www.healthmad.com/http:/healthmad.com/nutrition/the-benefits-of-green-tea-in-papaya-teapot
34.251.201.224301 Moved Permanently 166 B URL HTTP/1.1 www.healthmad.com/http:/healthmad.com/nutrition/the-benefits-of-green-tea-in-papaya-teapot
IP 34.251.201.224:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
Analyzer Verdict Alert fortinet Malware
GET /http:/healthmad.com/nutrition/the-benefits-of-green-tea-in-papaya-teapot HTTP/1.1
Host: www.healthmad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 22:42:55 GMT
Content-Type: text/html
Content-Length: 166
Connection: keep-alive
Location: https://www.healthmad.com/http:/healthmad.com/nutrition/the-benefits-of-green-tea-in-papaya-teapot
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6357
Expires: Tue, 29 Nov 2022 00:28:53 GMT
Date: Mon, 28 Nov 2022 22:42:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1629
Cache-Control: max-age=130534
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:56 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 10:58:30 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10000
Expires: Tue, 29 Nov 2022 01:29:36 GMT
Date: Mon, 28 Nov 2022 22:42:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 22:17:50 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1506
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: O6Ewuu70NHCxUTWrJBJwEAqJBfCuuTcBXLV8SAWUl3Q08iTOp9GJJm9cQblJLsYoV/1RgspW/sM=
x-amz-request-id: MAGMRM4MH5MX9N3J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 22:42:15 GMT
age: 41
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6eade6752ed9f1069f2a4ce9a540e827
f1fe20b1fa0ea908681652d6665cfcf650de81ed
67d50b32cf138da2a77cf37685c1017682d1d1abcd276650fafd6f965b43a01b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "67D50B32CF138DA2A77CF37685C1017682D1D1ABCD276650FAFD6F965B43A01B"
Last-Modified: Mon, 28 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21597
Expires: Tue, 29 Nov 2022 04:42:53 GMT
Date: Mon, 28 Nov 2022 22:42:56 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 22:42:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/css/health-mad.webflow.e0538c2a3.css
143.204.55.86200 OK 21 kB URL HTTP/2 uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/css/health-mad.webflow.e0538c2a3.css
IP 143.204.55.86:0
File type ASCII text, with very long lines (30496)
Hash 61d927dabcbde97a850604a329877f26
5fb122e9ebafc3bbca3323b1822375538a4063d0
6cd030db9e407fdf50fefc523f23058198af9d252585bb85e1380909307d3c8c
GET /63055a55a7edb83e81c8ccce/css/health-mad.webflow.e0538c2a3.css HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 20951
last-modified: Sat, 26 Nov 2022 14:44:47 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: nYqZ2uG3bHxtEAz4Mx2_wmR_fIIMCIga
accept-ranges: bytes
server: AmazonS3
date: Mon, 28 Nov 2022 13:59:44 GMT
cache-control: max-age=84600, must-revalidate
etag: "61d927dabcbde97a850604a329877f26"
vary: Accept-Encoding
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
age: 31393
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5IKzTbiiHvgPNvE4j1IxwlMsptHx__K18kn4FKgZQ7n-7q58QYIJcg==
X-Firefox-Spdy: h2
www.healthmad.com/http:/healthmad.com/nutrition/the-benefits-of-green-tea-in-papaya-teapot
34.251.201.224404 Not Found 548 kB URL HTTP/2 www.healthmad.com/http:/healthmad.com/nutrition/the-benefits-of-green-tea-in-papaya-teapot
IP 34.251.201.224:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6259)
Size 548 kB (547511 bytes)
Hash 8b7ee0d07c9ecf5c02e81e3c32dbc2a9
5acf104fb08706180320110ad906791f3bc9de77
3d27bcebf08ee87801cf8657321b98352e9a60e8240265e1ec43258f3bbf3c36
Analyzer Verdict Alert fortinet Malware
GET /http:/healthmad.com/nutrition/the-benefits-of-green-tea-in-papaya-teapot HTTP/1.1
Host: www.healthmad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Mon, 28 Nov 2022 22:42:56 GMT
content-type: text/html
cache-control: private, max-age=0, must-revalidate
content-encoding: gzip
etag: W/"f860e52f9a2f0f36a31380c19bd821e2"
last-modified: Sat, 26 Nov 2022 14:44:47 GMT
accept-ranges: bytes
x-served-by: cache-iad-kiad7000128-IAD, cache-dub4336-DUB
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1669675376.317933,VS0,VE155
vary: Accept-Encoding,x-wf-forwarded-proto
x-cluster-name: eu-west-1-prod-edge-blue
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 22:08:55 GMT
cache-control: public,max-age=3600
age: 2041
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/63055a56a7edb85e27c8cd7d_checkmark.svg
143.204.55.86200 OK 166 B URL HTTP/2 uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/63055a56a7edb85e27c8cd7d_checkmark.svg
IP 143.204.55.86:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 4fa5e9c4a949b5dceffb42d2064719f5
daf364a8046b2b40301ac7b5156beffbc29baeb2
a37740409c9b74b50ff691181337ff0dbb30a74fd171972f06aaad966f1f8be6
GET /63055a55a7edb83e81c8ccce/63055a56a7edb85e27c8cd7d_checkmark.svg HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/css/health-mad.webflow.e0538c2a3.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 166
date: Sun, 13 Nov 2022 04:53:18 GMT
last-modified: Tue, 23 Aug 2022 22:53:13 GMT
etag: "4fa5e9c4a949b5dceffb42d2064719f5"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: Kr5xLx45_.Q8PZ6vpo52MWUA8Q99qLrI
accept-ranges: bytes
server: AmazonS3
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
age: 1360179
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zS2XlbDPvZD20SqLjwE3M0IP2ZlqhgWVvmNWvcE2nQCyK1j2xC1MJg==
X-Firefox-Spdy: h2
uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/63055a56a7edb87a3cc8cd23_Redaction-Bold.otf
143.204.55.86200 OK 50 kB URL HTTP/2 uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/63055a56a7edb87a3cc8cd23_Redaction-Bold.otf
IP 143.204.55.86:0
File type OpenType font data\012- data
Hash 10d5e173bde7cb087c038e961b8833b1
d296a800a88a1ea65f11795d3cfea29ca8585dd6
8fbbb2dd6a62fc123dc7f8bd8b96cec28697d8ca2730fe54d99098222bde20c4
GET /63055a55a7edb83e81c8ccce/63055a56a7edb87a3cc8cd23_Redaction-Bold.otf HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.healthmad.com
Connection: keep-alive
Referer: https://uploads-ssl.webflow.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-otf
content-length: 49720
date: Wed, 02 Nov 2022 08:07:00 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Tue, 23 Aug 2022 22:53:12 GMT
etag: "10d5e173bde7cb087c038e961b8833b1"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: .umbgt.bwHWkFnEZstdWY18lJUBK7D4o
accept-ranges: bytes
server: AmazonS3
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
age: 2298957
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GgUbFT6DNgADRZmLkdTaRBD5IKWlQiThYLUy8wz_fV2qGgXrarhoNw==
X-Firefox-Spdy: h2
uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/63055a56a7edb873fcc8cd25_Redaction-Regular.otf
143.204.55.86200 OK 49 kB URL HTTP/2 uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/63055a56a7edb873fcc8cd25_Redaction-Regular.otf
IP 143.204.55.86:0
File type OpenType font data\012- data
Hash f2280e79e2e24ef652781da5d10702d0
c4482f6fda63fa59212ab4c8bf99bf3d73fbb2d2
bb2311473692fb2067320c0b5b3e94d11f26fefa2e787adb7e366f2e462a0d9c
GET /63055a55a7edb83e81c8ccce/63055a56a7edb873fcc8cd25_Redaction-Regular.otf HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.healthmad.com
Connection: keep-alive
Referer: https://uploads-ssl.webflow.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-otf
content-length: 48940
date: Fri, 25 Nov 2022 03:49:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Tue, 23 Aug 2022 22:53:12 GMT
etag: "f2280e79e2e24ef652781da5d10702d0"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: ADMGkHJOlhKScC0hKaN59jvHg1R_Hlcb
accept-ranges: bytes
server: AmazonS3
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
age: 327211
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DGoG3IMuNIScSpnTiJrSxFWTRIbjwTqxCmHSINl4vHWk6S2d2G_Kqw==
X-Firefox-Spdy: h2
uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/6305a3f4a364e26b4697e3b1_linkedin.svg
143.204.55.86200 OK 459 B URL HTTP/2 uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/6305a3f4a364e26b4697e3b1_linkedin.svg
IP 143.204.55.86:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (459), with no line terminators
Hash d4d926ac12a743e5c8db5ddd5134969c
37001311ae57270e4b00b3350c5064c1b839c585
5757f9b580fb84c33eee325af45d789e70e03b706bcf665cd9742bd8facaaef2
GET /63055a55a7edb83e81c8ccce/6305a3f4a364e26b4697e3b1_linkedin.svg HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 459
date: Tue, 15 Nov 2022 05:56:06 GMT
last-modified: Wed, 24 Aug 2022 04:07:18 GMT
etag: "d4d926ac12a743e5c8db5ddd5134969c"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: lpY1omA..Z0nX1yi9e8_G50tHka_OG4i
accept-ranges: bytes
server: AmazonS3
