56bcc4231ae89052e1
cacf8c067a6a27b42ca8a8c184c093afe4b50f70
bea1a512b8fa112bc5f9a278ec52c6b70dff895766f7746af933981e5b9918a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4990
Cache-Control: max-age=122944
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Etag: "6392806e-138"
Expires: Sun, 11 Dec 2022 01:48:28 GMT
Last-Modified: Fri, 09 Dec 2022 00:25:18 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 312
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9dfb6f98524703cb28aa777c06f8307d
0259f1b07774b87d9bf5d69228f549946a1dd747
7b5ecd4e9bf216f4c71747b9eab5f135a610972adeb28d4f61118fab6decc065
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:39:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:56:48 GMT
Expires: Tue, 13 Dec 2022 13:56:47 GMT
Etag: "0259f1b07774b87d9bf5d69228f549946a1dd747"
Cache-Control: max-age=338842,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776ed5553d940afa-OSL
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash c847d1a84e3415b57f545523f1b0d222
c3963484143b19cddf2bd87d3c74672d5e38146d
78e3df650e947922d17f4bc3746d00380e26ecd7a0e68f5431c1c8c95d4d560e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 15:39:24 GMT
Last-Modified: Fri, 09 Dec 2022 14:01:39 GMT
Server: ECS (nyb/1D18)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Pi2FFKyhMhYhzJYFX6cBrMo_0SLK2Cq5DKSA6UXfs3E7_bCtgmFb1g==
Age: 5865
x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670600364046-967178969507-006345-009-002829%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
3.64.108.88200 OK 43 B URL HTTP/2 x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670600364046-967178969507-006345-009-002829%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1---
IP 3.64.108.88:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670600364046-967178969507-006345-009-002829%26biddername%3D24%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BBSW_UUID%7D?gdpr=1&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:24 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5ab7393567c56be79a731bd743dbb79b
20ce9048024b9970ae0242251cb71878c70c978f
02089f69d2754ed78072045a5d9dd78eb0e59c1b493c8d6bf29f4708711ae90d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5724
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Last-Modified: Fri, 09 Dec 2022 14:04:00 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%7BPUB_USER_ID%7D
3.67.173.231302 Found 0 B URL HTTP/2 ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%7BPUB_USER_ID%7D
IP 3.67.173.231:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 09 Dec 2022 15:39:24 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=963e4122-6332-41ab-a846-ecabcdfa3376; Expires=Thu, 09 Mar 2023 15:39:24 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1670600364; Expires=Thu, 09 Mar 2023 15:39:24 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d643e5897a58a331e34df081ee65199f
f1f3a6681b624c7a807c609d03b96c5ead929fb0
bad01d3f637f732185a10b237aafa90f004e328f3bb2a560116dca536f6118a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4474
Cache-Control: max-age=92511
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Etag: "63920b91-1d7"
Expires: Sat, 10 Dec 2022 17:21:15 GMT
Last-Modified: Thu, 08 Dec 2022 16:06:41 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 49cea5c9c728417c1053379df6f29783
5af4586b2cd4fc46b3bc40c25c9df169396d006d
b6e4995f12e9e7a0a03a21149f6e2bda28c7b6f32781b763aef5c0d9276dc77f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 09 Dec 2022 15:39:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 08 Dec 2022 21:12:05 GMT
Expires: Fri, 09 Dec 2022 21:12:05 GMT
ETag: "5af4586b2cd4fc46b3bc40c25c9df169396d006d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58543/occ?gdpr=1&gdpr_consent= HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Dec 2022 15:39:24 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
age: 0
server: ATS/9.1.10.25
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%7BPUB_USER_ID%7D
3.67.173.231200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%7BPUB_USER_ID%7D
IP 3.67.173.231:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1kora.koooora-live.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:24 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
serv.modoro360.com/api/adserver/tag/?AV_TAGID=63033820c522981be045eb94&AV_PUBLISHERID=6301deeaa893c81325025604&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2F1kora.koooora-live.com%2F2022%2F12%2Fcroatia-vs-brazil.html&AV_CHANNELID=630336c8a7daf57186436eb6&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=1kora.koooora-live.com&AV_DADPOS=3&AV_TAG=63033820c522981be045eb94&AV_TEMPLATE=6192229fa59e3976bb4400aa&d36=6.2.66&responsive=1&sver=3&avtoken=362598&omv=1.0.1&AV_D65=Test1&clsid=9c53df3a-a459-45f6-aefa-b3235e8f9f52&rando=36&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1670600362602&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1
34.226.18.170200 OK 4.2 kB URL HTTP/2 serv.modoro360.com/api/adserver/tag/?AV_TAGID=63033820c522981be045eb94&AV_PUBLISHERID=6301deeaa893c81325025604&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2F1kora.koooora-live.com%2F2022%2F12%2Fcroatia-vs-brazil.html&AV_CHANNELID=630336c8a7daf57186436eb6&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=1kora.koooora-live.com&AV_DADPOS=3&AV_TAG=63033820c522981be045eb94&AV_TEMPLATE=6192229fa59e3976bb4400aa&d36=6.2.66&responsive=1&sver=3&avtoken=362598&omv=1.0.1&AV_D65=Test1&clsid=9c53df3a-a459-45f6-aefa-b3235e8f9f52&rando=36&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1670600362602&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1
IP 34.226.18.170:0
Hash e6a240cfe996eb3da5dd8dc03bfaa6e6
e7e2ba78893f2512748a62f1f79b9521c4674dae
2d4ff2cdc6f3c8d9d8c2cb1ed1cd6d9a946f6075003897bb3917791b1ad0cc43
GET /api/adserver/tag/?AV_TAGID=63033820c522981be045eb94&AV_PUBLISHERID=6301deeaa893c81325025604&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2F1kora.koooora-live.com%2F2022%2F12%2Fcroatia-vs-brazil.html&AV_CHANNELID=630336c8a7daf57186436eb6&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=1kora.koooora-live.com&AV_DADPOS=3&AV_TAG=63033820c522981be045eb94&AV_TEMPLATE=6192229fa59e3976bb4400aa&d36=6.2.66&responsive=1&sver=3&avtoken=362598&omv=1.0.1&AV_D65=Test1&clsid=9c53df3a-a459-45f6-aefa-b3235e8f9f52&rando=36&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1670600362602&AV_CGUID=01ftrvrvyj4bm5fq8f05&AV_CGUIDLIST=01ftrvrvyj4bm5fq8f05,01ftrvrvyj4bm5fq8f06,01ftrvrvyj4bm5fq8f04&wfc=1 HTTP/1.1
Host: serv.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:24 GMT
content-type: application/json
vary: Accept-Encoding
set-cookie: aniC=1670600364046-967178969507-006345-009-002829; Expires=Thu, 29-Dec-22 15:39:24 GMT; Max-Age=1728000; Domain=modoro360.com; Path=/; Secure; HttpOnly; SameSite=None
aniC=; Expires=Thu, 29-Dec-22 15:39:24 GMT; Max-Age=1728000; Domain=modoro360.com; Path=/; Secure; HttpOnly; SameSite=None
access-control-allow-credentials: true
access-control-allow-origin: https://1kora.koooora-live.com
expires: Mon, 28 Nov 2022 01:52:44 GMT
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%24UID
216.52.2.39204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%24UID
IP 216.52.2.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Fri, 09 Dec 2022 15:39:24 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap7ams1
onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
51.89.9.251204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
IP 51.89.9.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
d.vidoomy.com/api/rtbserver/prebid/?id=15013&adtype=video&auc=630336c8a7daf57186436eb5%7C6188f6fc4071e35134085f46%7C63690555af49f23bb214a994&w=600&h=338&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&l=en&dt=1&pid=62133&requestId=483fbaff3f19ba8&schain=%5Bobject%20Object%5D&bidfloor=0&d=koooora-live.com&sp=https%253A%252F%252F1kora.koooora-live.com%252F2022%252F12%252Fcroatia-vs-brazil.html&usp=&coppa=false&videoContext=instream
18.185.205.29204 No Content 0 B URL HTTP/2 d.vidoomy.com/api/rtbserver/prebid/?id=15013&adtype=video&auc=630336c8a7daf57186436eb5%7C6188f6fc4071e35134085f46%7C63690555af49f23bb214a994&w=600&h=338&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&l=en&dt=1&pid=62133&requestId=483fbaff3f19ba8&schain=%5Bobject%20Object%5D&bidfloor=0&d=koooora-live.com&sp=https%253A%252F%252F1kora.koooora-live.com%252F2022%252F12%252Fcroatia-vs-brazil.html&usp=&coppa=false&videoContext=instream
IP 18.185.205.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/rtbserver/prebid/?id=15013&adtype=video&auc=630336c8a7daf57186436eb5%7C6188f6fc4071e35134085f46%7C63690555af49f23bb214a994&w=600&h=338&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&l=en&dt=1&pid=62133&requestId=483fbaff3f19ba8&schain=%5Bobject%20Object%5D&bidfloor=0&d=koooora-live.com&sp=https%253A%252F%252F1kora.koooora-live.com%252F2022%252F12%252Fcroatia-vs-brazil.html&usp=&coppa=false&videoContext=instream HTTP/1.1
Host: d.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Dec 2022 15:39:24 GMT
access-control-allow-origin: https://1kora.koooora-live.com
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9dfb6f98524703cb28aa777c06f8307d
0259f1b07774b87d9bf5d69228f549946a1dd747
7b5ecd4e9bf216f4c71747b9eab5f135a610972adeb28d4f61118fab6decc065
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:39:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 13:56:48 GMT
Expires: Tue, 13 Dec 2022 13:56:47 GMT
Etag: "0259f1b07774b87d9bf5d69228f549946a1dd747"
Cache-Control: max-age=338842,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 776ed55538d2b4fd-OSL
sync.technoratimedia.com/services?srv=cs&pid=70&uid=1670600364046-967178969507-006345-009-002829&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%5BUSER_ID%5D
150.136.26.45204 No Content 0 B URL HTTP/2 sync.technoratimedia.com/services?srv=cs&pid=70&uid=1670600364046-967178969507-006345-009-002829&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%5BUSER_ID%5D
IP 150.136.26.45:0
ASN #31898 ORACLE-BMC-31898
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /services?srv=cs&pid=70&uid=1670600364046-967178969507-006345-009-002829&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%5BUSER_ID%5D HTTP/1.1
Host: sync.technoratimedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 09 Dec 2022 15:39:24 GMT
set-cookie: tads_uid=GDPR; Max-Age=157680000; Expires=Wed, 08 Dec 2027 15:39:24 GMT; Path=/; Domain=.technoratimedia.com; Secure; SameSite=None
access-control-allow-origin: https://1kora.koooora-live.com/
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 948837184
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 88ca5bd68e0a4e087b87dc7df2b6ac9f
01e3f6e5889ad92ad1d30006291e524bb1b3f108
93fb9fc55a0e479ec7e629d1d711c3d118a413b6b850c425438998783b42d10d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4685
Cache-Control: max-age=147082
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Etag: "6392dfea-1d7"
Expires: Sun, 11 Dec 2022 08:30:46 GMT
Last-Modified: Fri, 09 Dec 2022 07:12:42 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
x.bidswitch.net/sync?ssp=&user_id=1670600364046-967178969507-006345-009-002829&gdpr=1&gdpr_consent=&us_privacy=1---
3.64.108.88200 OK 43 B URL HTTP/2 x.bidswitch.net/sync?ssp=&user_id=1670600364046-967178969507-006345-009-002829&gdpr=1&gdpr_consent=&us_privacy=1---
IP 3.64.108.88:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?ssp=&user_id=1670600364046-967178969507-006345-009-002829&gdpr=1&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:24 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670600364046-967178969507-006345-009-002829%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
82.145.213.8400 Bad Request 0 B URL HTTP/2 t.adx.opera.com/pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670600364046-967178969507-006345-009-002829%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D
IP 82.145.213.8:0
ASN #39832 Opera Software AS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pub/sync?pubid=d803647ecdd74c26863bfc1198f6567b&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1670600364046-967178969507-006345-009-002829%26biddername%3D128%26pid%3D59c9148628a0612da3689288%26key%3D%24%7BOPERA_UID%7D HTTP/1.1
Host: t.adx.opera.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: Tengine
date: Fri, 09 Dec 2022 15:39:24 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: UID=OPUbf977d8d14e946568a547612304c5e9f; Path=/; Domain=adx.opera.com; Max-Age=31536000; Secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7f699af9ca7843cb9e6a1b7576c2940c
cce981996a863a63f9a8c497fbcebf5eae75607f
1c89b2002df4a7655407dab0a7d4d8bb74a3f8f7ef72d62c649a08a7b6cb64e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/xbbe/pixel?d=CLSPmdgCENe9--oCGMLjl9sBMAE&v=APEucNXEkH-GetAK9QFy_ZE4Y0MTP7a7s5lXa9D2r0E3dbZlU81dSz_6qM8DT8_sL7YWcG6EyK8PAVuZMLpPMvo8PvyvvoAm-k0tNWauaSXEbotaanGxKm1Vv_0D6iPLVuyH-PkPj5gJqzUZSPZbE8Q5IpwLnVjUsFLGE71mI6g66WRjG_0y1goBRtoqS8f--yI6p4CfbyMepkarzE47xCfQFNS3LEaslA
142.250.74.98200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CLSPmdgCENe9--oCGMLjl9sBMAE&v=APEucNXEkH-GetAK9QFy_ZE4Y0MTP7a7s5lXa9D2r0E3dbZlU81dSz_6qM8DT8_sL7YWcG6EyK8PAVuZMLpPMvo8PvyvvoAm-k0tNWauaSXEbotaanGxKm1Vv_0D6iPLVuyH-PkPj5gJqzUZSPZbE8Q5IpwLnVjUsFLGE71mI6g66WRjG_0y1goBRtoqS8f--yI6p4CfbyMepkarzE47xCfQFNS3LEaslA
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CLSPmdgCENe9--oCGMLjl9sBMAE&v=APEucNXEkH-GetAK9QFy_ZE4Y0MTP7a7s5lXa9D2r0E3dbZlU81dSz_6qM8DT8_sL7YWcG6EyK8PAVuZMLpPMvo8PvyvvoAm-k0tNWauaSXEbotaanGxKm1Vv_0D6iPLVuyH-PkPj5gJqzUZSPZbE8Q5IpwLnVjUsFLGE71mI6g66WRjG_0y1goBRtoqS8f--yI6p4CfbyMepkarzE47xCfQFNS3LEaslA HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 15:39:24 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 15:54:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 15:39:24 GMT
cache-control: private
X-Firefox-Spdy: h2
grid.bidswitch.net/adv?auid=375282&u=https%3A%2F%2F1kora.koooora-live.com%2F2022%2F12%2Fcroatia-vs-brazil.html&r=1670600364&gdpr=1&gdpr_consent=&bf=2.25&cbb=600363277
52.28.173.150200 OK 60 B URL HTTP/2 grid.bidswitch.net/adv?auid=375282&u=https%3A%2F%2F1kora.koooora-live.com%2F2022%2F12%2Fcroatia-vs-brazil.html&r=1670600364&gdpr=1&gdpr_consent=&bf=2.25&cbb=600363277
IP 52.28.173.150:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 7814809ea4638c1ddbe3e1cebd8527a8
