r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 30c30d01178fc74ac5266ee64c3ee85b
c0c2af8a864c00aa85a8775d55f85ab107150a3b
c15644f69fbfeb99074c7e9711dfc9452ee164fa78eb981b6bae4fb7e3585f2a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C15644F69FBFEB99074C7E9711DFC9452EE164FA78EB981B6BAE4FB7E3585F2A"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16261
Expires: Sat, 19 Nov 2022 06:55:12 GMT
Date: Sat, 19 Nov 2022 02:24:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e7724a1f27dc1b5b2fb63c7e486f74db
ef0ea648ce8bc189d31382baec4b181c724af93b
2a46916079563d95fa6a695104ebf41829ee95a156d6e4d45b9aef7231a8a80e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A46916079563D95FA6A695104EBF41829EE95A156D6E4D45B9AEF7231A8A80E"
Last-Modified: Fri, 18 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4881
Expires: Sat, 19 Nov 2022 03:45:32 GMT
Date: Sat, 19 Nov 2022 02:24:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67f53a639d57dd6237b5be86fe4f6c1b
287f09532dc331228d09c20b75f4160e91e9800a
41913a8af366685c42af59e9d8e02fccedbe68a3313d2d9fe353deb0c1019075
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6486
Cache-Control: max-age=122102
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:11 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 12:19:13 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: kEIEgoY4Br+H8aUDs3N4QdkL1qgHB5oj9QCgRpz8l/lDPwWXAVcERw/s/+GiLvQleZc39AuDRWI=
x-amz-request-id: FH3VCKR5497SNK0E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 01:53:10 GMT
age: 1861
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 01:45:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2347
alt-svc: clear
X-Firefox-Spdy: h2
mail.kamilacrosbie.thats.im/~filxscum/D/H/L/6de416cfb705fb4ee9559522f2759aebc30b7e9cd4b06697e4386db80e2d92851ce82d6d2eb4d2c0c9a09e0628d/DHL/tracking2.php
172.99.150.5302 Moved Temporarily 145 B URL HTTP/1.1 mail.kamilacrosbie.thats.im/~filxscum/D/H/L/6de416cfb705fb4ee9559522f2759aebc30b7e9cd4b06697e4386db80e2d92851ce82d6d2eb4d2c0c9a09e0628d/DHL/tracking2.php
IP 172.99.150.5:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cb8aa599ce6e2e45603b7bc9db63a3e9
dff539a8ade83281ae505f50973327217582d4ec
6b01692d6af04a3801415ee9a5c33382e57ca14b55a4d91b54f04782b0d203a8
Analyzer Verdict Alert fortinet Phishing
GET /~filxscum/D/H/L/6de416cfb705fb4ee9559522f2759aebc30b7e9cd4b06697e4386db80e2d92851ce82d6d2eb4d2c0c9a09e0628d/DHL/tracking2.php HTTP/1.1
Host: mail.kamilacrosbie.thats.im
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.20.2
Date: Sat, 19 Nov 2022 02:24:11 GMT
Content-Type: text/html
Content-Length: 145
Connection: keep-alive
Location: http://mail.kamilacrosbie.thats.im/index.html
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 02:24:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mail.kamilacrosbie.thats.im/index.html
172.99.150.5200 OK 214 B URL HTTP/1.1 mail.kamilacrosbie.thats.im/index.html
IP 172.99.150.5:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 24fb7afb250a1a4ed8bfee331f699f95
ab20ba2bf78e82cc2ec34cd0355fafa5adcd2fc9
5bacdbe0371cfb24194baab7d45994539df7380fa326fe6089d6a8d7c8c93129
GET /index.html HTTP/1.1
Host: mail.kamilacrosbie.thats.im
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Sat, 19 Nov 2022 02:24:11 GMT
Content-Type: text/html
Content-Length: 214
Last-Modified: Tue, 22 Feb 2022 05:45:38 GMT
Connection: keep-alive
ETag: "62147882-d6"
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4682e9dd6a2a8094512f65ff58b4fc4c
36b10b389600bcbcae57fd395768d52cce61b047
c93ab504c0e29cc7fbf3b5e17f0a7403cf2c99695b634c09959683610b856a76
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6433
Cache-Control: max-age=127063
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:12 GMT
Etag: "63777283-139"
Expires: Sun, 20 Nov 2022 13:41:55 GMT
Last-Modified: Fri, 18 Nov 2022 11:54:43 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 01:44:49 GMT
cache-control: public,max-age=3600
age: 2363
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
t.co/1YJtCenvY3
104.244.42.197200 OK 189 B IP 104.244.42.197:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 1f8304f6f8d12ec7899fe20a22b16f36
5db3e4be90c83fffacc57c743e883fcb04fa7f28
7610bb5ef38c5d5dabb706e25ba33fff2877bd5efc5e15847d89a0131a2e78c3
GET /1YJtCenvY3 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:11 GMT
perf: 7626143928
vary: Origin
server: tsa_o
expires: Sat, 19 Nov 2022 02:29:12 GMT
set-cookie: muc=dc4cd79b-b806-4e25-b905-8edcabd101fa; Max-Age=34214400; Expires=Wed, 20 Dec 2023 02:24:12 GMT; Domain=t.co; Secure; SameSite=None
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 189
content-encoding: gzip
x-transaction-id: 43495b4bf60a0b2b
x-xss-protection: 0
strict-transport-security: max-age=0
x-response-time: 107
x-connection-hash: d5a12bea73ed1490e83ec49294b8c130783f3654ac892554740e4c44949b57f2
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fe40cc6ea871d80382b6082111393fbe
281f75d0a35dc8ef908bb0500e57abd86bd5388e
6d15422cdf7a6d72d06497188f27af893682314e82ac8a189a0ee2d798cb62d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4792
Cache-Control: max-age=115356
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:12 GMT
Etag: "63774b30-1d7"
Expires: Sun, 20 Nov 2022 10:26:48 GMT
Last-Modified: Fri, 18 Nov 2022 09:06:56 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
t.co/favicon.ico
104.244.42.197200 OK 1.2 kB IP 104.244.42.197:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 630d203cdeba06df4c0e289c8c8094f6
eee14e8a36b0512c12ba26c0516b4553618dea36
bbce71345828a27c5572637dbe88a3dd1e065266066600c8a841985588bf2902
GET /favicon.ico HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.co/1YJtCenvY3
Cookie: muc=dc4cd79b-b806-4e25-b905-8edcabd101fa
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:12 UTC
perf: 7626143928
server: tsa_o
content-type: image/x-icon
cache-control: no-cache, no-store, max-age=0
content-length: 1150
x-transaction-id: 297b844f4492c2f8
strict-transport-security: max-age=0
x-response-time: 106
x-connection-hash: d5a12bea73ed1490e83ec49294b8c130783f3654ac892554740e4c44949b57f2
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 29dcd8e28a533d33bd1bfbaa9dc4a415
616cb9982e97173502199f8c08f176b2a4a7037d
499c71f06c777a4abcaecd5da653a575da9a8bbb295f58bffc52097b335f6c93
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:12 GMT
Server: ECS (amb/6B8F)
Content-Length: 280
push.services.mozilla.com/
35.160.97.225101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.97.225:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 78jm0Tp6c58z3urEH6+mrA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /blPu1OQLT4G30J1vgiE40yim84=
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googiehost.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:12 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 641761
expires: Thu, 09 Nov 2023 02:24:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arucmEMEqY0kIN2GXTrXN8Ne%2FA0FAec%2B07z7Z0XA2sxk3o1kcDhdDrcdKIcJ33NmwH48qXE%2BA4gww6dmy%2BOyaYJz5vjr38n85G1pikw95NaXDVoVMinFPmSNT7vshOu5gsFrfBs6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76c57d0108f7b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 29dcd8e28a533d33bd1bfbaa9dc4a415
616cb9982e97173502199f8c08f176b2a4a7037d
499c71f06c777a4abcaecd5da653a575da9a8bbb295f58bffc52097b335f6c93
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:13 GMT
Etag: "63774446-118"
Server: ECS (amb/6BAE)
Content-Length: 280
googiehost.com/js/include-html.min.js
172.66.42.236200 OK 433 B URL HTTP/2 googiehost.com/js/include-html.min.js
IP 172.66.42.236:0
File type ASCII text, with no line terminators
Hash 23975cecd1097abd30b980fc232a4dc9
e9a777231cc0fa46e8cf49397ab035e0e66407f9
04f1439e528bf0316a19492c3bbd9d34b3a676f330a38648f16bf619c89d47e9
GET /js/include-html.min.js HTTP/1.1
Host: googiehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/freewordpresshosting.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=43200
expires: Sat, 19 Nov 2022 08:52:10 GMT
etag: W/"ed-608fd666-1c0a04;gz"
last-modified: Mon, 03 May 2021 10:54:30 GMT
x-turbo-charged-by: LiteSpeed
vary: Accept-Encoding
cf-cache-status: HIT
age: 19923
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mnYbS52BXmEn9tdDdILg%2BKLspCvF2CGtl88ECkjyh8USVLMMe%2FNbFNEYY0zCsQu8oWPx4hU%2Fh%2BHUnAjWv%2Bub0I9DFe7x3yS949r9zjOpitfYEFNVV99HkD1sBarHFnm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c57d01d86ab50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4013df591f6594a909a0ff844436f4a4
227e8f031e0f2d3c7af02ee446b241b11058bba4
2bc312d353f38b0f59a8f6e494b6a57a8af34d552a1ea3d0b19ab6255f3cf273