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
age: 1183611
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zi241WsHPe0exkuQvFW9ycKVdJbsFQxAXqZ9a4pRDEE_6GLDVvnlVw==
X-Firefox-Spdy: h2
uploads-ssl.webflow.com/61c062a37877bc2d1123dc7d/61c062a37877bc148d23ddec_facebook.png
143.204.55.86200 OK 2.5 kB URL HTTP/2 uploads-ssl.webflow.com/61c062a37877bc2d1123dc7d/61c062a37877bc148d23ddec_facebook.png
IP 143.204.55.86:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash bf279633f5a950858f1946b7965113cd
27293e6e7a38a4536af59a439d306e39fc3b0326
aec46513a6648ffaf4f488efc08bfc892343e1c2a5e945c6bbdb6990a18ec052
GET /61c062a37877bc2d1123dc7d/61c062a37877bc148d23ddec_facebook.png HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2473
date: Fri, 25 Nov 2022 03:49:26 GMT
last-modified: Mon, 20 Dec 2021 11:02:01 GMT
etag: "bf279633f5a950858f1946b7965113cd"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: glSunAfOfCyfdj3vmCe9k4SJCrzoE6jn
accept-ranges: bytes
server: AmazonS3
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
age: 327211
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xJXAuyJZgntY_yLgT7HNe-J-a18iV2epMS3A80W5DdgHW5670WBCfQ==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5050
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:56 GMT
Last-Modified: Mon, 28 Nov 2022 21:18:46 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/6305a5e18b3a00020135a308_youtube.svg
143.204.55.86200 OK 709 B URL HTTP/2 uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/6305a5e18b3a00020135a308_youtube.svg
IP 143.204.55.86:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (709), with no line terminators
Hash 36715ec167b763cd29d0d0e71c27589a
af4bf49aba7e0ac125b0ff08887457305d33723f
78d224d194c954f852c31a1976b6202eb1667c202cd9a056a0a7939001b16a80
GET /63055a55a7edb83e81c8ccce/6305a5e18b3a00020135a308_youtube.svg HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 709
date: Fri, 04 Nov 2022 07:13:28 GMT
last-modified: Wed, 24 Aug 2022 04:15:31 GMT
etag: "36715ec167b763cd29d0d0e71c27589a"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: uuZ9ACzKY6Hn8WYbneKkM9.wUn4_obXB
accept-ranges: bytes
server: AmazonS3
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
age: 2129368
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hgEkljxABogODJE5SwxhzgsxsaGJ41n2HoyniezOnHoVT5krsM72mg==
X-Firefox-Spdy: h2
uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/63059f1125fb8f76ad8d557b_healthmad-logo-p-500.png
143.204.55.86200 OK 5.7 kB URL HTTP/2 uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/63059f1125fb8f76ad8d557b_healthmad-logo-p-500.png
IP 143.204.55.86:0
File type PNG image data, 500 x 90, 8-bit colormap, non-interlaced\012- data
Hash 98fd04202c5d16d2091a61d62db9059c
194f681fc4aa7d26593f8a8705f4578c6f242ebb
63b5742ad87a9f5ffb0666b40dd2af802545969809160919a626a044c25a5afd
GET /63055a55a7edb83e81c8ccce/63059f1125fb8f76ad8d557b_healthmad-logo-p-500.png HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 5660
date: Mon, 07 Nov 2022 20:10:11 GMT
last-modified: Wed, 24 Aug 2022 03:46:28 GMT
etag: "98fd04202c5d16d2091a61d62db9059c"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: wUfC3k_grGWzb_FcDZRWqtJDfRWGpIn0
accept-ranges: bytes
server: AmazonS3
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
age: 1823566
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pp7z8FQIrrNxxf9e56y2LrgNHO0aDYCk51UlUY--RYQPhBtjul7w0w==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.195200 OK 38 kB URL HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.healthmad.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:03:56 GMT
expires: Fri, 24 Nov 2023 06:03:56 GMT
cache-control: public, max-age=31536000
age: 405540
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/63059fbd96183ef37e1d237f_favicon.png
143.204.55.86200 OK 4.6 kB URL HTTP/2 uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/63059fbd96183ef37e1d237f_favicon.png
IP 143.204.55.86:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 246b89dbaac3e98e4917c6a08387c465
95b8dabf46d963338bda844686f4d2942a5deec0
25b2daf7a16ea61e4a8a927042f795b3776295b6ff6ed52f8f9ee68c8920bd94
GET /63055a55a7edb83e81c8ccce/63059fbd96183ef37e1d237f_favicon.png HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 4633
date: Sat, 26 Nov 2022 04:33:09 GMT
last-modified: Wed, 24 Aug 2022 03:49:19 GMT
etag: "246b89dbaac3e98e4917c6a08387c465"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: bqVUeA34jJEF95WlO9bYsVIVrkfRF.go
accept-ranges: bytes
server: AmazonS3
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
age: 238189
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3E8HogEnL2eaWhibDHfgvkA-ZhOR75hBBVDtOWpRqpPXQdDUjbCrlQ==
X-Firefox-Spdy: h2
uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/63059fe1b58d082e77ac6051_favicon-32x32.png
143.204.55.86200 OK 3.2 kB URL HTTP/2 uploads-ssl.webflow.com/63055a55a7edb83e81c8ccce/63059fe1b58d082e77ac6051_favicon-32x32.png
IP 143.204.55.86:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e8cdb75b6318dcd6132d530f22e6672b
45f99906838e781f4828fea57693854523634221
62117785691c36a49c9d6f63a179f1c91f68bcbae918f1fcab8d39605ceabaa8
GET /63055a55a7edb83e81c8ccce/63059fe1b58d082e77ac6051_favicon-32x32.png HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3233
date: Sat, 12 Nov 2022 08:12:42 GMT
last-modified: Wed, 24 Aug 2022 03:49:55 GMT
etag: "e8cdb75b6318dcd6132d530f22e6672b"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: FT1Iijhq8jDJ3LWjMNA4z5PZhbYgroLp
accept-ranges: bytes
server: AmazonS3
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
age: 1434616
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2Y7I-Lv78hanbkvIuZanD8th8rBiOg3gsvcXiUDXZOp6Uw0-PWtT3A==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3802481553156086
142.250.74.2200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3802481553156086
IP 142.250.74.2:0
File type ASCII text, with very long lines (4885)
Hash 8e42c136ed83b76f7fbf8c3ee95645b4
bc7b69509e1b309aa5295f27bfe8378d44253862
bd2a8aedbca76adec9971e29f531272acef3823e2248438d6eed993dd8b5f278
GET /pagead/js/adsbygoogle.js?client=ca-pub-3802481553156086 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.healthmad.com
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Nov 2022 22:42:57 GMT
expires: Mon, 28 Nov 2022 22:42:57 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 10103177231463067883
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49356
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.161.230.192101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.230.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yRm9IMpEZbZawhJI6Abw6g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1AQMQIN+zBAdTH0hBsg623gq/mM=
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.162200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Mon, 28 Nov 2022 11:45:52 GMT
expires: Mon, 12 Dec 2022 11:45:52 GMT
cache-control: public, max-age=1209600
age: 39425
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a857eec26a095f97806facc4251f4048
21bcf238687fd5f4fbefaf9704786f7c498f305e
b44b50b7e234fd05080699152a9bc0055a703a93ec2642ecb6b1f717effe7933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.healthmad.com&callback=_gfp_s_&client=ca-pub-3802481553156086&gpid_exp=1
172.217.21.162200 OK 256 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.healthmad.com&callback=_gfp_s_&client=ca-pub-3802481553156086&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (393), with no line terminators
Hash d483c5c61f08a5816995ad92e82a1c34
2a7cace632fcb182652f519aa8da1b1995cb96dc
38c2bc316f31b6e4e425060979b22c08881f8ea76407e24d2677d343310a1e91
GET /gampad/cookie.js?domain=www.healthmad.com&callback=_gfp_s_&client=ca-pub-3802481553156086&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 22:42:57 GMT
server: cafe
cache-control: private
content-length: 256
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.healthmad.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.healthmad.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.healthmad.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 22:42:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.healthmad.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.healthmad.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.healthmad.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 22:42:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a857eec26a095f97806facc4251f4048
21bcf238687fd5f4fbefaf9704786f7c498f305e
b44b50b7e234fd05080699152a9bc0055a703a93ec2642ecb6b1f717effe7933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
142.250.74.2200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
IP 142.250.74.2:0
