link1s.com/MuseDash310
151.139.128.10301 Moved Permanently 0 B IP 151.139.128.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /MuseDash310 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 14 Mar 2023 00:25:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Location: https://link1s.com/MuseDash310
X-HW: 1678753553.cds208.sk1.h2,1678753553.cds220.sk1.c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 405abd45d42535567c1ecb518f4bdb04
0505c27fe2921bfa89657173fb77ca7280f04772
bdef4e5edfe0bf3fefb4dc5625e41f3faeb23a0afd24c4e6255f40f757568c35
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDEF4E5EDFE0BF3FEFB4DC5625E41F3FAEB23A0AFD24C4E6255F40F757568C35"
Last-Modified: Sun, 12 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15024
Expires: Tue, 14 Mar 2023 04:36:17 GMT
Date: Tue, 14 Mar 2023 00:25:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 234b80a5a27f3d377e322e680413479d
3da8ba535ec19898f5b83ece48cd4038ac2bf557
370104df5dd8f739601a4be42ae41bb92f365dcf585823a3c14733f7c394e926
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "370104DF5DD8F739601A4BE42AE41BB92F365DCF585823A3C14733F7C394E926"
Last-Modified: Sun, 12 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7154
Expires: Tue, 14 Mar 2023 02:25:07 GMT
Date: Tue, 14 Mar 2023 00:25:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8b1778005daa3ea807573992adbd0452
4cf2aaf44073506371c1e21970a18b9eab00622f
5f74233b9cc53b0ba6149fce51f6b31c2edb892b0a95b48e66b15ee9f59525ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F74233B9CC53B0BA6149FCE51F6B31C2EDB892B0A95B48E66B15EE9F59525AD"
Last-Modified: Sun, 12 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19784
Expires: Tue, 14 Mar 2023 05:55:37 GMT
Date: Tue, 14 Mar 2023 00:25:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Backoff, Alert, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 14 Mar 2023 00:14:09 GMT
content-type: application/json
age: 704
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RyNWBtilX5wrVVmHXRWft3CjtWBZJxIbiN9BQaGi2oNGyaf19UB/2Pywa2QPE2Mx07M5exiyAMY=
x-amz-request-id: K8VQN0VMDKX2MGWX
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 14 Mar 2023 00:20:20 GMT
age: 333
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 14 Mar 2023 00:25:53 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
151.139.128.10200 OK 40 kB URL HTTP/2 link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
IP 151.139.128.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3796b62bdd0e516cfa7d3e75abd21b15
3a35fdc27fb351a15f9c35e56671405b770b0e48
3d3ba2547ac834abc8a61fffb0b8bbd7582e058d7fbb61b6e1465b5766d591b6
GET /cloud_theme/build/css/styles.min.css?ver=6.4.0 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/MuseDash310
Cookie: SPSI=8211079302298ef61dd921cf0f58265a; SPSE=XSwgoiuonw5w/+6BNGRJ9ZkZ2pzs7Hd59LbdO50rSLkdgOhWcKXHf4m7OAhmVcIhICcDP8Ognov0Zyh14IjOmw==; spcsrf=c942c2464425437e36d7817ee5c277bc; UTGv2=D-h4dc713a326118625aa22747daaf31301655; lang=en_US; AppSession=jurr5iqb14fi5hskfrs35hsote; csrfToken=29ab678edb58048b9493f9724cf1ca8b65360a6f3759c3d70c7ad201c4a6f1c8bddec58f1042f8a3826ef22a764a9514cf0710f5b6dc1b8fd0200e8f5bb31d86; sp_lit=71O+PsHnZccEc49b+2SIBw==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:53 GMT
content-encoding: gzip
content-length: 40374
content-type: text/css
last-modified: Wed, 23 Jun 2021 02:58:02 GMT
accept-ranges: bytes
etag: W/"60d2a33a-2fa30"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1678753553.cds239.sk1.hn,1678753553.cds249.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/logo1s.png
151.139.128.10200 OK 30 kB IP 151.139.128.10:0
File type PNG image data, 247 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash aa55ddb783a9ed3a7530dd55d848ee64
e2437805b86dc3858bea3c80567447ece8b96ec4
a1e2b0dcdc48527c85aa69b5f00854c11cb4b4554544098f2473119428c38017
GET /logo1s.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/MuseDash310
Cookie: SPSI=8211079302298ef61dd921cf0f58265a; SPSE=XSwgoiuonw5w/+6BNGRJ9ZkZ2pzs7Hd59LbdO50rSLkdgOhWcKXHf4m7OAhmVcIhICcDP8Ognov0Zyh14IjOmw==; spcsrf=c942c2464425437e36d7817ee5c277bc; UTGv2=D-h4dc713a326118625aa22747daaf31301655; lang=en_US; AppSession=jurr5iqb14fi5hskfrs35hsote; csrfToken=29ab678edb58048b9493f9724cf1ca8b65360a6f3759c3d70c7ad201c4a6f1c8bddec58f1042f8a3826ef22a764a9514cf0710f5b6dc1b8fd0200e8f5bb31d86; sp_lit=71O+PsHnZccEc49b+2SIBw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:53 GMT
content-length: 30338
content-type: image/png
last-modified: Sun, 28 Feb 2021 03:13:41 GMT
accept-ranges: bytes
etag: "603b0a65-7682"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1678753553.cds239.sk1.hn,1678753553.cds069.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/js/ads.js
151.139.128.10200 OK 160 B IP 151.139.128.10:0
File type ASCII text, with no line terminators
Hash b12346c7343419a37f34307fbabe7b6d
966c50b7c0472e1459b0a42f85de2072bff58dfe
5af21e03acb972cce4f742a0a10357878a449e8ec9fcebf6a208d1e452e97ca7
GET /js/ads.js HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/MuseDash310
Cookie: SPSI=8211079302298ef61dd921cf0f58265a; SPSE=XSwgoiuonw5w/+6BNGRJ9ZkZ2pzs7Hd59LbdO50rSLkdgOhWcKXHf4m7OAhmVcIhICcDP8Ognov0Zyh14IjOmw==; spcsrf=c942c2464425437e36d7817ee5c277bc; UTGv2=D-h4dc713a326118625aa22747daaf31301655; lang=en_US; AppSession=jurr5iqb14fi5hskfrs35hsote; csrfToken=29ab678edb58048b9493f9724cf1ca8b65360a6f3759c3d70c7ad201c4a6f1c8bddec58f1042f8a3826ef22a764a9514cf0710f5b6dc1b8fd0200e8f5bb31d86; sp_lit=71O+PsHnZccEc49b+2SIBw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:53 GMT
content-encoding: gzip
content-length: 160
content-type: application/javascript; charset=utf-8
last-modified: Tue, 03 Sep 2019 13:24:48 GMT
accept-ranges: bytes