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2BC312D353F38B0F59A8F6E494B6A57A8AF34D552A1EA3D0B19AB6255F3CF273"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3444
Expires: Sat, 19 Nov 2022 03:21:37 GMT
Date: Sat, 19 Nov 2022 02:24:13 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 16bbadb18616687351d4047aedc2ab45
979123c7ad6726befbbab2c07b50ecca31aa2d18
de8231c6ee426b7a76ebf574998dec11ce908efc0a745c2182fb7b61c5915e9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-3.6.0.slim.min.js
69.16.175.42200 OK 25 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.slim.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65241)
Hash ae3ffbb71d763d2a1ca869e4866b23ae
22723a163afd77efe96e92eaca712583612b3e73
29dda737fcaf96a8a4ea6d0dd66c6e379a4c98cf3374647388650ee6e48a462c
GET /jquery-3.6.0.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-encoding: gzip
content-length: 24587
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-11ab4"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1668824653.dop016.sk1.t,1668824653.cds220.sk1.hn,1668824653.cds258.sk1.c
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-54079021-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-54079021-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 4e8513958f87d6cd6018f9d9ac28ba5e
95059f4d578a5c5b73a921fc0c6cd40dc0c1f679
5a89adc6bd11e8b7b21690eeec5baf3781faf4bd75f5751957b948de61af1a45
GET /gtag/js?id=UA-54079021-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Nov 2022 02:24:13 GMT
expires: Sat, 19 Nov 2022 02:24:13 GMT
cache-control: private, max-age=900
last-modified: Sat, 19 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
104.16.57.101200 OK 6.6 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
IP 104.16.57.101:0
Hash 5bbafaae1a6da1e42160cb6bcc4a901d
ca0d6d538a8307539554c78e92d0b378fc4778b4
82b7ccab793a3042b46cc42dab5b51db3636caa7539c6e40b0077bf990800931
GET /beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c57d021e72b523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
googiehost.com/depends/wordpress-icons/unlimited.png
172.66.42.236200 OK 12 kB URL HTTP/2 googiehost.com/depends/wordpress-icons/unlimited.png
IP 172.66.42.236:0
File type PNG image data, 370 x 370, 8-bit/color RGBA, non-interlaced\012- data
Hash 6744b433049b0248cb3437b193578e47
dff3f80036ce0ffe72a73e3da2b79a6f34f3caab
4e0be8c0ccf764a4ea10f6bbab28f23b2ac5f846ecb0504c0ed170a36ac7e1c7
GET /depends/wordpress-icons/unlimited.png HTTP/1.1
Host: googiehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/freewordpresshosting.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: image/png
content-length: 12060
cache-control: public, max-age=43200
expires: Sat, 19 Nov 2022 14:24:13 GMT
etag: "2f1c-60de9e85-1e136a;;;"
last-modified: Fri, 02 Jul 2021 05:05:09 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2B4KczokYtSyTlJE%2F3BBBMQKU7lFBFxZjRwD6%2BwBjP4SKKvnxM9qT3Q%2FG8SIy%2FmrA7Lf6Zxs4QjT6ldTupXhwwLG0xnmKGAS46hV1aCNHTgxQ46e0d9IoqG0HirZDZJl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c57d01b851b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
googiehost.com/custom.css
172.66.42.236200 OK 22 kB URL HTTP/2 googiehost.com/custom.css
IP 172.66.42.236:0
File type ASCII text, with very long lines (5950), with no line terminators
Hash 7c4b582b7783e040ef5789f757b2ddeb
d9be36f43da37a45567e48477f90a339ecb7e112
9fac3483074fb962d93ddd0a0ca022ec5421f526814f5333a654227af1a7be1d
GET /custom.css HTTP/1.1
Host: googiehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/freewordpresshosting.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=7088
cache-control: public, max-age=43200
etag: W/"1bb0-6311ad9d-181253;gz"
expires: Sat, 19 Nov 2022 08:52:09 GMT
last-modified: Fri, 02 Sep 2022 07:15:41 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19924
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stueeWPQ64xRaUalH0QxJTiTHldOSLTfys%2FQ3qEbAarzUDybn439%2BAFllLvFiH7A6%2B93KCWyUjmCFNKKMgvFILo5Kaz%2BV7kdSsV41yghA4Qah8ahKJefaQGjjJku5SJL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c57d01a846b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
googiehost.com/depends/hero/wordpress-hero.svg
172.66.42.236200 OK 23 kB URL HTTP/2 googiehost.com/depends/hero/wordpress-hero.svg
IP 172.66.42.236:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 17c6efcf0f44c59f9390f80de440f699
0bc7a1791f739482f9a62cda5bf1c8e4dbe2e81d
32a1732dc3e03fc635a323435802a396bc2dd9481287020de42fc878f5c91aaa
GET /depends/hero/wordpress-hero.svg HTTP/1.1
Host: googiehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/freewordpresshosting.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: image/svg+xml
cache-control: public, max-age=43200
expires: Sat, 19 Nov 2022 14:24:13 GMT
etag: W/"1bc50-628daf8d-1e1332;gz"
last-modified: Wed, 25 May 2022 04:24:45 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khIxLIt8hZVTMswAz9QbcWoWS8yjT%2BqCts23K%2F3AeFj76uGW97reqShe91LRzuqKOb%2Bo%2BuljrToSjXoB7Jw4fYAItVNJ%2FTKG%2Bcun2gtNuVIAyDr7ZBEg7COlTPphweh4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c57d01b84db50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
googiehost.com/depends/wordpress-icons/turn.png
172.66.42.236200 OK 12 kB URL HTTP/2 googiehost.com/depends/wordpress-icons/turn.png
IP 172.66.42.236:0
File type PNG image data, 370 x 370, 8-bit/color RGBA, non-interlaced\012- data
Hash 8342b3afc7df41c27e82310746095b91
46656bfc42aeee235bf9f99585041a3ec1df28f6
44debd6264277690d60b64819e0393204c2c60d807177829caafff9cb0eea01e
GET /depends/wordpress-icons/turn.png HTTP/1.1
Host: googiehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/freewordpresshosting.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: image/png
content-length: 12001
cache-control: public, max-age=43200
expires: Sat, 19 Nov 2022 14:24:13 GMT
etag: "2ee1-60de9e59-1e1369;;;"
last-modified: Fri, 02 Jul 2021 05:04:25 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3aPHTkaGx5TYdfpEyDwW38uYD8fyb1w8xNYhFwQAxnVhbOx4Rg8KPf84HB%2F6s%2BjXT5v2TqiIshGg9a8dfuJRq2l8zGjtYUc0nn3qwo1twiwkBMof%2B%2FSlbV%2BC7rdUbrGp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c57d01b853b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
googiehost.com/depends/wordpress-icons/infinite.png
172.66.42.236200 OK 14 kB URL HTTP/2 googiehost.com/depends/wordpress-icons/infinite.png
IP 172.66.42.236:0
File type PNG image data, 370 x 370, 8-bit/color RGBA, non-interlaced\012- data
Hash 317998129bc37b5b0e7aa99861a6c988
ad23b1a4730f6a375fc026a2cf5dcd4933a8b283
941e967f124540e5dabff074ebaa60d9927196ffbb991a74ee904ddb69c8edbe
GET /depends/wordpress-icons/infinite.png HTTP/1.1
Host: googiehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/freewordpresshosting.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: image/png
content-length: 14006
cache-control: public, max-age=43200
expires: Sat, 19 Nov 2022 14:24:13 GMT
etag: "36b6-60de9eb1-1e1362;;;"
last-modified: Fri, 02 Jul 2021 05:05:53 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bce6m2wK%2BOZnTZxgYwodZ5gZYXCBRnMvjVAni8%2FM3Ezugbg23HxVaAoO8OKOV5KZhcoUKoOsnHBBBJC7rblRuvKCN6hzHP9wIJremESwmnYk19d%2FBDqqpfg15qqRIAp6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c57d01b84eb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
googiehost.com/depends/wordpress-icons/rank.png
172.66.42.236200 OK 13 kB URL HTTP/2 googiehost.com/depends/wordpress-icons/rank.png
IP 172.66.42.236:0
File type PNG image data, 370 x 370, 8-bit/color RGBA, non-interlaced\012- data
Hash fb284034bc9ae85ecfdeeba777a116e9
009d0d789059cf36a0acf7615ea950276a7dda86
f35045757d717dc48c42195f6006e314b1ac92aeefafc09414596a87bd7dde7c
GET /depends/wordpress-icons/rank.png HTTP/1.1
Host: googiehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/freewordpresshosting.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: image/png
content-length: 12701
cache-control: public, max-age=43200
expires: Sat, 19 Nov 2022 14:24:13 GMT
etag: "319d-60de9e19-1e1365;;;"
last-modified: Fri, 02 Jul 2021 05:03:21 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6BlWcdDtcYjnA1H362OBfgmceRhBcCCy0vEXmFTz7MnJjav9Hu87gXybs%2BNHeogDmBlwo9P%2BlyZmD6DLWfnJy2Gi6KWapURrjVQHnJ941f%2Fg9%2BGkBA1Rs%2FR%2FVqScKO7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c57d01b854b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.omappapi.com/app/js/api.min.js
194.242.11.186200 OK 102 kB URL HTTP/2 a.omappapi.com/app/js/api.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (65136), with no line terminators
Size 102 kB (102295 bytes)
Hash 672a7f23e6fb7485f113d82d859dacc6
6b2a74e02ad6f2df00f15e837b12ea6314d76774
29b936b55e886bc13fec0c53fe18c52ed5723c3766e03fe5163c00983868cec3
GET /app/js/api.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"0313c788ed5d091660b1f200ef09d9c4"