172c61d6fa135d1ecd783b39fc38a4a37720f2a9
d43319f37d6149f84a8b1c661b446b080d4ce518e7ead74776de1252cabbf3f1
GET /adv?auid=375282&u=https%3A%2F%2F1kora.koooora-live.com%2F2022%2F12%2Fcroatia-vs-brazil.html&r=1670600364&gdpr=1&gdpr_consent=&bf=2.25&cbb=600363277 HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1kora.koooora-live.com/
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:24 GMT
content-type: text/xml; charset=UTF-8;
content-length: 60
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://1kora.koooora-live.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7f699af9ca7843cb9e6a1b7576c2940c
cce981996a863a63f9a8c497fbcebf5eae75607f
1c89b2002df4a7655407dab0a7d4d8bb74a3f8f7ef72d62c649a08a7b6cb64e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
172.217.21.161200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1542)
Hash 6f59900fa87e133bae329372aebefe36
260937d2934233c07b112f3564ec9eca7b529fd7
156c12ec7d6973b5742504716567b70740dd66bee9cc0e1a1608df56e77011fd
GET /pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7480
x-xss-protection: 0
date: Thu, 08 Dec 2022 18:25:11 GMT
expires: Thu, 22 Dec 2022 18:25:11 GMT
cache-control: public, max-age=1209600
age: 76453
etag: 15631949847000551034
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
grid.bidswitch.net/hbjson
52.28.173.150200 OK 48 B URL HTTP/2 grid.bidswitch.net/hbjson
IP 52.28.173.150:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d6b6359ccc5410e1090866088f112dec
d92f5492dcc3f273a3465565f56e66b3feb2b7bc
2567cccfdf05e245ced954474f86fa9850c7f306309ddc5dfcb5b711c95eaf7a
POST /hbjson HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 582
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:24 GMT
content-type: application/json
content-length: 48
access-control-allow-credentials: true
access-control-allow-origin: https://1kora.koooora-live.com
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjn0YzGATAB&v=APEucNU79Po51TaA2o2bitqZuC5s4SMzhu1LHXada-Zd4iKDR6C9msXljVhWaId4XBP9HCogszw_FhqAXIH9rBRsj8rsTGVoeiHCW5smMO2RG_w57lh0wQnsITDs-Aua8zEBu2sCM7kI8_C17R_3ggNzmc1m8t6bKHpvUNoragLdFnWBaK2Yy6zh2ReW2-ZoIWpMbvACeZ9CrSNOBLfe1pRGQcsBcuAUPw
142.250.74.98200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjn0YzGATAB&v=APEucNU79Po51TaA2o2bitqZuC5s4SMzhu1LHXada-Zd4iKDR6C9msXljVhWaId4XBP9HCogszw_FhqAXIH9rBRsj8rsTGVoeiHCW5smMO2RG_w57lh0wQnsITDs-Aua8zEBu2sCM7kI8_C17R_3ggNzmc1m8t6bKHpvUNoragLdFnWBaK2Yy6zh2ReW2-ZoIWpMbvACeZ9CrSNOBLfe1pRGQcsBcuAUPw
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CN-KGhDw3uOiAxjn0YzGATAB&v=APEucNU79Po51TaA2o2bitqZuC5s4SMzhu1LHXada-Zd4iKDR6C9msXljVhWaId4XBP9HCogszw_FhqAXIH9rBRsj8rsTGVoeiHCW5smMO2RG_w57lh0wQnsITDs-Aua8zEBu2sCM7kI8_C17R_3ggNzmc1m8t6bKHpvUNoragLdFnWBaK2Yy6zh2ReW2-ZoIWpMbvACeZ9CrSNOBLfe1pRGQcsBcuAUPw HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 15:39:24 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 15:54:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 15:39:24 GMT
cache-control: private
X-Firefox-Spdy: h2
bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%25%25VGUID%25%25
198.148.27.139302 Found 48 kB URL HTTP/2 bh.contextweb.com/bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%25%25VGUID%25%25
IP 198.148.27.139:0
File type gzip compressed data, max compression\012- data
Hash 0aea457deb170b60b680d7d723b4a6e2
3acbe700c709c2c5c07d6fb145ea7b448cc07a90
86c662679bc2508be7e8064c91055a3c5be7db2c24d58e5f27676f35702ba339
GET /bh/rtset?pid=562704&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D10%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%25%25VGUID%25%25 HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-574cff5bc6-m6x24
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: ccpa=1---;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 08-Jan-2023 15:39:24 GMT;Max-Age=2592000;SameSite=None
V=CdyMGWjfcX10;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Mon, 04-Dec-2023 15:39:24 GMT;Max-Age=31104000;SameSite=None
pb_rtb_ev=3-1hoy|8jz.0.1;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sat, 09-Dec-2023 15:39:24 GMT;Max-Age=31536000;SameSite=None
INGRESSCOOKIE=a8dbe74f64e85fad; path=/; HttpOnly; Secure; SameSite=None
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1670600364046-967178969507-006345-009-002829&key=CdyMGWjfcX10&ev=1&us_privacy=1---&pid=562704
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/dv3.js
142.250.74.34200 OK 27 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/dv3.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (2097)
Hash 6dbb55fbfe1217a7c2b62cd88b589528
a2506eaaf4674cb35a1740c6fb3eb67f4f214fb8
9b38f4ecf6f98cf4d2603c433d848c9cc6134913c6abb91db206b6faed3aa8e8
GET /pagead/js/dv3.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 09 Dec 2022 15:39:24 GMT
expires: Fri, 09 Dec 2022 15:39:24 GMT
cache-control: private, max-age=600
content-type: text/javascript; charset=UTF-8
etag: 15442950961169408521
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 27387
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4592
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 15:39:24 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ce90196ae75bc9f6b6e8de3290c1ac94
89b39a7d23c2bd2663759c08e55e462157015a36
b31ee4687eb79a3980f44bd0ce6796bfa536147a2e07c7ffef9346ca5165c896
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2552
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Last-Modified: Fri, 09 Dec 2022 14:56:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4592
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 15:39:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 81500
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4592
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 15:39:24 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e3b657ebd655fbfa5f10c01c775f2aa0
2478fd171e6791a10d83b2bad9de0165d268db7e
2d91737e61e5338bc24c7df4aa36b1c20d9f79fe8ea4bb4914fd2c15e99a7ee3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:07:07 GMT
age: 41537
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 43058
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06514ce96ae21cb01f526a5febdcbeb4
ebb97e5b97f394e8c67098f55581d5329ce819a2
4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xi-bshsYa4LlKbJgAt0h-lPnB_5uQbqln5JGBRE8io2Fp1y41cS9xg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:08:48 GMT
age: 41436
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 659b6eb1f1c430e2780758c7787b9a23
4792b0893827924e84cc51450012407717da4d2b
f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8345
x-amzn-requestid: 4e42c335-cc27-41bc-8d5c-cbe3dcc1f623
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRBF_gIAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-254d38575d76726a4462c66f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z2JMjvOva19O3uj7la6UmjCpwleEyo3y2IfRCp4qp5iuob0AYN9Mng==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 12:32:24 GMT
age: 11220
etag: "4792b0893827924e84cc51450012407717da4d2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H067kZXU_djWxbWO34bYMqa0xZ-WF9ntEBhZ-kV_TDoJFXQL_J1hqQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:34:27 GMT
age: 43497
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/esp.js
104.22.53.86200 OK 28 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.53.86:0
Hash fa069016a0645817ef25d0c020f5389f
075b28862ddf3f6bacbff2622c088115fb3359d8
7d8aa4595db03a9c94f95509929e0023f0c89159da33d3ceb6c800cb11fd0ffe
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:24 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: br8ocj5fWmQgOqNy/Y5LiIH5q+MAwLmtxoIHmumKrdJnVOflpFk2DrvLlhRMxH1N156iQZCmWrRJmSpedVGlPA==
x-amz-request-id: 9KT5DTFKEWY7HC5S
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
etag: W/"91dadf6b1eddd8d91a5cc2e3be5ea8cf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 3219
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 776ed557afd7b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1670600364046-967178969507-006345-009-002829&key=20c2e1f1-8c91-491b-98b5-306530c87aa6&gdpr_consent=null&gdpr=1
34.192.116.159200 OK 0 B URL HTTP/2 servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1670600364046-967178969507-006345-009-002829&key=20c2e1f1-8c91-491b-98b5-306530c87aa6&gdpr_consent=null&gdpr=1
IP 34.192.116.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1670600364046-967178969507-006345-009-002829&key=20c2e1f1-8c91-491b-98b5-306530c87aa6&gdpr_consent=null&gdpr=1 HTTP/1.1
Host: servs.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1kora.koooora-live.com/
Connection: keep-alive
Cookie: aniC=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:24 GMT
content-length: 0
X-Firefox-Spdy: h2
servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1670600364046-967178969507-006345-009-002829&key=OPTOUT
34.192.116.159200 OK 0 B URL HTTP/2 servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1670600364046-967178969507-006345-009-002829&key=OPTOUT
IP 34.192.116.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1670600364046-967178969507-006345-009-002829&key=OPTOUT HTTP/1.1
Host: servs.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1kora.koooora-live.com/
Connection: keep-alive
Cookie: aniC=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:24 GMT
content-length: 0
set-cookie: 2_C_200=OPTOUT; Path=/; Domain=modoro360.com; Expires=Sat, 10 Dec 2022 15:39:24 GMT; Secure; SameSite=None
2_C_200=OPTOUT; Path=/; Expires=Sat, 10 Dec 2022 15:39:24 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fb44b614b8381a20ddc7cac6e5228f29
b8c381ae5dea1755066f7d450fdc5b7046e5d441
b4ffb9c2ea3aae0c8d2f1d713c10be2d4c008518a0c30e166da9f1e4ef58ba23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4FFB9C2EA3AAE0C8D2F1D713C10BE2D4C008518A0C30E166DA9F1E4EF58BA23"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5569
Expires: Fri, 09 Dec 2022 17:12:13 GMT
Date: Fri, 09 Dec 2022 15:39:24 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id5-sync.com/api/esp/increment?counter=no-config
162.19.138.82204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 162.19.138.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://1kora.koooora-live.com
access-control-allow-credentials: true
date: Fri, 09 Dec 2022 15:39:24 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
142.250.74.106200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
IP 142.250.74.106:0
Hash 126ab34455bfa6373fe5cea81e7c70bb
a6b887852a0edff8c69ff5d793fbd29326edf521
613515c48d68bf6d49b3d4bd67bd0496c6b44b284219d2455f1dfa976219d6ec
GET /css?family=Google%20Sans%20Display%3A400%2C500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 15:39:24 GMT
date: Fri, 09 Dec 2022 15:39:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1670600364046-967178969507-006345-009-002829&key=CdyMGWjfcX10&ev=1&us_privacy=1---&pid=562704
34.192.116.159200 OK 0 B URL HTTP/2 servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1670600364046-967178969507-006345-009-002829&key=CdyMGWjfcX10&ev=1&us_privacy=1---&pid=562704
IP 34.192.116.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=10&auid=1670600364046-967178969507-006345-009-002829&key=CdyMGWjfcX10&ev=1&us_privacy=1---&pid=562704 HTTP/1.1
Host: servs.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1kora.koooora-live.com/
Connection: keep-alive
Cookie: aniC=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:24 GMT
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a5c704ab5a357a19869256073daacaa0
1f813d6e4991edc61d3fc8ae11490b0ceab536cb
df370c7f0c970bd1ccd5a64325c5c5770b64fff6a64e04ddf51063543c8fdae5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF370C7F0C970BD1CCD5A64325C5C5770B64FFF6A64E04DDF51063543C8FDAE5"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9704
Expires: Fri, 09 Dec 2022 18:21:09 GMT
Date: Fri, 09 Dec 2022 15:39:25 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dcb0ed86727c359c48d60000d5ce055b
f7e736e0e1f78ec89eacaa08fd5648e1cf47d4fc
68713a99b06419fcaa5ee2c4b2b1a2772ff6a47df9ca0f5dda78189fefa108a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash dcb0ed86727c359c48d60000d5ce055b
f7e736e0e1f78ec89eacaa08fd5648e1cf47d4fc
68713a99b06419fcaa5ee2c4b2b1a2772ff6a47df9ca0f5dda78189fefa108a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a7fcce3dc63f88fb3bb42fe1a285c7b9
867cf7966a5efc48c619653649f82d091b1bd8e0
94153fe13e128934e8bbb652b69720e96ffe8bc7d922c9ef75474149cdeb74f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
142.250.74.35200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
IP 142.250.74.35:0
File type C++ source, ASCII text, with very long lines (1833)
Hash d423039334318b32567d199ce1d9238e
e9ecb9be252647406e9ac7d57645beb00f22a8f1
4ea40f24181f3b9df05fd0b365a5a679de8ab34489f81127420075a618b297e1
GET /mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 14213
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:28:39 GMT
expires: Sun, 05 Mar 2023 21:28:39 GMT
cache-control: public, max-age=7776000
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
content-type: text/javascript
age: 324646
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/206675363/17284242389930234266_222548466414923371.jpeg
142.250.74.134200 OK 84 kB URL HTTP/2 static.doubleclick.net/dynamic/5/206675363/17284242389930234266_222548466414923371.jpeg
IP 142.250.74.134:0
File type JPEG image data, progressive, precision 8, 600x600, components 3\012- data
Hash 1406a877904a831ae2cf396d9f345f39
5e8396b0bc75f4df70ab9d21a4328be19cba04af
8aee0691c1e66565ade6bc5004cba455f209b8999411b3887f45281fdd270a7d
GET /dynamic/5/206675363/17284242389930234266_222548466414923371.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 84076
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 17:01:37 GMT
expires: Fri, 08 Dec 2023 17:01:37 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 03:48:44 GMT
content-type: image/jpeg
age: 81468