etag: "5d6e69a0-bf"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1678753553.cds239.sk1.hn,1678753553.cds210.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/js/script.min.js?ver=6.4.0
151.139.128.10200 OK 69 kB URL HTTP/2 link1s.com/cloud_theme/build/js/script.min.js?ver=6.4.0
IP 151.139.128.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 361f27dfe223957b3cd90c42a4b006b8
7a6fb972982ba9945610500c567d0baf27573c0c
a41b7e569b2251ebc720aee925901d970874795d9f918fe6a3ee6cb0da8907bf
GET /cloud_theme/build/js/script.min.js?ver=6.4.0 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/MuseDash310
Cookie: SPSI=8211079302298ef61dd921cf0f58265a; SPSE=XSwgoiuonw5w/+6BNGRJ9ZkZ2pzs7Hd59LbdO50rSLkdgOhWcKXHf4m7OAhmVcIhICcDP8Ognov0Zyh14IjOmw==; spcsrf=c942c2464425437e36d7817ee5c277bc; UTGv2=D-h4dc713a326118625aa22747daaf31301655; lang=en_US; AppSession=jurr5iqb14fi5hskfrs35hsote; csrfToken=29ab678edb58048b9493f9724cf1ca8b65360a6f3759c3d70c7ad201c4a6f1c8bddec58f1042f8a3826ef22a764a9514cf0710f5b6dc1b8fd0200e8f5bb31d86; sp_lit=71O+PsHnZccEc49b+2SIBw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:53 GMT
content-encoding: gzip
content-length: 69405
content-type: application/javascript; charset=utf-8
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: W/"5d6e69a2-32956"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1678753553.cds239.sk1.hn,1678753553.cds227.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da1c71ebaa9b47c2152bfd09c8906233
6a59f9eb7d15bcb6a23448c2c1b0e3d5fc834c6c
678690297e67d412845e35343d3caca656775876764ec0ca10dd7b2e53f59421
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bd967363f74a8fd54e6a8be3c06d7d9b
0f5808ff6d3c5522799409df1881ec789f3bcf50
60ca12a72c4fdb3cd34db9c77a5b760d0976ba38c459c1c78be32075d26244bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-129758818-7
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-129758818-7
IP 142.250.74.168:0
File type ASCII text, with very long lines (2206)
Hash 73a1f044dde2cb8aac3ee6dbcb899556
6f057879546634d1eec5a82e8287b0f5cdb3a6b5
4ce5e4e0cf74e7fc5421b81ba9c7d42bcacf97b8088a6727a359e923295a75a0
GET /gtag/js?id=UA-129758818-7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 14 Mar 2023 00:25:54 GMT
expires: Tue, 14 Mar 2023 00:25:54 GMT
cache-control: private, max-age=900
last-modified: Tue, 14 Mar 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44807
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da1c71ebaa9b47c2152bfd09c8906233
6a59f9eb7d15bcb6a23448c2c1b0e3d5fc834c6c
678690297e67d412845e35343d3caca656775876764ec0ca10dd7b2e53f59421
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bd967363f74a8fd54e6a8be3c06d7d9b
0f5808ff6d3c5522799409df1881ec789f3bcf50
60ca12a72c4fdb3cd34db9c77a5b760d0976ba38c459c1c78be32075d26244bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 281 B IP 104.18.32.68:0
Hash 8cc58fe02f2e931f112f406b91fd0d29
2e339379175d5f6b348806066ed60407483c3a3b
00d107efe456878d913f04b037a52fb6075fdb1387a3a9493959e716e8d4a417
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 14 Mar 2023 00:25:54 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Sat, 11 Mar 2023 00:29:43 GMT
Expires: Sat, 18 Mar 2023 00:29:42 GMT
Etag: "2e339379175d5f6b348806066ed60407483c3a3b"
Cache-Control: max-age=345227,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a7861d0de570b55-OSL
lv.adocean.pl/files/js/aomini.js
54.38.133.13200 OK 3.2 kB URL HTTP/2 lv.adocean.pl/files/js/aomini.js
IP 54.38.133.13:0
File type ASCII text, with very long lines (8143), with no line terminators
Hash 42a9082055f120332d440310376961aa
0ba7e33900a133c432894b200fa39cfe1dcec977
482e1eb90494ada9bb9e01c1b10bfc739ae709a6dadd2f810f423f2afbd5e651
GET /files/js/aomini.js HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GAD
date: Tue, 14 Mar 2023 00:25:54 GMT
cache-control: public, must-revalidate, max-age=14400
last-modified: Fri, 24 Feb 2023 12:33:15 GMT
etag: "00001FCFAF20B624"
expires: Tue, 14 Mar 2023 04:25:54 GMT
accept-ranges: bytes
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 3211
content-encoding: gzip
X-Firefox-Spdy: h2
lv.adocean.pl/_1678753554253/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
54.38.133.13301 Moved Permanently 0 B URL HTTP/2 lv.adocean.pl/_1678753554253/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
IP 54.38.133.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_1678753554253/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024 HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: GAD
date: Tue, 14 Mar 2023 00:25:54 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 13 Mar 2023 00:25:54 GMT
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: GAD=KlxhCRMGQMGGUfk0jUxlplMUssGMXP8cFRySssX6Sssa; Domain=lv.adocean.pl; Path=/; SameSite=None; Secure; Expires=Fri, 12 Apr 2024 00:25:54 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1678753554253/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
content-length: 0
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Pragma, Last-Modified, ETag, Retry-After, Cache-Control, Content-Type, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 14 Mar 2023 00:06:47 GMT
age: 1147
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
lv.adocean.pl/__/_1678753554253/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
54.38.133.13200 OK 18 kB URL HTTP/2 lv.adocean.pl/__/_1678753554253/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
IP 54.38.133.13:0
File type ASCII text, with very long lines (53947)
Hash a3c6ed756079841afd68478beb202684
c9e0fbff227f6b6a3e4b5373ffc8ea48933ad036
b4f03e802e81bd569c6d421fd5e426849c0fb22151645c99f4faec08f3dbfc15
GET /__/_1678753554253/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024 HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GAD
date: Tue, 14 Mar 2023 00:25:54 GMT