last-modified: Fri, 18 Nov 2022 22:08:29 GMT
perma-cache: MISS
x-amz-id-2: MshMUUt1jcn90bFbP5arbxPOpr2jwwz8wMV5DrhzF3QvQJB849rzjLgLlMhxomkxA+owVTvxQSQ=
x-amz-request-id: RC7KHK0K7RSPWNHA
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 22:08:38
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 23d531c09dcef150ab77046818715484
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
d.plerdy.com/public/js/click/main.js?v=0.6126448061266178
104.26.14.92200 OK 2.9 kB URL HTTP/2 d.plerdy.com/public/js/click/main.js?v=0.6126448061266178
IP 104.26.14.92:0
File type ASCII text, with very long lines (6388), with no line terminators
Hash 2374f6db3ace8dac6cec4fd5a35a29ee
79b9904a5ebc70e149903119259ac177630b4dcd
c2c1f1ba583b88470ff128c3049c8abc0c54da0d053e0742ba57dc4ad8743aa1
GET /public/js/click/main.js?v=0.6126448061266178 HTTP/1.1
Host: d.plerdy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 19:03:42 GMT
etag: W/"6376858e-18f4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26pydi7PB30kOwphMGxstXHIM1eV0gZ7B5WLSEHBgcUr%2FgN0gIAS5VQ6Hv%2BCW6fcoZJdMGTqaMG2T6Q5NM7yOLbvxRsR09ulDh9R39ZwNbPw7CxUG2iFkBKlGH9Q6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c57d03b8d9b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.omappapi.com/app/js/5.cadaa863.min.js
194.242.11.186200 OK 118 kB URL HTTP/2 a.omappapi.com/app/js/5.cadaa863.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (65176), with no line terminators
Size 118 kB (118037 bytes)
Hash c2ab228ae125d23430478f4e9dc02e10
86904c4dfa9e4dfa1ea4bcfa98aff9214a5b4dcb
5b795800be17a37e8527474fb80de6b23534bdd302b47d042e570af22e9c6f9b
GET /app/js/5.cadaa863.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"6373fca9-2509"
last-modified: Tue, 15 Nov 2022 20:55:05 GMT
cdn-storageserver: DE-169
cdn-requestpullsuccess: True
cdn-fileserver: 489
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 14:03:33
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 5d3cbff973e7fdffb60e75a0bf7b8012
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
googiehost.com/style_new.css
172.66.42.236200 OK 18 kB URL HTTP/2 googiehost.com/style_new.css
IP 172.66.42.236:0
File type ASCII text, with CRLF line terminators
Hash 20ef508db854ce8bd08d66fe5d8bd669
dc4b5031336ec8eab08942b62094fdc39687535a
365a9b6abe8309add85bb1cbb6760988a71bd8f0d930e67638f97d9fd091a964
GET /style_new.css HTTP/1.1
Host: googiehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/freewordpresshosting.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: text/css
cache-control: public, max-age=43200
expires: Sat, 19 Nov 2022 14:24:13 GMT
etag: W/"131fe-6347dc57-1812bc;gz"
last-modified: Thu, 13 Oct 2022 09:37:27 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=agZbnTA38cs%2BxqM2AbwP95ScFaJ%2F4GFDzwL3VINitPj72OvF9TatZ%2Bc5wmB79bQXQ%2BDx4q%2FbJM5CpiQZonlhkLMu2yN5mEw5vhpFAnoBbrYlnEZwE5H7MPTAEUIETZCd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c57d01a845b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash feaeba711c7421b074e726f89ff34e0b
c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb
ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash feaeba711c7421b074e726f89ff34e0b
c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb
ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d31qbv1cthcecs.cloudfront.net/atrk.js
143.204.55.109200 OK 4.3 kB URL HTTP/1.1 d31qbv1cthcecs.cloudfront.net/atrk.js
IP 143.204.55.109:0
File type ASCII text, with very long lines (4255), with no line terminators
Hash d89453438fbf10dcf4c13265c40d5160
02d5f4e46c94bf34e12b2d773f63f643ea2b3518
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
GET /atrk.js HTTP/1.1
Host: d31qbv1cthcecs.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 4255
Connection: keep-alive
Date: Sat, 13 Aug 2022 04:02:04 GMT
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
ETag: "d89453438fbf10dcf4c13265c40d5160"
Cache-Control: max-age=26920000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iq-A6uI5Mu4v2G1NQr8MH98WyrohqBOgSy3lGgdK3p2iqgRmDHO8gQ==
Age: 8461330
a.omappapi.com/app/js/webfont/1.5.18/webfont.js
194.242.11.186200 OK 20 kB URL HTTP/2 a.omappapi.com/app/js/webfont/1.5.18/webfont.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (301), with CRLF, LF line terminators
Hash ac97f8e02cb0f7c228b65f1fcb88ee75
9140fae4d608e2ad70dd1300853171296f89de5f
6e96e17b6b7a21d77884ec95dc598c6d87819d19fe0145967503df8468aff9fa
GET /app/js/webfont/1.5.18/webfont.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"62ed37ae-40cb"
last-modified: Fri, 05 Aug 2022 15:30:54 GMT
cdn-storageserver: DE-200
cdn-requestpullsuccess: True
cdn-fileserver: 419
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 14:03:32
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b5f2154af8b7f7b95da5be102af344af
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 19 Nov 2022 00:41:09 GMT
expires: Sat, 19 Nov 2022 02:41:09 GMT
cache-control: public, max-age=7200
age: 6184
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eaa6a3200eda9bf5788df6d9eb04d84c
12efbb66692df6d76c1103b152808d751c0e49f1
6d815027ae40ea2603c0ed5adac0821cd5526f11c2eeb0ada5294b6f2ec3492d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13052, version 1.0\012- data
Hash 7cf79fbd1df848510d7352274efc2401
5540b5a26cc7dfe25294c4eabe011e2c6cd60143
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:26:57 GMT
expires: Thu, 16 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 197836
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/abrilfatface/v19/zOL64pLDlL1D99S8g8PtiKchq-dmjQ.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/abrilfatface/v19/zOL64pLDlL1D99S8g8PtiKchq-dmjQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13176, version 1.0\012- data
Hash c505a5b998cf70c98db25dd8d644c688
2a72710cb88d894cc7059122213728aefca69b97
a177f542e3506952479f8ee19c5f3fd6d20ac2e030b17e86c39a473931c990bf
GET /s/abrilfatface/v19/zOL64pLDlL1D99S8g8PtiKchq-dmjQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13176
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 03:27:00 GMT
expires: Thu, 16 Nov 2023 03:27:00 GMT
cache-control: public, max-age=31536000
age: 255433
last-modified: Tue, 19 Apr 2022 18:49:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15476, version 1.0\012- data
Hash 083f5cafe748b8ac91823b36986d7fda
0d763699e5bce633aa6adc03370b8630b87c1b31
a3d8afcbc68d3ae65312e50ce252f5eb4cb817d3fe39452bd37a76f896ab5921
GET /s/cabin/v26/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alxw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15476
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 20:00:28 GMT
expires: Wed, 15 Nov 2023 20:00:28 GMT
cache-control: public, max-age=31536000
age: 282225
last-modified: Fri, 24 Jun 2022 18:41:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 18:53:39 GMT
expires: Tue, 14 Nov 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 372634
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13036, version 1.0\012- data
Hash 0ad032b3d07aaf33b160ac4799dda40f
06b931e0d0bf37f5037d9e66d6feedfddd21c0ba
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
GET /s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13036
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:26:57 GMT
expires: Thu, 16 Nov 2023 19:26:57 GMT
cache-control: public, max-age=31536000
age: 197836
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3431396059777650
142.250.74.130200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3431396059777650
IP 142.250.74.130:0
File type ASCII text, with very long lines (4885)
Hash f3a0ceb8c902a6a4d4e2e6c9bbbf776d
c4d0c01d1ec63121af7291b3dc41a9217ce81bb5
f4626a82826bf0eb1e4c065a1f3179d5d7829cf0ccab42f7f40957182d2cbe48
GET /pagead/js/adsbygoogle.js?client=ca-pub-3431396059777650 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 19 Nov 2022 02:24:13 GMT
expires: Sat, 19 Nov 2022 02:24:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7495589036167045278
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49458
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.plerdy.com/public/js/click/detector.js?v=3
104.26.14.92200 OK 21 kB URL HTTP/2 c.plerdy.com/public/js/click/detector.js?v=3
IP 104.26.14.92:0
File type ASCII text, with very long lines (21561), with no line terminators
Hash c9f522636496d5d35c1e7d9b54e82390
b3f00251e4db602b41d5414690ee19ba3c776fbc
1d41b3e2c5f0234639d84b33f8e45a5c6fc8927f755d293753dd0342f0f87c35
GET /public/js/click/detector.js?v=3 HTTP/1.1
Host: c.plerdy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
cf-bgj: minify
access-control-allow-origin: *
etag: W/"63768590-5439"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 17 Nov 2022 19:03:44 GMT
cf-cache-status: HIT