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal9000.redintelligence.net/zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrk4OrFaTY8PCDZCqYdr7qijJuaKcacytzc7VD_AuEAEglZvKIWDDhICAmBjIAQmpAsVCJUCftrE-qAMBqgSAAk_QGkvFZwTzwEsSwU4tzWtbI9C5OLlVe5DxGKiLmZD7g6pwYEROv1b59xT4Wv5KwtT-B07w7FToIt7l8F8nuJv9D4R8dL5Oby_PJ9i74JjJj8zp64KkW9WxA6S-t2HW8NFSyKc-RrFBOTdEubWrs9rK6UEODYRCBqejKpmSYrVDzpcSQq5AVkWHuew7YYJ4pxEO41Y5HYRdwn5pfHuQFq-0z_2CIUU0w1hGDlG0WSr5V3jeEDQhXsUmrQZ6j9iR2vhrKIfyNKD-5xkIeFRZpmDQNKtxNA-GkaPMfkkVOMrmLzMSq1gHpMhiIRpXTvO3AAJslzS0EoZFQUJ9PA7H0cvABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9GA3Ehh3Zzbk7_IxaI1R6PxMDCd9WsLw-ZUdxsVCDUdqeUZ3qYletI4eqmy2QjcRZjYY96-i-rDXWlMPzKKZcJ6nH8zPObTsYASAT%26sig%3DAOD64_34tf8Zvrd8mrwgAO_wHNppk1kofA%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DbM6XxSG4hUgo2opuDhosoSDa_-XawaA2o0JDm44fPwevFag4n6bU8WKakXm_jyleJ0SgYf3PS7U_JQz3xs1snBRzlJKHmvq9ubpPhZaGRuWqMXbEnFjq4cvkvP67pINy_rS5zg1mkfxvsxvW6oXoSqeUqvHgkBuEdYVgBViB5cQ3GI4E%26cry%3D1%26dbm_d%3DAKAmf-AdfXlSU-bguYsm0NyFM6T5XaGK8j5yUF_g6MnvhdRQr0doJxfDPFsV14dVjeljgjDRGMpa8Rm6kJvguhfB_TeDeGSUy0s_dVF2XzNLV7tGxKKa0wCLxr6IcXU_Xgd_Wz8OjkyiU3ewNraYW3EjlfPnyzapvmybNMtkuB4tVmTbWHRBzc-Tzd7bimxgMoKKnAZqiDEATyN10xY424kaDloyCV6QrThe42iGsxu1eZ_Mxj8EV6X0zBYDaFvp9K2Ilg0_PrV3iwLCyb48JquF9YwjqDnSITg908pXqFkqNDbAovChSquaVoGUN79w1-xjrDiHTHZtEa_efG_jX_Hcf4fk8vCC-h_06AW1HiLnYsoSWor53NJxfkgpUQomKgnLQLCvpVnC1K64GxBAfBHgHKtSA1QZG29NtNM7xLC65BGf3jlR7oSwSdjDRv1aSu-mNCXJ1PXVwXQRREHGg-S2vvhgQwtXXvvldcEqePqrQyPmv_sbhlFHyck-c_kIpc0hms9uwkmkBRErF-HhGph0l3_0K_Z4rUk3FjmarAyg0ya7YDDmCeDFUqUDMsjoNkYlUKadYdCGRA-Cmu0bm3q4cyZRfhCH-w%26adurl%3D
138.201.84.252200 OK 4.1 kB URL HTTP/1.1 hal9000.redintelligence.net/zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrk4OrFaTY8PCDZCqYdr7qijJuaKcacytzc7VD_AuEAEglZvKIWDDhICAmBjIAQmpAsVCJUCftrE-qAMBqgSAAk_QGkvFZwTzwEsSwU4tzWtbI9C5OLlVe5DxGKiLmZD7g6pwYEROv1b59xT4Wv5KwtT-B07w7FToIt7l8F8nuJv9D4R8dL5Oby_PJ9i74JjJj8zp64KkW9WxA6S-t2HW8NFSyKc-RrFBOTdEubWrs9rK6UEODYRCBqejKpmSYrVDzpcSQq5AVkWHuew7YYJ4pxEO41Y5HYRdwn5pfHuQFq-0z_2CIUU0w1hGDlG0WSr5V3jeEDQhXsUmrQZ6j9iR2vhrKIfyNKD-5xkIeFRZpmDQNKtxNA-GkaPMfkkVOMrmLzMSq1gHpMhiIRpXTvO3AAJslzS0EoZFQUJ9PA7H0cvABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9GA3Ehh3Zzbk7_IxaI1R6PxMDCd9WsLw-ZUdxsVCDUdqeUZ3qYletI4eqmy2QjcRZjYY96-i-rDXWlMPzKKZcJ6nH8zPObTsYASAT%26sig%3DAOD64_34tf8Zvrd8mrwgAO_wHNppk1kofA%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DbM6XxSG4hUgo2opuDhosoSDa_-XawaA2o0JDm44fPwevFag4n6bU8WKakXm_jyleJ0SgYf3PS7U_JQz3xs1snBRzlJKHmvq9ubpPhZaGRuWqMXbEnFjq4cvkvP67pINy_rS5zg1mkfxvsxvW6oXoSqeUqvHgkBuEdYVgBViB5cQ3GI4E%26cry%3D1%26dbm_d%3DAKAmf-AdfXlSU-bguYsm0NyFM6T5XaGK8j5yUF_g6MnvhdRQr0doJxfDPFsV14dVjeljgjDRGMpa8Rm6kJvguhfB_TeDeGSUy0s_dVF2XzNLV7tGxKKa0wCLxr6IcXU_Xgd_Wz8OjkyiU3ewNraYW3EjlfPnyzapvmybNMtkuB4tVmTbWHRBzc-Tzd7bimxgMoKKnAZqiDEATyN10xY424kaDloyCV6QrThe42iGsxu1eZ_Mxj8EV6X0zBYDaFvp9K2Ilg0_PrV3iwLCyb48JquF9YwjqDnSITg908pXqFkqNDbAovChSquaVoGUN79w1-xjrDiHTHZtEa_efG_jX_Hcf4fk8vCC-h_06AW1HiLnYsoSWor53NJxfkgpUQomKgnLQLCvpVnC1K64GxBAfBHgHKtSA1QZG29NtNM7xLC65BGf3jlR7oSwSdjDRv1aSu-mNCXJ1PXVwXQRREHGg-S2vvhgQwtXXvvldcEqePqrQyPmv_sbhlFHyck-c_kIpc0hms9uwkmkBRErF-HhGph0l3_0K_Z4rUk3FjmarAyg0ya7YDDmCeDFUqUDMsjoNkYlUKadYdCGRA-Cmu0bm3q4cyZRfhCH-w%26adurl%3D
IP 138.201.84.252:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1738), with CRLF line terminators
Hash b997796ae51e0c22af871f1dd3d3a6f7
f579082c3c766261025f610b0cd9ddedc6ab7f4e
d2f2d7cba2f891ab6b57d58bcbbd6fc4715f2669f7b7b9c21b097eb9cffa4535
GET /zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrk4OrFaTY8PCDZCqYdr7qijJuaKcacytzc7VD_AuEAEglZvKIWDDhICAmBjIAQmpAsVCJUCftrE-qAMBqgSAAk_QGkvFZwTzwEsSwU4tzWtbI9C5OLlVe5DxGKiLmZD7g6pwYEROv1b59xT4Wv5KwtT-B07w7FToIt7l8F8nuJv9D4R8dL5Oby_PJ9i74JjJj8zp64KkW9WxA6S-t2HW8NFSyKc-RrFBOTdEubWrs9rK6UEODYRCBqejKpmSYrVDzpcSQq5AVkWHuew7YYJ4pxEO41Y5HYRdwn5pfHuQFq-0z_2CIUU0w1hGDlG0WSr5V3jeEDQhXsUmrQZ6j9iR2vhrKIfyNKD-5xkIeFRZpmDQNKtxNA-GkaPMfkkVOMrmLzMSq1gHpMhiIRpXTvO3AAJslzS0EoZFQUJ9PA7H0cvABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9GA3Ehh3Zzbk7_IxaI1R6PxMDCd9WsLw-ZUdxsVCDUdqeUZ3qYletI4eqmy2QjcRZjYY96-i-rDXWlMPzKKZcJ6nH8zPObTsYASAT%26sig%3DAOD64_34tf8Zvrd8mrwgAO_wHNppk1kofA%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DbM6XxSG4hUgo2opuDhosoSDa_-XawaA2o0JDm44fPwevFag4n6bU8WKakXm_jyleJ0SgYf3PS7U_JQz3xs1snBRzlJKHmvq9ubpPhZaGRuWqMXbEnFjq4cvkvP67pINy_rS5zg1mkfxvsxvW6oXoSqeUqvHgkBuEdYVgBViB5cQ3GI4E%26cry%3D1%26dbm_d%3DAKAmf-AdfXlSU-bguYsm0NyFM6T5XaGK8j5yUF_g6MnvhdRQr0doJxfDPFsV14dVjeljgjDRGMpa8Rm6kJvguhfB_TeDeGSUy0s_dVF2XzNLV7tGxKKa0wCLxr6IcXU_Xgd_Wz8OjkyiU3ewNraYW3EjlfPnyzapvmybNMtkuB4tVmTbWHRBzc-Tzd7bimxgMoKKnAZqiDEATyN10xY424kaDloyCV6QrThe42iGsxu1eZ_Mxj8EV6X0zBYDaFvp9K2Ilg0_PrV3iwLCyb48JquF9YwjqDnSITg908pXqFkqNDbAovChSquaVoGUN79w1-xjrDiHTHZtEa_efG_jX_Hcf4fk8vCC-h_06AW1HiLnYsoSWor53NJxfkgpUQomKgnLQLCvpVnC1K64GxBAfBHgHKtSA1QZG29NtNM7xLC65BGf3jlR7oSwSdjDRv1aSu-mNCXJ1PXVwXQRREHGg-S2vvhgQwtXXvvldcEqePqrQyPmv_sbhlFHyck-c_kIpc0hms9uwkmkBRErF-HhGph0l3_0K_Z4rUk3FjmarAyg0ya7YDDmCeDFUqUDMsjoNkYlUKadYdCGRA-Cmu0bm3q4cyZRfhCH-w%26adurl%3D HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:39:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4148
Connection: close
Content-Type: text/html; charset=UTF-8
static.doubleclick.net/dynamic/5/206675363/1625813801196946125_9146618617033836075.jpeg
142.250.74.134200 OK 73 kB URL HTTP/2 static.doubleclick.net/dynamic/5/206675363/1625813801196946125_9146618617033836075.jpeg
IP 142.250.74.134:0
File type JPEG image data, progressive, precision 8, 600x600, components 3\012- data
Hash 4884231ed26d431ec5cc923ac180aa0f
5cdc749c9c0434d2abdb7cbe044f491f73d14882
fd4166a69eaa2d6cf37f33cb021cda0767429283b038db80e64e4fdd7adac908
GET /dynamic/5/206675363/1625813801196946125_9146618617033836075.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 72725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 07:54:15 GMT
expires: Sat, 09 Dec 2023 07:54:15 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 09 Dec 2022 03:12:57 GMT
content-type: image/jpeg
age: 27910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%7B%7BVID%7D%7D
185.76.9.14200 OK 34 kB URL HTTP/2 vid.vidoomy.com/sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%7B%7BVID%7D%7D
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (50563)
Hash 86c6636cbb59e69150fa9f82251d438f
a585b055b7812ba2fd6ce473c251b088744c45f3
7a94919a36c80ecd311feae6eb5dcdae39b4b0b6f57fc131761c87b29a752953
GET /sync?gdpr=1&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D133%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%7B%7BVID%7D%7D HTTP/1.1
Host: vid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:24 GMT
content-type: text/html
last-modified: Mon, 27 Dec 2021 10:13:47 GMT
etag: W/"61c991db-c5bc"
access-control-allow-origin: *
x-accel-expires: @1671637164
server: CDN77-Turbo
x-77-nzt: AblMCQ21Ij+h
x-77-nzt-ray: c0a4cc28e41df6bfac56936361713818
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: gzip
X-Firefox-Spdy: h2
static.doubleclick.net/dynamic/5/206675363/17097059941406730363_167768198777420005.jpeg
142.250.74.134200 OK 85 kB URL HTTP/2 static.doubleclick.net/dynamic/5/206675363/17097059941406730363_167768198777420005.jpeg
IP 142.250.74.134:0
File type JPEG image data, progressive, precision 8, 600x600, components 3\012- data
Hash 12b4709ab445b75848a9676601cca072
a9ce15d8b5a48a962c0c38b0c0a5b0936c5fd376
4e5cea11d89879256ceb7fa6b67d30d98e0357d89a171e21304ffb627aa2c6a4
GET /dynamic/5/206675363/17097059941406730363_167768198777420005.jpeg HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 84603
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Dec 2022 23:04:23 GMT
expires: Fri, 08 Dec 2023 23:04:23 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 08 Dec 2022 03:48:37 GMT
content-type: image/jpeg
age: 59702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal9000.redintelligence.net/zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXoujrFaTY8LNDeKY7APl6qGIAsm5opxpzK3NztUP8C4QASCVm8ohYMOEgICYGMgBCakCxUIlQJ-2sT6oAwGqBIACT9D03xZ_q4wqvXi6-g_I52-Hsj_tjxECj2JTyBfVqjerjEQQUjrNwEaGzL581TLXVOMAGR1vSHSos5Jv8gjuFIDTUWiWmEHxdAeVbQBiowFWUNnj0nVTPURzZGhQqx1s_EEviFPLxgHEuVRubMkl1PXWkZ_aCDz0pLRnHozOfPSEzH9-B0EiOqGEHjcoUyjvp8ANDhDLe6BBzEj4fNbm3SfXtKelkbrWg7ALtmi9R41wgBvOKRiKGxtuSKgMYmE-dpz4Hob2GXYSOB9Hm10rUH4LC7f4JvUZeI40PMGd-sllE6dlPXVmiR_2bCWQGtSWO0Axy5uOWGL8otyf4xNcFcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9AcqrIdc3Sr_RxwLMP39f8dgYRsfKS4y4ORLTIq7Wrnz1BbtQS1ufIh1k_YUh9Qx1sf8BvuoxcokzIqckVJN-30hTyxB3axgBIBM%26sig%3DAOD64_2R44V8yLZUKrDLqHv6lK6LnTqPLg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DuaIkui23lyRsk_RRcHIKXulk3a4xwLJzALzorYZfXP3LzR6hfunVTFDxF5zA453Ig-aoSyMGLHVGkpYpSoc4t2ga209vmvA74JaZD1Jn9MhIW4K2GEO9dp044TLUcpEsFIgKWA92EDaRJ9y45BPODA5rK5Q9kkWo-2_s_QT8ZxJIABow%26cry%3D1%26dbm_d%3DAKAmf-DFEFvnvamjKKCiEnq5p2H_SSijH-mO-70TeGkvplYKyATRys8rKrXXjurrwYmXdRdtNYj3_Gx0Pve9aC8BwL-wwn9hmVmrlLBWSH4LQ6V0tEnoOkthmutuBccE33bfqYs1bemb3LbSt8-t357vFLInJzzVYqCwhxnIx2tV_E-NvK0rDBaX2wY-AlJUAUQYrXTXkxfUQV5s1TFz_8mwbIWOG0WPgx88--kdzERPsQm6pqDQybaZp35r7xe1qBAvKkjjHNNKoWWsMGN3RtKCF6alQ5119Ejr3hlOuIs1FJycCncFIlh1m8kWcqtSSsP_L-8GSpxNOUWT6XRbZadoXEDVqdvmGwgmPQkXyK1jbdA7kZaJZal-u17F_9ZwtgQPdJono_3Df05xXEDloBaV2pv8ukc5NMQn33cUBa7_XHemQwVLauKYdIZ3tP9MrJ_ltnzGEHbf72KXONEsXGnlS04ddvMEy4CFEc1KjGzhXvHoZOIkJisMm8aAIp12NcH5Z9GQbxsuCf-cJXF8FLoeUKyhOS4rVD6uTO44dgjPZqc-FIFqSFezS5_eiaSSxz2Lv0TnHxr2Hv3-ct3kbgDNJsaoJhpchw%26adurl%3D
138.201.84.252200 OK 4.1 kB URL HTTP/1.1 hal9000.redintelligence.net/zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXoujrFaTY8LNDeKY7APl6qGIAsm5opxpzK3NztUP8C4QASCVm8ohYMOEgICYGMgBCakCxUIlQJ-2sT6oAwGqBIACT9D03xZ_q4wqvXi6-g_I52-Hsj_tjxECj2JTyBfVqjerjEQQUjrNwEaGzL581TLXVOMAGR1vSHSos5Jv8gjuFIDTUWiWmEHxdAeVbQBiowFWUNnj0nVTPURzZGhQqx1s_EEviFPLxgHEuVRubMkl1PXWkZ_aCDz0pLRnHozOfPSEzH9-B0EiOqGEHjcoUyjvp8ANDhDLe6BBzEj4fNbm3SfXtKelkbrWg7ALtmi9R41wgBvOKRiKGxtuSKgMYmE-dpz4Hob2GXYSOB9Hm10rUH4LC7f4JvUZeI40PMGd-sllE6dlPXVmiR_2bCWQGtSWO0Axy5uOWGL8otyf4xNcFcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9AcqrIdc3Sr_RxwLMP39f8dgYRsfKS4y4ORLTIq7Wrnz1BbtQS1ufIh1k_YUh9Qx1sf8BvuoxcokzIqckVJN-30hTyxB3axgBIBM%26sig%3DAOD64_2R44V8yLZUKrDLqHv6lK6LnTqPLg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DuaIkui23lyRsk_RRcHIKXulk3a4xwLJzALzorYZfXP3LzR6hfunVTFDxF5zA453Ig-aoSyMGLHVGkpYpSoc4t2ga209vmvA74JaZD1Jn9MhIW4K2GEO9dp044TLUcpEsFIgKWA92EDaRJ9y45BPODA5rK5Q9kkWo-2_s_QT8ZxJIABow%26cry%3D1%26dbm_d%3DAKAmf-DFEFvnvamjKKCiEnq5p2H_SSijH-mO-70TeGkvplYKyATRys8rKrXXjurrwYmXdRdtNYj3_Gx0Pve9aC8BwL-wwn9hmVmrlLBWSH4LQ6V0tEnoOkthmutuBccE33bfqYs1bemb3LbSt8-t357vFLInJzzVYqCwhxnIx2tV_E-NvK0rDBaX2wY-AlJUAUQYrXTXkxfUQV5s1TFz_8mwbIWOG0WPgx88--kdzERPsQm6pqDQybaZp35r7xe1qBAvKkjjHNNKoWWsMGN3RtKCF6alQ5119Ejr3hlOuIs1FJycCncFIlh1m8kWcqtSSsP_L-8GSpxNOUWT6XRbZadoXEDVqdvmGwgmPQkXyK1jbdA7kZaJZal-u17F_9ZwtgQPdJono_3Df05xXEDloBaV2pv8ukc5NMQn33cUBa7_XHemQwVLauKYdIZ3tP9MrJ_ltnzGEHbf72KXONEsXGnlS04ddvMEy4CFEc1KjGzhXvHoZOIkJisMm8aAIp12NcH5Z9GQbxsuCf-cJXF8FLoeUKyhOS4rVD6uTO44dgjPZqc-FIFqSFezS5_eiaSSxz2Lv0TnHxr2Hv3-ct3kbgDNJsaoJhpchw%26adurl%3D
IP 138.201.84.252:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1740), with CRLF line terminators
Hash ff14cac30d2ea8d201831cdb0d0f761c
d04294a97f16b839351e389797fa6f273d14c2db
8a6bb889957ead5dccc08b73b4d691f747fbc0d8a30bead2163fa6e4a569f78f
GET /zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXoujrFaTY8LNDeKY7APl6qGIAsm5opxpzK3NztUP8C4QASCVm8ohYMOEgICYGMgBCakCxUIlQJ-2sT6oAwGqBIACT9D03xZ_q4wqvXi6-g_I52-Hsj_tjxECj2JTyBfVqjerjEQQUjrNwEaGzL581TLXVOMAGR1vSHSos5Jv8gjuFIDTUWiWmEHxdAeVbQBiowFWUNnj0nVTPURzZGhQqx1s_EEviFPLxgHEuVRubMkl1PXWkZ_aCDz0pLRnHozOfPSEzH9-B0EiOqGEHjcoUyjvp8ANDhDLe6BBzEj4fNbm3SfXtKelkbrWg7ALtmi9R41wgBvOKRiKGxtuSKgMYmE-dpz4Hob2GXYSOB9Hm10rUH4LC7f4JvUZeI40PMGd-sllE6dlPXVmiR_2bCWQGtSWO0Axy5uOWGL8otyf4xNcFcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9AcqrIdc3Sr_RxwLMP39f8dgYRsfKS4y4ORLTIq7Wrnz1BbtQS1ufIh1k_YUh9Qx1sf8BvuoxcokzIqckVJN-30hTyxB3axgBIBM%26sig%3DAOD64_2R44V8yLZUKrDLqHv6lK6LnTqPLg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DuaIkui23lyRsk_RRcHIKXulk3a4xwLJzALzorYZfXP3LzR6hfunVTFDxF5zA453Ig-aoSyMGLHVGkpYpSoc4t2ga209vmvA74JaZD1Jn9MhIW4K2GEO9dp044TLUcpEsFIgKWA92EDaRJ9y45BPODA5rK5Q9kkWo-2_s_QT8ZxJIABow%26cry%3D1%26dbm_d%3DAKAmf-DFEFvnvamjKKCiEnq5p2H_SSijH-mO-70TeGkvplYKyATRys8rKrXXjurrwYmXdRdtNYj3_Gx0Pve9aC8BwL-wwn9hmVmrlLBWSH4LQ6V0tEnoOkthmutuBccE33bfqYs1bemb3LbSt8-t357vFLInJzzVYqCwhxnIx2tV_E-NvK0rDBaX2wY-AlJUAUQYrXTXkxfUQV5s1TFz_8mwbIWOG0WPgx88--kdzERPsQm6pqDQybaZp35r7xe1qBAvKkjjHNNKoWWsMGN3RtKCF6alQ5119Ejr3hlOuIs1FJycCncFIlh1m8kWcqtSSsP_L-8GSpxNOUWT6XRbZadoXEDVqdvmGwgmPQkXyK1jbdA7kZaJZal-u17F_9ZwtgQPdJono_3Df05xXEDloBaV2pv8ukc5NMQn33cUBa7_XHemQwVLauKYdIZ3tP9MrJ_ltnzGEHbf72KXONEsXGnlS04ddvMEy4CFEc1KjGzhXvHoZOIkJisMm8aAIp12NcH5Z9GQbxsuCf-cJXF8FLoeUKyhOS4rVD6uTO44dgjPZqc-FIFqSFezS5_eiaSSxz2Lv0TnHxr2Hv3-ct3kbgDNJsaoJhpchw%26adurl%3D HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:39:25 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4148
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a7fcce3dc63f88fb3bb42fe1a285c7b9
867cf7966a5efc48c619653649f82d091b1bd8e0
94153fe13e128934e8bbb652b69720e96ffe8bc7d922c9ef75474149cdeb74f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/simgad/17324176944389381790
142.250.74.70200 OK 8.5 kB URL HTTP/2 s0.2mdn.net/simgad/17324176944389381790
IP 142.250.74.70:0
File type PNG image data, 728 x 90, 8-bit colormap, non-interlaced\012- data
Hash d9e6f8c295f44170d43cf8169901d4f9
4e7e2bf70466d45f5479e4a56d89c5b7b6cc105e
e5d1a1a91bc242fba5b3eefb35d8c4b2e0c25a53bdbf8f26adf91ccc33d086d7
GET /simgad/17324176944389381790 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 8497
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Fri, 09 Dec 2022 13:33:21 GMT
expires: Sat, 09 Dec 2023 13:33:21 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 30 Nov 2022 08:21:13 GMT
content-type: image/png
age: 7564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuyitNwDg4IeT3OYeMD9NJo_v8eRwzKTSMj8wCdrjlUaaBbq0WnUGyNmAfFp6KdxpipO5yyBO4kvInfcl-zSHS4iJuc2jGknnSZo5n7H_YPNh8_6Gt6bW_2PM58OYSnk49nBMHGoZl753MdC771xQbAhQaxAe3Sv8YS4cz1w96Q4OoqMcYD4kDrlbC_WWC4j_HJAJt4iLmiwJxFwKDa_YIdKtRY1BUHCzmxzLWEas4bu2HNa4hMLCckqZ7fL2CmJxTOish3fRw-Strx5PTBW30BGWID6rn00QmX3HtoKvUWZHi0hVbaz_4927wErLy8ilxWH4UYrq50Y_0xzoS0xzkFw5s8R9kJuISnvtLCb5yBsKUdrEu4O6x6AunMmf1BJoL_bEKYTpRzLfsNxv03OSHSFyjprbxBGM3OzICtP0IUJEdffcoaizMxQhu6PcFnj1WzNRTfsPGpzvOACU-3W3g9AlGzHq7samkjG-iNFNBK5O5RYufrvXQ6E0osJXGuNlcdLzwQxSerVnD-5WPZCP0AtZcDnMO94bKdlavBmlimD4n-uxCKTg5P_yr0Xncu4QfOpJmTPAtt2cp6YXezCQlm1K4Y42uLF9HCBNOWV7KJcJPFIcTW1CACPOl6K8tP4NaOvv9_TCTCXPH8N1nhooe0ySDhsvomFem49C8x77A5gItuzFMhldndc4aAW9nurJMuGUsGGsaYWWmi93vUJuWmu8VGge0UC2zj5tePRcYFCyZvjaOhZrrPP7RuQ_Z0_a9deUSHWGAJIuQZICorvjV8-uVpLqM1P-eB2KWTLYKglFesNH4UG32KcbyKHUT8KHB1Of9_DHhXCi4z21nHCmwxaOer_MvkyDF6BHazsWJktWo38gJljX-1I3bYyqKcUIZ9zJEZ8lJWUlrsFfmsUKnNIizU3kT9SAfQq_NPipY5Kh_Oo6cRtHsIyNwjY_G6CY-tR6rRBV4rQUyHCuqBCHjiwHK3sECLEfBisKEj6NZ6yiQ55h5r5_yuCjtLNeRGuRA_RTHC1qULmGv0vL4yHLm0rw27knWUs87ca8wA7KkGO6tcfZT-T5X2n2nENo-MvRuib3P8aA3bxm3wsMPd9Uc0fh-mEiJ5vcEYCdStx9bBlg7A5KQLIpmIrCtZMLRnDz1PtCuMjZ5Fdi9HrMFAsMEcYvfVlpUol1RQA7mG6RNOLKgv9UGFb7QeAJKhcXGRcu_uZPJPO-TG_-RB0HZ7YaADOOoE39s&sai=AMfl-YR3QFqsdXn5VZfjg7CrqtCB-bAMmQHcLHSMSNyjR8QeTRbnybhZ76LWXPQhx30e6udcQ77KG7_aULdbrR_EADVAYVuhgX71YWdH0dDWicIsHUJTvFpeVe0aY3hJhzgqLXamibPPj48iH3_5DdsWhgPIuZoLWvpNW9se0qmAMs-0jqnU56oNJ5kbGgpr3t3wWE0pAeVGbC7s2icJeO1lIIxZ7BsnNbFN61oscU17VyqL7k-SWpgtxOqaOMx2BSURKev03w9VW78Z2AA4Ks5th55ITXf7GAmKcak4U5B2QEyzdhbT&sig=Cg0ArKJSzPWiki8OiXmyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221206.91796&arae=0&ftch=1&adurl=