pragma: no-cache
cache-control: no-cache, must-revalidate, max-age=0
expires: Mon, 13 Mar 2023 00:25:54 GMT
accept-ranges: none
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 17781
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash db27ecc2f481e8871b2e99584e751660
e671ecb839d53e296f4ec303208ddb713c72aecc
5c910268b5c4f0244540c5570056673f8cbe4a0979f301363cb56dc359c147df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C910268B5C4F0244540C5570056673F8CBE4A0979F301363CB56DC359C147DF"
Last-Modified: Sun, 12 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8188
Expires: Tue, 14 Mar 2023 02:42:22 GMT
Date: Tue, 14 Mar 2023 00:25:54 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 281 B IP 104.18.32.68:0
Hash 9b4a2adcb57157b3a50c5ae7069c263f
7fe39506cb06c5b58334f2cae1f6f89254d549e4
d0da117c8caeac2637c25384f73118134ccf1f99451d8facd588d2be4185af31
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 14 Mar 2023 00:25:54 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Mon, 13 Mar 2023 18:32:42 GMT
Expires: Mon, 20 Mar 2023 18:32:41 GMT
Etag: "7fe39506cb06c5b58334f2cae1f6f89254d549e4"
Cache-Control: max-age=583006,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a7861d46f910b55-OSL
push.services.mozilla.com/
54.149.224.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.224.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GCeOeFJVXz7CjTbasvQ3GQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XNyNwBLwl35z+IK+qd1EGWwhAQw=
adlv.hit.gemius.pl/gdejs/xgde.js
54.38.193.68200 OK 20 kB URL HTTP/2 adlv.hit.gemius.pl/gdejs/xgde.js
IP 54.38.193.68:0
File type ASCII text, with very long lines (1202)
Hash ba0c31a88d186b9bf37f038600a30ce0
263bf7796d6c092a27c3af812b318487b9065ef2
200026d61c313f864938c246085a8e66a4146bc26f08b8d55aa0d1517b181bb5
GET /gdejs/xgde.js HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:54 GMT
expires: Wed, 15 Mar 2023 00:25:54 GMT
server: GHC
accept-ranges: none
cache-control: public, max-age=86400
last-modified: Mon, 30 Jan 2023 07:57:30 GMT
etag: "63D7786A0000E1021FE82885"
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 20061
content-encoding: gzip
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/img/header.jpg
151.139.128.10200 OK 32 kB URL HTTP/2 link1s.com/cloud_theme/build/img/header.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2020:06:15 13:00:39], baseline, precision 8, 1921x900, components 3\012- data
Hash cfb50952d88e992695dddecdc3cf3998
59ce92345516d98f1f688933e6aa3ce72c7226c9
fb6ea9089178b18c66e8110965f05a461c772ce16debb14c3e61d4bae3e6c3ca
GET /cloud_theme/build/img/header.jpg HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Cookie: SPSI=8211079302298ef61dd921cf0f58265a; SPSE=XSwgoiuonw5w/+6BNGRJ9ZkZ2pzs7Hd59LbdO50rSLkdgOhWcKXHf4m7OAhmVcIhICcDP8Ognov0Zyh14IjOmw==; spcsrf=c942c2464425437e36d7817ee5c277bc; UTGv2=D-h4dc713a326118625aa22747daaf31301655; lang=en_US; AppSession=jurr5iqb14fi5hskfrs35hsote; csrfToken=29ab678edb58048b9493f9724cf1ca8b65360a6f3759c3d70c7ad201c4a6f1c8bddec58f1042f8a3826ef22a764a9514cf0710f5b6dc1b8fd0200e8f5bb31d86; sp_lit=71O+PsHnZccEc49b+2SIBw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:54 GMT
content-length: 32352
content-type: image/jpeg
last-modified: Mon, 15 Jun 2020 06:00:41 GMT
accept-ranges: bytes
etag: "5ee70e89-7e60"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1678753554.cds239.sk1.hn,1678753554.cds069.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/fonts/fontawesome-webfont.woff2
151.139.128.10200 OK 77 kB URL HTTP/2 link1s.com/cloud_theme/build/fonts/fontawesome-webfont.woff2
IP 151.139.128.10:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /cloud_theme/build/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Cookie: SPSI=8211079302298ef61dd921cf0f58265a; SPSE=XSwgoiuonw5w/+6BNGRJ9ZkZ2pzs7Hd59LbdO50rSLkdgOhWcKXHf4m7OAhmVcIhICcDP8Ognov0Zyh14IjOmw==; spcsrf=c942c2464425437e36d7817ee5c277bc; UTGv2=D-h4dc713a326118625aa22747daaf31301655; lang=en_US; AppSession=jurr5iqb14fi5hskfrs35hsote; csrfToken=29ab678edb58048b9493f9724cf1ca8b65360a6f3759c3d70c7ad201c4a6f1c8bddec58f1042f8a3826ef22a764a9514cf0710f5b6dc1b8fd0200e8f5bb31d86; sp_lit=71O+PsHnZccEc49b+2SIBw==
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:54 GMT
content-length: 77160
content-type: font/woff2
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: "5d6e69a2-12d68"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1678753554.cds239.sk1.hn,1678753554.cds015.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1ab1166f7bff55b1cdb91995994a1bc5
ef8a50c62d70d195fcca8c3a4e2905b97a9b41c5
fc8701a961e1c852a157cdf72915c968d7768b8f4273839bec64d3265147b745
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link1s.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Mar 2023 04:29:09 GMT
expires: Wed, 06 Mar 2024 04:29:09 GMT
cache-control: public, max-age=31536000
age: 590206
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1ab1166f7bff55b1cdb91995994a1bc5
ef8a50c62d70d195fcca8c3a4e2905b97a9b41c5
fc8701a961e1c852a157cdf72915c968d7768b8f4273839bec64d3265147b745
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
216.58.207.227200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data
Hash 1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link1s.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Mar 2023 13:00:25 GMT
expires: Thu, 07 Mar 2024 13:00:25 GMT
cache-control: public, max-age=31536000
age: 473130
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link1s.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 12 Mar 2023 10:25:03 GMT
expires: Mon, 11 Mar 2024 10:25:03 GMT
cache-control: public, max-age=31536000
age: 136852
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lv.adocean.pl/_1678753555040/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