age: 75106
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQsw%2BjcJlMnQWRbx2J%2FbH%2FIzxPBQLAXA7nzyGWjZTP0H8jDiXlJEll8xzbDKKoyVGeHLa7AxCcbFlyQUrajSot5%2BQFpGQiqhdpfY%2Bg%2FAqSOZq8Jj0sf6TIajXyZvdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76c57d04290bb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/righteous/v13/1cXxaUPXBpj2rGoU7C9WiHGF.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/righteous/v13/1cXxaUPXBpj2rGoU7C9WiHGF.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12608, version 1.0\012- data
Hash 2669249f36607a740d21ff026caca825
fad0f311506b84e078d7be1554706e09b16abf43
99ac2accca3d9670c1fd8f197db636fec37cecfa403150f78cc1107c047e1ef6
GET /s/righteous/v13/1cXxaUPXBpj2rGoU7C9WiHGF.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12608
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:57:59 GMT
expires: Thu, 16 Nov 2023 18:57:59 GMT
cache-control: public, max-age=31536000
age: 199574
last-modified: Wed, 27 Apr 2022 15:42:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15669
Expires: Sat, 19 Nov 2022 06:45:22 GMT
Date: Sat, 19 Nov 2022 02:24:13 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21224, version 1.0\012- data
Hash 13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 23:13:49 GMT
expires: Wed, 15 Nov 2023 23:13:49 GMT
cache-control: public, max-age=31536000
age: 270624
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ca9564d-7ca4-4217-8162-042e0f55563e.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ca9564d-7ca4-4217-8162-042e0f55563e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 84839dd7a1d5d50d40a848e92d3ae6ca
150c83236b3518afce551ef94e2c3dddc275ce3f
fb9fffd5dafa855d3f16aefcdf31f656ea5219547a91b336ab41a998ead28050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ca9564d-7ca4-4217-8162-042e0f55563e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6103
x-amzn-requestid: 4f0d1ea8-611c-48cf-be66-dd26b6d56a93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubTBFxDoAMFfYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5ac-4222e7656cb7a56b557d5b13;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: eVbxWxzd0WCUQKztoedT6XAn3I3d2LApn8W0usl5HXTmMl8qCjrBnA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 04:00:41 GMT
age: 80612
etag: "150c83236b3518afce551ef94e2c3dddc275ce3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G_b9L1-WBsD1eh58iF6Cwh8ij3yZVOei6oIUjwdoKQzHLayBLJdv0A==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 16:26:42 GMT
age: 35851
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
216.58.207.195200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 22376, version 1.0\012- data
Hash e6af16165f9bfda6aafd0088b8c01daa
c9c0ee8309619643e65ba1b22bfffcd1a7ca1e51
e803cd8c5031ac6b0d099a2d96ba1c3ee44782649a7f7c6f0d09b6410d93e216
GET /s/droidsans/v18/SlGWmQWMvZQIdix7AFxXmMh3eDs1Zw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 14:07:41 GMT
expires: Thu, 16 Nov 2023 14:07:41 GMT
cache-control: public, max-age=31536000
age: 216992
last-modified: Tue, 19 Apr 2022 18:25:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9f5ec29-13c7-4ee7-a4ea-622220191305.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9f5ec29-13c7-4ee7-a4ea-622220191305.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0ff2770df5107848fe589d7f51ea73ef
081539f9c15c39d7e2f792ece7c07a97a6d33490
4040ad5142106d8485e43a23c9f76f3f2b6344cd095a094391640cf09dcfda93
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9f5ec29-13c7-4ee7-a4ea-622220191305.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6974
x-amzn-requestid: 16813c5f-b493-4e0c-8d08-bbec896b0e63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyGe6oAMFtKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-5e25925b709a2d300a8267ad;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dWLfRRHUtz2co2rPQWvtDAGOqrnjbz3aSg08wvRSlluiRyBJdCV7lw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:22 GMT
age: 17271
etag: "081539f9c15c39d7e2f792ece7c07a97a6d33490"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce07c59e-2c1b-4d3b-8c02-f1ed4bca6607.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce07c59e-2c1b-4d3b-8c02-f1ed4bca6607.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49115517a3f79b5092934e128d54c721
14582e35cacbfc2543587e546cb3b4faf2c898bf
0f9015683cacc252fb5e5053681da1b85b3dd0694e2cd04417e73e5e82ecac2f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce07c59e-2c1b-4d3b-8c02-f1ed4bca6607.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3962
x-amzn-requestid: 29b553ab-9ef2-44b8-aea9-b1582b207a6b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRWGKmIAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6e-3fb68804386112d17eba689d;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NlXk5HDtG5jJpocFatW40jmG60DcpFCl4o6MqkAPSHH13lP66E4d6w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 17268
etag: "14582e35cacbfc2543587e546cb3b4faf2c898bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15669
Expires: Sat, 19 Nov 2022 06:45:22 GMT
Date: Sat, 19 Nov 2022 02:24:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d03484-7ccd-4a2d-81a2-0205f032f99d.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d03484-7ccd-4a2d-81a2-0205f032f99d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5af431deee2fb28fcc08b25f5162944
6dac89954db5946b9ac1fdca3196d8b6bb3f54c3
b22d9111361ebce06d55d14d05f4a5206ca7097b059bbe6bc02b10391b61f458
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d03484-7ccd-4a2d-81a2-0205f032f99d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6365
x-amzn-requestid: 60bd00c0-6808-4bc5-a0cb-e4390d353d65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: befxSFJOIAMF6Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f466e-514b3be121f077d559acdb86;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 07:08:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PiXrw9Fl9jm_orFJtFK5hBbBZs8YVeF4Xmye9BEYVyot9gKdMJb06Q==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 11:25:47 GMT
age: 53906
etag: "6dac89954db5946b9ac1fdca3196d8b6bb3f54c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15669
Expires: Sat, 19 Nov 2022 06:45:22 GMT
Date: Sat, 19 Nov 2022 02:24:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15669
Expires: Sat, 19 Nov 2022 06:45:22 GMT
Date: Sat, 19 Nov 2022 02:24:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5730155a-f68f-483a-a61b-7d881a44a39b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5730155a-f68f-483a-a61b-7d881a44a39b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58c1f2de229260cce98461e5c7d4d282
136e095a89fb0a5aae3e5d653906865da15df7b6
1d623baac44dce6d882e161ccf7dae4e7689fedf5904a12a8bedc2b4c6daa46b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5730155a-f68f-483a-a61b-7d881a44a39b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12472
x-amzn-requestid: 1291abd8-15e9-463f-a106-927785f93e5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQ_nGwwoAMF3nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772eca-3164b923612df3841423a11c;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:05:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: wd9AzMTWZs0KECKZ5UKkJaxw8k5qQQ-iofcXxuSg7yTqWgUmHuKw1w==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 07:12:43 GMT
age: 69090
etag: "136e095a89fb0a5aae3e5d653906865da15df7b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 53d56fb68da96a50df543c9c9fb58f52
d802493bcf8c683b1ac73b035c51cd02b907a251
68b4e1c61fb6285a348937a2f6f81000f7979d90dd2882d5933fc4e64af68158
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Fri, 18 Nov 2022 10:25:42 GMT
expires: Fri, 02 Dec 2022 10:25:42 GMT
cache-control: public, max-age=1209600
age: 57512
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.omappapi.com/app/campaign-views/aa25c9a63446/rk58zmpv4jnqqqigocpn/0c90cd4f9a448afdb97ea3cea196b9c9-optin.json
194.242.11.186200 OK 10 kB URL HTTP/2 a.omappapi.com/app/campaign-views/aa25c9a63446/rk58zmpv4jnqqqigocpn/0c90cd4f9a448afdb97ea3cea196b9c9-optin.json
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type JSON data\012- HTML document, ASCII text, with very long lines (44897), with no line terminators
Hash db7b7c5ddfbfa4e36350a238e94ed7f4
f03d1f3ae355f416aeae41b9d5b34e6ec02271c8
6b420ca1f4aca5ad2502539f81f0903da263dcee0d9589a75532fc33144c4728
GET /app/campaign-views/aa25c9a63446/rk58zmpv4jnqqqigocpn/0c90cd4f9a448afdb97ea3cea196b9c9-optin.json HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:14 GMT
content-type: application/json
vary: Accept-Encoding
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"6347aea2-af61"
last-modified: Thu, 13 Oct 2022 06:22:26 GMT
cdn-storageserver: DE-167
cdn-requestpullsuccess: True
cdn-fileserver: 417