142.250.74.162200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuyitNwDg4IeT3OYeMD9NJo_v8eRwzKTSMj8wCdrjlUaaBbq0WnUGyNmAfFp6KdxpipO5yyBO4kvInfcl-zSHS4iJuc2jGknnSZo5n7H_YPNh8_6Gt6bW_2PM58OYSnk49nBMHGoZl753MdC771xQbAhQaxAe3Sv8YS4cz1w96Q4OoqMcYD4kDrlbC_WWC4j_HJAJt4iLmiwJxFwKDa_YIdKtRY1BUHCzmxzLWEas4bu2HNa4hMLCckqZ7fL2CmJxTOish3fRw-Strx5PTBW30BGWID6rn00QmX3HtoKvUWZHi0hVbaz_4927wErLy8ilxWH4UYrq50Y_0xzoS0xzkFw5s8R9kJuISnvtLCb5yBsKUdrEu4O6x6AunMmf1BJoL_bEKYTpRzLfsNxv03OSHSFyjprbxBGM3OzICtP0IUJEdffcoaizMxQhu6PcFnj1WzNRTfsPGpzvOACU-3W3g9AlGzHq7samkjG-iNFNBK5O5RYufrvXQ6E0osJXGuNlcdLzwQxSerVnD-5WPZCP0AtZcDnMO94bKdlavBmlimD4n-uxCKTg5P_yr0Xncu4QfOpJmTPAtt2cp6YXezCQlm1K4Y42uLF9HCBNOWV7KJcJPFIcTW1CACPOl6K8tP4NaOvv9_TCTCXPH8N1nhooe0ySDhsvomFem49C8x77A5gItuzFMhldndc4aAW9nurJMuGUsGGsaYWWmi93vUJuWmu8VGge0UC2zj5tePRcYFCyZvjaOhZrrPP7RuQ_Z0_a9deUSHWGAJIuQZICorvjV8-uVpLqM1P-eB2KWTLYKglFesNH4UG32KcbyKHUT8KHB1Of9_DHhXCi4z21nHCmwxaOer_MvkyDF6BHazsWJktWo38gJljX-1I3bYyqKcUIZ9zJEZ8lJWUlrsFfmsUKnNIizU3kT9SAfQq_NPipY5Kh_Oo6cRtHsIyNwjY_G6CY-tR6rRBV4rQUyHCuqBCHjiwHK3sECLEfBisKEj6NZ6yiQ55h5r5_yuCjtLNeRGuRA_RTHC1qULmGv0vL4yHLm0rw27knWUs87ca8wA7KkGO6tcfZT-T5X2n2nENo-MvRuib3P8aA3bxm3wsMPd9Uc0fh-mEiJ5vcEYCdStx9bBlg7A5KQLIpmIrCtZMLRnDz1PtCuMjZ5Fdi9HrMFAsMEcYvfVlpUol1RQA7mG6RNOLKgv9UGFb7QeAJKhcXGRcu_uZPJPO-TG_-RB0HZ7YaADOOoE39s&sai=AMfl-YR3QFqsdXn5VZfjg7CrqtCB-bAMmQHcLHSMSNyjR8QeTRbnybhZ76LWXPQhx30e6udcQ77KG7_aULdbrR_EADVAYVuhgX71YWdH0dDWicIsHUJTvFpeVe0aY3hJhzgqLXamibPPj48iH3_5DdsWhgPIuZoLWvpNW9se0qmAMs-0jqnU56oNJ5kbGgpr3t3wWE0pAeVGbC7s2icJeO1lIIxZ7BsnNbFN61oscU17VyqL7k-SWpgtxOqaOMx2BSURKev03w9VW78Z2AA4Ks5th55ITXf7GAmKcak4U5B2QEyzdhbT&sig=Cg0ArKJSzPWiki8OiXmyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221206.91796&arae=0&ftch=1&adurl=
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsuyitNwDg4IeT3OYeMD9NJo_v8eRwzKTSMj8wCdrjlUaaBbq0WnUGyNmAfFp6KdxpipO5yyBO4kvInfcl-zSHS4iJuc2jGknnSZo5n7H_YPNh8_6Gt6bW_2PM58OYSnk49nBMHGoZl753MdC771xQbAhQaxAe3Sv8YS4cz1w96Q4OoqMcYD4kDrlbC_WWC4j_HJAJt4iLmiwJxFwKDa_YIdKtRY1BUHCzmxzLWEas4bu2HNa4hMLCckqZ7fL2CmJxTOish3fRw-Strx5PTBW30BGWID6rn00QmX3HtoKvUWZHi0hVbaz_4927wErLy8ilxWH4UYrq50Y_0xzoS0xzkFw5s8R9kJuISnvtLCb5yBsKUdrEu4O6x6AunMmf1BJoL_bEKYTpRzLfsNxv03OSHSFyjprbxBGM3OzICtP0IUJEdffcoaizMxQhu6PcFnj1WzNRTfsPGpzvOACU-3W3g9AlGzHq7samkjG-iNFNBK5O5RYufrvXQ6E0osJXGuNlcdLzwQxSerVnD-5WPZCP0AtZcDnMO94bKdlavBmlimD4n-uxCKTg5P_yr0Xncu4QfOpJmTPAtt2cp6YXezCQlm1K4Y42uLF9HCBNOWV7KJcJPFIcTW1CACPOl6K8tP4NaOvv9_TCTCXPH8N1nhooe0ySDhsvomFem49C8x77A5gItuzFMhldndc4aAW9nurJMuGUsGGsaYWWmi93vUJuWmu8VGge0UC2zj5tePRcYFCyZvjaOhZrrPP7RuQ_Z0_a9deUSHWGAJIuQZICorvjV8-uVpLqM1P-eB2KWTLYKglFesNH4UG32KcbyKHUT8KHB1Of9_DHhXCi4z21nHCmwxaOer_MvkyDF6BHazsWJktWo38gJljX-1I3bYyqKcUIZ9zJEZ8lJWUlrsFfmsUKnNIizU3kT9SAfQq_NPipY5Kh_Oo6cRtHsIyNwjY_G6CY-tR6rRBV4rQUyHCuqBCHjiwHK3sECLEfBisKEj6NZ6yiQ55h5r5_yuCjtLNeRGuRA_RTHC1qULmGv0vL4yHLm0rw27knWUs87ca8wA7KkGO6tcfZT-T5X2n2nENo-MvRuib3P8aA3bxm3wsMPd9Uc0fh-mEiJ5vcEYCdStx9bBlg7A5KQLIpmIrCtZMLRnDz1PtCuMjZ5Fdi9HrMFAsMEcYvfVlpUol1RQA7mG6RNOLKgv9UGFb7QeAJKhcXGRcu_uZPJPO-TG_-RB0HZ7YaADOOoE39s&sai=AMfl-YR3QFqsdXn5VZfjg7CrqtCB-bAMmQHcLHSMSNyjR8QeTRbnybhZ76LWXPQhx30e6udcQ77KG7_aULdbrR_EADVAYVuhgX71YWdH0dDWicIsHUJTvFpeVe0aY3hJhzgqLXamibPPj48iH3_5DdsWhgPIuZoLWvpNW9se0qmAMs-0jqnU56oNJ5kbGgpr3t3wWE0pAeVGbC7s2icJeO1lIIxZ7BsnNbFN61oscU17VyqL7k-SWpgtxOqaOMx2BSURKev03w9VW78Z2AA4Ks5th55ITXf7GAmKcak4U5B2QEyzdhbT&sig=Cg0ArKJSzPWiki8OiXmyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221206.91796&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 15:39:25 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 15:54:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 15:39:25 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuyitNwDg4IeT3OYeMD9NJo_v8eRwzKTSMj8wCdrjlUaaBbq0WnUGyNmAfFp6KdxpipO5yyBO4kvInfcl-zSHS4iJuc2jGknnSZo5n7H_YPNh8_6Gt6bW_2PM58OYSnk49nBMHGoZl753MdC771xQbAhQaxAe3Sv8YS4cz1w96Q4OoqMcYD4kDrlbC_WWC4j_HJAJt4iLmiwJxFwKDa_YIdKtRY1BUHCzmxzLWEas4bu2HNa4hMLCckqZ7fL2CmJxTOish3fRw-Strx5PTBW30BGWID6rn00QmX3HtoKvUWZHi0hVbaz_4927wErLy8ilxWH4UYrq50Y_0xzoS0xzkFw5s8R9kJuISnvtLCb5yBsKUdrEu4O6x6AunMmf1BJoL_bEKYTpRzLfsNxv03OSHSFyjprbxBGM3OzICtP0IUJEdffcoaizMxQhu6PcFnj1WzNRTfsPGpzvOACU-3W3g9AlGzHq7samkjG-iNFNBK5O5RYufrvXQ6E0osJXGuNlcdLzwQxSerVnD-5WPZCP0AtZcDnMO94bKdlavBmlimD4n-uxCKTg5P_yr0Xncu4QfOpJmTPAtt2cp6YXezCQlm1K4Y42uLF9HCBNOWV7KJcJPFIcTW1CACPOl6K8tP4NaOvv9_TCTCXPH8N1nhooe0ySDhsvomFem49C8x77A5gItuzFMhldndc4aAW9nurJMuGUsGGsaYWWmi93vUJuWmu8VGge0UC2zj5tePRcYFCyZvjaOhZrrPP7RuQ_Z0_a9deUSHWGAJIuQZICorvjV8-uVpLqM1P-eB2KWTLYKglFesNH4UG32KcbyKHUT8KHB1Of9_DHhXCi4z21nHCmwxaOer_MvkyDF6BHazsWJktWo38gJljX-1I3bYyqKcUIZ9zJEZ8lJWUlrsFfmsUKnNIizU3kT9SAfQq_NPipY5Kh_Oo6cRtHsIyNwjY_G6CY-tR6rRBV4rQUyHCuqBCHjiwHK3sECLEfBisKEj6NZ6yiQ55h5r5_yuCjtLNeRGuRA_RTHC1qULmGv0vL4yHLm0rw27knWUs87ca8wA7KkGO6tcfZT-T5X2n2nENo-MvRuib3P8aA3bxm3wsMPd9Uc0fh-mEiJ5vcEYCdStx9bBlg7A5KQLIpmIrCtZMLRnDz1PtCuMjZ5Fdi9HrMFAsMEcYvfVlpUol1RQA7mG6RNOLKgv9UGFb7QeAJKhcXGRcu_uZPJPO-TG_-RB0HZ7YaADOOoE39s&sai=AMfl-YR3QFqsdXn5VZfjg7CrqtCB-bAMmQHcLHSMSNyjR8QeTRbnybhZ76LWXPQhx30e6udcQ77KG7_aULdbrR_EADVAYVuhgX71YWdH0dDWicIsHUJTvFpeVe0aY3hJhzgqLXamibPPj48iH3_5DdsWhgPIuZoLWvpNW9se0qmAMs-0jqnU56oNJ5kbGgpr3t3wWE0pAeVGbC7s2icJeO1lIIxZ7BsnNbFN61oscU17VyqL7k-SWpgtxOqaOMx2BSURKev03w9VW78Z2AA4Ks5th55ITXf7GAmKcak4U5B2QEyzdhbT&sig=Cg0ArKJSzPWiki8OiXmyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=328&vt=11&dtpt=327&dett=2&cstd=0&cisv=r20221206.91796&arae=0&ftch=1&adurl=
142.250.74.162200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuyitNwDg4IeT3OYeMD9NJo_v8eRwzKTSMj8wCdrjlUaaBbq0WnUGyNmAfFp6KdxpipO5yyBO4kvInfcl-zSHS4iJuc2jGknnSZo5n7H_YPNh8_6Gt6bW_2PM58OYSnk49nBMHGoZl753MdC771xQbAhQaxAe3Sv8YS4cz1w96Q4OoqMcYD4kDrlbC_WWC4j_HJAJt4iLmiwJxFwKDa_YIdKtRY1BUHCzmxzLWEas4bu2HNa4hMLCckqZ7fL2CmJxTOish3fRw-Strx5PTBW30BGWID6rn00QmX3HtoKvUWZHi0hVbaz_4927wErLy8ilxWH4UYrq50Y_0xzoS0xzkFw5s8R9kJuISnvtLCb5yBsKUdrEu4O6x6AunMmf1BJoL_bEKYTpRzLfsNxv03OSHSFyjprbxBGM3OzICtP0IUJEdffcoaizMxQhu6PcFnj1WzNRTfsPGpzvOACU-3W3g9AlGzHq7samkjG-iNFNBK5O5RYufrvXQ6E0osJXGuNlcdLzwQxSerVnD-5WPZCP0AtZcDnMO94bKdlavBmlimD4n-uxCKTg5P_yr0Xncu4QfOpJmTPAtt2cp6YXezCQlm1K4Y42uLF9HCBNOWV7KJcJPFIcTW1CACPOl6K8tP4NaOvv9_TCTCXPH8N1nhooe0ySDhsvomFem49C8x77A5gItuzFMhldndc4aAW9nurJMuGUsGGsaYWWmi93vUJuWmu8VGge0UC2zj5tePRcYFCyZvjaOhZrrPP7RuQ_Z0_a9deUSHWGAJIuQZICorvjV8-uVpLqM1P-eB2KWTLYKglFesNH4UG32KcbyKHUT8KHB1Of9_DHhXCi4z21nHCmwxaOer_MvkyDF6BHazsWJktWo38gJljX-1I3bYyqKcUIZ9zJEZ8lJWUlrsFfmsUKnNIizU3kT9SAfQq_NPipY5Kh_Oo6cRtHsIyNwjY_G6CY-tR6rRBV4rQUyHCuqBCHjiwHK3sECLEfBisKEj6NZ6yiQ55h5r5_yuCjtLNeRGuRA_RTHC1qULmGv0vL4yHLm0rw27knWUs87ca8wA7KkGO6tcfZT-T5X2n2nENo-MvRuib3P8aA3bxm3wsMPd9Uc0fh-mEiJ5vcEYCdStx9bBlg7A5KQLIpmIrCtZMLRnDz1PtCuMjZ5Fdi9HrMFAsMEcYvfVlpUol1RQA7mG6RNOLKgv9UGFb7QeAJKhcXGRcu_uZPJPO-TG_-RB0HZ7YaADOOoE39s&sai=AMfl-YR3QFqsdXn5VZfjg7CrqtCB-bAMmQHcLHSMSNyjR8QeTRbnybhZ76LWXPQhx30e6udcQ77KG7_aULdbrR_EADVAYVuhgX71YWdH0dDWicIsHUJTvFpeVe0aY3hJhzgqLXamibPPj48iH3_5DdsWhgPIuZoLWvpNW9se0qmAMs-0jqnU56oNJ5kbGgpr3t3wWE0pAeVGbC7s2icJeO1lIIxZ7BsnNbFN61oscU17VyqL7k-SWpgtxOqaOMx2BSURKev03w9VW78Z2AA4Ks5th55ITXf7GAmKcak4U5B2QEyzdhbT&sig=Cg0ArKJSzPWiki8OiXmyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=328&vt=11&dtpt=327&dett=2&cstd=0&cisv=r20221206.91796&arae=0&ftch=1&adurl=
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsuyitNwDg4IeT3OYeMD9NJo_v8eRwzKTSMj8wCdrjlUaaBbq0WnUGyNmAfFp6KdxpipO5yyBO4kvInfcl-zSHS4iJuc2jGknnSZo5n7H_YPNh8_6Gt6bW_2PM58OYSnk49nBMHGoZl753MdC771xQbAhQaxAe3Sv8YS4cz1w96Q4OoqMcYD4kDrlbC_WWC4j_HJAJt4iLmiwJxFwKDa_YIdKtRY1BUHCzmxzLWEas4bu2HNa4hMLCckqZ7fL2CmJxTOish3fRw-Strx5PTBW30BGWID6rn00QmX3HtoKvUWZHi0hVbaz_4927wErLy8ilxWH4UYrq50Y_0xzoS0xzkFw5s8R9kJuISnvtLCb5yBsKUdrEu4O6x6AunMmf1BJoL_bEKYTpRzLfsNxv03OSHSFyjprbxBGM3OzICtP0IUJEdffcoaizMxQhu6PcFnj1WzNRTfsPGpzvOACU-3W3g9AlGzHq7samkjG-iNFNBK5O5RYufrvXQ6E0osJXGuNlcdLzwQxSerVnD-5WPZCP0AtZcDnMO94bKdlavBmlimD4n-uxCKTg5P_yr0Xncu4QfOpJmTPAtt2cp6YXezCQlm1K4Y42uLF9HCBNOWV7KJcJPFIcTW1CACPOl6K8tP4NaOvv9_TCTCXPH8N1nhooe0ySDhsvomFem49C8x77A5gItuzFMhldndc4aAW9nurJMuGUsGGsaYWWmi93vUJuWmu8VGge0UC2zj5tePRcYFCyZvjaOhZrrPP7RuQ_Z0_a9deUSHWGAJIuQZICorvjV8-uVpLqM1P-eB2KWTLYKglFesNH4UG32KcbyKHUT8KHB1Of9_DHhXCi4z21nHCmwxaOer_MvkyDF6BHazsWJktWo38gJljX-1I3bYyqKcUIZ9zJEZ8lJWUlrsFfmsUKnNIizU3kT9SAfQq_NPipY5Kh_Oo6cRtHsIyNwjY_G6CY-tR6rRBV4rQUyHCuqBCHjiwHK3sECLEfBisKEj6NZ6yiQ55h5r5_yuCjtLNeRGuRA_RTHC1qULmGv0vL4yHLm0rw27knWUs87ca8wA7KkGO6tcfZT-T5X2n2nENo-MvRuib3P8aA3bxm3wsMPd9Uc0fh-mEiJ5vcEYCdStx9bBlg7A5KQLIpmIrCtZMLRnDz1PtCuMjZ5Fdi9HrMFAsMEcYvfVlpUol1RQA7mG6RNOLKgv9UGFb7QeAJKhcXGRcu_uZPJPO-TG_-RB0HZ7YaADOOoE39s&sai=AMfl-YR3QFqsdXn5VZfjg7CrqtCB-bAMmQHcLHSMSNyjR8QeTRbnybhZ76LWXPQhx30e6udcQ77KG7_aULdbrR_EADVAYVuhgX71YWdH0dDWicIsHUJTvFpeVe0aY3hJhzgqLXamibPPj48iH3_5DdsWhgPIuZoLWvpNW9se0qmAMs-0jqnU56oNJ5kbGgpr3t3wWE0pAeVGbC7s2icJeO1lIIxZ7BsnNbFN61oscU17VyqL7k-SWpgtxOqaOMx2BSURKev03w9VW78Z2AA4Ks5th55ITXf7GAmKcak4U5B2QEyzdhbT&sig=Cg0ArKJSzPWiki8OiXmyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=328&vt=11&dtpt=327&dett=2&cstd=0&cisv=r20221206.91796&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Fri, 09 Dec 2022 15:39:25 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 09-Dec-2022 15:54:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 09 Dec 2022 15:39:25 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20784, version 1.0\012- data
Hash e11c810c086df83c0876dd59ed32ebcb
b89fe2ed6d016f81af13b35797ad2b0e2e5c6822
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
GET /s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20784
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 22:24:41 GMT
expires: Wed, 06 Dec 2023 22:24:41 GMT
cache-control: public, max-age=31536000
age: 234884
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
216.58.207.227200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 21428, version 1.0\012- data
Hash 965bbfea8a5db5aea3a63da8c5b3d570
ce645f4adf18c4ff26251610878969c9562de69f
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
GET /s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21428
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 03:56:20 GMT
expires: Thu, 07 Dec 2023 03:56:20 GMT
cache-control: public, max-age=31536000
age: 214985
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal900030.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=f6f87f6eed&subid=&uid=a538a8045ff141aa&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrk4OrFaTY8PCDZCqYdr7qijJuaKcacytzc7VD_AuEAEglZvKIWDDhICAmBjIAQmpAsVCJUCftrE-qAMBqgSAAk_QGkvFZwTzwEsSwU4tzWtbI9C5OLlVe5DxGKiLmZD7g6pwYEROv1b59xT4Wv5KwtT-B07w7FToIt7l8F8nuJv9D4R8dL5Oby_PJ9i74JjJj8zp64KkW9WxA6S-t2HW8NFSyKc-RrFBOTdEubWrs9rK6UEODYRCBqejKpmSYrVDzpcSQq5AVkWHuew7YYJ4pxEO41Y5HYRdwn5pfHuQFq-0z_2CIUU0w1hGDlG0WSr5V3jeEDQhXsUmrQZ6j9iR2vhrKIfyNKD-5xkIeFRZpmDQNKtxNA-GkaPMfkkVOMrmLzMSq1gHpMhiIRpXTvO3AAJslzS0EoZFQUJ9PA7H0cvABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9GA3Ehh3Zzbk7_IxaI1R6PxMDCd9WsLw-ZUdxsVCDUdqeUZ3qYletI4eqmy2QjcRZjYY96-i-rDXWlMPzKKZcJ6nH8zPObTsYASAT%26sig%3DAOD64_34tf8Zvrd8mrwgAO_wHNppk1kofA%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DbM6XxSG4hUgo2opuDhosoSDa_-XawaA2o0JDm44fPwevFag4n6bU8WKakXm_jyleJ0SgYf3PS7U_JQz3xs1snBRzlJKHmvq9ubpPhZaGRuWqMXbEnFjq4cvkvP67pINy_rS5zg1mkfxvsxvW6oXoSqeUqvHgkBuEdYVgBViB5cQ3GI4E%26cry%3D1%26dbm_d%3DAKAmf-AdfXlSU-bguYsm0NyFM6T5XaGK8j5yUF_g6MnvhdRQr0doJxfDPFsV14dVjeljgjDRGMpa8Rm6kJvguhfB_TeDeGSUy0s_dVF2XzNLV7tGxKKa0wCLxr6IcXU_Xgd_Wz8OjkyiU3ewNraYW3EjlfPnyzapvmybNMtkuB4tVmTbWHRBzc-Tzd7bimxgMoKKnAZqiDEATyN10xY424kaDloyCV6QrThe42iGsxu1eZ_Mxj8EV6X0zBYDaFvp9K2Ilg0_PrV3iwLCyb48JquF9YwjqDnSITg908pXqFkqNDbAovChSquaVoGUN79w1-xjrDiHTHZtEa_efG_jX_Hcf4fk8vCC-h_06AW1HiLnYsoSWor53NJxfkgpUQomKgnLQLCvpVnC1K64GxBAfBHgHKtSA1QZG29NtNM7xLC65BGf3jlR7oSwSdjDRv1aSu-mNCXJ1PXVwXQRREHGg-S2vvhgQwtXXvvldcEqePqrQyPmv_sbhlFHyck-c_kIpc0hms9uwkmkBRErF-HhGph0l3_0K_Z4rUk3FjmarAyg0ya7YDDmCeDFUqUDMsjoNkYlUKadYdCGRA-Cmu0bm3q4cyZRfhCH-w%26adurl%3D&documentReferer=https%3A%2F%2F796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=9440744747183&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
136.243.149.243302 Found 0 B URL HTTP/1.1 hal900030.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=f6f87f6eed&subid=&uid=a538a8045ff141aa&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrk4OrFaTY8PCDZCqYdr7qijJuaKcacytzc7VD_AuEAEglZvKIWDDhICAmBjIAQmpAsVCJUCftrE-qAMBqgSAAk_QGkvFZwTzwEsSwU4tzWtbI9C5OLlVe5DxGKiLmZD7g6pwYEROv1b59xT4Wv5KwtT-B07w7FToIt7l8F8nuJv9D4R8dL5Oby_PJ9i74JjJj8zp64KkW9WxA6S-t2HW8NFSyKc-RrFBOTdEubWrs9rK6UEODYRCBqejKpmSYrVDzpcSQq5AVkWHuew7YYJ4pxEO41Y5HYRdwn5pfHuQFq-0z_2CIUU0w1hGDlG0WSr5V3jeEDQhXsUmrQZ6j9iR2vhrKIfyNKD-5xkIeFRZpmDQNKtxNA-GkaPMfkkVOMrmLzMSq1gHpMhiIRpXTvO3AAJslzS0EoZFQUJ9PA7H0cvABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9GA3Ehh3Zzbk7_IxaI1R6PxMDCd9WsLw-ZUdxsVCDUdqeUZ3qYletI4eqmy2QjcRZjYY96-i-rDXWlMPzKKZcJ6nH8zPObTsYASAT%26sig%3DAOD64_34tf8Zvrd8mrwgAO_wHNppk1kofA%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DbM6XxSG4hUgo2opuDhosoSDa_-XawaA2o0JDm44fPwevFag4n6bU8WKakXm_jyleJ0SgYf3PS7U_JQz3xs1snBRzlJKHmvq9ubpPhZaGRuWqMXbEnFjq4cvkvP67pINy_rS5zg1mkfxvsxvW6oXoSqeUqvHgkBuEdYVgBViB5cQ3GI4E%26cry%3D1%26dbm_d%3DAKAmf-AdfXlSU-bguYsm0NyFM6T5XaGK8j5yUF_g6MnvhdRQr0doJxfDPFsV14dVjeljgjDRGMpa8Rm6kJvguhfB_TeDeGSUy0s_dVF2XzNLV7tGxKKa0wCLxr6IcXU_Xgd_Wz8OjkyiU3ewNraYW3EjlfPnyzapvmybNMtkuB4tVmTbWHRBzc-Tzd7bimxgMoKKnAZqiDEATyN10xY424kaDloyCV6QrThe42iGsxu1eZ_Mxj8EV6X0zBYDaFvp9K2Ilg0_PrV3iwLCyb48JquF9YwjqDnSITg908pXqFkqNDbAovChSquaVoGUN79w1-xjrDiHTHZtEa_efG_jX_Hcf4fk8vCC-h_06AW1HiLnYsoSWor53NJxfkgpUQomKgnLQLCvpVnC1K64GxBAfBHgHKtSA1QZG29NtNM7xLC65BGf3jlR7oSwSdjDRv1aSu-mNCXJ1PXVwXQRREHGg-S2vvhgQwtXXvvldcEqePqrQyPmv_sbhlFHyck-c_kIpc0hms9uwkmkBRErF-HhGph0l3_0K_Z4rUk3FjmarAyg0ya7YDDmCeDFUqUDMsjoNkYlUKadYdCGRA-Cmu0bm3q4cyZRfhCH-w%26adurl%3D&documentReferer=https%3A%2F%2F796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=9440744747183&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