54.38.133.13301 Moved Permanently 0 B URL HTTP/2 lv.adocean.pl/_1678753555040/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
IP 54.38.133.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_1678753555040/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024 HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: GAD
date: Tue, 14 Mar 2023 00:25:55 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 13 Mar 2023 00:25:55 GMT
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: GAD=KlS_kRXGQMGGEnBQEUulplMUssGMXP8cFRySssX6Sssa; Domain=lv.adocean.pl; Path=/; SameSite=None; Secure; Expires=Fri, 12 Apr 2024 00:25:55 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1678753555040/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1ab1166f7bff55b1cdb91995994a1bc5
ef8a50c62d70d195fcca8c3a4e2905b97a9b41c5
fc8701a961e1c852a157cdf72915c968d7768b8f4273839bec64d3265147b745
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adlv.hit.gemius.pl/gdejs/xgde.html
54.38.193.68200 OK 215 B URL HTTP/2 adlv.hit.gemius.pl/gdejs/xgde.html
IP 54.38.193.68:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 55e60b35e679aae2decd8d7b37c2c310
cc934f43ee3d226c5f8f040e42343bfc26b26f01
72796c74c2c95fe9d62ecc1ea25b00b824c095fd955b5c67e82eb2dd0b50600f
GET /gdejs/xgde.html HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
expires: Wed, 15 Mar 2023 00:25:55 GMT
server: GHC
accept-ranges: none
cache-control: public, max-age=86400
last-modified: Fri, 18 Aug 2017 12:03:49 GMT
etag: "5996D7A50000012F9178E011"
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 215
content-encoding: gzip
X-Firefox-Spdy: h2
boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
104.22.0.93204 No Content 0 B URL HTTP/2 boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
IP 104.22.0.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d HTTP/1.1
Host: boot.pbstck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 14 Mar 2023 00:25:55 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a7861d7ccb40b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lv.adocean.pl/__/_1678753555040/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
54.38.133.13200 OK 18 kB URL HTTP/2 lv.adocean.pl/__/_1678753555040/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
IP 54.38.133.13:0
File type ASCII text, with very long lines (53995)
Hash cd345c7b815bedcb46dbe7948448d78c
33150a0c9c235cad3368d07e25d1f0002c7ec5c9
0148581da0065195465cf08b54fecde23fe008e6dc95ee11ecbc452c2f33d057
GET /__/_1678753555040/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024 HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GAD
date: Tue, 14 Mar 2023 00:25:55 GMT
pragma: no-cache
cache-control: no-cache, must-revalidate, max-age=0
expires: Mon, 13 Mar 2023 00:25:55 GMT
accept-ranges: none
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 17786
content-encoding: gzip
X-Firefox-Spdy: h2
adlv.hit.gemius.pl/gemius.js
54.38.193.68200 OK 17 kB URL HTTP/2 adlv.hit.gemius.pl/gemius.js
IP 54.38.193.68:0
File type ASCII text, with very long lines (417)
Hash 371c670dc75640a105b2152a50851746
7cbac23b4f44d88063660fd632f8703d4134c8ab
97517bdbc956eb6a03b423c6b9c13ca956db80a11582c4b6011c282c1564737f
GET /gemius.js HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adlv.hit.gemius.pl/gdejs/xgde.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
expires: Tue, 14 Mar 2023 12:25:55 GMT
server: GHC
accept-ranges: none
cache-control: max-age=43200
last-modified: Fri, 10 Mar 2023 11:41:04 GMT
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 17068
content-encoding: gzip
X-Firefox-Spdy: h2
lv.adocean.pl/_1678753555400/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
54.38.133.13301 Moved Permanently 0 B URL HTTP/2 lv.adocean.pl/_1678753555400/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
IP 54.38.133.13:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_1678753555400/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024 HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: GAD
date: Tue, 14 Mar 2023 00:25:55 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 13 Mar 2023 00:25:55 GMT
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: GAD=KlGVVMaGQMQGtMUljUulplMUssGMXP8cFRySssX6Sssa; Domain=lv.adocean.pl; Path=/; SameSite=None; Secure; Expires=Fri, 12 Apr 2024 00:25:55 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1678753555400/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
content-length: 0
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.8.169200 OK 268 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.8.169:0
File type ASCII text, with very long lines (482)
Hash 58fe1f2623397cca72ecea6ee95d76b9
ac4d33ae761cf330574597936273a9c5d82f96d0
7cb0b5944c53bbacc5983fbef96aa0c1f514ec12da81666765610eae562a9020
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 14 Mar 2023 00:25:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 2173152
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNGjE4YJPo3sscw%2B2MkvQ21GFpLpJY20YqlUGqApughG9nP2ZRz%2B9g9pyL8s9hwbOWqBCX1jQQu9XuZcLuduPKvLZmcNcWcaKg8UKr1NG9gG5SQYIMJQyA4sZWe08q2t"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a7861d96f3d0b4d-OSL
Content-Encoding: br
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9cf2ad260285bd3de6984c1ac2052766
44a085a1aafb39fad07f9a47fd83f4ad945e0282
c4c66ccc07dd4d7e61c4efe96d7e5e772f3d1fb43c429020b23f1b41e067fef6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4C66CCC07DD4D7E61C4EFE96D7E5E772F3D1FB43C429020B23F1B41E067FEF6"
Last-Modified: Sun, 12 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10822
Expires: Tue, 14 Mar 2023 03:26:17 GMT
Date: Tue, 14 Mar 2023 00:25:55 GMT
Connection: keep-alive
stpd.cloud/assets/postbid/stpd220112.js