File type JSON data\012- , ASCII text, with very long lines (14917), with no line terminators
Hash b6f0d33998755d367db195f032abc847
65293f7c2692da957a23b93478508d99de6da750
ed68d6de7491a5aabb6e93bb2c388d77b74d2efd7514168221180d51bab0d52f
GET /getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.healthmad.com
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Mon, 28 Nov 2022 22:42:57 GMT
server: cafe
content-length: 11260
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/reactive_library_fy2021.js
142.250.74.2200 OK 52 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/reactive_library_fy2021.js
IP 142.250.74.2:0
File type ASCII text, with very long lines (3625)
Hash 90b6d71acf84facd85b6d5cdc6fdd3ff
d9c11451838b86c207f399385ad87951c968f397
5626681dafe0ecf2ac47caaeb634e7ead6894a8af736d72ac2ad8da434a3e209
GET /pagead/managed/js/adsense/m202211100101/reactive_library_fy2021.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Nov 2022 22:42:57 GMT
expires: Mon, 28 Nov 2022 22:42:57 GMT
cache-control: private, max-age=1209600
content-type: text/javascript; charset=UTF-8
etag: 9914356107862548377
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 52286
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.healthmad.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.healthmad.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.healthmad.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 22:42:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash afdcfc5f3bd741d114596300d607f4cc
e82ea5829078ad9268cdf9c576c780b1c40c3696
1c80e7d28c6303b65a17bfa822163c5af3d6d5c480ee9f2e404b23119520eeb5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.healthmad.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.healthmad.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.healthmad.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 22:42:57 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Mon, 28 Nov 2022 22:42:57 GMT
expires: Mon, 28 Nov 2022 22:42:57 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 22:42:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
142.250.74.2200 OK 16 kB URL HTTP/2 pagead2.googlesyndication.com/bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js
IP 142.250.74.2:0
File type ASCII text, with very long lines (35721)
Hash 2471926580dda2dc146ad246ffdbe591
d0af7fae34937f3b108d648d804265e46c70f74f
c092d697cbfde6dfbfd5ad0bc50d8f5ee51194f25b65b340bd36eacf4ebb83f5
GET /bg/M3JMhzk_3vTF8k0i77EsfxGITEmQ_9Y04x5PTEuqQvc.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 15861
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:45:28 GMT
expires: Thu, 23 Nov 2023 18:45:28 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
content-type: text/javascript
age: 446249
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 7a3346cd33b6e87c1c6a7fbc7bedc5ab
7309ae68cfc425a0e7f74c304296be259ff9bfa2
3a4a3745970a0a2aa1eed7b135e179f526d829849da46a37707b952af6264461
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 28 Nov 2022 22:42:57 GMT
date: Mon, 28 Nov 2022 22:42:57 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-gK73UzyhzCavfeWxVJCW6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
216.58.207.194200 OK 48 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 216.58.207.194:0
File type ASCII text, with very long lines (3502)
Hash 297e24828abaf97fb29460fd75369140
e9e02d737f1bcf9874a55562edff5f795a1c170c
cdbe4e689ca060e94f00f0aa4c45a89efacddac90df42929ff42a3bff44a9d3e
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48265
date: Mon, 28 Nov 2022 22:42:57 GMT
expires: Mon, 28 Nov 2022 22:42:57 GMT
cache-control: private, max-age=3000
etag: "1668095300071091"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9e697dd0d15182fb8627d4791ab9587d
4a0ba8ee6edee6637e8eadea6bed11b9429e9b0e
7ac5ca0c734fd0af31c5b9efa5a5559944ac588fac3e300245bcf7cc500609eb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7AC5CA0C734FD0AF31C5B9EFA5A5559944AC588FAC3E300245BCF7CC500609EB"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3181
Expires: Mon, 28 Nov 2022 23:35:58 GMT
Date: Mon, 28 Nov 2022 22:42:57 GMT
Connection: keep-alive
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2318030168936802&rc=
142.250.74.2204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2318030168936802&rc=
IP 142.250.74.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2318030168936802&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 22:42:57 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal9000.redintelligence.net/zone/7lb6qbnvrhza?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC40socTmFY4aLG9rF6gSzra_wA8m5opxpvLTNztUP8C4QASCUkrtJYMOEgICYGMgBCakCmF3ITS1zsT6oAwGqBIYCT9C_CMVlN5vJx5SIulAVPkSAO2H0Kt0VjKc0PLk4mvu9BQ2jvLZJQ2mt8xCE0X_RfhJyxLd2caEEg86SkksR4u6vtV-EgUY00tejRoAwHHc8R0bN0Xp_84_zq6cBejROVUZs7W9t6l7NfTRIWjFIGez8z-27bPVVtcMnQf6-6oYUTv9UONLLDkTbCdwuAO-_QZKSJklDWq2U2Il43KW9G4N1RUfR5O60WLX835TL_ja-yBEsr4nYCj6cf0hxqtgy2xhcm4V28q0LxsDN4rKU8HmzI50wgSkMYhi_z-3eXoN30_GQgm_KzF_La3Gaw-l7yRTXhEP_tbq-PO7lpEJ0TV7K8zfsLMAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIiOGAEBABGB8yA6qCAToCgECACgGYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9zB0awuyiOSi1LWkyDsOVBEAb0x9Qa26kjNIyJG6qW5b2-1YjGQcXz914CTOWv6HQPfmrkri2stkKGAEgEw%26sig%3DAOD64_1OpK2AA1Ooghov7MOY1yyCvcnt3A%26client%3Dca-pub-3802481553156086%26dbm_c%3DAKAmf-DrgvtL6GDVWfU_trRE37nGBkcqIW0Z5ccd7CT5GZtTZCzBRUL6ASKkE1uqSOkpry38W2-jpL8tP4p-YJXXBnI4PyuJRDlRbIXXgkM9d6FvJOn4WXdPBso9TF8rFhhMrmmadqiP3lw1iRg4UyRoHPrJ17QypMkx_NlJf9V7bDRCR42-n6Y%26cry%3D1%26dbm_d%3DAKAmf-CsyhvzBcPYAykc2ANUJqEuZOPdOwsIiMhLl4HTJ0TLeHS0jYDf6PM8N0uxXWmSADQ_twvR1pdJ1Q2_pH17rn3ZvFpzAYmsKsgxicukZ7k9TrvH3gRCc0oXnIE8BMRCrvfpZNe0962G3Tpnc-ChpQrtLy4iQm_XIlzKXbbpW57R8QwXf0D2hndDQZwVRHT3gncVQyL6WunmppT53vvwHpQ-E2hwVZE9AbNS6dFws-jzkgAvN4XHAOnH5e8dud4Wdtr6711Cjbqam7_U_Uo_T1lRcsXHsqo4ZeTW3KOSY4XB-_Y0Tx4WldkAAZvcfv2GFeYHU91yhTLBEIPDY6pQip5CDpSSLtoWcMmkO9SiYwnKjMtXiFm3udyg_C-r2-H3jAEGuMCt2EnUazfr1sdI1sXs-YYQOoZzLRgB8J1VjrhmZA16trB0xS5zKK7Tyyc3u_fOiqirzbuz0vDtfWjy4Q_GktEKlYwzuZ_3g95HTgMDSyf1gw07QCRirLykiGRTRdeWvWGEs3zKkxBtxJYQSGE1k6YICiEJiONGiDvsxQtch3iQ0w6XufvJY6Qmm-5oWExMS9TkwjdJ8oFlkHKKTt-0Tisi8Q%26adurl%3D
94.130.102.164200 OK 4.1 kB URL HTTP/1.1 hal9000.redintelligence.net/zone/7lb6qbnvrhza?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC40socTmFY4aLG9rF6gSzra_wA8m5opxpvLTNztUP8C4QASCUkrtJYMOEgICYGMgBCakCmF3ITS1zsT6oAwGqBIYCT9C_CMVlN5vJx5SIulAVPkSAO2H0Kt0VjKc0PLk4mvu9BQ2jvLZJQ2mt8xCE0X_RfhJyxLd2caEEg86SkksR4u6vtV-EgUY00tejRoAwHHc8R0bN0Xp_84_zq6cBejROVUZs7W9t6l7NfTRIWjFIGez8z-27bPVVtcMnQf6-6oYUTv9UONLLDkTbCdwuAO-_QZKSJklDWq2U2Il43KW9G4N1RUfR5O60WLX835TL_ja-yBEsr4nYCj6cf0hxqtgy2xhcm4V28q0LxsDN4rKU8HmzI50wgSkMYhi_z-3eXoN30_GQgm_KzF_La3Gaw-l7yRTXhEP_tbq-PO7lpEJ0TV7K8zfsLMAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIiOGAEBABGB8yA6qCAToCgECACgGYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9zB0awuyiOSi1LWkyDsOVBEAb0x9Qa26kjNIyJG6qW5b2-1YjGQcXz914CTOWv6HQPfmrkri2stkKGAEgEw%26sig%3DAOD64_1OpK2AA1Ooghov7MOY1yyCvcnt3A%26client%3Dca-pub-3802481553156086%26dbm_c%3DAKAmf-DrgvtL6GDVWfU_trRE37nGBkcqIW0Z5ccd7CT5GZtTZCzBRUL6ASKkE1uqSOkpry38W2-jpL8tP4p-YJXXBnI4PyuJRDlRbIXXgkM9d6FvJOn4WXdPBso9TF8rFhhMrmmadqiP3lw1iRg4UyRoHPrJ17QypMkx_NlJf9V7bDRCR42-n6Y%26cry%3D1%26dbm_d%3DAKAmf-CsyhvzBcPYAykc2ANUJqEuZOPdOwsIiMhLl4HTJ0TLeHS0jYDf6PM8N0uxXWmSADQ_twvR1pdJ1Q2_pH17rn3ZvFpzAYmsKsgxicukZ7k9TrvH3gRCc0oXnIE8BMRCrvfpZNe0962G3Tpnc-ChpQrtLy4iQm_XIlzKXbbpW57R8QwXf0D2hndDQZwVRHT3gncVQyL6WunmppT53vvwHpQ-E2hwVZE9AbNS6dFws-jzkgAvN4XHAOnH5e8dud4Wdtr6711Cjbqam7_U_Uo_T1lRcsXHsqo4ZeTW3KOSY4XB-_Y0Tx4WldkAAZvcfv2GFeYHU91yhTLBEIPDY6pQip5CDpSSLtoWcMmkO9SiYwnKjMtXiFm3udyg_C-r2-H3jAEGuMCt2EnUazfr1sdI1sXs-YYQOoZzLRgB8J1VjrhmZA16trB0xS5zKK7Tyyc3u_fOiqirzbuz0vDtfWjy4Q_GktEKlYwzuZ_3g95HTgMDSyf1gw07QCRirLykiGRTRdeWvWGEs3zKkxBtxJYQSGE1k6YICiEJiONGiDvsxQtch3iQ0w6XufvJY6Qmm-5oWExMS9TkwjdJ8oFlkHKKTt-0Tisi8Q%26adurl%3D
IP 94.130.102.164:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1732), with CRLF line terminators
Hash 88cc42873cef32b1a0d1deea7d5e91dc
84c3cc450053ed9c19cf2fca1a34af8c883e70b8
38f5e2e9d8a08da9164e143c0ab07012e9097015db8345dd246e07aa7d2c7307