IP 136.243.149.243:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=f6f87f6eed&subid=&uid=a538a8045ff141aa&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrk4OrFaTY8PCDZCqYdr7qijJuaKcacytzc7VD_AuEAEglZvKIWDDhICAmBjIAQmpAsVCJUCftrE-qAMBqgSAAk_QGkvFZwTzwEsSwU4tzWtbI9C5OLlVe5DxGKiLmZD7g6pwYEROv1b59xT4Wv5KwtT-B07w7FToIt7l8F8nuJv9D4R8dL5Oby_PJ9i74JjJj8zp64KkW9WxA6S-t2HW8NFSyKc-RrFBOTdEubWrs9rK6UEODYRCBqejKpmSYrVDzpcSQq5AVkWHuew7YYJ4pxEO41Y5HYRdwn5pfHuQFq-0z_2CIUU0w1hGDlG0WSr5V3jeEDQhXsUmrQZ6j9iR2vhrKIfyNKD-5xkIeFRZpmDQNKtxNA-GkaPMfkkVOMrmLzMSq1gHpMhiIRpXTvO3AAJslzS0EoZFQUJ9PA7H0cvABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9GA3Ehh3Zzbk7_IxaI1R6PxMDCd9WsLw-ZUdxsVCDUdqeUZ3qYletI4eqmy2QjcRZjYY96-i-rDXWlMPzKKZcJ6nH8zPObTsYASAT%26sig%3DAOD64_34tf8Zvrd8mrwgAO_wHNppk1kofA%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DbM6XxSG4hUgo2opuDhosoSDa_-XawaA2o0JDm44fPwevFag4n6bU8WKakXm_jyleJ0SgYf3PS7U_JQz3xs1snBRzlJKHmvq9ubpPhZaGRuWqMXbEnFjq4cvkvP67pINy_rS5zg1mkfxvsxvW6oXoSqeUqvHgkBuEdYVgBViB5cQ3GI4E%26cry%3D1%26dbm_d%3DAKAmf-AdfXlSU-bguYsm0NyFM6T5XaGK8j5yUF_g6MnvhdRQr0doJxfDPFsV14dVjeljgjDRGMpa8Rm6kJvguhfB_TeDeGSUy0s_dVF2XzNLV7tGxKKa0wCLxr6IcXU_Xgd_Wz8OjkyiU3ewNraYW3EjlfPnyzapvmybNMtkuB4tVmTbWHRBzc-Tzd7bimxgMoKKnAZqiDEATyN10xY424kaDloyCV6QrThe42iGsxu1eZ_Mxj8EV6X0zBYDaFvp9K2Ilg0_PrV3iwLCyb48JquF9YwjqDnSITg908pXqFkqNDbAovChSquaVoGUN79w1-xjrDiHTHZtEa_efG_jX_Hcf4fk8vCC-h_06AW1HiLnYsoSWor53NJxfkgpUQomKgnLQLCvpVnC1K64GxBAfBHgHKtSA1QZG29NtNM7xLC65BGf3jlR7oSwSdjDRv1aSu-mNCXJ1PXVwXQRREHGg-S2vvhgQwtXXvvldcEqePqrQyPmv_sbhlFHyck-c_kIpc0hms9uwkmkBRErF-HhGph0l3_0K_Z4rUk3FjmarAyg0ya7YDDmCeDFUqUDMsjoNkYlUKadYdCGRA-Cmu0bm3q4cyZRfhCH-w%26adurl%3D&documentReferer=https%3A%2F%2F796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=9440744747183&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP/1.1
Host: hal900030.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 09 Dec 2022 15:39:25 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 09 Dec 2022 15:39:25 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=6d0a12cd59ada507; expires=Thu, 09-Mar-2023 15:39:25 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=f6f87f6eed&subid=&uid=a538a8045ff141aa&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrk4OrFaTY8PCDZCqYdr7qijJuaKcacytzc7VD_AuEAEglZvKIWDDhICAmBjIAQmpAsVCJUCftrE-qAMBqgSAAk_QGkvFZwTzwEsSwU4tzWtbI9C5OLlVe5DxGKiLmZD7g6pwYEROv1b59xT4Wv5KwtT-B07w7FToIt7l8F8nuJv9D4R8dL5Oby_PJ9i74JjJj8zp64KkW9WxA6S-t2HW8NFSyKc-RrFBOTdEubWrs9rK6UEODYRCBqejKpmSYrVDzpcSQq5AVkWHuew7YYJ4pxEO41Y5HYRdwn5pfHuQFq-0z_2CIUU0w1hGDlG0WSr5V3jeEDQhXsUmrQZ6j9iR2vhrKIfyNKD-5xkIeFRZpmDQNKtxNA-GkaPMfkkVOMrmLzMSq1gHpMhiIRpXTvO3AAJslzS0EoZFQUJ9PA7H0cvABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9GA3Ehh3Zzbk7_IxaI1R6PxMDCd9WsLw-ZUdxsVCDUdqeUZ3qYletI4eqmy2QjcRZjYY96-i-rDXWlMPzKKZcJ6nH8zPObTsYASAT%26sig%3DAOD64_34tf8Zvrd8mrwgAO_wHNppk1kofA%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DbM6XxSG4hUgo2opuDhosoSDa_-XawaA2o0JDm44fPwevFag4n6bU8WKakXm_jyleJ0SgYf3PS7U_JQz3xs1snBRzlJKHmvq9ubpPhZaGRuWqMXbEnFjq4cvkvP67pINy_rS5zg1mkfxvsxvW6oXoSqeUqvHgkBuEdYVgBViB5cQ3GI4E%26cry%3D1%26dbm_d%3DAKAmf-AdfXlSU-bguYsm0NyFM6T5XaGK8j5yUF_g6MnvhdRQr0doJxfDPFsV14dVjeljgjDRGMpa8Rm6kJvguhfB_TeDeGSUy0s_dVF2XzNLV7tGxKKa0wCLxr6IcXU_Xgd_Wz8OjkyiU3ewNraYW3EjlfPnyzapvmybNMtkuB4tVmTbWHRBzc-Tzd7bimxgMoKKnAZqiDEATyN10xY424kaDloyCV6QrThe42iGsxu1eZ_Mxj8EV6X0zBYDaFvp9K2Ilg0_PrV3iwLCyb48JquF9YwjqDnSITg908pXqFkqNDbAovChSquaVoGUN79w1-xjrDiHTHZtEa_efG_jX_Hcf4fk8vCC-h_06AW1HiLnYsoSWor53NJxfkgpUQomKgnLQLCvpVnC1K64GxBAfBHgHKtSA1QZG29NtNM7xLC65BGf3jlR7oSwSdjDRv1aSu-mNCXJ1PXVwXQRREHGg-S2vvhgQwtXXvvldcEqePqrQyPmv_sbhlFHyck-c_kIpc0hms9uwkmkBRErF-HhGph0l3_0K_Z4rUk3FjmarAyg0ya7YDDmCeDFUqUDMsjoNkYlUKadYdCGRA-Cmu0bm3q4cyZRfhCH-w%26adurl%3D&documentReferer=https%3A%2F%2F796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=9440744747183&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
hal900025.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=826fa301a5&subid=&uid=59f104a80633990b&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXoujrFaTY8LNDeKY7APl6qGIAsm5opxpzK3NztUP8C4QASCVm8ohYMOEgICYGMgBCakCxUIlQJ-2sT6oAwGqBIACT9D03xZ_q4wqvXi6-g_I52-Hsj_tjxECj2JTyBfVqjerjEQQUjrNwEaGzL581TLXVOMAGR1vSHSos5Jv8gjuFIDTUWiWmEHxdAeVbQBiowFWUNnj0nVTPURzZGhQqx1s_EEviFPLxgHEuVRubMkl1PXWkZ_aCDz0pLRnHozOfPSEzH9-B0EiOqGEHjcoUyjvp8ANDhDLe6BBzEj4fNbm3SfXtKelkbrWg7ALtmi9R41wgBvOKRiKGxtuSKgMYmE-dpz4Hob2GXYSOB9Hm10rUH4LC7f4JvUZeI40PMGd-sllE6dlPXVmiR_2bCWQGtSWO0Axy5uOWGL8otyf4xNcFcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9AcqrIdc3Sr_RxwLMP39f8dgYRsfKS4y4ORLTIq7Wrnz1BbtQS1ufIh1k_YUh9Qx1sf8BvuoxcokzIqckVJN-30hTyxB3axgBIBM%26sig%3DAOD64_2R44V8yLZUKrDLqHv6lK6LnTqPLg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DuaIkui23lyRsk_RRcHIKXulk3a4xwLJzALzorYZfXP3LzR6hfunVTFDxF5zA453Ig-aoSyMGLHVGkpYpSoc4t2ga209vmvA74JaZD1Jn9MhIW4K2GEO9dp044TLUcpEsFIgKWA92EDaRJ9y45BPODA5rK5Q9kkWo-2_s_QT8ZxJIABow%26cry%3D1%26dbm_d%3DAKAmf-DFEFvnvamjKKCiEnq5p2H_SSijH-mO-70TeGkvplYKyATRys8rKrXXjurrwYmXdRdtNYj3_Gx0Pve9aC8BwL-wwn9hmVmrlLBWSH4LQ6V0tEnoOkthmutuBccE33bfqYs1bemb3LbSt8-t357vFLInJzzVYqCwhxnIx2tV_E-NvK0rDBaX2wY-AlJUAUQYrXTXkxfUQV5s1TFz_8mwbIWOG0WPgx88--kdzERPsQm6pqDQybaZp35r7xe1qBAvKkjjHNNKoWWsMGN3RtKCF6alQ5119Ejr3hlOuIs1FJycCncFIlh1m8kWcqtSSsP_L-8GSpxNOUWT6XRbZadoXEDVqdvmGwgmPQkXyK1jbdA7kZaJZal-u17F_9ZwtgQPdJono_3Df05xXEDloBaV2pv8ukc5NMQn33cUBa7_XHemQwVLauKYdIZ3tP9MrJ_ltnzGEHbf72KXONEsXGnlS04ddvMEy4CFEc1KjGzhXvHoZOIkJisMm8aAIp12NcH5Z9GQbxsuCf-cJXF8FLoeUKyhOS4rVD6uTO44dgjPZqc-FIFqSFezS5_eiaSSxz2Lv0TnHxr2Hv3-ct3kbgDNJsaoJhpchw%26adurl%3D&documentReferer=https%3A%2F%2F796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=2310606206701&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
138.201.84.245302 Found 0 B URL HTTP/1.1 hal900025.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=826fa301a5&subid=&uid=59f104a80633990b&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXoujrFaTY8LNDeKY7APl6qGIAsm5opxpzK3NztUP8C4QASCVm8ohYMOEgICYGMgBCakCxUIlQJ-2sT6oAwGqBIACT9D03xZ_q4wqvXi6-g_I52-Hsj_tjxECj2JTyBfVqjerjEQQUjrNwEaGzL581TLXVOMAGR1vSHSos5Jv8gjuFIDTUWiWmEHxdAeVbQBiowFWUNnj0nVTPURzZGhQqx1s_EEviFPLxgHEuVRubMkl1PXWkZ_aCDz0pLRnHozOfPSEzH9-B0EiOqGEHjcoUyjvp8ANDhDLe6BBzEj4fNbm3SfXtKelkbrWg7ALtmi9R41wgBvOKRiKGxtuSKgMYmE-dpz4Hob2GXYSOB9Hm10rUH4LC7f4JvUZeI40PMGd-sllE6dlPXVmiR_2bCWQGtSWO0Axy5uOWGL8otyf4xNcFcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9AcqrIdc3Sr_RxwLMP39f8dgYRsfKS4y4ORLTIq7Wrnz1BbtQS1ufIh1k_YUh9Qx1sf8BvuoxcokzIqckVJN-30hTyxB3axgBIBM%26sig%3DAOD64_2R44V8yLZUKrDLqHv6lK6LnTqPLg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DuaIkui23lyRsk_RRcHIKXulk3a4xwLJzALzorYZfXP3LzR6hfunVTFDxF5zA453Ig-aoSyMGLHVGkpYpSoc4t2ga209vmvA74JaZD1Jn9MhIW4K2GEO9dp044TLUcpEsFIgKWA92EDaRJ9y45BPODA5rK5Q9kkWo-2_s_QT8ZxJIABow%26cry%3D1%26dbm_d%3DAKAmf-DFEFvnvamjKKCiEnq5p2H_SSijH-mO-70TeGkvplYKyATRys8rKrXXjurrwYmXdRdtNYj3_Gx0Pve9aC8BwL-wwn9hmVmrlLBWSH4LQ6V0tEnoOkthmutuBccE33bfqYs1bemb3LbSt8-t357vFLInJzzVYqCwhxnIx2tV_E-NvK0rDBaX2wY-AlJUAUQYrXTXkxfUQV5s1TFz_8mwbIWOG0WPgx88--kdzERPsQm6pqDQybaZp35r7xe1qBAvKkjjHNNKoWWsMGN3RtKCF6alQ5119Ejr3hlOuIs1FJycCncFIlh1m8kWcqtSSsP_L-8GSpxNOUWT6XRbZadoXEDVqdvmGwgmPQkXyK1jbdA7kZaJZal-u17F_9ZwtgQPdJono_3Df05xXEDloBaV2pv8ukc5NMQn33cUBa7_XHemQwVLauKYdIZ3tP9MrJ_ltnzGEHbf72KXONEsXGnlS04ddvMEy4CFEc1KjGzhXvHoZOIkJisMm8aAIp12NcH5Z9GQbxsuCf-cJXF8FLoeUKyhOS4rVD6uTO44dgjPZqc-FIFqSFezS5_eiaSSxz2Lv0TnHxr2Hv3-ct3kbgDNJsaoJhpchw%26adurl%3D&documentReferer=https%3A%2F%2F796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=2310606206701&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
IP 138.201.84.245:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=826fa301a5&subid=&uid=59f104a80633990b&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXoujrFaTY8LNDeKY7APl6qGIAsm5opxpzK3NztUP8C4QASCVm8ohYMOEgICYGMgBCakCxUIlQJ-2sT6oAwGqBIACT9D03xZ_q4wqvXi6-g_I52-Hsj_tjxECj2JTyBfVqjerjEQQUjrNwEaGzL581TLXVOMAGR1vSHSos5Jv8gjuFIDTUWiWmEHxdAeVbQBiowFWUNnj0nVTPURzZGhQqx1s_EEviFPLxgHEuVRubMkl1PXWkZ_aCDz0pLRnHozOfPSEzH9-B0EiOqGEHjcoUyjvp8ANDhDLe6BBzEj4fNbm3SfXtKelkbrWg7ALtmi9R41wgBvOKRiKGxtuSKgMYmE-dpz4Hob2GXYSOB9Hm10rUH4LC7f4JvUZeI40PMGd-sllE6dlPXVmiR_2bCWQGtSWO0Axy5uOWGL8otyf4xNcFcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9AcqrIdc3Sr_RxwLMP39f8dgYRsfKS4y4ORLTIq7Wrnz1BbtQS1ufIh1k_YUh9Qx1sf8BvuoxcokzIqckVJN-30hTyxB3axgBIBM%26sig%3DAOD64_2R44V8yLZUKrDLqHv6lK6LnTqPLg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DuaIkui23lyRsk_RRcHIKXulk3a4xwLJzALzorYZfXP3LzR6hfunVTFDxF5zA453Ig-aoSyMGLHVGkpYpSoc4t2ga209vmvA74JaZD1Jn9MhIW4K2GEO9dp044TLUcpEsFIgKWA92EDaRJ9y45BPODA5rK5Q9kkWo-2_s_QT8ZxJIABow%26cry%3D1%26dbm_d%3DAKAmf-DFEFvnvamjKKCiEnq5p2H_SSijH-mO-70TeGkvplYKyATRys8rKrXXjurrwYmXdRdtNYj3_Gx0Pve9aC8BwL-wwn9hmVmrlLBWSH4LQ6V0tEnoOkthmutuBccE33bfqYs1bemb3LbSt8-t357vFLInJzzVYqCwhxnIx2tV_E-NvK0rDBaX2wY-AlJUAUQYrXTXkxfUQV5s1TFz_8mwbIWOG0WPgx88--kdzERPsQm6pqDQybaZp35r7xe1qBAvKkjjHNNKoWWsMGN3RtKCF6alQ5119Ejr3hlOuIs1FJycCncFIlh1m8kWcqtSSsP_L-8GSpxNOUWT6XRbZadoXEDVqdvmGwgmPQkXyK1jbdA7kZaJZal-u17F_9ZwtgQPdJono_3Df05xXEDloBaV2pv8ukc5NMQn33cUBa7_XHemQwVLauKYdIZ3tP9MrJ_ltnzGEHbf72KXONEsXGnlS04ddvMEy4CFEc1KjGzhXvHoZOIkJisMm8aAIp12NcH5Z9GQbxsuCf-cJXF8FLoeUKyhOS4rVD6uTO44dgjPZqc-FIFqSFezS5_eiaSSxz2Lv0TnHxr2Hv3-ct3kbgDNJsaoJhpchw%26adurl%3D&documentReferer=https%3A%2F%2F796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=2310606206701&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP/1.1
Host: hal900025.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Fri, 09 Dec 2022 15:39:25 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 09 Dec 2022 15:39:25 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=f7409c89236f38cd; expires=Thu, 09-Mar-2023 15:39:25 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=826fa301a5&subid=&uid=59f104a80633990b&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXoujrFaTY8LNDeKY7APl6qGIAsm5opxpzK3NztUP8C4QASCVm8ohYMOEgICYGMgBCakCxUIlQJ-2sT6oAwGqBIACT9D03xZ_q4wqvXi6-g_I52-Hsj_tjxECj2JTyBfVqjerjEQQUjrNwEaGzL581TLXVOMAGR1vSHSos5Jv8gjuFIDTUWiWmEHxdAeVbQBiowFWUNnj0nVTPURzZGhQqx1s_EEviFPLxgHEuVRubMkl1PXWkZ_aCDz0pLRnHozOfPSEzH9-B0EiOqGEHjcoUyjvp8ANDhDLe6BBzEj4fNbm3SfXtKelkbrWg7ALtmi9R41wgBvOKRiKGxtuSKgMYmE-dpz4Hob2GXYSOB9Hm10rUH4LC7f4JvUZeI40PMGd-sllE6dlPXVmiR_2bCWQGtSWO0Axy5uOWGL8otyf4xNcFcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9AcqrIdc3Sr_RxwLMP39f8dgYRsfKS4y4ORLTIq7Wrnz1BbtQS1ufIh1k_YUh9Qx1sf8BvuoxcokzIqckVJN-30hTyxB3axgBIBM%26sig%3DAOD64_2R44V8yLZUKrDLqHv6lK6LnTqPLg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DuaIkui23lyRsk_RRcHIKXulk3a4xwLJzALzorYZfXP3LzR6hfunVTFDxF5zA453Ig-aoSyMGLHVGkpYpSoc4t2ga209vmvA74JaZD1Jn9MhIW4K2GEO9dp044TLUcpEsFIgKWA92EDaRJ9y45BPODA5rK5Q9kkWo-2_s_QT8ZxJIABow%26cry%3D1%26dbm_d%3DAKAmf-DFEFvnvamjKKCiEnq5p2H_SSijH-mO-70TeGkvplYKyATRys8rKrXXjurrwYmXdRdtNYj3_Gx0Pve9aC8BwL-wwn9hmVmrlLBWSH4LQ6V0tEnoOkthmutuBccE33bfqYs1bemb3LbSt8-t357vFLInJzzVYqCwhxnIx2tV_E-NvK0rDBaX2wY-AlJUAUQYrXTXkxfUQV5s1TFz_8mwbIWOG0WPgx88--kdzERPsQm6pqDQybaZp35r7xe1qBAvKkjjHNNKoWWsMGN3RtKCF6alQ5119Ejr3hlOuIs1FJycCncFIlh1m8kWcqtSSsP_L-8GSpxNOUWT6XRbZadoXEDVqdvmGwgmPQkXyK1jbdA7kZaJZal-u17F_9ZwtgQPdJono_3Df05xXEDloBaV2pv8ukc5NMQn33cUBa7_XHemQwVLauKYdIZ3tP9MrJ_ltnzGEHbf72KXONEsXGnlS04ddvMEy4CFEc1KjGzhXvHoZOIkJisMm8aAIp12NcH5Z9GQbxsuCf-cJXF8FLoeUKyhOS4rVD6uTO44dgjPZqc-FIFqSFezS5_eiaSSxz2Lv0TnHxr2Hv3-ct3kbgDNJsaoJhpchw%26adurl%3D&documentReferer=https%3A%2F%2F796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=2310606206701&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
koora--live.com/albaplayer/ksa-sports-1/?serv=1
5.135.116.111200 OK 5.3 kB URL HTTP/1.1 koora--live.com/albaplayer/ksa-sports-1/?serv=1
IP 5.135.116.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6869), with CRLF, LF line terminators
Hash eafe7f678c7c65ac71ec713dc9bf5523
ae545d1f19d775647ef9a8bbb57cfd42dd0484bc
af5f22b572f791c4885f5aa6f1a866f5e65bde75e5ee9adec3eefcbb4287e2c4
Analyzer Verdict Alert fortinet Malware
GET /albaplayer/ksa-sports-1/?serv=1 HTTP/1.1
Host: koora--live.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 09 Dec 2022 15:39:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Link: <https://koora--live.com/wp-json/>; rel="https://api.w.org/", <https://koora--live.com/?p=92>; rel=shortlink
X-Cache: HIT from Backend
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 79451098840e369ec4de400402d14b37
d05b9517f9081a47bf392e83563206ebd4389c94
a7438e5946f5e7ec0ba7304dcc5f1983599f1abcf5a755571f301666e4858d09
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4038
Cache-Control: max-age=124860
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:25 GMT
Etag: "63928ba3-116"
Expires: Sun, 11 Dec 2022 02:20:25 GMT
Last-Modified: Fri, 09 Dec 2022 01:13:07 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
hal900030.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=f6f87f6eed&subid=&uid=a538a8045ff141aa&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrk4OrFaTY8PCDZCqYdr7qijJuaKcacytzc7VD_AuEAEglZvKIWDDhICAmBjIAQmpAsVCJUCftrE-qAMBqgSAAk_QGkvFZwTzwEsSwU4tzWtbI9C5OLlVe5DxGKiLmZD7g6pwYEROv1b59xT4Wv5KwtT-B07w7FToIt7l8F8nuJv9D4R8dL5Oby_PJ9i74JjJj8zp64KkW9WxA6S-t2HW8NFSyKc-RrFBOTdEubWrs9rK6UEODYRCBqejKpmSYrVDzpcSQq5AVkWHuew7YYJ4pxEO41Y5HYRdwn5pfHuQFq-0z_2CIUU0w1hGDlG0WSr5V3jeEDQhXsUmrQZ6j9iR2vhrKIfyNKD-5xkIeFRZpmDQNKtxNA-GkaPMfkkVOMrmLzMSq1gHpMhiIRpXTvO3AAJslzS0EoZFQUJ9PA7H0cvABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9GA3Ehh3Zzbk7_IxaI1R6PxMDCd9WsLw-ZUdxsVCDUdqeUZ3qYletI4eqmy2QjcRZjYY96-i-rDXWlMPzKKZcJ6nH8zPObTsYASAT%26sig%3DAOD64_34tf8Zvrd8mrwgAO_wHNppk1kofA%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DbM6XxSG4hUgo2opuDhosoSDa_-XawaA2o0JDm44fPwevFag4n6bU8WKakXm_jyleJ0SgYf3PS7U_JQz3xs1snBRzlJKHmvq9ubpPhZaGRuWqMXbEnFjq4cvkvP67pINy_rS5zg1mkfxvsxvW6oXoSqeUqvHgkBuEdYVgBViB5cQ3GI4E%26cry%3D1%26dbm_d%3DAKAmf-AdfXlSU-bguYsm0NyFM6T5XaGK8j5yUF_g6MnvhdRQr0doJxfDPFsV14dVjeljgjDRGMpa8Rm6kJvguhfB_TeDeGSUy0s_dVF2XzNLV7tGxKKa0wCLxr6IcXU_Xgd_Wz8OjkyiU3ewNraYW3EjlfPnyzapvmybNMtkuB4tVmTbWHRBzc-Tzd7bimxgMoKKnAZqiDEATyN10xY424kaDloyCV6QrThe42iGsxu1eZ_Mxj8EV6X0zBYDaFvp9K2Ilg0_PrV3iwLCyb48JquF9YwjqDnSITg908pXqFkqNDbAovChSquaVoGUN79w1-xjrDiHTHZtEa_efG_jX_Hcf4fk8vCC-h_06AW1HiLnYsoSWor53NJxfkgpUQomKgnLQLCvpVnC1K64GxBAfBHgHKtSA1QZG29NtNM7xLC65BGf3jlR7oSwSdjDRv1aSu-mNCXJ1PXVwXQRREHGg-S2vvhgQwtXXvvldcEqePqrQyPmv_sbhlFHyck-c_kIpc0hms9uwkmkBRErF-HhGph0l3_0K_Z4rUk3FjmarAyg0ya7YDDmCeDFUqUDMsjoNkYlUKadYdCGRA-Cmu0bm3q4cyZRfhCH-w%26adurl%3D&documentReferer=https%3A%2F%2F796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=9440744747183&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