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 20:52:14
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: efae5364817636494274348b26a3dcdb
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.17.25.14200 OK 77 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.17.25.14:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:14 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 202139
expires: Thu, 09 Nov 2023 02:24:14 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsSszE1sJ9X77Mlny%2FTKG%2BR3AfpH5lMCWVc6M3PtHU2u1yfx1Eg5pq0nshSjYFzbETeA3wyYZkbLWCnVsxRQXs1En3IlC726dO0FgJSXl%2F8Vg6%2FupJP9uNW%2Fr6G0c%2F4RCFyVTn79"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76c57d07ec9fb4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.omappapi.com/users/aa25c9a63446/images/5b5fa1d595131665640964-inter-team.jpeg
194.242.11.186200 OK 210 kB URL HTTP/2 a.omappapi.com/users/aa25c9a63446/images/5b5fa1d595131665640964-inter-team.jpeg
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1500x843, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 210 kB (210114 bytes)
Hash 55352818c73fbdbc8a8f77b7ac1778bf
a5060c7a12be1c84efa59c68e61732c2410effba
7f8d2e7d1ab249e24bec2229f6905a25bfa9ab81046cf4488a79d340fba8aa44
GET /users/aa25c9a63446/images/5b5fa1d595131665640964-inter-team.jpeg HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:14 GMT
content-type: image/webp
content-length: 210114
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: "6347ae04-334c2"
last-modified: Thu, 13 Oct 2022 06:19:48 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 374
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 20:52:14
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 52c32829b59da4994af4f1b0f531877d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash d03c2c35375205cd6bf3fc80c0ad80c8
c57d995ac0b0ccdec49fc9dfaeb6bcb9393028c1
fa2db9cb4b4ce5d4b6cb7678d463d98a223a528a3f63d56f6de60322d470f230
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162973
Date: Sat, 19 Nov 2022 02:24:14 GMT
Etag: "63780d61-1d7"
Expires: Sun, 20 Nov 2022 23:40:27 GMT
Last-Modified: Fri, 18 Nov 2022 22:55:29 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U6MExMlawna1eZ22XbOjCwAAVXzIfg8KFlJgFjtoCeXmYINA0-0MKw==
Age: 2698
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
3.136.0.175204 No Content 0 B URL HTTP/2 redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
IP 3.136.0.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x.png HTTP/1.1
Host: redirect.prod.experiment.routing.cloudfront.aws.a2z.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 19 Nov 2022 02:24:14 GMT
server: Server
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c15be7bf1c6987951ddd348d6f6b4db1
9faac1fb81abc8fce6d4ae81777c76b8bc11e9b0
7f1d01e3fc0b69e331fd30326ea8fd9b1e3e06a0a93ae4768e7addd03a121025
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-54079021-1&cid=1238728749.1668824652&jid=2068180879&gjid=194935178&_gid=1280486324.1668824652&_u=YEBAAUAAAAAAACAAI~&z=1471098943
142.250.150.155200 OK 623 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-54079021-1&cid=1238728749.1668824652&jid=2068180879&gjid=194935178&_gid=1280486324.1668824652&_u=YEBAAUAAAAAAACAAI~&z=1471098943
IP 142.250.150.155:0
Hash 2f27b4a987cad7194dc905f69851e2b9
bc87f02a9bee31e79ab9bd58f3db9ab2f69d2977
620c4239528098ea8d910632d37fe5908ac00bfac6f078f7ad5cd59b7f85a31f
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-54079021-1&cid=1238728749.1668824652&jid=2068180879&gjid=194935178&_gid=1280486324.1668824652&_u=YEBAAUAAAAAAACAAI~&z=1471098943 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://googiehost.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 19 Nov 2022 02:24:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a00fff9dd1711061b285e2136c973d13
66548ac11fc58024c6994539ab81804add41d2f2
4b87c5468c15817686a8497324c2a06d18fd5574141aa0476bf98aa3b8395a8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2763bec344cb95973157cf6c9cf07ee4
ce65e30fd5b73cb79d01fab7072d53aa60b873a2
6856e1f453e9660a823ccd084229268b257c8f86af7c0962ed751e8b175afc6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash eb5405ca08a5b1038b26ae8f2e3788f3
3341c3d5bed51686ed6c8d85aa59c59a27c652a3
6ffea4a38a9fc074321b874bce4a78eefbf657f1f2a05897fb32d0a9bffa08a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=googiehost.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=googiehost.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=googiehost.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 19 Nov 2022 02:24:14 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fundingchoicesmessages.google.com/i/pub-3431396059777650?ers=1
142.250.74.46200 OK 39 kB URL HTTP/2 fundingchoicesmessages.google.com/i/pub-3431396059777650?ers=1
IP 142.250.74.46:0
Hash bb297d0723e26c253ed34164241f71aa
c79e1f99a698643d697267af81d1bd5e4eaba787
9c6acd5ec755d991d51929b7a6997885a429793992a1ad9101ca590e11df30d8
GET /i/pub-3431396059777650?ers=1 HTTP/1.1
Host: fundingchoicesmessages.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 19 Nov 2022 02:24:14 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-AEkxE4QeS8sr7zUB7tA9mg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=googiehost.com
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=googiehost.com
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=googiehost.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 19 Nov 2022 02:24:14 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2763bec344cb95973157cf6c9cf07ee4
ce65e30fd5b73cb79d01fab7072d53aa60b873a2
6856e1f453e9660a823ccd084229268b257c8f86af7c0962ed751e8b175afc6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash eb5405ca08a5b1038b26ae8f2e3788f3
3341c3d5bed51686ed6c8d85aa59c59a27c652a3
6ffea4a38a9fc074321b874bce4a78eefbf657f1f2a05897fb32d0a9bffa08a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d3ba0eba720a8e5904bee6e804873c24
df1f9c79e39f777ab12225af0af60b9f26af6485
76500b32cbac4ad40e3f42c7dfd46832f3854ba88c3a6d5a9d2b5633e8e1f27b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-54079021-1&cid=1238728749.1668824652&jid=2068180879&_u=YEBAAUAAAAAAACAAI~&z=1980170694
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-54079021-1&cid=1238728749.1668824652&jid=2068180879&_u=YEBAAUAAAAAAACAAI~&z=1980170694
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-54079021-1&cid=1238728749.1668824652&jid=2068180879&_u=YEBAAUAAAAAAACAAI~&z=1980170694 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 02:24:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-54079021-1&cid=1238728749.1668824652&jid=2068180879&_u=YEBAAUAAAAAAACAAI~&z=1980170694
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-54079021-1&cid=1238728749.1668824652&jid=2068180879&_u=YEBAAUAAAAAAACAAI~&z=1980170694
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-54079021-1&cid=1238728749.1668824652&jid=2068180879&_u=YEBAAUAAAAAAACAAI~&z=1980170694 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 19 Nov 2022 02:24:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 44c0170a7d9ce7beaac67074da16d9ba
6aaefe29ffa7873cba33b760ab2547c5ff608092
79a6848811edbf755b0d4f8e72e83fe74e33c7de59b078202f977ac91c06d948
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79A6848811EDBF755B0D4F8E72E83FE74E33C7DE59B078202F977AC91C06D948"
Last-Modified: Wed, 16 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1933
Expires: Sat, 19 Nov 2022 02:56:28 GMT
Date: Sat, 19 Nov 2022 02:24:15 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 1d577d3bf9aa7d6c3f36385767479288
f9cca82bc77046802b4cf77e73fc28068197ecca
577767bdc4800afc55f72bd954675103a902f02b50684895f331479c92e23645
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 9237dcc9783d1cc6b44ea739945ed5ab
517ba765ee50e9bf6b26e28cf576f6377e123d1e
286cc7f1a83b4121dc6d8980315a872e0bd94383612b99ef62148948bb7c6c2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 1d577d3bf9aa7d6c3f36385767479288
f9cca82bc77046802b4cf77e73fc28068197ecca
577767bdc4800afc55f72bd954675103a902f02b50684895f331479c92e23645
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
142.250.74.33200 OK 9.4 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1596)
Hash 6b277303de172776fc303dfc195982ef
fe6c6af5791742485ae21c4dc02edbee2b426886
c536ada7aa8f4679e0e4f0b99703aab79f6fe32659d777f9c01a7785aa06a36d
GET /pagead/js/r20221110/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9428
x-xss-protection: 0
date: Fri, 18 Nov 2022 15:59:24 GMT
expires: Fri, 02 Dec 2022 15:59:24 GMT
cache-control: public, max-age=1209600
age: 37491
etag: 246362764157784863
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 1d577d3bf9aa7d6c3f36385767479288
f9cca82bc77046802b4cf77e73fc28068197ecca