GET /zone/7lb6qbnvrhza?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC40socTmFY4aLG9rF6gSzra_wA8m5opxpvLTNztUP8C4QASCUkrtJYMOEgICYGMgBCakCmF3ITS1zsT6oAwGqBIYCT9C_CMVlN5vJx5SIulAVPkSAO2H0Kt0VjKc0PLk4mvu9BQ2jvLZJQ2mt8xCE0X_RfhJyxLd2caEEg86SkksR4u6vtV-EgUY00tejRoAwHHc8R0bN0Xp_84_zq6cBejROVUZs7W9t6l7NfTRIWjFIGez8z-27bPVVtcMnQf6-6oYUTv9UONLLDkTbCdwuAO-_QZKSJklDWq2U2Il43KW9G4N1RUfR5O60WLX835TL_ja-yBEsr4nYCj6cf0hxqtgy2xhcm4V28q0LxsDN4rKU8HmzI50wgSkMYhi_z-3eXoN30_GQgm_KzF_La3Gaw-l7yRTXhEP_tbq-PO7lpEJ0TV7K8zfsLMAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIiOGAEBABGB8yA6qCAToCgECACgGYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9zB0awuyiOSi1LWkyDsOVBEAb0x9Qa26kjNIyJG6qW5b2-1YjGQcXz914CTOWv6HQPfmrkri2stkKGAEgEw%26sig%3DAOD64_1OpK2AA1Ooghov7MOY1yyCvcnt3A%26client%3Dca-pub-3802481553156086%26dbm_c%3DAKAmf-DrgvtL6GDVWfU_trRE37nGBkcqIW0Z5ccd7CT5GZtTZCzBRUL6ASKkE1uqSOkpry38W2-jpL8tP4p-YJXXBnI4PyuJRDlRbIXXgkM9d6FvJOn4WXdPBso9TF8rFhhMrmmadqiP3lw1iRg4UyRoHPrJ17QypMkx_NlJf9V7bDRCR42-n6Y%26cry%3D1%26dbm_d%3DAKAmf-CsyhvzBcPYAykc2ANUJqEuZOPdOwsIiMhLl4HTJ0TLeHS0jYDf6PM8N0uxXWmSADQ_twvR1pdJ1Q2_pH17rn3ZvFpzAYmsKsgxicukZ7k9TrvH3gRCc0oXnIE8BMRCrvfpZNe0962G3Tpnc-ChpQrtLy4iQm_XIlzKXbbpW57R8QwXf0D2hndDQZwVRHT3gncVQyL6WunmppT53vvwHpQ-E2hwVZE9AbNS6dFws-jzkgAvN4XHAOnH5e8dud4Wdtr6711Cjbqam7_U_Uo_T1lRcsXHsqo4ZeTW3KOSY4XB-_Y0Tx4WldkAAZvcfv2GFeYHU91yhTLBEIPDY6pQip5CDpSSLtoWcMmkO9SiYwnKjMtXiFm3udyg_C-r2-H3jAEGuMCt2EnUazfr1sdI1sXs-YYQOoZzLRgB8J1VjrhmZA16trB0xS5zKK7Tyyc3u_fOiqirzbuz0vDtfWjy4Q_GktEKlYwzuZ_3g95HTgMDSyf1gw07QCRirLykiGRTRdeWvWGEs3zKkxBtxJYQSGE1k6YICiEJiONGiDvsxQtch3iQ0w6XufvJY6Qmm-5oWExMS9TkwjdJ8oFlkHKKTt-0Tisi8Q%26adurl%3D HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:42:57 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4145
Connection: close
Content-Type: text/html; charset=UTF-8
hal90008.redintelligence.net/request.php?zone=7lb6qbnvrhza&nw=20&renderingType=javascript&namespace=2981238544&subid=&uid=f2fca39d009f1feb&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC40socTmFY4aLG9rF6gSzra_wA8m5opxpvLTNztUP8C4QASCUkrtJYMOEgICYGMgBCakCmF3ITS1zsT6oAwGqBIYCT9C_CMVlN5vJx5SIulAVPkSAO2H0Kt0VjKc0PLk4mvu9BQ2jvLZJQ2mt8xCE0X_RfhJyxLd2caEEg86SkksR4u6vtV-EgUY00tejRoAwHHc8R0bN0Xp_84_zq6cBejROVUZs7W9t6l7NfTRIWjFIGez8z-27bPVVtcMnQf6-6oYUTv9UONLLDkTbCdwuAO-_QZKSJklDWq2U2Il43KW9G4N1RUfR5O60WLX835TL_ja-yBEsr4nYCj6cf0hxqtgy2xhcm4V28q0LxsDN4rKU8HmzI50wgSkMYhi_z-3eXoN30_GQgm_KzF_La3Gaw-l7yRTXhEP_tbq-PO7lpEJ0TV7K8zfsLMAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIiOGAEBABGB8yA6qCAToCgECACgGYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9zB0awuyiOSi1LWkyDsOVBEAb0x9Qa26kjNIyJG6qW5b2-1YjGQcXz914CTOWv6HQPfmrkri2stkKGAEgEw%26sig%3DAOD64_1OpK2AA1Ooghov7MOY1yyCvcnt3A%26client%3Dca-pub-3802481553156086%26dbm_c%3DAKAmf-DrgvtL6GDVWfU_trRE37nGBkcqIW0Z5ccd7CT5GZtTZCzBRUL6ASKkE1uqSOkpry38W2-jpL8tP4p-YJXXBnI4PyuJRDlRbIXXgkM9d6FvJOn4WXdPBso9TF8rFhhMrmmadqiP3lw1iRg4UyRoHPrJ17QypMkx_NlJf9V7bDRCR42-n6Y%26cry%3D1%26dbm_d%3DAKAmf-CsyhvzBcPYAykc2ANUJqEuZOPdOwsIiMhLl4HTJ0TLeHS0jYDf6PM8N0uxXWmSADQ_twvR1pdJ1Q2_pH17rn3ZvFpzAYmsKsgxicukZ7k9TrvH3gRCc0oXnIE8BMRCrvfpZNe0962G3Tpnc-ChpQrtLy4iQm_XIlzKXbbpW57R8QwXf0D2hndDQZwVRHT3gncVQyL6WunmppT53vvwHpQ-E2hwVZE9AbNS6dFws-jzkgAvN4XHAOnH5e8dud4Wdtr6711Cjbqam7_U_Uo_T1lRcsXHsqo4ZeTW3KOSY4XB-_Y0Tx4WldkAAZvcfv2GFeYHU91yhTLBEIPDY6pQip5CDpSSLtoWcMmkO9SiYwnKjMtXiFm3udyg_C-r2-H3jAEGuMCt2EnUazfr1sdI1sXs-YYQOoZzLRgB8J1VjrhmZA16trB0xS5zKK7Tyyc3u_fOiqirzbuz0vDtfWjy4Q_GktEKlYwzuZ_3g95HTgMDSyf1gw07QCRirLykiGRTRdeWvWGEs3zKkxBtxJYQSGE1k6YICiEJiONGiDvsxQtch3iQ0w6XufvJY6Qmm-5oWExMS9TkwjdJ8oFlkHKKTt-0Tisi8Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20221110%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=6363042674671&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
138.201.63.150302 Found 0 B URL HTTP/1.1 hal90008.redintelligence.net/request.php?zone=7lb6qbnvrhza&nw=20&renderingType=javascript&namespace=2981238544&subid=&uid=f2fca39d009f1feb&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC40socTmFY4aLG9rF6gSzra_wA8m5opxpvLTNztUP8C4QASCUkrtJYMOEgICYGMgBCakCmF3ITS1zsT6oAwGqBIYCT9C_CMVlN5vJx5SIulAVPkSAO2H0Kt0VjKc0PLk4mvu9BQ2jvLZJQ2mt8xCE0X_RfhJyxLd2caEEg86SkksR4u6vtV-EgUY00tejRoAwHHc8R0bN0Xp_84_zq6cBejROVUZs7W9t6l7NfTRIWjFIGez8z-27bPVVtcMnQf6-6oYUTv9UONLLDkTbCdwuAO-_QZKSJklDWq2U2Il43KW9G4N1RUfR5O60WLX835TL_ja-yBEsr4nYCj6cf0hxqtgy2xhcm4V28q0LxsDN4rKU8HmzI50wgSkMYhi_z-3eXoN30_GQgm_KzF_La3Gaw-l7yRTXhEP_tbq-PO7lpEJ0TV7K8zfsLMAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIiOGAEBABGB8yA6qCAToCgECACgGYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9zB0awuyiOSi1LWkyDsOVBEAb0x9Qa26kjNIyJG6qW5b2-1YjGQcXz914CTOWv6HQPfmrkri2stkKGAEgEw%26sig%3DAOD64_1OpK2AA1Ooghov7MOY1yyCvcnt3A%26client%3Dca-pub-3802481553156086%26dbm_c%3DAKAmf-DrgvtL6GDVWfU_trRE37nGBkcqIW0Z5ccd7CT5GZtTZCzBRUL6ASKkE1uqSOkpry38W2-jpL8tP4p-YJXXBnI4PyuJRDlRbIXXgkM9d6FvJOn4WXdPBso9TF8rFhhMrmmadqiP3lw1iRg4UyRoHPrJ17QypMkx_NlJf9V7bDRCR42-n6Y%26cry%3D1%26dbm_d%3DAKAmf-CsyhvzBcPYAykc2ANUJqEuZOPdOwsIiMhLl4HTJ0TLeHS0jYDf6PM8N0uxXWmSADQ_twvR1pdJ1Q2_pH17rn3ZvFpzAYmsKsgxicukZ7k9TrvH3gRCc0oXnIE8BMRCrvfpZNe0962G3Tpnc-ChpQrtLy4iQm_XIlzKXbbpW57R8QwXf0D2hndDQZwVRHT3gncVQyL6WunmppT53vvwHpQ-E2hwVZE9AbNS6dFws-jzkgAvN4XHAOnH5e8dud4Wdtr6711Cjbqam7_U_Uo_T1lRcsXHsqo4ZeTW3KOSY4XB-_Y0Tx4WldkAAZvcfv2GFeYHU91yhTLBEIPDY6pQip5CDpSSLtoWcMmkO9SiYwnKjMtXiFm3udyg_C-r2-H3jAEGuMCt2EnUazfr1sdI1sXs-YYQOoZzLRgB8J1VjrhmZA16trB0xS5zKK7Tyyc3u_fOiqirzbuz0vDtfWjy4Q_GktEKlYwzuZ_3g95HTgMDSyf1gw07QCRirLykiGRTRdeWvWGEs3zKkxBtxJYQSGE1k6YICiEJiONGiDvsxQtch3iQ0w6XufvJY6Qmm-5oWExMS9TkwjdJ8oFlkHKKTt-0Tisi8Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20221110%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=6363042674671&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
IP 138.201.63.150:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /request.php?zone=7lb6qbnvrhza&nw=20&renderingType=javascript&namespace=2981238544&subid=&uid=f2fca39d009f1feb&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC40socTmFY4aLG9rF6gSzra_wA8m5opxpvLTNztUP8C4QASCUkrtJYMOEgICYGMgBCakCmF3ITS1zsT6oAwGqBIYCT9C_CMVlN5vJx5SIulAVPkSAO2H0Kt0VjKc0PLk4mvu9BQ2jvLZJQ2mt8xCE0X_RfhJyxLd2caEEg86SkksR4u6vtV-EgUY00tejRoAwHHc8R0bN0Xp_84_zq6cBejROVUZs7W9t6l7NfTRIWjFIGez8z-27bPVVtcMnQf6-6oYUTv9UONLLDkTbCdwuAO-_QZKSJklDWq2U2Il43KW9G4N1RUfR5O60WLX835TL_ja-yBEsr4nYCj6cf0hxqtgy2xhcm4V28q0LxsDN4rKU8HmzI50wgSkMYhi_z-3eXoN30_GQgm_KzF_La3Gaw-l7yRTXhEP_tbq-PO7lpEJ0TV7K8zfsLMAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIiOGAEBABGB8yA6qCAToCgECACgGYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9zB0awuyiOSi1LWkyDsOVBEAb0x9Qa26kjNIyJG6qW5b2-1YjGQcXz914CTOWv6HQPfmrkri2stkKGAEgEw%26sig%3DAOD64_1OpK2AA1Ooghov7MOY1yyCvcnt3A%26client%3Dca-pub-3802481553156086%26dbm_c%3DAKAmf-DrgvtL6GDVWfU_trRE37nGBkcqIW0Z5ccd7CT5GZtTZCzBRUL6ASKkE1uqSOkpry38W2-jpL8tP4p-YJXXBnI4PyuJRDlRbIXXgkM9d6FvJOn4WXdPBso9TF8rFhhMrmmadqiP3lw1iRg4UyRoHPrJ17QypMkx_NlJf9V7bDRCR42-n6Y%26cry%3D1%26dbm_d%3DAKAmf-CsyhvzBcPYAykc2ANUJqEuZOPdOwsIiMhLl4HTJ0TLeHS0jYDf6PM8N0uxXWmSADQ_twvR1pdJ1Q2_pH17rn3ZvFpzAYmsKsgxicukZ7k9TrvH3gRCc0oXnIE8BMRCrvfpZNe0962G3Tpnc-ChpQrtLy4iQm_XIlzKXbbpW57R8QwXf0D2hndDQZwVRHT3gncVQyL6WunmppT53vvwHpQ-E2hwVZE9AbNS6dFws-jzkgAvN4XHAOnH5e8dud4Wdtr6711Cjbqam7_U_Uo_T1lRcsXHsqo4ZeTW3KOSY4XB-_Y0Tx4WldkAAZvcfv2GFeYHU91yhTLBEIPDY6pQip5CDpSSLtoWcMmkO9SiYwnKjMtXiFm3udyg_C-r2-H3jAEGuMCt2EnUazfr1sdI1sXs-YYQOoZzLRgB8J1VjrhmZA16trB0xS5zKK7Tyyc3u_fOiqirzbuz0vDtfWjy4Q_GktEKlYwzuZ_3g95HTgMDSyf1gw07QCRirLykiGRTRdeWvWGEs3zKkxBtxJYQSGE1k6YICiEJiONGiDvsxQtch3iQ0w6XufvJY6Qmm-5oWExMS9TkwjdJ8oFlkHKKTt-0Tisi8Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20221110%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=6363042674671&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP/1.1
Host: hal90008.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Mon, 28 Nov 2022 22:42:58 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 28 Nov 2022 22:42:58 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=ef11e19499662ddf; expires=Sun, 26-Feb-2023 22:42:58 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: request.php?zone=7lb6qbnvrhza&nw=20&renderingType=javascript&namespace=2981238544&subid=&uid=f2fca39d009f1feb&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC40socTmFY4aLG9rF6gSzra_wA8m5opxpvLTNztUP8C4QASCUkrtJYMOEgICYGMgBCakCmF3ITS1zsT6oAwGqBIYCT9C_CMVlN5vJx5SIulAVPkSAO2H0Kt0VjKc0PLk4mvu9BQ2jvLZJQ2mt8xCE0X_RfhJyxLd2caEEg86SkksR4u6vtV-EgUY00tejRoAwHHc8R0bN0Xp_84_zq6cBejROVUZs7W9t6l7NfTRIWjFIGez8z-27bPVVtcMnQf6-6oYUTv9UONLLDkTbCdwuAO-_QZKSJklDWq2U2Il43KW9G4N1RUfR5O60WLX835TL_ja-yBEsr4nYCj6cf0hxqtgy2xhcm4V28q0LxsDN4rKU8HmzI50wgSkMYhi_z-3eXoN30_GQgm_KzF_La3Gaw-l7yRTXhEP_tbq-PO7lpEJ0TV7K8zfsLMAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIiOGAEBABGB8yA6qCAToCgECACgGYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9zB0awuyiOSi1LWkyDsOVBEAb0x9Qa26kjNIyJG6qW5b2-1YjGQcXz914CTOWv6HQPfmrkri2stkKGAEgEw%26sig%3DAOD64_1OpK2AA1Ooghov7MOY1yyCvcnt3A%26client%3Dca-pub-3802481553156086%26dbm_c%3DAKAmf-DrgvtL6GDVWfU_trRE37nGBkcqIW0Z5ccd7CT5GZtTZCzBRUL6ASKkE1uqSOkpry38W2-jpL8tP4p-YJXXBnI4PyuJRDlRbIXXgkM9d6FvJOn4WXdPBso9TF8rFhhMrmmadqiP3lw1iRg4UyRoHPrJ17QypMkx_NlJf9V7bDRCR42-n6Y%26cry%3D1%26dbm_d%3DAKAmf-CsyhvzBcPYAykc2ANUJqEuZOPdOwsIiMhLl4HTJ0TLeHS0jYDf6PM8N0uxXWmSADQ_twvR1pdJ1Q2_pH17rn3ZvFpzAYmsKsgxicukZ7k9TrvH3gRCc0oXnIE8BMRCrvfpZNe0962G3Tpnc-ChpQrtLy4iQm_XIlzKXbbpW57R8QwXf0D2hndDQZwVRHT3gncVQyL6WunmppT53vvwHpQ-E2hwVZE9AbNS6dFws-jzkgAvN4XHAOnH5e8dud4Wdtr6711Cjbqam7_U_Uo_T1lRcsXHsqo4ZeTW3KOSY4XB-_Y0Tx4WldkAAZvcfv2GFeYHU91yhTLBEIPDY6pQip5CDpSSLtoWcMmkO9SiYwnKjMtXiFm3udyg_C-r2-H3jAEGuMCt2EnUazfr1sdI1sXs-YYQOoZzLRgB8J1VjrhmZA16trB0xS5zKK7Tyyc3u_fOiqirzbuz0vDtfWjy4Q_GktEKlYwzuZ_3g95HTgMDSyf1gw07QCRirLykiGRTRdeWvWGEs3zKkxBtxJYQSGE1k6YICiEJiONGiDvsxQtch3iQ0w6XufvJY6Qmm-5oWExMS9TkwjdJ8oFlkHKKTt-0Tisi8Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20221110%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=6363042674671&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9361