136.243.149.243200 OK 513 B URL HTTP/1.1 hal900030.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=f6f87f6eed&subid=&uid=a538a8045ff141aa&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrk4OrFaTY8PCDZCqYdr7qijJuaKcacytzc7VD_AuEAEglZvKIWDDhICAmBjIAQmpAsVCJUCftrE-qAMBqgSAAk_QGkvFZwTzwEsSwU4tzWtbI9C5OLlVe5DxGKiLmZD7g6pwYEROv1b59xT4Wv5KwtT-B07w7FToIt7l8F8nuJv9D4R8dL5Oby_PJ9i74JjJj8zp64KkW9WxA6S-t2HW8NFSyKc-RrFBOTdEubWrs9rK6UEODYRCBqejKpmSYrVDzpcSQq5AVkWHuew7YYJ4pxEO41Y5HYRdwn5pfHuQFq-0z_2CIUU0w1hGDlG0WSr5V3jeEDQhXsUmrQZ6j9iR2vhrKIfyNKD-5xkIeFRZpmDQNKtxNA-GkaPMfkkVOMrmLzMSq1gHpMhiIRpXTvO3AAJslzS0EoZFQUJ9PA7H0cvABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9GA3Ehh3Zzbk7_IxaI1R6PxMDCd9WsLw-ZUdxsVCDUdqeUZ3qYletI4eqmy2QjcRZjYY96-i-rDXWlMPzKKZcJ6nH8zPObTsYASAT%26sig%3DAOD64_34tf8Zvrd8mrwgAO_wHNppk1kofA%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DbM6XxSG4hUgo2opuDhosoSDa_-XawaA2o0JDm44fPwevFag4n6bU8WKakXm_jyleJ0SgYf3PS7U_JQz3xs1snBRzlJKHmvq9ubpPhZaGRuWqMXbEnFjq4cvkvP67pINy_rS5zg1mkfxvsxvW6oXoSqeUqvHgkBuEdYVgBViB5cQ3GI4E%26cry%3D1%26dbm_d%3DAKAmf-AdfXlSU-bguYsm0NyFM6T5XaGK8j5yUF_g6MnvhdRQr0doJxfDPFsV14dVjeljgjDRGMpa8Rm6kJvguhfB_TeDeGSUy0s_dVF2XzNLV7tGxKKa0wCLxr6IcXU_Xgd_Wz8OjkyiU3ewNraYW3EjlfPnyzapvmybNMtkuB4tVmTbWHRBzc-Tzd7bimxgMoKKnAZqiDEATyN10xY424kaDloyCV6QrThe42iGsxu1eZ_Mxj8EV6X0zBYDaFvp9K2Ilg0_PrV3iwLCyb48JquF9YwjqDnSITg908pXqFkqNDbAovChSquaVoGUN79w1-xjrDiHTHZtEa_efG_jX_Hcf4fk8vCC-h_06AW1HiLnYsoSWor53NJxfkgpUQomKgnLQLCvpVnC1K64GxBAfBHgHKtSA1QZG29NtNM7xLC65BGf3jlR7oSwSdjDRv1aSu-mNCXJ1PXVwXQRREHGg-S2vvhgQwtXXvvldcEqePqrQyPmv_sbhlFHyck-c_kIpc0hms9uwkmkBRErF-HhGph0l3_0K_Z4rUk3FjmarAyg0ya7YDDmCeDFUqUDMsjoNkYlUKadYdCGRA-Cmu0bm3q4cyZRfhCH-w%26adurl%3D&documentReferer=https%3A%2F%2F796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=9440744747183&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
IP 136.243.149.243:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 1cb40472d8424d8d0a81648ff51b9c56
cdadaa1fcc6ce0d2c54afc99f264308a6711fcdd
cb8938a29a0082128d1f6b71f24056fc7315ce0d559ce65928d5592325a56b80
GET /request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=f6f87f6eed&subid=&uid=a538a8045ff141aa&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCrk4OrFaTY8PCDZCqYdr7qijJuaKcacytzc7VD_AuEAEglZvKIWDDhICAmBjIAQmpAsVCJUCftrE-qAMBqgSAAk_QGkvFZwTzwEsSwU4tzWtbI9C5OLlVe5DxGKiLmZD7g6pwYEROv1b59xT4Wv5KwtT-B07w7FToIt7l8F8nuJv9D4R8dL5Oby_PJ9i74JjJj8zp64KkW9WxA6S-t2HW8NFSyKc-RrFBOTdEubWrs9rK6UEODYRCBqejKpmSYrVDzpcSQq5AVkWHuew7YYJ4pxEO41Y5HYRdwn5pfHuQFq-0z_2CIUU0w1hGDlG0WSr5V3jeEDQhXsUmrQZ6j9iR2vhrKIfyNKD-5xkIeFRZpmDQNKtxNA-GkaPMfkkVOMrmLzMSq1gHpMhiIRpXTvO3AAJslzS0EoZFQUJ9PA7H0cvABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9GA3Ehh3Zzbk7_IxaI1R6PxMDCd9WsLw-ZUdxsVCDUdqeUZ3qYletI4eqmy2QjcRZjYY96-i-rDXWlMPzKKZcJ6nH8zPObTsYASAT%26sig%3DAOD64_34tf8Zvrd8mrwgAO_wHNppk1kofA%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DbM6XxSG4hUgo2opuDhosoSDa_-XawaA2o0JDm44fPwevFag4n6bU8WKakXm_jyleJ0SgYf3PS7U_JQz3xs1snBRzlJKHmvq9ubpPhZaGRuWqMXbEnFjq4cvkvP67pINy_rS5zg1mkfxvsxvW6oXoSqeUqvHgkBuEdYVgBViB5cQ3GI4E%26cry%3D1%26dbm_d%3DAKAmf-AdfXlSU-bguYsm0NyFM6T5XaGK8j5yUF_g6MnvhdRQr0doJxfDPFsV14dVjeljgjDRGMpa8Rm6kJvguhfB_TeDeGSUy0s_dVF2XzNLV7tGxKKa0wCLxr6IcXU_Xgd_Wz8OjkyiU3ewNraYW3EjlfPnyzapvmybNMtkuB4tVmTbWHRBzc-Tzd7bimxgMoKKnAZqiDEATyN10xY424kaDloyCV6QrThe42iGsxu1eZ_Mxj8EV6X0zBYDaFvp9K2Ilg0_PrV3iwLCyb48JquF9YwjqDnSITg908pXqFkqNDbAovChSquaVoGUN79w1-xjrDiHTHZtEa_efG_jX_Hcf4fk8vCC-h_06AW1HiLnYsoSWor53NJxfkgpUQomKgnLQLCvpVnC1K64GxBAfBHgHKtSA1QZG29NtNM7xLC65BGf3jlR7oSwSdjDRv1aSu-mNCXJ1PXVwXQRREHGg-S2vvhgQwtXXvvldcEqePqrQyPmv_sbhlFHyck-c_kIpc0hms9uwkmkBRErF-HhGph0l3_0K_Z4rUk3FjmarAyg0ya7YDDmCeDFUqUDMsjoNkYlUKadYdCGRA-Cmu0bm3q4cyZRfhCH-w%26adurl%3D&documentReferer=https%3A%2F%2F796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=9440744747183&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 HTTP/1.1
Host: hal900030.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=f7409c89236f38cd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:39:25 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 09 Dec 2022 15:39:25 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=f7409c89236f38cd; expires=Thu, 09-Mar-2023 15:39:25 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
X-NEORY-SubId: 81893400075287204438336012168030
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 513
Connection: close
Content-Type: application/x-javascript; charset=utf-8
hal900025.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=826fa301a5&subid=&uid=59f104a80633990b&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXoujrFaTY8LNDeKY7APl6qGIAsm5opxpzK3NztUP8C4QASCVm8ohYMOEgICYGMgBCakCxUIlQJ-2sT6oAwGqBIACT9D03xZ_q4wqvXi6-g_I52-Hsj_tjxECj2JTyBfVqjerjEQQUjrNwEaGzL581TLXVOMAGR1vSHSos5Jv8gjuFIDTUWiWmEHxdAeVbQBiowFWUNnj0nVTPURzZGhQqx1s_EEviFPLxgHEuVRubMkl1PXWkZ_aCDz0pLRnHozOfPSEzH9-B0EiOqGEHjcoUyjvp8ANDhDLe6BBzEj4fNbm3SfXtKelkbrWg7ALtmi9R41wgBvOKRiKGxtuSKgMYmE-dpz4Hob2GXYSOB9Hm10rUH4LC7f4JvUZeI40PMGd-sllE6dlPXVmiR_2bCWQGtSWO0Axy5uOWGL8otyf4xNcFcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9AcqrIdc3Sr_RxwLMP39f8dgYRsfKS4y4ORLTIq7Wrnz1BbtQS1ufIh1k_YUh9Qx1sf8BvuoxcokzIqckVJN-30hTyxB3axgBIBM%26sig%3DAOD64_2R44V8yLZUKrDLqHv6lK6LnTqPLg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DuaIkui23lyRsk_RRcHIKXulk3a4xwLJzALzorYZfXP3LzR6hfunVTFDxF5zA453Ig-aoSyMGLHVGkpYpSoc4t2ga209vmvA74JaZD1Jn9MhIW4K2GEO9dp044TLUcpEsFIgKWA92EDaRJ9y45BPODA5rK5Q9kkWo-2_s_QT8ZxJIABow%26cry%3D1%26dbm_d%3DAKAmf-DFEFvnvamjKKCiEnq5p2H_SSijH-mO-70TeGkvplYKyATRys8rKrXXjurrwYmXdRdtNYj3_Gx0Pve9aC8BwL-wwn9hmVmrlLBWSH4LQ6V0tEnoOkthmutuBccE33bfqYs1bemb3LbSt8-t357vFLInJzzVYqCwhxnIx2tV_E-NvK0rDBaX2wY-AlJUAUQYrXTXkxfUQV5s1TFz_8mwbIWOG0WPgx88--kdzERPsQm6pqDQybaZp35r7xe1qBAvKkjjHNNKoWWsMGN3RtKCF6alQ5119Ejr3hlOuIs1FJycCncFIlh1m8kWcqtSSsP_L-8GSpxNOUWT6XRbZadoXEDVqdvmGwgmPQkXyK1jbdA7kZaJZal-u17F_9ZwtgQPdJono_3Df05xXEDloBaV2pv8ukc5NMQn33cUBa7_XHemQwVLauKYdIZ3tP9MrJ_ltnzGEHbf72KXONEsXGnlS04ddvMEy4CFEc1KjGzhXvHoZOIkJisMm8aAIp12NcH5Z9GQbxsuCf-cJXF8FLoeUKyhOS4rVD6uTO44dgjPZqc-FIFqSFezS5_eiaSSxz2Lv0TnHxr2Hv3-ct3kbgDNJsaoJhpchw%26adurl%3D&documentReferer=https%3A%2F%2F796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=2310606206701&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
138.201.84.245200 OK 513 B URL HTTP/1.1 hal900025.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=826fa301a5&subid=&uid=59f104a80633990b&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXoujrFaTY8LNDeKY7APl6qGIAsm5opxpzK3NztUP8C4QASCVm8ohYMOEgICYGMgBCakCxUIlQJ-2sT6oAwGqBIACT9D03xZ_q4wqvXi6-g_I52-Hsj_tjxECj2JTyBfVqjerjEQQUjrNwEaGzL581TLXVOMAGR1vSHSos5Jv8gjuFIDTUWiWmEHxdAeVbQBiowFWUNnj0nVTPURzZGhQqx1s_EEviFPLxgHEuVRubMkl1PXWkZ_aCDz0pLRnHozOfPSEzH9-B0EiOqGEHjcoUyjvp8ANDhDLe6BBzEj4fNbm3SfXtKelkbrWg7ALtmi9R41wgBvOKRiKGxtuSKgMYmE-dpz4Hob2GXYSOB9Hm10rUH4LC7f4JvUZeI40PMGd-sllE6dlPXVmiR_2bCWQGtSWO0Axy5uOWGL8otyf4xNcFcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9AcqrIdc3Sr_RxwLMP39f8dgYRsfKS4y4ORLTIq7Wrnz1BbtQS1ufIh1k_YUh9Qx1sf8BvuoxcokzIqckVJN-30hTyxB3axgBIBM%26sig%3DAOD64_2R44V8yLZUKrDLqHv6lK6LnTqPLg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DuaIkui23lyRsk_RRcHIKXulk3a4xwLJzALzorYZfXP3LzR6hfunVTFDxF5zA453Ig-aoSyMGLHVGkpYpSoc4t2ga209vmvA74JaZD1Jn9MhIW4K2GEO9dp044TLUcpEsFIgKWA92EDaRJ9y45BPODA5rK5Q9kkWo-2_s_QT8ZxJIABow%26cry%3D1%26dbm_d%3DAKAmf-DFEFvnvamjKKCiEnq5p2H_SSijH-mO-70TeGkvplYKyATRys8rKrXXjurrwYmXdRdtNYj3_Gx0Pve9aC8BwL-wwn9hmVmrlLBWSH4LQ6V0tEnoOkthmutuBccE33bfqYs1bemb3LbSt8-t357vFLInJzzVYqCwhxnIx2tV_E-NvK0rDBaX2wY-AlJUAUQYrXTXkxfUQV5s1TFz_8mwbIWOG0WPgx88--kdzERPsQm6pqDQybaZp35r7xe1qBAvKkjjHNNKoWWsMGN3RtKCF6alQ5119Ejr3hlOuIs1FJycCncFIlh1m8kWcqtSSsP_L-8GSpxNOUWT6XRbZadoXEDVqdvmGwgmPQkXyK1jbdA7kZaJZal-u17F_9ZwtgQPdJono_3Df05xXEDloBaV2pv8ukc5NMQn33cUBa7_XHemQwVLauKYdIZ3tP9MrJ_ltnzGEHbf72KXONEsXGnlS04ddvMEy4CFEc1KjGzhXvHoZOIkJisMm8aAIp12NcH5Z9GQbxsuCf-cJXF8FLoeUKyhOS4rVD6uTO44dgjPZqc-FIFqSFezS5_eiaSSxz2Lv0TnHxr2Hv3-ct3kbgDNJsaoJhpchw%26adurl%3D&documentReferer=https%3A%2F%2F796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=2310606206701&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
IP 138.201.84.245:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash b39d64e2f49db5c0f0265e95795eb9ab
72b69572ab49c63e46d676dbe1f0d8b605e26097
068fccf9b8418ec1540c9bd0024955fbddd8e23deb0cd18a741814d0efd89f86
GET /request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=826fa301a5&subid=&uid=59f104a80633990b&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCXoujrFaTY8LNDeKY7APl6qGIAsm5opxpzK3NztUP8C4QASCVm8ohYMOEgICYGMgBCakCxUIlQJ-2sT6oAwGqBIACT9D03xZ_q4wqvXi6-g_I52-Hsj_tjxECj2JTyBfVqjerjEQQUjrNwEaGzL581TLXVOMAGR1vSHSos5Jv8gjuFIDTUWiWmEHxdAeVbQBiowFWUNnj0nVTPURzZGhQqx1s_EEviFPLxgHEuVRubMkl1PXWkZ_aCDz0pLRnHozOfPSEzH9-B0EiOqGEHjcoUyjvp8ANDhDLe6BBzEj4fNbm3SfXtKelkbrWg7ALtmi9R41wgBvOKRiKGxtuSKgMYmE-dpz4Hob2GXYSOB9Hm10rUH4LC7f4JvUZeI40PMGd-sllE6dlPXVmiR_2bCWQGtSWO0Axy5uOWGL8otyf4xNcFcAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSSwDq26N9AcqrIdc3Sr_RxwLMP39f8dgYRsfKS4y4ORLTIq7Wrnz1BbtQS1ufIh1k_YUh9Qx1sf8BvuoxcokzIqckVJN-30hTyxB3axgBIBM%26sig%3DAOD64_2R44V8yLZUKrDLqHv6lK6LnTqPLg%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-DuaIkui23lyRsk_RRcHIKXulk3a4xwLJzALzorYZfXP3LzR6hfunVTFDxF5zA453Ig-aoSyMGLHVGkpYpSoc4t2ga209vmvA74JaZD1Jn9MhIW4K2GEO9dp044TLUcpEsFIgKWA92EDaRJ9y45BPODA5rK5Q9kkWo-2_s_QT8ZxJIABow%26cry%3D1%26dbm_d%3DAKAmf-DFEFvnvamjKKCiEnq5p2H_SSijH-mO-70TeGkvplYKyATRys8rKrXXjurrwYmXdRdtNYj3_Gx0Pve9aC8BwL-wwn9hmVmrlLBWSH4LQ6V0tEnoOkthmutuBccE33bfqYs1bemb3LbSt8-t357vFLInJzzVYqCwhxnIx2tV_E-NvK0rDBaX2wY-AlJUAUQYrXTXkxfUQV5s1TFz_8mwbIWOG0WPgx88--kdzERPsQm6pqDQybaZp35r7xe1qBAvKkjjHNNKoWWsMGN3RtKCF6alQ5119Ejr3hlOuIs1FJycCncFIlh1m8kWcqtSSsP_L-8GSpxNOUWT6XRbZadoXEDVqdvmGwgmPQkXyK1jbdA7kZaJZal-u17F_9ZwtgQPdJono_3Df05xXEDloBaV2pv8ukc5NMQn33cUBa7_XHemQwVLauKYdIZ3tP9MrJ_ltnzGEHbf72KXONEsXGnlS04ddvMEy4CFEc1KjGzhXvHoZOIkJisMm8aAIp12NcH5Z9GQbxsuCf-cJXF8FLoeUKyhOS4rVD6uTO44dgjPZqc-FIFqSFezS5_eiaSSxz2Lv0TnHxr2Hv3-ct3kbgDNJsaoJhpchw%26adurl%3D&documentReferer=https%3A%2F%2F796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=2310606206701&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 HTTP/1.1
Host: hal900025.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=f7409c89236f38cd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:39:25 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 09 Dec 2022 15:39:25 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=f7409c89236f38cd; expires=Thu, 09-Mar-2023 15:39:25 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
X-NEORY-SubId: 38799200085060004438336012168025
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 513
Connection: close
Content-Type: application/x-javascript; charset=utf-8
cdn.bitmovin.com/player/web/8/bitmovinplayer.js
104.16.9.58200 OK 647 kB URL HTTP/2 cdn.bitmovin.com/player/web/8/bitmovinplayer.js
IP 104.16.9.58:0
File type Unicode text, UTF-8 text, with very long lines (32000)
Size 647 kB (647115 bytes)
Hash dfd0edc06efdb1e6451a297cac522547
50bde795f1d8b3887c0cb25f121bf7c74baec055
4793464d8b35918f5cb09b96fa61f239ed47c21f75d560e3e74f9be19f2ab949
GET /player/web/8/bitmovinplayer.js HTTP/1.1
Host: cdn.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://koora--live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:25 GMT
content-type: application/javascript; charset=utf-8
x-guploader-uploadid: ADPycdvWc3HqEJHiRHqzt7nZaZZJu-Svb8JgvTPQ_AuQu6diikSr0UjISh-79aXCj5qCbN4T19D41yzU0ODnMR2SIvQhjg
x-goog-generation: 1670322162820011
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2215003
x-goog-meta-bitmovinplayerversion: 8.99.0
x-goog-hash: crc32c=17kreg==, md5=pLnNjKEEl884Kg6hAfkZOw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Fri, 09 Dec 2022 19:39:25 GMT
cache-control: public, max-age=14400
last-modified: Tue, 06 Dec 2022 10:22:42 GMT
etag: W/"a4b9cd8ca10497cf382a0ea101f9193b"
cf-cache-status: HIT
age: 77093
vary: Accept-Encoding
x-robots-tag: noindex
server: cloudflare
cf-ray: 776ed55c8f35b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.bitmovin.com/player/web/8/bitmovinplayer-ui.js
104.16.9.58200 OK 44 kB URL HTTP/2 cdn.bitmovin.com/player/web/8/bitmovinplayer-ui.js
IP 104.16.9.58:0
File type ASCII text, with very long lines (31999)
Hash c64c7083b30fa48a848467710ae0334f
25ec7cb534bad1f58f586a85df1e427620bd5e3b
ad277d938dd25656f50bb7c3d0b7620d647df4c9d770899f1e5c84fedf9ad088
GET /player/web/8/bitmovinplayer-ui.js HTTP/1.1
Host: cdn.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://koora--live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:26 GMT
content-type: application/javascript; charset=utf-8
x-guploader-uploadid: ADPycdt3xR_QXbz9SWLF6CaRkCdw9tijCoUzFxPCdG-Qwdr1tSUbz8sxsPAHTESIFSUT8j54_ZRhgIc3OzJ59gigJW-5Nw
x-goog-generation: 1670322161851286
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 242248
x-goog-meta-bitmovinplayerversion: 8.99.0
x-goog-hash: crc32c=fGag4g==, md5=5hBLerSlrMQNYKSMd936ng==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Fri, 09 Dec 2022 19:39:26 GMT
cache-control: public, max-age=14400
last-modified: Tue, 06 Dec 2022 10:22:41 GMT
etag: W/"e6104b7ab4a5acc40d60a48c77ddfa9e"
cf-cache-status: HIT
age: 77092
vary: Accept-Encoding
x-robots-tag: noindex
server: cloudflare
cf-ray: 776ed5611d21b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
hal900030.redintelligence.net/request_content.php?s=81893400075287204438336012168030&a=ab0c0f22
136.243.149.243200 OK 1.4 kB URL HTTP/1.1 hal900030.redintelligence.net/request_content.php?s=81893400075287204438336012168030&a=ab0c0f22
IP 136.243.149.243:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 60af721b20a9fd9640ae5220e8935298
ca261c3e9fc2aa3bdb1d2cb1c24fb9bccfda606f
9c5e3b92001c506ce181bcfcfec7e52e8cb38cdb7e46e6d096aa49737af641bd
GET /request_content.php?s=81893400075287204438336012168030&a=ab0c0f22 HTTP/1.1
Host: hal900030.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Cookie: 8lcfmzhxc8d6_uid=f7409c89236f38cd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:39:26 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 09 Dec 2022 15:39:26 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1413
Connection: close
Content-Type: text/html; charset=utf-8