104.18.30.49200 OK 141 kB URL HTTP/2 stpd.cloud/assets/postbid/stpd220112.js
IP 104.18.30.49:0
File type ASCII text, with very long lines (58930)
Size 141 kB (141031 bytes)
Hash d08426319a296551562121042c014d68
a8baa601b7865504b549612eb79fa3ec4c38f750
618dee123453f400124a1d3c279402d05f69d9d64b574d62749667e475a11ea6
GET /assets/postbid/stpd220112.js HTTP/1.1
Host: stpd.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/javascript
content-md5: HjfY42wqSWw306GoqTYOLw==
last-modified: Thu, 09 Mar 2023 12:29:32 GMT
vary: Origin, Accept-Encoding
x-ms-request-id: 9a794d71-c01e-002c-3682-521338000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
age: 6164
expires: Tue, 14 Mar 2023 04:25:55 GMT
cache-control: public, max-age=14400
access-control-allow-origin: *
server: cloudflare
cf-ray: 7a7861d7e96eb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
id5-sync.com/g/v2/481.json
162.19.138.82200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 162.19.138.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f880d24d20bfef498e98678da1741756
afdc272f7fe7a14c04a80efe42f627b2057c729a
3a4a02cbc2646617506c712ea3eae9869e23f49e2ef6df3a6cd2e27e955005eb
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 141
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 14 Mar 2023 00:25:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 7c2d7cf4184439d7e6f9a78d75e07626
ccccd35679b32ebf4df4bf2848b803fcb978a0c0
1f90610d91b797650b3c33e4663471cc00b8c527153cc1a63f51ad07f0661f95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6289
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:55 GMT
Last-Modified: Mon, 13 Mar 2023 22:41:06 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 7c2d7cf4184439d7e6f9a78d75e07626
ccccd35679b32ebf4df4bf2848b803fcb978a0c0
1f90610d91b797650b3c33e4663471cc00b8c527153cc1a63f51ad07f0661f95
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6289
Cache-Control: max-age=145193
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:55 GMT
Etag: "640f3aab-1d7"
Expires: Wed, 15 Mar 2023 16:45:48 GMT
Last-Modified: Mon, 13 Mar 2023 15:00:59 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
script.4dex.io/adagio.js
104.26.8.169200 OK 23 kB IP 104.26.8.169:0
File type ASCII text, with very long lines (65354)
Hash 532a99fc0eb7b2c50a6bb0e5238b8dbb
d84157eb7e55c39d52ba5dde6e5bd4666f596e71
e6fa5d38f82f6bebf5dba12f2e84db1383827936fe077374593c6285f94e784c
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 14 Mar 2023 00:25:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: LUZWsTkO7tndKHEUAypIYoYECZDqiFKRPqFYcwBmgsZi1o5jCuowifq3VKDNdpIpyW7MjsdBhRg=
x-amz-request-id: 0P2J7B52ZX2ZH1EQ
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1562979
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJ35VYzuUx2rQXfqCssiPsZHvzddXAxhomlYx72J8CF1dy9%2FHt7Q8%2F2XDPzO3iGQoCUo8VNi2rdc022o7Cs7ZrGK5G8awLW7sLltSE1xrAu1cXd90D4S4BJLiNgL89eB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a7861da2be1b4ee-OSL
Content-Encoding: br
mp.4dex.io/prebid
104.18.3.114204 No Content 0 B IP 104.18.3.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1655
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 14 Mar 2023 00:25:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. adstxt lines or seller entries are incomplete
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a7861da1ac9b500-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 314 B IP 192.229.221.95:0
Hash 03d762c70381d4166d23a8dc024f8a00
986affde2ffd769f11a04108c21e57807a440dfa
388e86ddd907f2c8c12fafcdc6bfc751eb2d95c331da8e0107b6fdbecd11f59d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6318
Cache-Control: max-age=136946
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:55 GMT
Etag: "640f1a58-13a"
Expires: Wed, 15 Mar 2023 14:28:21 GMT
Last-Modified: Mon, 13 Mar 2023 12:43:04 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 314
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5529e869790466883010856596b8df6c
fb70cee6c7c18818d22a4b3213ef1bca015001ce
8e88864c7418c0c78730a8df74db29e2538318abfc149223ad171f99f4404d51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E88864C7418C0C78730A8DF74DB29E2538318ABFC149223AD171F99F4404D51"
Last-Modified: Sun, 12 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13534
Expires: Tue, 14 Mar 2023 04:11:29 GMT
Date: Tue, 14 Mar 2023 00:25:55 GMT
Connection: keep-alive
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f9231ec06e3cb953db7941d76f907089
3764539d359f4a2456d2dd6b85a165fddf05575f
ce719043f1221f3ec788426e63ab7695fb75394fac6a2df2ad22e3c8e12be5d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2698
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:55 GMT
Last-Modified: Mon, 13 Mar 2023 23:40:57 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
adlv.hit.gemius.pl/_1678753554981/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC;/inner=%7C;/extra=;
54.38.193.68301 Moved Permanently 0 B URL HTTP/2 adlv.hit.gemius.pl/_1678753554981/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC;/inner=%7C;/extra=;
IP 54.38.193.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /_1678753554981/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC;/inner=%7C;/extra=; HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 14 Mar 2023 00:25:55 GMT
expires: Mon, 13 Mar 2023 00:25:55 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlxwcRXGQMQGj-l0lUYlplMUssGMXP8cFRbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Tue, 21 Mar 2023 00:25:55 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1678753554981/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC;/inner=%7C;/extra=;
content-length: 0
X-Firefox-Spdy: h2
lv.adocean.pl/__/_1678753555400/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