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 22:42:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9361
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 22:42:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9361
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 22:42:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9361
Expires: Tue, 29 Nov 2022 01:18:59 GMT
Date: Mon, 28 Nov 2022 22:42:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ab97acd46d3380fa12711c96b3c2d35
b703ea2cc2fcd68e60135ff77d5a5f1b93fac128
aeeaa56714fbd157e788cd24da03d43ede527959e2563e6d7d99489753dee85f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8106
x-amzn-requestid: 73d1b662-99a8-4ad7-95f9-c0b1ebf7c45a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnQEhQoAMFbLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852961-64954bc92997c9302e291381;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sYK4SFsG-No3Bd-CyGIKSWh4sUokwaHa20tc8zvbqUpxkplJOiASIA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 3655
etag: "b703ea2cc2fcd68e60135ff77d5a5f1b93fac128"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:40:08 GMT
age: 54170
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae2e2986caa15a90b615147f229b51ec
c6dfd277cdbd057472e6df6ad1a200f50684d442
ec3799922c38ee6394601744ff4b2c405ee44c4718a2b90c104134657f8b480b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9015
x-amzn-requestid: eb4599b5-e88a-47cd-8d1b-5839c4f7593e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnbGLToAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852962-67476fac77c8d1ee36f89ecc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 09Pb9RMyAoRWXYfw5mxwtpl6fnHwlxDJryR4c-F3rurGKUgo-HYUOg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 3655
etag: "c6dfd277cdbd057472e6df6ad1a200f50684d442"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cd333c474420e235831d96ed881167e
5008d7344dd85ae61a598c17e7baf427def3e25d
2178a96e120661e43d8e8ed0df1fcf500caf4c58db9e1bedaf0706af0a80b286
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3944
x-amzn-requestid: 8a6732c1-72da-4a73-ba51-8533c6a01a9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNmfFgeIAMFjLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385295c-0c807d93277bfb7f6b13c2ee;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:20 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XC26NJ0PkNhOsuvMPTd5TlY-oDOGfGoNxzzMANQRlyBWt1XZW_gUfA==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:42:03 GMT
age: 3655
etag: "5008d7344dd85ae61a598c17e7baf427def3e25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 3170
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516776052e5e906ea9f42d25bae5cc85
be4c4d01fc67218e26a3e9d27a2f708e639c9d4b
28e70e38cfad65ad8a7a68ab1dc78747c7013a87b854fc35b163cc5765cd0570
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8460
x-amzn-requestid: 51416479-3854-4f1a-9d86-35e104c57f6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnkHuZIAMF-_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852963-180b323d4a45fa2f29f9b1fc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3MKambAjrBl64HI6hBuOtNJi3Tj6gxtwH_lOfk0WNX15UnCrAJbNig==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:48:54 GMT
age: 3244
etag: "be4c4d01fc67218e26a3e9d27a2f708e639c9d4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hal90008.redintelligence.net/request.php?zone=7lb6qbnvrhza&nw=20&renderingType=javascript&namespace=2981238544&subid=&uid=f2fca39d009f1feb&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC40socTmFY4aLG9rF6gSzra_wA8m5opxpvLTNztUP8C4QASCUkrtJYMOEgICYGMgBCakCmF3ITS1zsT6oAwGqBIYCT9C_CMVlN5vJx5SIulAVPkSAO2H0Kt0VjKc0PLk4mvu9BQ2jvLZJQ2mt8xCE0X_RfhJyxLd2caEEg86SkksR4u6vtV-EgUY00tejRoAwHHc8R0bN0Xp_84_zq6cBejROVUZs7W9t6l7NfTRIWjFIGez8z-27bPVVtcMnQf6-6oYUTv9UONLLDkTbCdwuAO-_QZKSJklDWq2U2Il43KW9G4N1RUfR5O60WLX835TL_ja-yBEsr4nYCj6cf0hxqtgy2xhcm4V28q0LxsDN4rKU8HmzI50wgSkMYhi_z-3eXoN30_GQgm_KzF_La3Gaw-l7yRTXhEP_tbq-PO7lpEJ0TV7K8zfsLMAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIiOGAEBABGB8yA6qCAToCgECACgGYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9zB0awuyiOSi1LWkyDsOVBEAb0x9Qa26kjNIyJG6qW5b2-1YjGQcXz914CTOWv6HQPfmrkri2stkKGAEgEw%26sig%3DAOD64_1OpK2AA1Ooghov7MOY1yyCvcnt3A%26client%3Dca-pub-3802481553156086%26dbm_c%3DAKAmf-DrgvtL6GDVWfU_trRE37nGBkcqIW0Z5ccd7CT5GZtTZCzBRUL6ASKkE1uqSOkpry38W2-jpL8tP4p-YJXXBnI4PyuJRDlRbIXXgkM9d6FvJOn4WXdPBso9TF8rFhhMrmmadqiP3lw1iRg4UyRoHPrJ17QypMkx_NlJf9V7bDRCR42-n6Y%26cry%3D1%26dbm_d%3DAKAmf-CsyhvzBcPYAykc2ANUJqEuZOPdOwsIiMhLl4HTJ0TLeHS0jYDf6PM8N0uxXWmSADQ_twvR1pdJ1Q2_pH17rn3ZvFpzAYmsKsgxicukZ7k9TrvH3gRCc0oXnIE8BMRCrvfpZNe0962G3Tpnc-ChpQrtLy4iQm_XIlzKXbbpW57R8QwXf0D2hndDQZwVRHT3gncVQyL6WunmppT53vvwHpQ-E2hwVZE9AbNS6dFws-jzkgAvN4XHAOnH5e8dud4Wdtr6711Cjbqam7_U_Uo_T1lRcsXHsqo4ZeTW3KOSY4XB-_Y0Tx4WldkAAZvcfv2GFeYHU91yhTLBEIPDY6pQip5CDpSSLtoWcMmkO9SiYwnKjMtXiFm3udyg_C-r2-H3jAEGuMCt2EnUazfr1sdI1sXs-YYQOoZzLRgB8J1VjrhmZA16trB0xS5zKK7Tyyc3u_fOiqirzbuz0vDtfWjy4Q_GktEKlYwzuZ_3g95HTgMDSyf1gw07QCRirLykiGRTRdeWvWGEs3zKkxBtxJYQSGE1k6YICiEJiONGiDvsxQtch3iQ0w6XufvJY6Qmm-5oWExMS9TkwjdJ8oFlkHKKTt-0Tisi8Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20221110%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=6363042674671&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
138.201.63.150200 OK 1.1 kB URL HTTP/1.1 hal90008.redintelligence.net/request.php?zone=7lb6qbnvrhza&nw=20&renderingType=javascript&namespace=2981238544&subid=&uid=f2fca39d009f1feb&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC40socTmFY4aLG9rF6gSzra_wA8m5opxpvLTNztUP8C4QASCUkrtJYMOEgICYGMgBCakCmF3ITS1zsT6oAwGqBIYCT9C_CMVlN5vJx5SIulAVPkSAO2H0Kt0VjKc0PLk4mvu9BQ2jvLZJQ2mt8xCE0X_RfhJyxLd2caEEg86SkksR4u6vtV-EgUY00tejRoAwHHc8R0bN0Xp_84_zq6cBejROVUZs7W9t6l7NfTRIWjFIGez8z-27bPVVtcMnQf6-6oYUTv9UONLLDkTbCdwuAO-_QZKSJklDWq2U2Il43KW9G4N1RUfR5O60WLX835TL_ja-yBEsr4nYCj6cf0hxqtgy2xhcm4V28q0LxsDN4rKU8HmzI50wgSkMYhi_z-3eXoN30_GQgm_KzF_La3Gaw-l7yRTXhEP_tbq-PO7lpEJ0TV7K8zfsLMAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIiOGAEBABGB8yA6qCAToCgECACgGYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9zB0awuyiOSi1LWkyDsOVBEAb0x9Qa26kjNIyJG6qW5b2-1YjGQcXz914CTOWv6HQPfmrkri2stkKGAEgEw%26sig%3DAOD64_1OpK2AA1Ooghov7MOY1yyCvcnt3A%26client%3Dca-pub-3802481553156086%26dbm_c%3DAKAmf-DrgvtL6GDVWfU_trRE37nGBkcqIW0Z5ccd7CT5GZtTZCzBRUL6ASKkE1uqSOkpry38W2-jpL8tP4p-YJXXBnI4PyuJRDlRbIXXgkM9d6FvJOn4WXdPBso9TF8rFhhMrmmadqiP3lw1iRg4UyRoHPrJ17QypMkx_NlJf9V7bDRCR42-n6Y%26cry%3D1%26dbm_d%3DAKAmf-CsyhvzBcPYAykc2ANUJqEuZOPdOwsIiMhLl4HTJ0TLeHS0jYDf6PM8N0uxXWmSADQ_twvR1pdJ1Q2_pH17rn3ZvFpzAYmsKsgxicukZ7k9TrvH3gRCc0oXnIE8BMRCrvfpZNe0962G3Tpnc-ChpQrtLy4iQm_XIlzKXbbpW57R8QwXf0D2hndDQZwVRHT3gncVQyL6WunmppT53vvwHpQ-E2hwVZE9AbNS6dFws-jzkgAvN4XHAOnH5e8dud4Wdtr6711Cjbqam7_U_Uo_T1lRcsXHsqo4ZeTW3KOSY4XB-_Y0Tx4WldkAAZvcfv2GFeYHU91yhTLBEIPDY6pQip5CDpSSLtoWcMmkO9SiYwnKjMtXiFm3udyg_C-r2-H3jAEGuMCt2EnUazfr1sdI1sXs-YYQOoZzLRgB8J1VjrhmZA16trB0xS5zKK7Tyyc3u_fOiqirzbuz0vDtfWjy4Q_GktEKlYwzuZ_3g95HTgMDSyf1gw07QCRirLykiGRTRdeWvWGEs3zKkxBtxJYQSGE1k6YICiEJiONGiDvsxQtch3iQ0w6XufvJY6Qmm-5oWExMS9TkwjdJ8oFlkHKKTt-0Tisi8Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20221110%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=6363042674671&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
IP 138.201.63.150:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF, LF line terminators
Hash cb8b931fdd6aa1230da93e140db4f8c8
3105a1f119e534c03cb440efd5b5337543712a8d
c9702b0ae830df1278b5201c970e9483f655c17542d4ea55afd6d235eb857c13