hal900025.redintelligence.net/request_content.php?s=38799200085060004438336012168025&a=59f0f236
138.201.84.245200 OK 1.4 kB URL HTTP/1.1 hal900025.redintelligence.net/request_content.php?s=38799200085060004438336012168025&a=59f0f236
IP 138.201.84.245:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash e5c4e3a2e22fea8f3326bb15639c8c77
a0e14e7d718453a723c66c19d1f42eddfe80ae18
531f3fa36572d760505fffc45ed2ed1346871602bd3eb07ca9174d9c7a74352f
GET /request_content.php?s=38799200085060004438336012168025&a=59f0f236 HTTP/1.1
Host: hal900025.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://796d866f73ee74acc0f29c3f60544c4b.safeframe.googlesyndication.com/
Cookie: 8lcfmzhxc8d6_uid=f7409c89236f38cd
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:39:26 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 09 Dec 2022 15:39:26 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1413
Connection: close
Content-Type: text/html; charset=utf-8
cdn.bitmovin.com/player/web/8/bitmovinplayer-ui.css
104.16.9.58200 OK 14 kB URL HTTP/2 cdn.bitmovin.com/player/web/8/bitmovinplayer-ui.css
IP 104.16.9.58:0
File type ASCII text, with very long lines (63828)
Hash cefbceed0890ca1bb2ad9ee400b51c6c
365c1164a39e5e1eb7fb9ac32683adf6cc10ceed
fba2159a700360d9ed987c1f4aaa7d222fdd68413d1d04b5f426d1a784e1531d
GET /player/web/8/bitmovinplayer-ui.css HTTP/1.1
Host: cdn.bitmovin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://koora--live.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:26 GMT
content-type: text/css; charset=utf-8
x-guploader-uploadid: ADPycduiHC07G9rxM_pS5z0ypbrSbjSnCPWvlWsT6tzMGO6Zf5wNdDGkInayxyUrg5nrOoHyNz8LZJO1PjUpSi-ZE9PyEw
x-goog-generation: 1670322161675743
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 116987
x-goog-meta-bitmovinplayerversion: 8.99.0
x-goog-hash: crc32c=d5tqgA==, md5=hc93mAckz4l2g+TpBgVFeA==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *
expires: Fri, 09 Dec 2022 19:39:26 GMT
cache-control: public, max-age=14400
last-modified: Tue, 06 Dec 2022 10:22:41 GMT
etag: W/"85cf77980724cf897683e4e906054578"
cf-cache-status: HIT
age: 77094
vary: Accept-Encoding
x-robots-tag: noindex
server: cloudflare
cf-ray: 776ed5611d20b4f7-OSL
content-encoding: br
X-Firefox-Spdy: h2
hal900025.redintelligence.net/viewability?s=38799200085060004438336012168025&a=2b7f396d&vb=m
138.201.84.245200 OK 0 B URL HTTP/1.1 hal900025.redintelligence.net/viewability?s=38799200085060004438336012168025&a=2b7f396d&vb=m
IP 138.201.84.245:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=38799200085060004438336012168025&a=2b7f396d&vb=m HTTP/1.1
Host: hal900025.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900025.redintelligence.net/request_content.php?s=38799200085060004438336012168025&a=59f0f236
Cookie: 8lcfmzhxc8d6_uid=f7409c89236f38cd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:39:26 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1670600364046-967178969507-006345-009-002829&key=57c7f31b15a75f3d399b017f00a28031
34.192.116.159200 OK 0 B URL HTTP/2 servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1670600364046-967178969507-006345-009-002829&key=57c7f31b15a75f3d399b017f00a28031
IP 34.192.116.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=133&auid=1670600364046-967178969507-006345-009-002829&key=57c7f31b15a75f3d399b017f00a28031 HTTP/1.1
Host: servs.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vid.vidoomy.com/
Cookie: aniC=; 2_C_200=OPTOUT; 2_C_200=OPTOUT
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:26 GMT
content-length: 0
X-Firefox-Spdy: h2
cdn.contentspread.net/24i/content/soberfb/EN/S-970x250.gif
88.99.70.21200 OK 87 kB URL HTTP/1.1 cdn.contentspread.net/24i/content/soberfb/EN/S-970x250.gif
IP 88.99.70.21:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 970 x 250\012- data
Hash 0e28e66e2adf8c90c21d5be5fb9e6fa6
1a0381040dccb97e0cbdd872d1a83b84356b9132
b597da368fd908257c568452ca805b3fb9023d6ad26b7675c5afc1fffb46fea9
GET /24i/content/soberfb/EN/S-970x250.gif HTTP/1.1
Host: cdn.contentspread.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900030.redintelligence.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 15:39:26 GMT
Content-Type: image/gif
Content-Length: 86664
Last-Modified: Mon, 23 Jul 2018 15:20:13 GMT
Connection: close
ETag: "5b55f22d-15288"
Accept-Ranges: bytes
kooralive5655-kooralive5655.preview-usea.channel.media.azure.net/b42e2f82-9c18-4a68-a3ea-a4cb1d43126c/preview.ism/manifest(format=m3u8-cmaf)
52.151.231.193200 OK 404 B URL HTTP/2 kooralive5655-kooralive5655.preview-usea.channel.media.azure.net/b42e2f82-9c18-4a68-a3ea-a4cb1d43126c/preview.ism/manifest(format=m3u8-cmaf)
IP 52.151.231.193:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type M3U playlist, ASCII text, with CRLF line terminators
Hash a3c5257d95fc16414c27ca539a237b88
d05eac25b1daccccf74c5261184c6e0170f8cf9a
eb0f82b434f228de00f6db800272e830657937cb3694e6fe1dd23c5fc2e24c45
GET /b42e2f82-9c18-4a68-a3ea-a4cb1d43126c/preview.ism/manifest(format=m3u8-cmaf) HTTP/1.1
Host: kooralive5655-kooralive5655.preview-usea.channel.media.azure.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://koora--live.com
Connection: keep-alive
Referer: https://koora--live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-store, max-age=0
pragma: IISMS/6.0,IIS Media Services Premium by Microsoft
content-type: application/vnd.apple.mpegurl
content-encoding: gzip
etag: "109900816lv"
vary: Accept-Encoding
server: Microsoft-IIS/10.0 IISMS/6.0
x-ms-streaming-duration: 0
x-content-type-options: nosniff
access-control-allow-origin: *
date: Fri, 09 Dec 2022 15:39:26 GMT
content-length: 404
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
216.58.207.234200 OK 127 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (2791)
Size 127 kB (126815 bytes)
Hash e6ce6730b0e7cfe4cc995926ca00e5b9
78a31d1c17bce48b0fc1ffe4580166fc9d21de25
263312f99ed53981d3f885c3af5e34d0b579f55718f8e8352f9431bc437fb225
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126815
date: Fri, 09 Dec 2022 15:39:27 GMT
expires: Fri, 09 Dec 2022 15:39:27 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5cba4e1962a1fe17c9021f3e418975a
01293d7e4084011451f7d17936ab2427504cdb1a
ecfe30d3abc32ca9f933303d75b2055642d3c7c8197af08fe2c314394699594b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 6ab4e267531a30f45c92072d4a6fabf1
a25d5a8ed2eb9ed418e9af1c654c40ea68d58f7e
70b9d70c4fce807d0005fab8eb12f8fc1ef5f5b63341e84a34041bdaba2f57ba
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 09 Dec 2022 15:39:27 GMT
date: Fri, 09 Dec 2022 15:39:27 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-QcOc99ojRCIO3rXUQWaHAA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
id5-sync.com/api/config/prebid
162.19.138.82200 135 B URL HTTP/1.1 id5-sync.com/api/config/prebid
IP 162.19.138.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7ca7b3331fb6b456790a4ded5f338eb1
8746eabba2adba31d29cc08b8d8edc54bb51a9f1
91d9858a3fbbbbb194b1de253ee64efccf4524e1f7289276deb4be8607995973
POST /api/config/prebid HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 121
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://1kora.koooora-live.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Fri, 09 Dec 2022 15:39:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 209db360df4b336bf8214ab153588cd2
79dc9b8dabca3ce1ec609e1cdc2c72df672340cc
e4aee081d074b9c2a8ae63c233f559d47ee3ad832e4a569594314d6e8b4ab33c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4AEE081D074B9C2A8AE63C233F559D47EE3AD832E4A569594314D6E8B4AB33C"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10094
Expires: Fri, 09 Dec 2022 18:27:42 GMT
Date: Fri, 09 Dec 2022 15:39:28 GMT
Connection: keep-alive
lb.eu-1-id5-sync.com/lb/v1
162.19.138.83200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 162.19.138.83:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 87cc3ba3b778641c21e1db4bbdd10a38
91a5c3bc90feb1b5f58898a299a1f284fa59eafa
da55c9090628d698669b6899b7d6e6164d35a4febc1d06f086b1c939ff02d657
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://1kora.koooora-live.com
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Fri, 09 Dec 2022 15:39:27 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
hal900025.redintelligence.net/viewability?s=38799200085060004438336012168025&a=2b7f396d&vb=v
138.201.84.245200 OK 0 B URL HTTP/1.1 hal900025.redintelligence.net/viewability?s=38799200085060004438336012168025&a=2b7f396d&vb=v
IP 138.201.84.245:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=38799200085060004438336012168025&a=2b7f396d&vb=v HTTP/1.1
Host: hal900025.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900025.redintelligence.net/request_content.php?s=38799200085060004438336012168025&a=59f0f236
Cookie: 8lcfmzhxc8d6_uid=f7409c89236f38cd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 15:39:28 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
servt.modoro360.com/track?d=Firefox&cou=NO&cos=Windows&r=1kora.koooora-live.com&rs=1kora.koooora-live.com&sid=57537&t=1670600364&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=600&he=338&app=&AV_PUBLISHERID=6301deeaa893c81325025604&test=&d64=3d35f9af7c29827ebee6064c1d8cc394&d63=3d35f9af7c29827ebee6064c1d8cc394&aafaid=&proto=https&uid=1670600364046-967178969507-006345-009-002829&cha=0.7&stagid=63033820c522981be045eb94&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.66&cb=58329292958&d39=&d65=Test1&d66=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=600&AV_HEIGHT=338
34.195.251.147200 OK 254 B URL HTTP/2 servt.modoro360.com/track?d=Firefox&cou=NO&cos=Windows&r=1kora.koooora-live.com&rs=1kora.koooora-live.com&sid=57537&t=1670600364&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=600&he=338&app=&AV_PUBLISHERID=6301deeaa893c81325025604&test=&d64=3d35f9af7c29827ebee6064c1d8cc394&d63=3d35f9af7c29827ebee6064c1d8cc394&aafaid=&proto=https&uid=1670600364046-967178969507-006345-009-002829&cha=0.7&stagid=63033820c522981be045eb94&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.66&cb=58329292958&d39=&d65=Test1&d66=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=600&AV_HEIGHT=338
IP 34.195.251.147:0
Hash 5b88f82c317551e904c1c6148632fde3
380d5466a64fc48b65e80fd296a3c9528e090922
e2b72d14201b6215f58ae6c5109e43ccd613bb01f77671f5d758f1e0e3ea89a5
POST /track?d=Firefox&cou=NO&cos=Windows&r=1kora.koooora-live.com&rs=1kora.koooora-live.com&sid=57537&t=1670600364&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=600&he=338&app=&AV_PUBLISHERID=6301deeaa893c81325025604&test=&d64=3d35f9af7c29827ebee6064c1d8cc394&d63=3d35f9af7c29827ebee6064c1d8cc394&aafaid=&proto=https&uid=1670600364046-967178969507-006345-009-002829&cha=0.7&stagid=63033820c522981be045eb94&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.66&cb=58329292958&d39=&d65=Test1&d66=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=600&AV_HEIGHT=338 HTTP/1.1
Host: servt.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2961
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Cookie: aniC=; 2_C_200=OPTOUT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:28 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
id5-sync.com/g/v2/371.json
162.19.138.82200 216 B URL HTTP/1.1 id5-sync.com/g/v2/371.json
IP 162.19.138.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e7dfab7d6577295e5685a086b696ca08
c974ee38f2605892af75b3211b12cf6a70f33a24
8ea7e110b5e7afae7ad87a6337fd65dce98ed46cf5e314268d533e30b7cef4eb
POST /g/v2/371.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 331
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://1kora.koooora-live.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Fri, 09 Dec 2022 15:39:28 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x.bidswitch.net/sync?ssp=vidoomy
3.64.108.88302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=vidoomy
IP 3.64.108.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=vidoomy HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 09 Dec 2022 15:39:29 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=8af5763f-cea5-4a36-8bf5-8857d50aa547; path=/; expires=Sat, 09-Dec-2023 15:39:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670600369; path=/; expires=Sat, 09-Dec-2023 15:39:29 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1670600369; path=/; expires=Sat, 09-Dec-2023 15:39:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670600369; path=/; expires=Sat, 09-Dec-2023 15:39:29 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/sync?ssp=themediagrid
3.64.108.88302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=themediagrid
IP 3.64.108.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=themediagrid HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 09 Dec 2022 15:39:29 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=1ad184a3-1652-487f-a20f-8d05abaf9e39; path=/; expires=Sat, 09-Dec-2023 15:39:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670600369; path=/; expires=Sat, 09-Dec-2023 15:39:29 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1670600369; path=/; expires=Sat, 09-Dec-2023 15:39:29 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670600369; path=/; expires=Sat, 09-Dec-2023 15:39:29 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58531/occ?gdpr=0&gdpr_consent= HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Fri, 09 Dec 2022 15:39:29 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBLFWk2MCEOtQLRk1cruskZ-ypNkfZyEFEgEBAQGolGOdYwAAAAAA_eMAAA&S=AQAAAnJYfwDeExmiN2DQesDCcQY; Expires=Sat, 9 Dec 2023 21:39:29 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ec57c766a1bd090447224d24962f0305
02d811ef229500bf8e6f00f7b8ec5d11d81440ed
54250b5f477ba570a13e01d51695339e0e628ad70e223904889915ebba78198d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4852
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:29 GMT
Last-Modified: Fri, 09 Dec 2022 14:18:37 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4932475f17ad40e968f4dfe94856b55a
e277617c6ffa6e2847e0fe240f484910a543ce6a
f7b75b3e73bd550172d49b201679906b293852af33a56213f5bac076a4309288
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5778
Cache-Control: max-age=141324
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 15:39:29 GMT
Etag: "6392c52b-1d7"
Expires: Sun, 11 Dec 2022 06:54:53 GMT
Last-Modified: Fri, 09 Dec 2022 05:18:35 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash ab4e3693379f7e8133d208d04a6668d8
bb484d4c8fdb48e97f656d3e09cdafce7651c107