577767bdc4800afc55f72bd954675103a902f02b50684895f331479c92e23645
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
142.250.74.33200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1540)
Hash d22e40b1bc4f1b0f1727b96a0f32f7dd
57030c5040f0013120cca1e77fe38af35d4610e0
6f6d3797f9b19ffcd2f416a7566a58cf70fd4fb0ab17dec03fa5b690c6939494
GET /pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7458
x-xss-protection: 0
date: Fri, 18 Nov 2022 15:55:37 GMT
expires: Fri, 02 Dec 2022 15:55:37 GMT
cache-control: public, max-age=1209600
age: 37718
etag: 16870613375306414947
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
z.omappapi.com/v3/i?aid=86400&cid=rk58zmpv4jnqqqigocpn&sid=5fcf4db279101&rt=false&dv=desktop&cty=popup&url=freewordpresshosting.html&v=5
178.128.135.233204 No Content 0 B URL HTTP/1.1 z.omappapi.com/v3/i?aid=86400&cid=rk58zmpv4jnqqqigocpn&sid=5fcf4db279101&rt=false&dv=desktop&cty=popup&url=freewordpresshosting.html&v=5
IP 178.128.135.233:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/i?aid=86400&cid=rk58zmpv4jnqqqigocpn&sid=5fcf4db279101&rt=false&dv=desktop&cty=popup&url=freewordpresshosting.html&v=5 HTTP/1.1
Host: z.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 19 Nov 2022 02:24:15 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://googiehost.com
Access-Control-Allow-Credentials: true
Server: kong/0.14.1
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4ec62279c2b0171ab1d12d11e38a8bb1
a95c73a838695ebad74025f9841f44c67af18454
0582eb214cb1fe089cb4b5e5ba41545fe7e15212282588bf711494d165e88506
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
142.250.74.70200 OK 38 kB URL HTTP/2 s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
IP 142.250.74.70:0
File type ASCII text, with very long lines (3095)
Hash 4f9b890a6c4cfbbfd0fb7eff98bf4dde
2db204fb0ee448842b40f84463234ea496763130
8e0d4c67a688228e1ba10b1e1dc367c078edf7e9bc35be0bd4ae8c0ce980647c
GET /879366/express_html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 03:09:16 GMT
expires: Sat, 19 Nov 2022 03:09:16 GMT
cache-control: public, max-age=86400
age: 83699
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash da2d83e904cd35e185b36b715ab785df
258667d57898e4559332a419918f9e8f1e5cd39c
2a11aab970c28cba544f5e4c734b94d8c25dd6f435affc4f28d35e4bdd114e86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 02:24:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvV96M7yUwdpGmNqZdITxo1RyclCA_c37lQoGdDIcZ_Br_1qa1nH9NBtZMZFUV_q6E4raJCM3C_XKTSJwXW9DN9RfVWXmcRnZpL1dhSBvzgpZ1x3pLHE7h19RAr74z8thbW9ZLjXG4yHI1kPDT54i221rGR-WUXpXQernmQazRSHSgO5sB3h4Rb5PQ3MwYLZoYEtc7fkYoXpK2A8gZpoTX6brSTarti48ccxFup7A8b-MeKICWn82c0fULo1WoxcVGZnmvfdplohHSRDUnc0B6GRQvqU1I9ydt2jD-Q-XuYD5RV38HxNVuco4FgYZHIE4p_kZaWvds5A6QaMK10iwBW1gmzdN2T_2zyppsO8YBSYIPLiSXhx4wt-zoky-BcEM--9HMIrSs7CB28486HYh8yUMrKDxVQYFUbEHgN9Zv7LXGthIN_9iDpWpdSUaxEhbk6YoOd_3bapvu6CDpQXqi_LQEmCxdwRxdqcPMGgML4GL_PYHRemZuKy3IrQBd-hCuwrIykqwO2SIz2ZsQ9-Rv4CdBH_Xsn7z1MyosXKjVDijcvax6HJFNPERnt-7KUD6MGBGh_FULonOnrS8i3XpIUtOJ_LN9ETXhj-SsLHysOKDhPdAcYaj_o29GOxw16EGlBghvp3h18VXU-7tECRqR483vVDvQpem80hmw-LrPXrJk1Q47Zb5cktFQIm8_jwbzMe1XULCjnRYaFN7oGjFYdjv38gwxH0HjpRh0Abr3LRbNv84VqcUpfz9gDP4RDHY1sCudR5EjB9el_0WI3jWhOoIJqzqUDb-m025d-NTwX6JEpzJ3UgfS4XBS3P4_r-_7P4637A_mwVTHXWoXxlrmCNawwkwUhzE7vwqIkB5osRWbdco3S4yarXWlUhN6sdfHgqsnORWqkKak4qG9tAVBS_BUdfi1wCrzeWTmCiNNZp0AkGI1RbK55vtEza32Nv5-UKqNc4JdUToU3bU9reiM9YNe0xbHmlcpeSqVjxYvjz94FjxjnEm6RkwvGvZk5Hk4bbepcDTWnYI_Pex9OO3NaWYewnnUw62dG6fI-SyPJoe4dx3Gq2m8tRQ_Dkm70asfmEHIG5UtS4cURUJC349ksjClPZ9udRJ_Nr5algR6t1LMcYNcg-hn8VFrk70oFZXhR91scxeuF12_r7SiTPKaWCL_aFamtCa-iPWDhwjr4tgEhpgnHOSexjF5XBq5LlzsmuDsyJCynXBkrALSil__86K0Bbk-hnGHN&sai=AMfl-YTuF-hthI_wQYOGBXmEdeRa-LCH2ySy4786fI9lMQ38GLhcId7QVeh8tO_sLSW13cpqrXw4wlxhNGwf7wUfaBhH3x-FZofuD-RAP-j7jfiV8peJ3Hebsqb0qwpwOSIAvsUVFl9K_0BX3WEkjMqa9i0ZeZ_lsjEXfYgoq1hk_oXraN_MEsgbEWFl8ry0wVuAunHZy4PDcFtoQH9raDeMliB5Pkr6Bz1DmEmXG3XCVjYtwV9Filao1Ww-RzhwOhDYn75wyS8QYbJGM-Peo6oquaIzxhXlAJ3ot7KuffZHpSmL24ch&sig=Cg0ArKJSzK9b1UdPgH8_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=156&cbvp=1&cstd=153&cisv=r20221110.43787&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvV96M7yUwdpGmNqZdITxo1RyclCA_c37lQoGdDIcZ_Br_1qa1nH9NBtZMZFUV_q6E4raJCM3C_XKTSJwXW9DN9RfVWXmcRnZpL1dhSBvzgpZ1x3pLHE7h19RAr74z8thbW9ZLjXG4yHI1kPDT54i221rGR-WUXpXQernmQazRSHSgO5sB3h4Rb5PQ3MwYLZoYEtc7fkYoXpK2A8gZpoTX6brSTarti48ccxFup7A8b-MeKICWn82c0fULo1WoxcVGZnmvfdplohHSRDUnc0B6GRQvqU1I9ydt2jD-Q-XuYD5RV38HxNVuco4FgYZHIE4p_kZaWvds5A6QaMK10iwBW1gmzdN2T_2zyppsO8YBSYIPLiSXhx4wt-zoky-BcEM--9HMIrSs7CB28486HYh8yUMrKDxVQYFUbEHgN9Zv7LXGthIN_9iDpWpdSUaxEhbk6YoOd_3bapvu6CDpQXqi_LQEmCxdwRxdqcPMGgML4GL_PYHRemZuKy3IrQBd-hCuwrIykqwO2SIz2ZsQ9-Rv4CdBH_Xsn7z1MyosXKjVDijcvax6HJFNPERnt-7KUD6MGBGh_FULonOnrS8i3XpIUtOJ_LN9ETXhj-SsLHysOKDhPdAcYaj_o29GOxw16EGlBghvp3h18VXU-7tECRqR483vVDvQpem80hmw-LrPXrJk1Q47Zb5cktFQIm8_jwbzMe1XULCjnRYaFN7oGjFYdjv38gwxH0HjpRh0Abr3LRbNv84VqcUpfz9gDP4RDHY1sCudR5EjB9el_0WI3jWhOoIJqzqUDb-m025d-NTwX6JEpzJ3UgfS4XBS3P4_r-_7P4637A_mwVTHXWoXxlrmCNawwkwUhzE7vwqIkB5osRWbdco3S4yarXWlUhN6sdfHgqsnORWqkKak4qG9tAVBS_BUdfi1wCrzeWTmCiNNZp0AkGI1RbK55vtEza32Nv5-UKqNc4JdUToU3bU9reiM9YNe0xbHmlcpeSqVjxYvjz94FjxjnEm6RkwvGvZk5Hk4bbepcDTWnYI_Pex9OO3NaWYewnnUw62dG6fI-SyPJoe4dx3Gq2m8tRQ_Dkm70asfmEHIG5UtS4cURUJC349ksjClPZ9udRJ_Nr5algR6t1LMcYNcg-hn8VFrk70oFZXhR91scxeuF12_r7SiTPKaWCL_aFamtCa-iPWDhwjr4tgEhpgnHOSexjF5XBq5LlzsmuDsyJCynXBkrALSil__86K0Bbk-hnGHN&sai=AMfl-YTuF-hthI_wQYOGBXmEdeRa-LCH2ySy4786fI9lMQ38GLhcId7QVeh8tO_sLSW13cpqrXw4wlxhNGwf7wUfaBhH3x-FZofuD-RAP-j7jfiV8peJ3Hebsqb0qwpwOSIAvsUVFl9K_0BX3WEkjMqa9i0ZeZ_lsjEXfYgoq1hk_oXraN_MEsgbEWFl8ry0wVuAunHZy4PDcFtoQH9raDeMliB5Pkr6Bz1DmEmXG3XCVjYtwV9Filao1Ww-RzhwOhDYn75wyS8QYbJGM-Peo6oquaIzxhXlAJ3ot7KuffZHpSmL24ch&sig=Cg0ArKJSzK9b1UdPgH8_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=156&cbvp=1&cstd=153&cisv=r20221110.43787&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsvV96M7yUwdpGmNqZdITxo1RyclCA_c37lQoGdDIcZ_Br_1qa1nH9NBtZMZFUV_q6E4raJCM3C_XKTSJwXW9DN9RfVWXmcRnZpL1dhSBvzgpZ1x3pLHE7h19RAr74z8thbW9ZLjXG4yHI1kPDT54i221rGR-WUXpXQernmQazRSHSgO5sB3h4Rb5PQ3MwYLZoYEtc7fkYoXpK2A8gZpoTX6brSTarti48ccxFup7A8b-MeKICWn82c0fULo1WoxcVGZnmvfdplohHSRDUnc0B6GRQvqU1I9ydt2jD-Q-XuYD5RV38HxNVuco4FgYZHIE4p_kZaWvds5A6QaMK10iwBW1gmzdN2T_2zyppsO8YBSYIPLiSXhx4wt-zoky-BcEM--9HMIrSs7CB28486HYh8yUMrKDxVQYFUbEHgN9Zv7LXGthIN_9iDpWpdSUaxEhbk6YoOd_3bapvu6CDpQXqi_LQEmCxdwRxdqcPMGgML4GL_PYHRemZuKy3IrQBd-hCuwrIykqwO2SIz2ZsQ9-Rv4CdBH_Xsn7z1MyosXKjVDijcvax6HJFNPERnt-7KUD6MGBGh_FULonOnrS8i3XpIUtOJ_LN9ETXhj-SsLHysOKDhPdAcYaj_o29GOxw16EGlBghvp3h18VXU-7tECRqR483vVDvQpem80hmw-LrPXrJk1Q47Zb5cktFQIm8_jwbzMe1XULCjnRYaFN7oGjFYdjv38gwxH0HjpRh0Abr3LRbNv84VqcUpfz9gDP4RDHY1sCudR5EjB9el_0WI3jWhOoIJqzqUDb-m025d-NTwX6JEpzJ3UgfS4XBS3P4_r-_7P4637A_mwVTHXWoXxlrmCNawwkwUhzE7vwqIkB5osRWbdco3S4yarXWlUhN6sdfHgqsnORWqkKak4qG9tAVBS_BUdfi1wCrzeWTmCiNNZp0AkGI1RbK55vtEza32Nv5-UKqNc4JdUToU3bU9reiM9YNe0xbHmlcpeSqVjxYvjz94FjxjnEm6RkwvGvZk5Hk4bbepcDTWnYI_Pex9OO3NaWYewnnUw62dG6fI-SyPJoe4dx3Gq2m8tRQ_Dkm70asfmEHIG5UtS4cURUJC349ksjClPZ9udRJ_Nr5algR6t1LMcYNcg-hn8VFrk70oFZXhR91scxeuF12_r7SiTPKaWCL_aFamtCa-iPWDhwjr4tgEhpgnHOSexjF5XBq5LlzsmuDsyJCynXBkrALSil__86K0Bbk-hnGHN&sai=AMfl-YTuF-hthI_wQYOGBXmEdeRa-LCH2ySy4786fI9lMQ38GLhcId7QVeh8tO_sLSW13cpqrXw4wlxhNGwf7wUfaBhH3x-FZofuD-RAP-j7jfiV8peJ3Hebsqb0qwpwOSIAvsUVFl9K_0BX3WEkjMqa9i0ZeZ_lsjEXfYgoq1hk_oXraN_MEsgbEWFl8ry0wVuAunHZy4PDcFtoQH9raDeMliB5Pkr6Bz1DmEmXG3XCVjYtwV9Filao1Ww-RzhwOhDYn75wyS8QYbJGM-Peo6oquaIzxhXlAJ3ot7KuffZHpSmL24ch&sig=Cg0ArKJSzK9b1UdPgH8_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=156&cbvp=1&cstd=153&cisv=r20221110.43787&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sat, 19 Nov 2022 02:24:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 19-Nov-2022 02:39:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Nov 2022 02:24:15 