GET /request.php?zone=7lb6qbnvrhza&nw=20&renderingType=javascript&namespace=2981238544&subid=&uid=f2fca39d009f1feb&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC40socTmFY4aLG9rF6gSzra_wA8m5opxpvLTNztUP8C4QASCUkrtJYMOEgICYGMgBCakCmF3ITS1zsT6oAwGqBIYCT9C_CMVlN5vJx5SIulAVPkSAO2H0Kt0VjKc0PLk4mvu9BQ2jvLZJQ2mt8xCE0X_RfhJyxLd2caEEg86SkksR4u6vtV-EgUY00tejRoAwHHc8R0bN0Xp_84_zq6cBejROVUZs7W9t6l7NfTRIWjFIGez8z-27bPVVtcMnQf6-6oYUTv9UONLLDkTbCdwuAO-_QZKSJklDWq2U2Il43KW9G4N1RUfR5O60WLX835TL_ja-yBEsr4nYCj6cf0hxqtgy2xhcm4V28q0LxsDN4rKU8HmzI50wgSkMYhi_z-3eXoN30_GQgm_KzF_La3Gaw-l7yRTXhEP_tbq-PO7lpEJ0TV7K8zfsLMAEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBIIiOGAEBABGB8yA6qCAToCgECACgGYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSPgDq26N9zB0awuyiOSi1LWkyDsOVBEAb0x9Qa26kjNIyJG6qW5b2-1YjGQcXz914CTOWv6HQPfmrkri2stkKGAEgEw%26sig%3DAOD64_1OpK2AA1Ooghov7MOY1yyCvcnt3A%26client%3Dca-pub-3802481553156086%26dbm_c%3DAKAmf-DrgvtL6GDVWfU_trRE37nGBkcqIW0Z5ccd7CT5GZtTZCzBRUL6ASKkE1uqSOkpry38W2-jpL8tP4p-YJXXBnI4PyuJRDlRbIXXgkM9d6FvJOn4WXdPBso9TF8rFhhMrmmadqiP3lw1iRg4UyRoHPrJ17QypMkx_NlJf9V7bDRCR42-n6Y%26cry%3D1%26dbm_d%3DAKAmf-CsyhvzBcPYAykc2ANUJqEuZOPdOwsIiMhLl4HTJ0TLeHS0jYDf6PM8N0uxXWmSADQ_twvR1pdJ1Q2_pH17rn3ZvFpzAYmsKsgxicukZ7k9TrvH3gRCc0oXnIE8BMRCrvfpZNe0962G3Tpnc-ChpQrtLy4iQm_XIlzKXbbpW57R8QwXf0D2hndDQZwVRHT3gncVQyL6WunmppT53vvwHpQ-E2hwVZE9AbNS6dFws-jzkgAvN4XHAOnH5e8dud4Wdtr6711Cjbqam7_U_Uo_T1lRcsXHsqo4ZeTW3KOSY4XB-_Y0Tx4WldkAAZvcfv2GFeYHU91yhTLBEIPDY6pQip5CDpSSLtoWcMmkO9SiYwnKjMtXiFm3udyg_C-r2-H3jAEGuMCt2EnUazfr1sdI1sXs-YYQOoZzLRgB8J1VjrhmZA16trB0xS5zKK7Tyyc3u_fOiqirzbuz0vDtfWjy4Q_GktEKlYwzuZ_3g95HTgMDSyf1gw07QCRirLykiGRTRdeWvWGEs3zKkxBtxJYQSGE1k6YICiEJiONGiDvsxQtch3iQ0w6XufvJY6Qmm-5oWExMS9TkwjdJ8oFlkHKKTt-0Tisi8Q%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20221110%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&ancestorOrigins=null&random=6363042674671&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 HTTP/1.1
Host: hal90008.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=ef11e19499662ddf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:42:58 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 28 Nov 2022 22:42:58 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=ef11e19499662ddf; expires=Sun, 26-Feb-2023 22:42:58 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
X-NEORY-SubId: 68784100206537804438316012157008
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1083
Connection: close
Content-Type: application/x-javascript; charset=utf-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7dccb2a3ca71be4e41290db3b21df05c
3216c20039c194bda237ca7fadabf7da7a404759
1495fb7899356aac1537b3b2252831d2b25effbc1203705be745c5dd22ab9020
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1495FB7899356AAC1537B3B2252831D2B25EFFBC1203705BE745C5DD22AB9020"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4886
Expires: Tue, 29 Nov 2022 00:04:24 GMT
Date: Mon, 28 Nov 2022 22:42:58 GMT
Connection: keep-alive
impfr.tradedoubler.com/imp?type(js)g(24793948)a(1793512)epi(68784100206537804438316012157008)preurl([RD_CLICK_ENC])511346792
35.186.231.97200 OK 272 B URL HTTP/2 impfr.tradedoubler.com/imp?type(js)g(24793948)a(1793512)epi(68784100206537804438316012157008)preurl([RD_CLICK_ENC])511346792
IP 35.186.231.97:0
File type HTML document, ASCII text, with no line terminators
Hash a648cec07a1766d0cfe80b83e06f8ec3
3754fa2bf952af8756abcef317f7fbe40ecab0ad
c744f84d4e3312237983cd449e1aa07a4edb8bef4df1a6a4f8e77d35a1ee28fd
GET /imp?type(js)g(24793948)a(1793512)epi(68784100206537804438316012157008)preurl([RD_CLICK_ENC])511346792 HTTP/1.1
Host: impfr.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript; charset=ISO-8859-1
set-cookie: BT=1z11zzxJz1dl8AfzdYQwonVzz6x1z9ydYQwonV;expires=Tue, 28-Nov-2023 22:42:58 GMT;path=/;domain=.tradedoubler.com
PI=1z11z1zxJz2IJNbCz8hDUy1y22gcOy1eGbyyyAuaby1T4by2JkgteyyEb1aS61dOC_JD85gPIofFviSqwoY0FuQqN%7ahOj7ZYaQPPIdN%78QbDPDJ%79y;expires=Tue, 28-Nov-2023 22:42:58 GMT;path=/;domain=.tradedoubler.com
UI=1z11zzxJz1ANVYYz1PA1yNiNg;expires=Tue, 28-Nov-2023 22:42:58 GMT;path=/;domain=.tradedoubler.com
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Mon, 28 Nov 2022 22:42:57 GMT
content-length: 272
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7dccb2a3ca71be4e41290db3b21df05c
3216c20039c194bda237ca7fadabf7da7a404759
1495fb7899356aac1537b3b2252831d2b25effbc1203705be745c5dd22ab9020
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1495FB7899356AAC1537B3B2252831D2B25EFFBC1203705BE745C5DD22AB9020"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4886
Expires: Tue, 29 Nov 2022 00:04:24 GMT
Date: Mon, 28 Nov 2022 22:42:58 GMT
Connection: keep-alive
impfr.tradedoubler.com/imp?type(js)g(24759774)a(1793512)epi(68784100206537804438316012157008)preurl([RD_CLICK_ENC])399649106
35.186.231.97200 OK 289 B URL HTTP/2 impfr.tradedoubler.com/imp?type(js)g(24759774)a(1793512)epi(68784100206537804438316012157008)preurl([RD_CLICK_ENC])399649106
IP 35.186.231.97:0
File type HTML document, ASCII text, with no line terminators
Hash d5a65203f38f66178f827507745f46c8
9dfca023c64056815440e23838a54b2782a705b9
7e25523a3bbbcf109bc90f34377c552ea945516b91b8b1d70b9b8c37beb321c3
GET /imp?type(js)g(24759774)a(1793512)epi(68784100206537804438316012157008)preurl([RD_CLICK_ENC])399649106 HTTP/1.1
Host: impfr.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript; charset=ISO-8859-1
set-cookie: BT=1z11zzxJz1jAJEbzdYQwooJzz6x1z9ydYQwooJ;expires=Tue, 28-Nov-2023 22:42:58 GMT;path=/;domain=.tradedoubler.com
PI=1z11z1zxJz2JAPtvz8hDUy1y22WnByCaaCyyy7Qsoy1Mh4y2JkgteyyEb1aS61dOC_JD85gPIofFviSqwoY0FuQqN%7ahOj7ZYaQPPIdN%78QbDPDJ%79y;expires=Tue, 28-Nov-2023 22:42:58 GMT;path=/;domain=.tradedoubler.com
UI=1z11zzxJzbNwtmz1J1gyNiNg;expires=Tue, 28-Nov-2023 22:42:58 GMT;path=/;domain=.tradedoubler.com
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
p3p: policyref="http://tracker.tradedoubler.com/w3c/p3p.xml",CP="NOI DSP COR NID CUR OUR NOR"
referrer-policy: origin
date: Mon, 28 Nov 2022 22:42:57 GMT
content-length: 289
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2318030168936802&bg=!c3ClcDTNAAbvMpMzzzI7ACkAdvg8WuWTKRzQHyQ0ui-dXn6dF5N0agVdwvwuZZnbk53nIfEoIhfrUQIAAAC5UgAAAAZoAQcKAIianPdUXLcRZ5pKyeyi5JS0cB0itsDjgdgnsQ8rDDFgNAE9hjSmft9i3KslZq4cnnuXSMlTERoOJS72ojGNXiVnjE2cSNtkEwX4NiX8MW3YIt8r3UnoKFzZywcDNr7AbXkW-vW4KakilDqXT079FDitAPrLNcEosQHR6TFPStLGHsYEQhhaxVJ3mQJzbTSUuZk6P1VHrY-q4DT36IUdZCRqTdHtS-yfdOHWYHTc7DwjnV89k3RW_ItYbd-bef7a3XRN34zpRFrnJwVbi4WozlDFfRHytb5NQOG1LFNA-YAcoMxpmoRhcRGle_-j1LPf-k0Cf-I1PDcutXmnBSIB0M4bueUhb72UPv5CGZ1CIaW8RdAW0-BQ5flEbKSJluAecFgNhRrU0JtpxuX3U2iIyvprRa-ZEWrxK8nfvpzxc0GfZNgSuWp39rM1HVwgHcdy4RKGAEebVqiPKSt1rn8FNRzMv67S9yFEjLHdZ64s9faoCNpNMhvjApJ82o2xJSR1AKc62-5edK-_MtgIsLfEkSCU_x30paol80-NHUCGnxUk6UTr8DGwPRvfd5WuEThkRERbFwdX8NX6fSVwPHsD8lNZ8snIjw4ZvdnbjzkDrNIXYhHlQn3yc8zRxvtQCty9nCJLfZohbGgp1yom_3sdOIoxR5GWYt6QyBHBlO5n0xEdbtcbusZ3G_CGLxafGiwRKhORJg-Ktf47L3hLdC1clJBC5Lsn2ufgFEy4tqpQ2AB3kPmDVxqEoa5PsxvEjfW9OyFCNH99xjWkPI4_jUF5lDEIzTGTiPxVFdCIIG5aIZA9I7JBacQeXHusd7cT2JZZYYPFTKdDTtdq0EGkOuEVLQPFeL1sk54JqiRE26wqPlOoEBCVCb6TSr85RvszCmrci_ociDo8cCbzR6_KzWYzxhWn1jBy2TMYo6kDvDfy6ccbzb8srHaWMp7Z0oawBltDXX-iR9Cg8ICnsEBuE45Ggi88mQtd_8r5L2QRspnIX5j2uyVz_KXlvYItyQLIs6Rr
142.250.74.2204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2318030168936802&bg=!c3ClcDTNAAbvMpMzzzI7ACkAdvg8WuWTKRzQHyQ0ui-dXn6dF5N0agVdwvwuZZnbk53nIfEoIhfrUQIAAAC5UgAAAAZoAQcKAIianPdUXLcRZ5pKyeyi5JS0cB0itsDjgdgnsQ8rDDFgNAE9hjSmft9i3KslZq4cnnuXSMlTERoOJS72ojGNXiVnjE2cSNtkEwX4NiX8MW3YIt8r3UnoKFzZywcDNr7AbXkW-vW4KakilDqXT079FDitAPrLNcEosQHR6TFPStLGHsYEQhhaxVJ3mQJzbTSUuZk6P1VHrY-q4DT36IUdZCRqTdHtS-yfdOHWYHTc7DwjnV89k3RW_ItYbd-bef7a3XRN34zpRFrnJwVbi4WozlDFfRHytb5NQOG1LFNA-YAcoMxpmoRhcRGle_-j1LPf-k0Cf-I1PDcutXmnBSIB0M4bueUhb72UPv5CGZ1CIaW8RdAW0-BQ5flEbKSJluAecFgNhRrU0JtpxuX3U2iIyvprRa-ZEWrxK8nfvpzxc0GfZNgSuWp39rM1HVwgHcdy4RKGAEebVqiPKSt1rn8FNRzMv67S9yFEjLHdZ64s9faoCNpNMhvjApJ82o2xJSR1AKc62-5edK-_MtgIsLfEkSCU_x30paol80-NHUCGnxUk6UTr8DGwPRvfd5WuEThkRERbFwdX8NX6fSVwPHsD8lNZ8snIjw4ZvdnbjzkDrNIXYhHlQn3yc8zRxvtQCty9nCJLfZohbGgp1yom_3sdOIoxR5GWYt6QyBHBlO5n0xEdbtcbusZ3G_CGLxafGiwRKhORJg-Ktf47L3hLdC1clJBC5Lsn2ufgFEy4tqpQ2AB3kPmDVxqEoa5PsxvEjfW9OyFCNH99xjWkPI4_jUF5lDEIzTGTiPxVFdCIIG5aIZA9I7JBacQeXHusd7cT2JZZYYPFTKdDTtdq0EGkOuEVLQPFeL1sk54JqiRE26wqPlOoEBCVCb6TSr85RvszCmrci_ociDo8cCbzR6_KzWYzxhWn1jBy2TMYo6kDvDfy6ccbzb8srHaWMp7Z0oawBltDXX-iR9Cg8ICnsEBuE45Ggi88mQtd_8r5L2QRspnIX5j2uyVz_KXlvYItyQLIs6Rr
IP 142.250.74.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2318030168936802&bg=!c3ClcDTNAAbvMpMzzzI7ACkAdvg8WuWTKRzQHyQ0ui-dXn6dF5N0agVdwvwuZZnbk53nIfEoIhfrUQIAAAC5UgAAAAZoAQcKAIianPdUXLcRZ5pKyeyi5JS0cB0itsDjgdgnsQ8rDDFgNAE9hjSmft9i3KslZq4cnnuXSMlTERoOJS72ojGNXiVnjE2cSNtkEwX4NiX8MW3YIt8r3UnoKFzZywcDNr7AbXkW-vW4KakilDqXT079FDitAPrLNcEosQHR6TFPStLGHsYEQhhaxVJ3mQJzbTSUuZk6P1VHrY-q4DT36IUdZCRqTdHtS-yfdOHWYHTc7DwjnV89k3RW_ItYbd-bef7a3XRN34zpRFrnJwVbi4WozlDFfRHytb5NQOG1LFNA-YAcoMxpmoRhcRGle_-j1LPf-k0Cf-I1PDcutXmnBSIB0M4bueUhb72UPv5CGZ1CIaW8RdAW0-BQ5flEbKSJluAecFgNhRrU0JtpxuX3U2iIyvprRa-ZEWrxK8nfvpzxc0GfZNgSuWp39rM1HVwgHcdy4RKGAEebVqiPKSt1rn8FNRzMv67S9yFEjLHdZ64s9faoCNpNMhvjApJ82o2xJSR1AKc62-5edK-_MtgIsLfEkSCU_x30paol80-NHUCGnxUk6UTr8DGwPRvfd5WuEThkRERbFwdX8NX6fSVwPHsD8lNZ8snIjw4ZvdnbjzkDrNIXYhHlQn3yc8zRxvtQCty9nCJLfZohbGgp1yom_3sdOIoxR5GWYt6QyBHBlO5n0xEdbtcbusZ3G_CGLxafGiwRKhORJg-Ktf47L3hLdC1clJBC5Lsn2ufgFEy4tqpQ2AB3kPmDVxqEoa5PsxvEjfW9OyFCNH99xjWkPI4_jUF5lDEIzTGTiPxVFdCIIG5aIZA9I7JBacQeXHusd7cT2JZZYYPFTKdDTtdq0EGkOuEVLQPFeL1sk54JqiRE26wqPlOoEBCVCb6TSr85RvszCmrci_ociDo8cCbzR6_KzWYzxhWn1jBy2TMYo6kDvDfy6ccbzb8srHaWMp7Z0oawBltDXX-iR9Cg8ICnsEBuE45Ggi88mQtd_8r5L2QRspnIX5j2uyVz_KXlvYItyQLIs6Rr HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 22:42:58 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CebMl57hprp-QGwPJR_y_doLoxabH8cH0_CA3-JMGVrEC2SzCBqtgmipWAjEfeMC1IHaYYEpZfRZ4oyw_1xUix8Itvk35vl1DwrCXPcKy2rJfAYww