54.38.133.13200 OK 18 kB URL HTTP/2 lv.adocean.pl/__/_1678753555400/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024
IP 54.38.133.13:0
File type ASCII text, with very long lines (53995)
Hash 1f91804f0c476bbf41f3d5345b255d62
88625ee33c03c1a6b4e73a72b27882d0caca9588
56bce5062fbcbb2f7a596719b9d03906b9106ed61742b8e716395437bdd6f754
GET /__/_1678753555400/ad.js?id=_5hbI6c1_FfPWSiVGyCCEPjjHzow7a7JdT4Umu6Euhz.m7/x=1280/y=1024 HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GAD
date: Tue, 14 Mar 2023 00:25:55 GMT
pragma: no-cache
cache-control: no-cache, must-revalidate, max-age=0
expires: Mon, 13 Mar 2023 00:25:55 GMT
accept-ranges: none
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 17781
content-encoding: gzip
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.8.169304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Tue, 14 Mar 2023 00:25:55 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 2173152
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRrdYt9uDHBXAf5XNyCQbmUtZdangfdf12rsB07q2x6QD3dKUEkBCAJklWcmpiybs2n3F9JO2gkiU1uP765%2FYeUmAjZScpA8HxSzrx9G5Uldqyy3TyJgieOki5wVBHp7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a7861da7f930b4d-OSL
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 708
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: max-age=0, private, must-revalidate
date: Tue, 14 Mar 2023 00:25:55 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
set-cookie: X-Contour-Session-Affinity="264c4555377beb47"; Path=/; HttpOnly
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=pbs-setupad&endpoint=eu HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 14 Mar 2023 00:25:55 GMT
Connection: keep-alive
Vary: Accept-Encoding
onetag-sys.com/prebid-request
51.89.9.253200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 978
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://link1s.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
id5-sync.com/g/v2/481.json
162.19.138.82200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 162.19.138.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cdf35f8c8c81f5e9e1066e45d25c70ed
19133b4b78152040523c9f607be218bdeead8460
27cd3c76c06f6ae56c3c6e43658f51cdf17326f46faadcd6375ece141e1a17b7
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 141
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 14 Mar 2023 00:25:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 507c0007a19b21278e6a10ec5eb17da7
ebacb2fd6660713362d450c55bc832b91e6f5939
30087f049eaa2551d267903369e1e559b4f7e6234ea2a03a84861643abad07fe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4232
Cache-Control: max-age=93470
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:55 GMT
Etag: "640e78a9-1d7"
Expires: Wed, 15 Mar 2023 02:23:45 GMT
Last-Modified: Mon, 13 Mar 2023 01:13:13 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 42caf5f2bac54ddf46437d62cb5e78af
115c2afc73586826e8347f35de52c8c3f084a29d
f1a9a52293f36ad68dc566144eb91fe0431b9714895d340ee32e5a9ef5a0c09e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5751
Cache-Control: max-age=158312
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:55 GMT
Etag: "640f7004-1d7"
Expires: Wed, 15 Mar 2023 20:24:27 GMT
Last-Modified: Mon, 13 Mar 2023 18:48:36 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 885
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
date: Tue, 14 Mar 2023 00:25:54 GMT
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=pbs-setupad&endpoint=eu HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 14 Mar 2023 00:25:55 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 42caf5f2bac54ddf46437d62cb5e78af
115c2afc73586826e8347f35de52c8c3f084a29d
f1a9a52293f36ad68dc566144eb91fe0431b9714895d340ee32e5a9ef5a0c09e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2971
Cache-Control: max-age=155532
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:55 GMT
Etag: "640f7004-1d7"
Expires: Wed, 15 Mar 2023 19:38:07 GMT
Last-Modified: Mon, 13 Mar 2023 18:48:36 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 535
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 14 Mar 2023 00:25:55 GMT
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (18419)
Hash e2f87627b8150eacb1fcd5f6a6e3c6b4
2a657db6831cee7026b62ec9483cfc839bdfe7de
d2c48ef9874c6d5e4e269ef9d480d8ad0e0916af22c2efea86c15b244239e370
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Mon, 13 Mar 2023 04:17:22 GMT
Content-Encoding: gzip
Content-Length: 9997
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=13828
Expires: Tue, 14 Mar 2023 04:16:23 GMT
Date: Tue, 14 Mar 2023 00:25:55 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c086c1058b5efe686a7ff3bcbe30a364
9f86ca794928ef69e0c51b05ca05ca83a84faa73
ab5e437602f7d061398eb58e83530d3f0c175c390d2713547a13de8e92b9f2dc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 14 Mar 2023 00:25:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 11 Mar 2023 14:03:26 GMT
Expires: Sat, 18 Mar 2023 14:03:25 GMT
Etag: "9f86ca794928ef69e0c51b05ca05ca83a84faa73"
Cache-Control: max-age=394049,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a7861dac891b4f4-OSL
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
178.250.0.157200 OK 403 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (494), with no line terminators
Hash b84d8a915f36ad769ca553d00b05e0c9
bfbc5b2ce3f256a8c3dabb714fdd74d690d8b0ac
74c6b73b334a7380892b50957ea120377a2b2e15d53479374b633227095d1e8c
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 630032
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/img/footer.jpg
151.139.128.10200 OK 19 kB URL HTTP/2 link1s.com/cloud_theme/build/img/footer.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2020:06:15 13:02:54], baseline, precision 8, 1920x321, components 3\012- data