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvV96M7yUwdpGmNqZdITxo1RyclCA_c37lQoGdDIcZ_Br_1qa1nH9NBtZMZFUV_q6E4raJCM3C_XKTSJwXW9DN9RfVWXmcRnZpL1dhSBvzgpZ1x3pLHE7h19RAr74z8thbW9ZLjXG4yHI1kPDT54i221rGR-WUXpXQernmQazRSHSgO5sB3h4Rb5PQ3MwYLZoYEtc7fkYoXpK2A8gZpoTX6brSTarti48ccxFup7A8b-MeKICWn82c0fULo1WoxcVGZnmvfdplohHSRDUnc0B6GRQvqU1I9ydt2jD-Q-XuYD5RV38HxNVuco4FgYZHIE4p_kZaWvds5A6QaMK10iwBW1gmzdN2T_2zyppsO8YBSYIPLiSXhx4wt-zoky-BcEM--9HMIrSs7CB28486HYh8yUMrKDxVQYFUbEHgN9Zv7LXGthIN_9iDpWpdSUaxEhbk6YoOd_3bapvu6CDpQXqi_LQEmCxdwRxdqcPMGgML4GL_PYHRemZuKy3IrQBd-hCuwrIykqwO2SIz2ZsQ9-Rv4CdBH_Xsn7z1MyosXKjVDijcvax6HJFNPERnt-7KUD6MGBGh_FULonOnrS8i3XpIUtOJ_LN9ETXhj-SsLHysOKDhPdAcYaj_o29GOxw16EGlBghvp3h18VXU-7tECRqR483vVDvQpem80hmw-LrPXrJk1Q47Zb5cktFQIm8_jwbzMe1XULCjnRYaFN7oGjFYdjv38gwxH0HjpRh0Abr3LRbNv84VqcUpfz9gDP4RDHY1sCudR5EjB9el_0WI3jWhOoIJqzqUDb-m025d-NTwX6JEpzJ3UgfS4XBS3P4_r-_7P4637A_mwVTHXWoXxlrmCNawwkwUhzE7vwqIkB5osRWbdco3S4yarXWlUhN6sdfHgqsnORWqkKak4qG9tAVBS_BUdfi1wCrzeWTmCiNNZp0AkGI1RbK55vtEza32Nv5-UKqNc4JdUToU3bU9reiM9YNe0xbHmlcpeSqVjxYvjz94FjxjnEm6RkwvGvZk5Hk4bbepcDTWnYI_Pex9OO3NaWYewnnUw62dG6fI-SyPJoe4dx3Gq2m8tRQ_Dkm70asfmEHIG5UtS4cURUJC349ksjClPZ9udRJ_Nr5algR6t1LMcYNcg-hn8VFrk70oFZXhR91scxeuF12_r7SiTPKaWCL_aFamtCa-iPWDhwjr4tgEhpgnHOSexjF5XBq5LlzsmuDsyJCynXBkrALSil__86K0Bbk-hnGHN&sai=AMfl-YTuF-hthI_wQYOGBXmEdeRa-LCH2ySy4786fI9lMQ38GLhcId7QVeh8tO_sLSW13cpqrXw4wlxhNGwf7wUfaBhH3x-FZofuD-RAP-j7jfiV8peJ3Hebsqb0qwpwOSIAvsUVFl9K_0BX3WEkjMqa9i0ZeZ_lsjEXfYgoq1hk_oXraN_MEsgbEWFl8ry0wVuAunHZy4PDcFtoQH9raDeMliB5Pkr6Bz1DmEmXG3XCVjYtwV9Filao1Ww-RzhwOhDYn75wyS8QYbJGM-Peo6oquaIzxhXlAJ3ot7KuffZHpSmL24ch&sig=Cg0ArKJSzK9b1UdPgH8_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=419&vt=11&dtpt=263&dett=3&cstd=153&cisv=r20221110.43787&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvV96M7yUwdpGmNqZdITxo1RyclCA_c37lQoGdDIcZ_Br_1qa1nH9NBtZMZFUV_q6E4raJCM3C_XKTSJwXW9DN9RfVWXmcRnZpL1dhSBvzgpZ1x3pLHE7h19RAr74z8thbW9ZLjXG4yHI1kPDT54i221rGR-WUXpXQernmQazRSHSgO5sB3h4Rb5PQ3MwYLZoYEtc7fkYoXpK2A8gZpoTX6brSTarti48ccxFup7A8b-MeKICWn82c0fULo1WoxcVGZnmvfdplohHSRDUnc0B6GRQvqU1I9ydt2jD-Q-XuYD5RV38HxNVuco4FgYZHIE4p_kZaWvds5A6QaMK10iwBW1gmzdN2T_2zyppsO8YBSYIPLiSXhx4wt-zoky-BcEM--9HMIrSs7CB28486HYh8yUMrKDxVQYFUbEHgN9Zv7LXGthIN_9iDpWpdSUaxEhbk6YoOd_3bapvu6CDpQXqi_LQEmCxdwRxdqcPMGgML4GL_PYHRemZuKy3IrQBd-hCuwrIykqwO2SIz2ZsQ9-Rv4CdBH_Xsn7z1MyosXKjVDijcvax6HJFNPERnt-7KUD6MGBGh_FULonOnrS8i3XpIUtOJ_LN9ETXhj-SsLHysOKDhPdAcYaj_o29GOxw16EGlBghvp3h18VXU-7tECRqR483vVDvQpem80hmw-LrPXrJk1Q47Zb5cktFQIm8_jwbzMe1XULCjnRYaFN7oGjFYdjv38gwxH0HjpRh0Abr3LRbNv84VqcUpfz9gDP4RDHY1sCudR5EjB9el_0WI3jWhOoIJqzqUDb-m025d-NTwX6JEpzJ3UgfS4XBS3P4_r-_7P4637A_mwVTHXWoXxlrmCNawwkwUhzE7vwqIkB5osRWbdco3S4yarXWlUhN6sdfHgqsnORWqkKak4qG9tAVBS_BUdfi1wCrzeWTmCiNNZp0AkGI1RbK55vtEza32Nv5-UKqNc4JdUToU3bU9reiM9YNe0xbHmlcpeSqVjxYvjz94FjxjnEm6RkwvGvZk5Hk4bbepcDTWnYI_Pex9OO3NaWYewnnUw62dG6fI-SyPJoe4dx3Gq2m8tRQ_Dkm70asfmEHIG5UtS4cURUJC349ksjClPZ9udRJ_Nr5algR6t1LMcYNcg-hn8VFrk70oFZXhR91scxeuF12_r7SiTPKaWCL_aFamtCa-iPWDhwjr4tgEhpgnHOSexjF5XBq5LlzsmuDsyJCynXBkrALSil__86K0Bbk-hnGHN&sai=AMfl-YTuF-hthI_wQYOGBXmEdeRa-LCH2ySy4786fI9lMQ38GLhcId7QVeh8tO_sLSW13cpqrXw4wlxhNGwf7wUfaBhH3x-FZofuD-RAP-j7jfiV8peJ3Hebsqb0qwpwOSIAvsUVFl9K_0BX3WEkjMqa9i0ZeZ_lsjEXfYgoq1hk_oXraN_MEsgbEWFl8ry0wVuAunHZy4PDcFtoQH9raDeMliB5Pkr6Bz1DmEmXG3XCVjYtwV9Filao1Ww-RzhwOhDYn75wyS8QYbJGM-Peo6oquaIzxhXlAJ3ot7KuffZHpSmL24ch&sig=Cg0ArKJSzK9b1UdPgH8_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=419&vt=11&dtpt=263&dett=3&cstd=153&cisv=r20221110.43787&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsvV96M7yUwdpGmNqZdITxo1RyclCA_c37lQoGdDIcZ_Br_1qa1nH9NBtZMZFUV_q6E4raJCM3C_XKTSJwXW9DN9RfVWXmcRnZpL1dhSBvzgpZ1x3pLHE7h19RAr74z8thbW9ZLjXG4yHI1kPDT54i221rGR-WUXpXQernmQazRSHSgO5sB3h4Rb5PQ3MwYLZoYEtc7fkYoXpK2A8gZpoTX6brSTarti48ccxFup7A8b-MeKICWn82c0fULo1WoxcVGZnmvfdplohHSRDUnc0B6GRQvqU1I9ydt2jD-Q-XuYD5RV38HxNVuco4FgYZHIE4p_kZaWvds5A6QaMK10iwBW1gmzdN2T_2zyppsO8YBSYIPLiSXhx4wt-zoky-BcEM--9HMIrSs7CB28486HYh8yUMrKDxVQYFUbEHgN9Zv7LXGthIN_9iDpWpdSUaxEhbk6YoOd_3bapvu6CDpQXqi_LQEmCxdwRxdqcPMGgML4GL_PYHRemZuKy3IrQBd-hCuwrIykqwO2SIz2ZsQ9-Rv4CdBH_Xsn7z1MyosXKjVDijcvax6HJFNPERnt-7KUD6MGBGh_FULonOnrS8i3XpIUtOJ_LN9ETXhj-SsLHysOKDhPdAcYaj_o29GOxw16EGlBghvp3h18VXU-7tECRqR483vVDvQpem80hmw-LrPXrJk1Q47Zb5cktFQIm8_jwbzMe1XULCjnRYaFN7oGjFYdjv38gwxH0HjpRh0Abr3LRbNv84VqcUpfz9gDP4RDHY1sCudR5EjB9el_0WI3jWhOoIJqzqUDb-m025d-NTwX6JEpzJ3UgfS4XBS3P4_r-_7P4637A_mwVTHXWoXxlrmCNawwkwUhzE7vwqIkB5osRWbdco3S4yarXWlUhN6sdfHgqsnORWqkKak4qG9tAVBS_BUdfi1wCrzeWTmCiNNZp0AkGI1RbK55vtEza32Nv5-UKqNc4JdUToU3bU9reiM9YNe0xbHmlcpeSqVjxYvjz94FjxjnEm6RkwvGvZk5Hk4bbepcDTWnYI_Pex9OO3NaWYewnnUw62dG6fI-SyPJoe4dx3Gq2m8tRQ_Dkm70asfmEHIG5UtS4cURUJC349ksjClPZ9udRJ_Nr5algR6t1LMcYNcg-hn8VFrk70oFZXhR91scxeuF12_r7SiTPKaWCL_aFamtCa-iPWDhwjr4tgEhpgnHOSexjF5XBq5LlzsmuDsyJCynXBkrALSil__86K0Bbk-hnGHN&sai=AMfl-YTuF-hthI_wQYOGBXmEdeRa-LCH2ySy4786fI9lMQ38GLhcId7QVeh8tO_sLSW13cpqrXw4wlxhNGwf7wUfaBhH3x-FZofuD-RAP-j7jfiV8peJ3Hebsqb0qwpwOSIAvsUVFl9K_0BX3WEkjMqa9i0ZeZ_lsjEXfYgoq1hk_oXraN_MEsgbEWFl8ry0wVuAunHZy4PDcFtoQH9raDeMliB5Pkr6Bz1DmEmXG3XCVjYtwV9Filao1Ww-RzhwOhDYn75wyS8QYbJGM-Peo6oquaIzxhXlAJ3ot7KuffZHpSmL24ch&sig=Cg0ArKJSzK9b1UdPgH8_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=419&vt=11&dtpt=263&dett=3&cstd=153&cisv=r20221110.43787&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sat, 19 Nov 2022 02:24:15 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 19-Nov-2022 02:39:15 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Nov 2022 02:24:15 GMT
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
142.250.74.130200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with very long lines (14706), with no line terminators
Hash d4d6f2fa7f74141616234925276ee696
a04054bcb60f10f4551d564acd5c0aaf9ccb200f
8d1206f404bb306d804c459f8053503e3d51fabd20c37a2bc66e44ae786fe966
GET /getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 19 Nov 2022 02:24:15 GMT
server: cafe
content-length: 11097
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst88ifXiv2PwCEYwk9TmEQQd4amIB7dr341NILkJw0_jDgJiWTeDLvwsp5hNvz7UKpWhJCuIwhKPaPvOC323-_yyIpUlc8mhGwU12DEBZYxTZd0ppgEqF9cg8BcB6pG6O4SEy9ZLA&sai=AMfl-YS_O8ZgHEdE50aAF1MzzvZNuivBe7Yu1yhkrMX4ms1xJI5Ys2R1O7RVGz1-QvkZNXX2gPo3vzjk1yBDq-ARds9ypu9Fc7CFZm3PvTu2BE-PtxIDhMFgVzNDdhUzdce7uJ7-7perl97FNt9zUAw&sig=Cg0ArKJSzIsE1nTT05mkEAE&cid=CAQSSwDq26N9Cyrs92hTLhgr4RfffT85jU4IVzdguU8myYAr6CcVYoJ4ASPGQ-gJpJORLjHYk_ItjOmHwungKIlkzW_DtfG4kRobGu5R6hgBIBM&id=lidar2&mcvt=1068&p=0,0,90,728&mtos=1068,1068,1068,1068,1068&tos=1068,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4177924764&rs=2&la=0&cr=0&vs=4&r=v&rst=1668824652696&rpt=933&met=ce&wmsd=0&pbe=0
142.250.74.130200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst88ifXiv2PwCEYwk9TmEQQd4amIB7dr341NILkJw0_jDgJiWTeDLvwsp5hNvz7UKpWhJCuIwhKPaPvOC323-_yyIpUlc8mhGwU12DEBZYxTZd0ppgEqF9cg8BcB6pG6O4SEy9ZLA&sai=AMfl-YS_O8ZgHEdE50aAF1MzzvZNuivBe7Yu1yhkrMX4ms1xJI5Ys2R1O7RVGz1-QvkZNXX2gPo3vzjk1yBDq-ARds9ypu9Fc7CFZm3PvTu2BE-PtxIDhMFgVzNDdhUzdce7uJ7-7perl97FNt9zUAw&sig=Cg0ArKJSzIsE1nTT05mkEAE&cid=CAQSSwDq26N9Cyrs92hTLhgr4RfffT85jU4IVzdguU8myYAr6CcVYoJ4ASPGQ-gJpJORLjHYk_ItjOmHwungKIlkzW_DtfG4kRobGu5R6hgBIBM&id=lidar2&mcvt=1068&p=0,0,90,728&mtos=1068,1068,1068,1068,1068&tos=1068,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4177924764&rs=2&la=0&cr=0&vs=4&r=v&rst=1668824652696&rpt=933&met=ce&wmsd=0&pbe=0
IP 142.250.74.130:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjst88ifXiv2PwCEYwk9TmEQQd4amIB7dr341NILkJw0_jDgJiWTeDLvwsp5hNvz7UKpWhJCuIwhKPaPvOC323-_yyIpUlc8mhGwU12DEBZYxTZd0ppgEqF9cg8BcB6pG6O4SEy9ZLA&sai=AMfl-YS_O8ZgHEdE50aAF1MzzvZNuivBe7Yu1yhkrMX4ms1xJI5Ys2R1O7RVGz1-QvkZNXX2gPo3vzjk1yBDq-ARds9ypu9Fc7CFZm3PvTu2BE-PtxIDhMFgVzNDdhUzdce7uJ7-7perl97FNt9zUAw&sig=Cg0ArKJSzIsE1nTT05mkEAE&cid=CAQSSwDq26N9Cyrs92hTLhgr4RfffT85jU4IVzdguU8myYAr6CcVYoJ4ASPGQ-gJpJORLjHYk_ItjOmHwungKIlkzW_DtfG4kRobGu5R6hgBIBM&id=lidar2&mcvt=1068&p=0,0,90,728&mtos=1068,1068,1068,1068,1068&tos=1068,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4177924764&rs=2&la=0&cr=0&vs=4&r=v&rst=1668824652696&rpt=933&met=ce&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Sat, 19 Nov 2022 02:24:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6b026c34985bbf2ebf89a62d0724c66
72369ebeccf447fa91ef77711d6297063c99777e
e5598ada634274ab9995dedda8c1fd18344abcfdd49b3a1aaede0a86fafc0f40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3035
x-amzn-requestid: 3e3f3a7f-9a1d-4b37-b932-22c6e3e638f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRcFOuoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6f-09dc20ea5620dd167e3f7265;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xvVfLfP2DUilu7GSJMGArO90Kdoq5cPBVtmtyVjZmX5ZKnvOjpR_UQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 17275
etag: "72369ebeccf447fa91ef77711d6297063c99777e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
a.omappapi.com/app/js/28.7c2ba7ea.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/28.7c2ba7ea.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/28.7c2ba7ea.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-1758"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-167
cdn-requestpullsuccess: True
cdn-fileserver: 471
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 14:03:34
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: eefcadc107e0f0b895a70ba0d2673069
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/27.205350b7.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/27.205350b7.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/27.205350b7.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-4f6"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-197