86144e450442a5567db0690c0f45880201e1ec527eea58118653796d98628e84
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 09 Dec 2022 15:39:29 GMT
Last-Modified: Fri, 09 Dec 2022 14:05:01 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8stxNzvXj0cfovurHEhuvCdkcKO_T881vAn-oKloBobUG-H9qT7-pw==
Age: 5668
cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
37.157.5.142200 OK 43 B URL HTTP/2 cm.adform.net/cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
IP 37.157.5.142:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /cookie?redirect_url=https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadf%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 15:39:29 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
185.89.210.46307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fa-prebid.vidoomy.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Fri, 09 Dec 2022 15:39:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
AN-X-Request-Uuid: 39a987fd-0a8c-4577-996b-d6c69f87e161
Set-Cookie: uuid2=9186552729216903190; SameSite=None; Path=/; Max-Age=7776000; Expires=Thu, 09-Mar-2023 15:39:29 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
98.98.134.241302 Found 0 B URL HTTP/2 pixel-sync.sitescout.com/dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
IP 98.98.134.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/pixelSync?nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
set-cookie: ssi=f229ff80-eba4-4c30-9a2d-de9051dece39#1670600369203; Domain=.sitescout.com; Expires=Sat, 09-Dec-2023 15:39:29 GMT; Path=/; Secure; SameSite=None
location: https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
content-length: 0
date: Fri, 09 Dec 2022 15:39:28 GMT
server: AC1.1
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?ssp=themediagrid
3.64.108.88200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=themediagrid
IP 3.64.108.88:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=themediagrid HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1kora.koooora-live.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:29 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?ssp=vidoomy
3.64.108.88200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=vidoomy
IP 3.64.108.88:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=vidoomy HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1kora.koooora-live.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:29 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
185.89.210.46302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fa-prebid.vidoomy.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1kora.koooora-live.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Fri, 09 Dec 2022 15:39:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=0
AN-X-Request-Uuid: ade756f1-d688-4f8f-8f7d-aca670192696
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58531/occ?gdpr=0&gdpr_consent=&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58531/occ?gdpr=0&gdpr_consent=&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1kora.koooora-live.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 09 Dec 2022 15:39:29 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBLFWk2MCENw9fb0mrduIasxGWWAyT-IFEgEBAQGolGOdYwAAAAAA_eMAAA&S=AQAAArlkt8MBlIwTENUCQ7jnkaE; Expires=Sat, 9 Dec 2023 21:39:29 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
98.98.134.241204 No Content 0 B URL HTTP/2 pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D
IP 98.98.134.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dmp/pixelSync?cookieQ=1&nid=120&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fcookie%3Fi%3DCEN%26uid%3D%7BuserId%7D HTTP/1.1
Host: pixel-sync.sitescout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1kora.koooora-live.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Fri, 09 Dec 2022 15:39:28 GMT
server: AC1.1
X-Firefox-Spdy: h2
id.hadron.ad.gt/api/v1/pbhid?partner_id=239&_it=prebid
34.223.137.203200 OK 95 B URL HTTP/2 id.hadron.ad.gt/api/v1/pbhid?partner_id=239&_it=prebid
IP 34.223.137.203:0
File type JSON data\012- , ASCII text
Hash c966c9aef96271baef167c8c3d4997d4
db990f564f5abed63decb7deea8d9b6b3985b31c
30d5f4b9c778ae79130a9b0ad223ec09ea2f63f61a71223befe310fb5f74ca8e
GET /api/v1/pbhid?partner_id=239&_it=prebid HTTP/1.1
Host: id.hadron.ad.gt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:29 GMT
content-type: application/json
server: nginx/1.20.0
access-control-allow-origin: https://1kora.koooora-live.com
access-control-allow-credentials: true
vary: Origin
content-encoding: gzip
X-Firefox-Spdy: h2
a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=0
18.185.205.29200 OK 0 B URL HTTP/2 a-prebid.vidoomy.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=0
IP 18.185.205.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=0 HTTP/1.1
Host: a-prebid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1kora.koooora-live.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:29 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: uids=eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiIwIiwiZXhwaXJlcyI6IjIwMjItMTItMjNUMTU6Mzk6MjkuNzYyNDU2ODQzWiJ9fSwiYmRheSI6IjIwMjItMTItMDlUMTU6Mzk6MjkuNzYyNDU0NzUyWiJ9; Path=/; Domain=vidoomy.com; Expires=Thu, 09 Mar 2023 15:39:29 GMT
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
grid.bidswitch.net/adv?auid=375282&u=https%3A%2F%2F1kora.koooora-live.com%2F2022%2F12%2Fcroatia-vs-brazil.html&r=1670600364&gdpr=1&gdpr_consent=&bf=2.25&cbb=600369095
52.28.173.150200 OK 60 B URL HTTP/2 grid.bidswitch.net/adv?auid=375282&u=https%3A%2F%2F1kora.koooora-live.com%2F2022%2F12%2Fcroatia-vs-brazil.html&r=1670600364&gdpr=1&gdpr_consent=&bf=2.25&cbb=600369095
IP 52.28.173.150:0
File type XML 1.0 document text\012- XML document, ASCII text
Hash 7814809ea4638c1ddbe3e1cebd8527a8
172c61d6fa135d1ecd783b39fc38a4a37720f2a9
d43319f37d6149f84a8b1c661b446b080d4ce518e7ead74776de1252cabbf3f1
GET /adv?auid=375282&u=https%3A%2F%2F1kora.koooora-live.com%2F2022%2F12%2Fcroatia-vs-brazil.html&r=1670600364&gdpr=1&gdpr_consent=&bf=2.25&cbb=600369095 HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1kora.koooora-live.com/
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:30 GMT
content-type: text/xml; charset=UTF-8;
content-length: 60
access-control-allow-origin: https://1kora.koooora-live.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Firefox-Spdy: h2
d.vidoomy.com/api/rtbserver/prebid/?id=15013&adtype=video&auc=630336c8a7daf57186436eb5%7C6188f6fc4071e35134085f46%7C63690555af49f23bb214a994&w=600&h=338&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&l=en&dt=1&pid=62133&requestId=8a27a096b867d68&schain=%5Bobject%20Object%5D&bidfloor=0&d=koooora-live.com&sp=https%253A%252F%252F1kora.koooora-live.com%252F2022%252F12%252Fcroatia-vs-brazil.html&usp=&coppa=false&videoContext=instream
18.185.205.29204 No Content 0 B URL HTTP/2 d.vidoomy.com/api/rtbserver/prebid/?id=15013&adtype=video&auc=630336c8a7daf57186436eb5%7C6188f6fc4071e35134085f46%7C63690555af49f23bb214a994&w=600&h=338&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&l=en&dt=1&pid=62133&requestId=8a27a096b867d68&schain=%5Bobject%20Object%5D&bidfloor=0&d=koooora-live.com&sp=https%253A%252F%252F1kora.koooora-live.com%252F2022%252F12%252Fcroatia-vs-brazil.html&usp=&coppa=false&videoContext=instream
IP 18.185.205.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/rtbserver/prebid/?id=15013&adtype=video&auc=630336c8a7daf57186436eb5%7C6188f6fc4071e35134085f46%7C63690555af49f23bb214a994&w=600&h=338&pos=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&l=en&dt=1&pid=62133&requestId=8a27a096b867d68&schain=%5Bobject%20Object%5D&bidfloor=0&d=koooora-live.com&sp=https%253A%252F%252F1kora.koooora-live.com%252F2022%252F12%252Fcroatia-vs-brazil.html&usp=&coppa=false&videoContext=instream HTTP/1.1
Host: d.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 09 Dec 2022 15:39:30 GMT
access-control-allow-origin: https://1kora.koooora-live.com
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
X-Firefox-Spdy: h2
grid.bidswitch.net/hbjson
52.28.173.150200 OK 49 B URL HTTP/2 grid.bidswitch.net/hbjson
IP 52.28.173.150:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9b91b1c3649a6cd93e2a1f74eb933c3c
4e7e184d508a0b11e1bf54366a3d0906e579eb9b
e45711e1d3817a55ff46464c530fb82ec3913ee0f291701e382df717e6e7b00d
POST /hbjson HTTP/1.1
Host: grid.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 793
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:30 GMT
content-type: application/json
content-length: 49
access-control-allow-credentials: true
access-control-allow-origin: https://1kora.koooora-live.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
X-Firefox-Spdy: h2
servt.modoro360.com/track?d=Firefox&cou=NO&cos=Windows&r=1kora.koooora-live.com&rs=1kora.koooora-live.com&sid=57537&t=1670600364&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=600&he=338&app=&AV_PUBLISHERID=6301deeaa893c81325025604&test=&d64=3d35f9af7c29827ebee6064c1d8cc394&d63=3d35f9af7c29827ebee6064c1d8cc394&aafaid=&proto=https&uid=1670600364046-967178969507-006345-009-002829&cha=0.7&stagid=63033820c522981be045eb94&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.66&cb=58329292958&d39=&d65=Test1&d66=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=600&AV_HEIGHT=338
34.195.251.147200 OK 0 B URL HTTP/2 servt.modoro360.com/track?d=Firefox&cou=NO&cos=Windows&r=1kora.koooora-live.com&rs=1kora.koooora-live.com&sid=57537&t=1670600364&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=600&he=338&app=&AV_PUBLISHERID=6301deeaa893c81325025604&test=&d64=3d35f9af7c29827ebee6064c1d8cc394&d63=3d35f9af7c29827ebee6064c1d8cc394&aafaid=&proto=https&uid=1670600364046-967178969507-006345-009-002829&cha=0.7&stagid=63033820c522981be045eb94&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.66&cb=58329292958&d39=&d65=Test1&d66=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=600&AV_HEIGHT=338
IP 34.195.251.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /track?d=Firefox&cou=NO&cos=Windows&r=1kora.koooora-live.com&rs=1kora.koooora-live.com&sid=57537&t=1670600364&cip=91.90.42.154&sn=&tgt=0&osv=10&bv=105.0&brn=Firefox&wi=600&he=338&app=&AV_PUBLISHERID=6301deeaa893c81325025604&test=&d64=3d35f9af7c29827ebee6064c1d8cc394&d63=3d35f9af7c29827ebee6064c1d8cc394&aafaid=&proto=https&uid=1670600364046-967178969507-006345-009-002829&cha=0.7&stagid=63033820c522981be045eb94&stplid=6192229fa59e3976bb4400aa&d35=&d36=6.2.66&cb=58329292958&d39=&d65=Test1&d66=&apppkg=&d9=1000&d37=realtime&AV_WIDTH=600&AV_HEIGHT=338 HTTP/1.1
Host: servt.modoro360.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3928
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Cookie: aniC=; 2_C_200=OPTOUT
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:30 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
X-Firefox-Spdy: h2
static.addtoany.com/menu/page.js
104.22.70.197200 OK 0 B URL HTTP/2 static.addtoany.com/menu/page.js
IP 104.22.70.197:0
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
age: 113389
etag: W/"c04-5ee0ab04c6251"
last-modified: Tue, 22 Nov 2022 08:09:18 GMT
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776ed54f3ff895de-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.addtoany.com/menu/modules/core.9b4ec89f.js
104.22.70.197200 OK 0 B URL HTTP/2 static.addtoany.com/menu/modules/core.9b4ec89f.js
IP 104.22.70.197:0
GET /menu/modules/core.9b4ec89f.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1kora.koooora-live.com
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:23 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000, immutable
cf-bgj: minify
access-control-allow-origin: *
age: 1495220
etag: W/"117a5-5ee0ab045ab91"
last-modified: Tue, 22 Nov 2022 08:09:17 GMT
vary: Accept-Encoding
via: e3s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776ed54fa8c695de-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%5BRX_UUID%5D
213.19.147.44302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%5BRX_UUID%5D
IP 213.19.147.44:0
GET /usersync2/rmpssp?sub=aniview&gdpr=1&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1670600364046-967178969507-006345-009-002829%26key%3D%5BRX_UUID%5D HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 09 Dec 2022 15:39:24 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=200&auid=1670600364046-967178969507-006345-009-002829&key=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
live.demand.supply/up.js
104.16.133.22200 OK 0 B IP 104.16.133.22:0
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:22 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 776ed54bad7cb4ee-OSL
age: 8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"42ed71e239cf5fa5936b3b6ee3955f83-ssl-df"
link: <https://live.demand.supply/impl.v16.2.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/MWtvcmEua29vb29yYS1saXZlLmNvbS8=>; rel=preload; as=script
set-cookie: demandSupplyTi=439ed8a3-7631-4cc1-8540-bae709b03c32; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=3910
timing-allow-origin: *
x-nf-request-id: 01GKP46NWNFRXQFV7R86WDKCAB
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/impl.v16.2.0.js
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/impl.v16.2.0.js
IP 104.16.133.22:0
GET /impl.v16.2.0.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Cookie: demandSupplyTi=439ed8a3-7631-4cc1-8540-bae709b03c32
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:22 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=74789
etag: W/"0883d7589918dbb1805bd4e3b3643444-ssl-df"
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01GJNAF97HYE12C3GRZGKRC5R5
cf-cache-status: HIT
age: 1289931
server: cloudflare
cf-ray: 776ed54c6e3db4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/p4/v16-2-0/MWtvcmEua29vb29yYS1saXZlLmNvbS8yMDIyLzEyL2Nyb2F0aWEtdnMtYnJhemlsLmh0bWw=
104.16.133.22200 OK 0 B URL HTTP/2 live.demand.supply/p4/v16-2-0/MWtvcmEua29vb29yYS1saXZlLmNvbS8yMDIyLzEyL2Nyb2F0aWEtdnMtYnJhemlsLmh0bWw=
IP 104.16.133.22:0
GET /p4/v16-2-0/MWtvcmEua29vb29yYS1saXZlLmNvbS8yMDIyLzEyL2Nyb2F0aWEtdnMtYnJhemlsLmh0bWw= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1kora.koooora-live.com/
Cookie: demandSupplyTi=439ed8a3-7631-4cc1-8540-bae709b03c32
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 15:39:22 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 776ed54c6e43b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2