142.250.74.2200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CebMl57hprp-QGwPJR_y_doLoxabH8cH0_CA3-JMGVrEC2SzCBqtgmipWAjEfeMC1IHaYYEpZfRZ4oyw_1xUix8Itvk35vl1DwrCXPcKy2rJfAYww
IP 142.250.74.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/gen_204?id=xbid&dbm_b=AKAmf-CebMl57hprp-QGwPJR_y_doLoxabH8cH0_CA3-JMGVrEC2SzCBqtgmipWAjEfeMC1IHaYYEpZfRZ4oyw_1xUix8Itvk35vl1DwrCXPcKy2rJfAYww HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 22:42:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vht.tradedoubler.com/file/306601/2021-05-20/320x250.jpg
54.230.111.94200 OK 21 kB URL HTTP/1.1 vht.tradedoubler.com/file/306601/2021-05-20/320x250.jpg
IP 54.230.111.94:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x250, components 3\012- data
Hash 620a65ca65df11a29a7c7e5668803619
b0acba94eb77f09a88f30376839d5e8548d985ca
941ce77bb90f60e76ecdf1e971d6fd5b7cf145de4dd50a7189b4d1602cc45d8b
GET /file/306601/2021-05-20/320x250.jpg HTTP/1.1
Host: vht.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 21276
Connection: keep-alive
Date: Tue, 22 Nov 2022 17:11:29 GMT
Server: Apache
Strict-Transport-Security: max-age=15552000; includeSubDomains
Last-Modified: Thu, 20 May 2021 06:22:44 GMT
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: l7wGGvezJfjg8M88xL9WM4pCTvmRaYFIKWLP9syxN2xEwIw576Kijg==
Age: 538289
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
vht.tradedoubler.com/file/284502/2020-03-30_Life/Life-iSale-Native-Ad-627x627.jpg
54.230.111.94200 OK 77 kB URL HTTP/1.1 vht.tradedoubler.com/file/284502/2020-03-30_Life/Life-iSale-Native-Ad-627x627.jpg
IP 54.230.111.94:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 627x627, components 3\012- data
Hash f0ae4beb351f17ef529f8b897f541b36
ce36e064906aa982851bd5392318796b56796f11
4fd513ec2b8ce5efa33cd4d8fb85531b6871714df78f02d92cf908b2bc83c9f6
GET /file/284502/2020-03-30_Life/Life-iSale-Native-Ad-627x627.jpg HTTP/1.1
Host: vht.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 77035
Connection: keep-alive
Server: Apache
Strict-Transport-Security: max-age=15552000; includeSubDomains
Last-Modified: Mon, 30 Mar 2020 16:39:36 GMT
Accept-Ranges: bytes
Date: Tue, 22 Nov 2022 04:42:06 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tRbm83pUc8TBkqUtcGr8ttT_CEhhOZbR3y82K0ULJm7WMXyxKCjSfQ==
Age: 583252
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
vht.tradedoubler.com/file/333308/627x627ImportprisLifestyleNative.jpg
54.230.111.94200 OK 40 kB URL HTTP/1.1 vht.tradedoubler.com/file/333308/627x627ImportprisLifestyleNative.jpg
IP 54.230.111.94:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 627x627, components 3\012- data
Hash 338608a07d5622a53ff86282bc3b0b6d
31cc6b0f5136719bbb4247e251a8f78d002ae2d0
9cc9548a23c3c0e18900749b148b4941efc0ffb6e016094679ec21364704ca4c
GET /file/333308/627x627ImportprisLifestyleNative.jpg HTTP/1.1
Host: vht.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 40278
Connection: keep-alive
Server: Apache
Strict-Transport-Security: max-age=15552000; includeSubDomains
Last-Modified: Thu, 17 Nov 2022 16:05:11 GMT
Accept-Ranges: bytes
Date: Mon, 28 Nov 2022 11:35:31 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: K0MdqIs44zc9fqbiU2L4ooO7pi89-inbnU810e_9OJBfFQykmNokUw==
Age: 40047
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
hal90008.redintelligence.net/request_content.php?s=68784100206537804438316012157008&a=96197490
138.201.63.150200 OK 2.0 kB URL HTTP/1.1 hal90008.redintelligence.net/request_content.php?s=68784100206537804438316012157008&a=96197490
IP 138.201.63.150:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash fbf28a9a5426ffe6a8a2583bbb0de203
b6397f1b48de7b02078df060e124bc076bc13d61
2b84aeae2a9f32a6880d5f696db1d458abbbe63d516cd43db649c1dfd8d36da8
GET /request_content.php?s=68784100206537804438316012157008&a=96197490 HTTP/1.1
Host: hal90008.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Cookie: 8lcfmzhxc8d6_uid=ef11e19499662ddf
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:42:58 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 28 Nov 2022 22:42:58 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2025
Connection: close
Content-Type: text/html; charset=utf-8
pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuMnUcTmFY8z1Mu2i7APvqprIBgAAAAA4AeAEAg&bg=!nJ-ln9vNAAbvMpMzzzI7ACkAdvg8Wj8h7AragRNa56yeBudCAh2mtdWU7NOtRKV4E3CZnzhv-_GuvAIAAACnUgAAAARoAQcKAPFZMf0ZUXe8ir3ALI3UhdK-qx8uQtkctp1ZoDW1a-wZ4JWCwFoIKF3QBg6HU7FnR8xZpk1LMGiuWKEZ4_Pdim_l6TxplJEeDGBbBpHI6dYMV14MZ4EhD6TiAJM1LCWJH6uz70M-2oy-CJvYCcZkR0yOSIq2sPL6CP09e3efV0_rIcw1ru_OCOhvMYGidn8LhsFBqHzWwZDfQYvTWAvRUZE5BXeLDTYNP9o8N6kMkatqTFedCut0ZgeklkqXXZD03kUsTqzgtf3ZDSPAZq1jfeOrDhKdXQGxR3Ehu4lkYsN1qsDcNdQ67IVwR7g-3ZUKtpBEmQKAqSRL8YJvEYYzZUIDJtIIqRbqkr9lEsOknPuRtFGJrU4kJHhBThFM57QkKgDxnLPuObjBn56L1r8rPUvea13Z6Wtda9YmKNVwapYoLFo1lUdgjJYk-5b_BejH77VAxPvm2r8uVLOD41Kzblyyup0ctj5CZ9iGITAmOVCjdC3lguBlQ5jrrjkz08tBp2jXgjN6DU-g3yTLKGn0oy_fdpNSRSoXFcb-gfHb-STmn1ahMUZNsotrU-BhaGAtUv9ZQc8D5HPc-FmNxaqUMruIxdbL15TtiCBLfilFR5lb3YISq-HYb8rQhJBR_YXa7RfQFwB6gw3dsR9f9oyzyw49LajJMHWniyr1ydWgKVeU8qf9nlbaixDb_OOg8czgvnjfg7DKfnh4qbykzblkDBTHzBGTDmizwoX_Bo_TcNtb5N6QR9_jp5Z4wEUz30aQEpR5XPZyyiV7McLY2j45NopY0kxoUNP0Ij8pTDhhCd2usYH2pERwiv9pJtqrI-rf5Zd215sYR3ROZx9x2IMrfz0b149T_FdwwpprAMGEXplWmOgQpJ1NmbZBkoR4vCafmx6427bX6GYdNn6c3R9dHjdjvvsXo0GvL2nsEC8o2gqy_Vb5GyemzF8eOQci0e-6ftlPU8rQ_Nv_xOwJPmP0ONV8lFQf8Htwf_U2ET_ncG3ZZ0fssO21F32T-iZ0V5eI-0CzdGkBCxaPnbp0Cp9kPwZ-W4F-D__Xpe8NEBOn-pzD6vQubOFIKQsuRJm-REWz6b7Q6wkyR855HYiWDntnF6hyGHAYd6GmnwMZzrchdKn6ER8AATWM40xNE3orn1QT7nq67QZsRi19VmjGsGkLHzWIW6cg-g
142.250.74.2204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuMnUcTmFY8z1Mu2i7APvqprIBgAAAAA4AeAEAg&bg=!nJ-ln9vNAAbvMpMzzzI7ACkAdvg8Wj8h7AragRNa56yeBudCAh2mtdWU7NOtRKV4E3CZnzhv-_GuvAIAAACnUgAAAARoAQcKAPFZMf0ZUXe8ir3ALI3UhdK-qx8uQtkctp1ZoDW1a-wZ4JWCwFoIKF3QBg6HU7FnR8xZpk1LMGiuWKEZ4_Pdim_l6TxplJEeDGBbBpHI6dYMV14MZ4EhD6TiAJM1LCWJH6uz70M-2oy-CJvYCcZkR0yOSIq2sPL6CP09e3efV0_rIcw1ru_OCOhvMYGidn8LhsFBqHzWwZDfQYvTWAvRUZE5BXeLDTYNP9o8N6kMkatqTFedCut0ZgeklkqXXZD03kUsTqzgtf3ZDSPAZq1jfeOrDhKdXQGxR3Ehu4lkYsN1qsDcNdQ67IVwR7g-3ZUKtpBEmQKAqSRL8YJvEYYzZUIDJtIIqRbqkr9lEsOknPuRtFGJrU4kJHhBThFM57QkKgDxnLPuObjBn56L1r8rPUvea13Z6Wtda9YmKNVwapYoLFo1lUdgjJYk-5b_BejH77VAxPvm2r8uVLOD41Kzblyyup0ctj5CZ9iGITAmOVCjdC3lguBlQ5jrrjkz08tBp2jXgjN6DU-g3yTLKGn0oy_fdpNSRSoXFcb-gfHb-STmn1ahMUZNsotrU-BhaGAtUv9ZQc8D5HPc-FmNxaqUMruIxdbL15TtiCBLfilFR5lb3YISq-HYb8rQhJBR_YXa7RfQFwB6gw3dsR9f9oyzyw49LajJMHWniyr1ydWgKVeU8qf9nlbaixDb_OOg8czgvnjfg7DKfnh4qbykzblkDBTHzBGTDmizwoX_Bo_TcNtb5N6QR9_jp5Z4wEUz30aQEpR5XPZyyiV7McLY2j45NopY0kxoUNP0Ij8pTDhhCd2usYH2pERwiv9pJtqrI-rf5Zd215sYR3ROZx9x2IMrfz0b149T_FdwwpprAMGEXplWmOgQpJ1NmbZBkoR4vCafmx6427bX6GYdNn6c3R9dHjdjvvsXo0GvL2nsEC8o2gqy_Vb5GyemzF8eOQci0e-6ftlPU8rQ_Nv_xOwJPmP0ONV8lFQf8Htwf_U2ET_ncG3ZZ0fssO21F32T-iZ0V5eI-0CzdGkBCxaPnbp0Cp9kPwZ-W4F-D__Xpe8NEBOn-pzD6vQubOFIKQsuRJm-REWz6b7Q6wkyR855HYiWDntnF6hyGHAYd6GmnwMZzrchdKn6ER8AATWM40xNE3orn1QT7nq67QZsRi19VmjGsGkLHzWIW6cg-g
IP 142.250.74.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=sodar&v=30&t=2&bgai=BuMnUcTmFY8z1Mu2i7APvqprIBgAAAAA4AeAEAg&bg=!nJ-ln9vNAAbvMpMzzzI7ACkAdvg8Wj8h7AragRNa56yeBudCAh2mtdWU7NOtRKV4E3CZnzhv-_GuvAIAAACnUgAAAARoAQcKAPFZMf0ZUXe8ir3ALI3UhdK-qx8uQtkctp1ZoDW1a-wZ4JWCwFoIKF3QBg6HU7FnR8xZpk1LMGiuWKEZ4_Pdim_l6TxplJEeDGBbBpHI6dYMV14MZ4EhD6TiAJM1LCWJH6uz70M-2oy-CJvYCcZkR0yOSIq2sPL6CP09e3efV0_rIcw1ru_OCOhvMYGidn8LhsFBqHzWwZDfQYvTWAvRUZE5BXeLDTYNP9o8N6kMkatqTFedCut0ZgeklkqXXZD03kUsTqzgtf3ZDSPAZq1jfeOrDhKdXQGxR3Ehu4lkYsN1qsDcNdQ67IVwR7g-3ZUKtpBEmQKAqSRL8YJvEYYzZUIDJtIIqRbqkr9lEsOknPuRtFGJrU4kJHhBThFM57QkKgDxnLPuObjBn56L1r8rPUvea13Z6Wtda9YmKNVwapYoLFo1lUdgjJYk-5b_BejH77VAxPvm2r8uVLOD41Kzblyyup0ctj5CZ9iGITAmOVCjdC3lguBlQ5jrrjkz08tBp2jXgjN6DU-g3yTLKGn0oy_fdpNSRSoXFcb-gfHb-STmn1ahMUZNsotrU-BhaGAtUv9ZQc8D5HPc-FmNxaqUMruIxdbL15TtiCBLfilFR5lb3YISq-HYb8rQhJBR_YXa7RfQFwB6gw3dsR9f9oyzyw49LajJMHWniyr1ydWgKVeU8qf9nlbaixDb_OOg8czgvnjfg7DKfnh4qbykzblkDBTHzBGTDmizwoX_Bo_TcNtb5N6QR9_jp5Z4wEUz30aQEpR5XPZyyiV7McLY2j45NopY0kxoUNP0Ij8pTDhhCd2usYH2pERwiv9pJtqrI-rf5Zd215sYR3ROZx9x2IMrfz0b149T_FdwwpprAMGEXplWmOgQpJ1NmbZBkoR4vCafmx6427bX6GYdNn6c3R9dHjdjvvsXo0GvL2nsEC8o2gqy_Vb5GyemzF8eOQci0e-6ftlPU8rQ_Nv_xOwJPmP0ONV8lFQf8Htwf_U2ET_ncG3ZZ0fssO21F32T-iZ0V5eI-0CzdGkBCxaPnbp0Cp9kPwZ-W4F-D__Xpe8NEBOn-pzD6vQubOFIKQsuRJm-REWz6b7Q6wkyR855HYiWDntnF6hyGHAYd6GmnwMZzrchdKn6ER8AATWM40xNE3orn1QT7nq67QZsRi19VmjGsGkLHzWIW6cg-g HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 22:42:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59806/creativesup/Iphone%201200x627.jpg