cdn-requestpullsuccess: True
cdn-fileserver: 505
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 14:03:34
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 16e427808c2c2a2a2cf094d0e2a06586
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
googiehost.com/freewordpresshosting.html
172.66.42.236200 OK 0 B URL HTTP/2 googiehost.com/freewordpresshosting.html
IP 172.66.42.236:0
GET /freewordpresshosting.html HTTP/1.1
Host: googiehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:12 GMT
content-type: text/html
cf-ray: 76c57d000f2eb50c-OSL
last-modified: Fri, 02 Sep 2022 04:30:17 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UmVorCDY%2FUBo6RSrDGTagjBggs2D8g8ot6794X%2FG53jqS2UYXO1DHIx5j2GQIcKBWbtNj3ldlh88A%2FkvUGhq6V67rVGGsrwokfcFS8vwJQiX20hesl3tkeSInJitFE2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Cabin:400%7COpen+Sans:400
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Cabin:400%7COpen+Sans:400
IP 142.250.74.10:0
GET /css?family=Cabin:400%7COpen+Sans:400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 02:24:13 GMT
date: Sat, 19 Nov 2022 02:24:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a.omappapi.com/app/js/16.53ab7a19.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/16.53ab7a19.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/16.53ab7a19.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-354"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-167
cdn-requestpullsuccess: True
cdn-fileserver: 492
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 14:03:34
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: a2879ebf1d53facd35a4e43c50eb1836
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
googiehost.com/js/jquery-3.6.0.min.js
172.66.42.236200 OK 0 B URL HTTP/2 googiehost.com/js/jquery-3.6.0.min.js
IP 172.66.42.236:0
GET /js/jquery-3.6.0.min.js HTTP/1.1
Host: googiehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/freewordpresshosting.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=43200
expires: Sat, 19 Nov 2022 08:52:10 GMT
etag: W/"15d9d-608fd060-1c0a06;gz"
last-modified: Mon, 03 May 2021 10:28:48 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19923
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQ2EekXpW9pWWHjeElvmDBr8EsKGUnp3vYHS8dUjkn5PxnlOHqPnLVDA277gwwGP1mnVyF%2BS4u9Vjj8aj0wn13mpdayrudFNmna%2Fn4upzJ0FJThIg8BVm9tbWiYw3c19"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c57d01d868b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.omappapi.com/app/js/9.8520b11d.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/9.8520b11d.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/9.8520b11d.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-684"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-51
cdn-requestpullsuccess: True
cdn-fileserver: 505
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 14:03:34
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 39d7b900c6807f0ec97adb6edf1ef9d5
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/1.12278d6a.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/1.12278d6a.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/1.12278d6a.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-2b60"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 505
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 14:03:34
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 74aa21eba927340acfae6983fb68f6e6
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
api.omappapi.com/v2/embed/86400?d=googiehost.com
54.230.111.39200 OK 0 B URL HTTP/2 api.omappapi.com/v2/embed/86400?d=googiehost.com
IP 54.230.111.39:0
GET /v2/embed/86400?d=googiehost.com HTTP/1.1
Host: api.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googiehost.com
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Sat, 19 Nov 2022 02:24:08 GMT
access-control-allow-origin: *
access-control-allow-headers: X-CSRF-Token
expires: Sat, 19 Nov 2022 02:15:47 GMT
cache-control: public, max-age=30, stale-while-revalidate=1800
last-modified: Thu, 13 Oct 2022 06:25:33 GMT
etag: W/"6cbe655b175d13bea86a5556842fa356"
x-optinmonster-account: 96954
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
x-user-agent: standard--
x-cache-config: 0 0
vary: Accept-Encoding, User-Agent
x-cache-status: HIT
content-encoding: gzip
server: Pagely Gateway/1.5.1
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: y-uI-MkCdJCKcE0ly2M1-aQVqXFW6wWMOY_-oOD5YcPnct38342nAQ==
X-Firefox-Spdy: h2
a.omappapi.com/app/js/10.0f634e82.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/10.0f634e82.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/10.0f634e82.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-6236"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-165
cdn-requestpullsuccess: True
cdn-fileserver: 512
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 14:03:35
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 625979a1f7eacfcd92b53812df7e75b8
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/11.9da7034c.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/11.9da7034c.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/11.9da7034c.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"637289e5-7cb"
last-modified: Mon, 14 Nov 2022 18:33:09 GMT
cdn-storageserver: DE-51
cdn-requestpullsuccess: True
cdn-fileserver: 473
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 14:03:34
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1eb185f03a2874be167b892556466ad8
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/29.1c75394c.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/29.1c75394c.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/29.1c75394c.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-adf"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-165
cdn-requestpullsuccess: True
cdn-fileserver: 471
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 14:03:34
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 7b343c563022ef4d6ef506f150360f6d
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
a.omappapi.com/app/js/22.7f83f3f7.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/22.7f83f3f7.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/22.7f83f3f7.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-613"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-200
cdn-requestpullsuccess: True
cdn-fileserver: 506
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 14:03:34
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d9d9463136994143155887934d37249a
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
googiehost.com/scripts.js
172.66.42.236200 OK 0 B URL HTTP/2 googiehost.com/scripts.js
IP 172.66.42.236:0
GET /scripts.js HTTP/1.1
Host: googiehost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/freewordpresshosting.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=43200
expires: Sat, 19 Nov 2022 08:52:10 GMT
etag: W/"37f0-617398f0-1812ac;gz"
last-modified: Sat, 23 Oct 2021 05:09:04 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19923
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rukc1TdDuhGoVN647naF4Wdf6oFAj2X%2FGVwLDTV6nuLjV4BNF5tBXAsPcg7TIl4sWaJRM9vxjNOxrWP%2BoU0SI3JcrTnkR19G74GdgkkQz8OBCDZHTvGDSPaVAPB5lIXO"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"\/cdn-cgi\/script_monitor\/report?m=fFUHFK8klHodkhyp_OnY9uOES2SuvCQVWgHADL89JeA-1668824653-0-AYTvFs-PJWjaS9RB4hoQKatXRTDuHBdt2vNPc_PRYJO40ewxe4DOky8kI-uKJ69Yi-4aNhzWNQlWAD9PZsfOrc0"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; report-uri /cdn-cgi/script_monitor/report?m=fFUHFK8klHodkhyp_OnY9uOES2SuvCQVWgHADL89JeA-1668824653-0-AYTvFs-PJWjaS9RB4hoQKatXRTDuHBdt2vNPc_PRYJO40ewxe4DOky8kI-uKJ69Yi-4aNhzWNQlWAD9PZsfOrc0; report-to cf-csp-endpoint
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76c57d01d867b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.omappapi.com/app/js/0.81ef4a11.min.js
194.242.11.186200 OK 0 B URL HTTP/2 a.omappapi.com/app/js/0.81ef4a11.min.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /app/js/0.81ef4a11.min.js HTTP/1.1
Host: a.omappapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googiehost.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 02:24:13 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 293267
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
etag: W/"63729c0b-1aa8"
last-modified: Mon, 14 Nov 2022 19:50:35 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 488
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/18/2022 14:03:34
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 95b330f7460d9f626b6c06c57d98f768
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2