Hash 3fa1e91dd1aa28e99f307af4ed2105bd
43f48e0120f36b533465250967e8b225d797f485
4490d0650e3dfb1cbad3fff7bd9d56e557e3894956c4ba05900723803fab21ff
GET /cloud_theme/build/img/footer.jpg HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Cookie: SPSI=8211079302298ef61dd921cf0f58265a; SPSE=XSwgoiuonw5w/+6BNGRJ9ZkZ2pzs7Hd59LbdO50rSLkdgOhWcKXHf4m7OAhmVcIhICcDP8Ognov0Zyh14IjOmw==; spcsrf=c942c2464425437e36d7817ee5c277bc; UTGv2=D-h4dc713a326118625aa22747daaf31301655; lang=en_US; AppSession=jurr5iqb14fi5hskfrs35hsote; csrfToken=29ab678edb58048b9493f9724cf1ca8b65360a6f3759c3d70c7ad201c4a6f1c8bddec58f1042f8a3826ef22a764a9514cf0710f5b6dc1b8fd0200e8f5bb31d86; sp_lit=71O+PsHnZccEc49b+2SIBw==; _pbjs_userid_consent_data=3524755945110770; stpdOrigin={"origin":"direct"}; ab=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-length: 18564
content-type: image/jpeg
last-modified: Mon, 15 Jun 2020 06:02:55 GMT
accept-ranges: bytes
etag: "5ee70f0f-4884"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1678753555.cds239.sk1.hn,1678753555.cds226.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=18159018435
178.250.1.8204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=18159018435
IP 178.250.1.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=6.6.0&cb=18159018435 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 296
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 14 Mar 2023 00:25:55 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://link1s.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.6.252204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 549
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 14 Mar 2023 00:25:55 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://link1s.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678753555760
51.89.9.253204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1678753555760
IP 51.89.9.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2a897e3f18e6769&cb=1678753555760 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 5.0 kB URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (12719), with no line terminators
Hash 0e2ce915a48d4a57333d2e2c1068010c
319be947b86ceb2984996978df88acc0a1617278
292d95539fe83e45ccf695602c23e9356cc5e1f06ac1fb5cf138b6f08650d929
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 676
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 14 Mar 2023 00:25:55 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://link1s.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 11880f7d-b51f-49e5-a4c5-98a0d13ca9bc
Set-Cookie: icu=ChgI6fZ8EAoYASABKAEwk_6-oAY4AUABSAEQk_6-oAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Jun-2023 00:25:55 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=2136914171298614674; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Jun-2023 00:25:55 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Encoding: gzip
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash d0041d132206fde914af84315afa4c6c
f627dfbbac7ac472bc243a0b1f711370a20ea0b0
3ecb3fa3ae1cbda82d33437af2ad77f7d7ac5f2c6d9218c3960ca9ef52df65b4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 14 Mar 2023 00:25:55 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 10 Mar 2023 12:31:20 GMT
Expires: Fri, 17 Mar 2023 12:31:19 GMT
Etag: "f627dfbbac7ac472bc243a0b1f711370a20ea0b0"
Cache-Control: max-age=302123,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a7861da69e40b55-OSL
adlv.hit.gemius.pl/__/_1678753554981/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC;/inner=%7C;/extra=;
54.38.193.68200 OK 2 B URL HTTP/2 adlv.hit.gemius.pl/__/_1678753554981/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC;/inner=%7C;/extra=;
IP 54.38.193.68:0
Hash e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
GET /__/_1678753554981/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC;/inner=%7C;/extra=; HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
expires: Mon, 13 Mar 2023 00:25:55 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlSPRMGGQMGGMxAc3UVlplMUssGMXP8cFRbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Tue, 21 Mar 2023 00:25:55 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 2
X-Firefox-Spdy: h2
onetag-sys.com/prebid-request
51.89.9.253200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1147
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://link1s.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 808
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: max-age=0, private, must-revalidate
date: Tue, 14 Mar 2023 00:25:55 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
set-cookie: X-Contour-Session-Affinity="264c4555377beb47"; Path=/; HttpOnly
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 979
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
date: Tue, 14 Mar 2023 00:25:54 GMT
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=99544899173
178.250.1.8204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=99544899173
IP 178.250.1.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=6.6.0&cb=99544899173 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 347
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 14 Mar 2023 00:25:55 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://link1s.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.3.114204 No Content 0 B IP 104.18.3.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1759
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 14 Mar 2023 00:25:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. adstxt lines or seller entries are incomplete
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a7861dbcd15b500-OSL
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 626
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 14 Mar 2023 00:25:55 GMT