94.130.102.164200 OK 4.6 kB URL HTTP/1.1 hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59806/creativesup/Iphone%201200x627.jpg
IP 94.130.102.164:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 115 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 79cee5886a3b1ec392da033d60e6fa7c
0b4de877a3268770ca19bcc6f095e8091fc50b7b
fb111cbed4a17eaf0e2b62b90b444a859ba871eff727eceadff27f7916c4655e
GET /scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/59806/creativesup/Iphone%201200x627.jpg HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal90008.redintelligence.net/
Cookie: 8lcfmzhxc8d6_uid=ef11e19499662ddf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:42:59 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4566
Connection: close
Content-Type: image/png
hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53585/creativesup/Life-1200x627.jpg
94.130.102.164200 OK 12 kB URL HTTP/1.1 hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53585/creativesup/Life-1200x627.jpg
IP 94.130.102.164:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 115 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 531b31ad48e435bb1a2adbd556cae997
64c593c99f287635190d5fd7833ecf8dff86f8e4
6835c2abe2ad0ff9f4bff62779f8d7af653e2fc8ee7c67d45663980f39471877
GET /scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/53585/creativesup/Life-1200x627.jpg HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal90008.redintelligence.net/
Cookie: 8lcfmzhxc8d6_uid=ef11e19499662ddf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:42:59 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12387
Connection: close
Content-Type: image/png
hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/68525/creativesup/1200x627ImportprisLifestyleNative.jpg
94.130.102.164200 OK 15 kB URL HTTP/1.1 hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/68525/creativesup/1200x627ImportprisLifestyleNative.jpg
IP 94.130.102.164:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 115 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 253e44579d15ec2f17b28eebaaeab1cb
25011d693cef1178254791b08651cd23217de6a0
9d1ca80f3810d78821235a728ff5b37c7738f9429d7a9eb22f19f09c42a8039f
GET /scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/68525/creativesup/1200x627ImportprisLifestyleNative.jpg HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal90008.redintelligence.net/
Cookie: 8lcfmzhxc8d6_uid=ef11e19499662ddf
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:42:59 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14754
Connection: close
Content-Type: image/png
hal90008.redintelligence.net/viewability?s=68784100206537804438316012157008&a=e77d7669&vb=m
138.201.63.150200 OK 0 B URL HTTP/1.1 hal90008.redintelligence.net/viewability?s=68784100206537804438316012157008&a=e77d7669&vb=m
IP 138.201.63.150:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=68784100206537804438316012157008&a=e77d7669&vb=m HTTP/1.1
Host: hal90008.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal90008.redintelligence.net/request_content.php?s=68784100206537804438316012157008&a=96197490
Cookie: 8lcfmzhxc8d6_uid=ef11e19499662ddf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:42:59 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfhovRX1jqVP0jneLTyne-jZKA-yTRDwfRyzSa_QXNfR9ywXXhbsPNaFZJnHJFxzsmHeqxHD6Re7rmRr04NjXZGpn0kq5jsLpIZjO2CvnU-rNuoxaIuCr22urCBw&sai=AMfl-YRgH0qPBEQHvt2T1lAfxU3ioR_c0ftjJSUza2zZn3ol7VmW8s9mX1CNwrsMA_gRwm6N4Oj5uBFCOYF_-Lo3uyfUHI5S4dvfUA7BEZE2mDQhIEg5UId28Sqw94gEINhWag&sig=Cg0ArKJSzKeH4FCMNA3QEAE&cid=CAQSPgDq26N9zB0awuyiOSi1LWkyDsOVBEAb0x9Qa26kjNIyJG6qW5b2-1YjGQcXz914CTOWv6HQPfmrkri2stkKGAEgEw&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1669675377098&rpt=969&met=mue&wmsd=0&pbe=0
142.250.74.2200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfhovRX1jqVP0jneLTyne-jZKA-yTRDwfRyzSa_QXNfR9ywXXhbsPNaFZJnHJFxzsmHeqxHD6Re7rmRr04NjXZGpn0kq5jsLpIZjO2CvnU-rNuoxaIuCr22urCBw&sai=AMfl-YRgH0qPBEQHvt2T1lAfxU3ioR_c0ftjJSUza2zZn3ol7VmW8s9mX1CNwrsMA_gRwm6N4Oj5uBFCOYF_-Lo3uyfUHI5S4dvfUA7BEZE2mDQhIEg5UId28Sqw94gEINhWag&sig=Cg0ArKJSzKeH4FCMNA3QEAE&cid=CAQSPgDq26N9zB0awuyiOSi1LWkyDsOVBEAb0x9Qa26kjNIyJG6qW5b2-1YjGQcXz914CTOWv6HQPfmrkri2stkKGAEgEw&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1669675377098&rpt=969&met=mue&wmsd=0&pbe=0
IP 142.250.74.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjstfhovRX1jqVP0jneLTyne-jZKA-yTRDwfRyzSa_QXNfR9ywXXhbsPNaFZJnHJFxzsmHeqxHD6Re7rmRr04NjXZGpn0kq5jsLpIZjO2CvnU-rNuoxaIuCr22urCBw&sai=AMfl-YRgH0qPBEQHvt2T1lAfxU3ioR_c0ftjJSUza2zZn3ol7VmW8s9mX1CNwrsMA_gRwm6N4Oj5uBFCOYF_-Lo3uyfUHI5S4dvfUA7BEZE2mDQhIEg5UId28Sqw94gEINhWag&sig=Cg0ArKJSzKeH4FCMNA3QEAE&cid=CAQSPgDq26N9zB0awuyiOSi1LWkyDsOVBEAb0x9Qa26kjNIyJG6qW5b2-1YjGQcXz914CTOWv6HQPfmrkri2stkKGAEgEw&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1669675377098&rpt=969&met=mue&wmsd=0&pbe=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Mon, 28 Nov 2022 22:42:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal90008.redintelligence.net/viewability?s=68784100206537804438316012157008&a=e77d7669&vb=v
138.201.63.150200 OK 0 B URL HTTP/1.1 hal90008.redintelligence.net/viewability?s=68784100206537804438316012157008&a=e77d7669&vb=v
IP 138.201.63.150:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=68784100206537804438316012157008&a=e77d7669&vb=v HTTP/1.1
Host: hal90008.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal90008.redintelligence.net/request_content.php?s=68784100206537804438316012157008&a=96197490
Cookie: 8lcfmzhxc8d6_uid=ef11e19499662ddf
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 22:43:00 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=63055a55a7edb83e81c8ccce
143.204.42.231200 OK 0 B URL HTTP/2 d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=63055a55a7edb83e81c8ccce
IP 143.204.42.231:0
GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=63055a55a7edb83e81c8ccce HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.healthmad.com
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
content-encoding: br
date: Mon, 28 Nov 2022 15:59:31 GMT
cache-control: max-age=84600, must-revalidate
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
age: 24223
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zqDX0n-p_6sUudK6rMPaEaaWp9Xys06urecMj-UrTYvsN6IUSwHbdA==
X-Firefox-Spdy: h2
uploads-ssl.webflow.com/61c062a37877bc2d1123dc7d/61c072d6f28e2039fb474594_twitter.svg
143.204.55.86200 OK 0 B URL HTTP/2 uploads-ssl.webflow.com/61c062a37877bc2d1123dc7d/61c072d6f28e2039fb474594_twitter.svg
IP 143.204.55.86:0
GET /61c062a37877bc2d1123dc7d/61c072d6f28e2039fb474594_twitter.svg HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Sat, 05 Nov 2022 12:32:19 GMT
last-modified: Mon, 20 Dec 2021 12:11:03 GMT
etag: W/"ee8228c521a87e6256779137d80250f1"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: YmOMFZSYQ70hX7CKyTjBnFpcJpZldyPI
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
age: 2023838
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xUSWyBHnV5sjbkQX9OU1O08xgY9xlutoRXUnES-agpDIAmLHPukqTw==
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Inter:100,200,300,regular,500,600,700,800,900
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Inter:100,200,300,regular,500,600,700,800,900
IP 142.250.74.10:0
GET /css?family=Inter:100,200,300,regular,500,600,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 22:42:56 GMT
date: Mon, 28 Nov 2022 22:42:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
uploads-ssl.webflow.com/61c062a37877bc2d1123dc7d/61c072d6f28e208936474598_instagram.svg
143.204.55.86200 OK 0 B URL HTTP/2 uploads-ssl.webflow.com/61c062a37877bc2d1123dc7d/61c072d6f28e208936474598_instagram.svg
IP 143.204.55.86:0
GET /61c062a37877bc2d1123dc7d/61c072d6f28e208936474598_instagram.svg HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.healthmad.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Sat, 12 Nov 2022 08:18:19 GMT
last-modified: Mon, 20 Dec 2021 12:11:03 GMT
etag: W/"fa95dccfe02b00986a4875933d3efeff"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: K8jK.CaOU6MqvAFLeErtTdCB3w40UmaS
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
age: 1434277
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ZwfW6Bj9tTbB03RQCM15jvOoTQRBylHWggRHIBcTO6bb0RshJTAndw==
X-Firefox-Spdy: h2