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5667aa36cb2d268d0503c3000a45cd37
bad5586d1c4f265f0044d44d5c86fac602f411c4
59ed9b373cdae87f88cc8892d033821814a441684351f88cf2ac5c5ae40519ea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59ED9B373CDAE87F88CC8892D033821814A441684351F88CF2AC5C5AE40519EA"
Last-Modified: Sun, 12 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=492
Expires: Tue, 14 Mar 2023 00:34:07 GMT
Date: Tue, 14 Mar 2023 00:25:55 GMT
Connection: keep-alive
rtb.adxpremium.services/openrtb2/auction
185.106.140.18200 OK 2.0 kB URL HTTP/1.1 rtb.adxpremium.services/openrtb2/auction
IP 185.106.140.18:0
File type JSON data\012- , ASCII text, with very long lines (1982)
Hash 07606f26cd4fbd9995349bd77502fc71
1e11e45b09e6eed5cf37296f04ce35219f33d50b
fae9d36e29d63cb1b190312740d8ce091a38b32f4129289213960adc9666d3a2
POST /openrtb2/auction HTTP/1.1
Host: rtb.adxpremium.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 664
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Mar 2023 00:25:55 GMT
Content-Type: application/json
Content-Length: 1983
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Vary: Origin
X-Prebid: pbs-go/unknown
ads.betweendigital.com/adjson?t=prebid
188.42.34.64200 OK 28 B URL HTTP/2 ads.betweendigital.com/adjson?t=prebid
IP 188.42.34.64:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6a302ebb8025de590fd9ddeb3655ced8
425703dd90ae02ce808237b6693f3a1b7a018970
27abff8f4b99844f33a5d7c21b3c0912eb3014a0b5b5ecdb96a41c61f8064ce4
POST /adjson?t=prebid HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 489
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:25:55 GMT; Path=/; Domain=.betweendigital.com
tuuid=cadc3a40-2aeb-5249-abc6-bee8cfc901fb; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:25:55 GMT; Path=/; Domain=.betweendigital.com
ut=ZA-_EwAMBiBnQ8GfhuH5A0nJPU-8dW7r0djIHg==; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:25:55 GMT; Path=/; Domain=.betweendigital.com
unm=1; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:25:55 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 7e0c2786b519df6f38e34c4b73f4275c
da7c2e5fee5e8e457797f3cd02afa30df0a41314
4d77a48c9dd08ef18925954ec02694bdbee4db6abadfb2ef015915723eb0209f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 14 Mar 2023 00:25:55 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 12 Mar 2023 08:45:46 GMT
Expires: Sun, 19 Mar 2023 08:45:45 GMT
Etag: "da7c2e5fee5e8e457797f3cd02afa30df0a41314"
Cache-Control: max-age=461389,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a7861dc4aad0b55-OSL
adlv.hit.gemius.pl/_1678753555319/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
54.38.193.68301 Moved Permanently 0 B URL HTTP/2 adlv.hit.gemius.pl/_1678753555319/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
IP 54.38.193.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /_1678753555319/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=; HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 14 Mar 2023 00:25:55 GMT
expires: Mon, 13 Mar 2023 00:25:55 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlQtEMaGQMQGq98maHYlplMUssGMXP8cFRbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Tue, 21 Mar 2023 00:25:55 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1678753555319/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
content-length: 0
X-Firefox-Spdy: h2
tag.leadplace.fr/libJsLP.js
145.239.193.51200 OK 5.5 kB URL HTTP/1.1 tag.leadplace.fr/libJsLP.js
IP 145.239.193.51:0
Hash a0c24f993bc0901cfe62d1e801cb2b45
7eb2bdce06161ae486bc8e7ecd0b5c9c4f7b2984
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
GET /libJsLP.js HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Mar 2023 00:25:55 GMT
Content-Type: application/javascript
Content-Length: 5547
Last-Modified: Thu, 14 Oct 2021 07:27:52 GMT
ETag: "6167dbf8-15ab"
Accept-Ranges: bytes
X-IPLB-Request-ID: 5B5A2A9A:9D79_91EFC133:01BB_640FBF13_8920D700:14262
X-IPLB-Instance: 29922
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 144 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8b019d27a10c93946ffb8447fe8a3b57
0fdd5c75b0a7799bc38425d5685b6719ecfeeed7
21615e6b424f9fab3d674fb1378b09261f7af1eef49a1575a0566385346c6d92
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 813
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 14 Mar 2023 00:25:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 144
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://link1s.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 58b4f933-365f-46d2-bd9c-53f79b1da9e7
Set-Cookie: icu=ChgI6fZ8EAoYASABKAEwk_6-oAY4AUABSAEQk_6-oAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Jun-2023 00:25:55 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=5521859323981456123; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Jun-2023 00:25:55 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
c.tmyzer.com/c/?s=79438&f=5&fi=99
54.38.64.100200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=79438&f=5&fi=99
IP 54.38.64.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=79438&f=5&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
access-control-allow-origin: *
x-iplb-request-id: 5B5A2A9A:4DB6_36264064:01BB_640FBF13_8695FA1:2D492
x-iplb-instance: 38432
ads.themoneytizer.com/moneybile.js
185.76.9.24200 OK 18 kB URL HTTP/2 ads.themoneytizer.com/moneybile.js
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
Hash ea0e161ec840fa4fd9f72339b1666209
1f081089d4dbd8acf43ba78680bc944d5a36ac07
cbf8e77e80a152f718b380e8d1c59346e80a247fa59a01073d282e46d4d42ca3
GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Tue, 14 Mar 2023 05:04:34 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1678770274
server: CDN77-Turbo
x-77-nzt: AblMCRTfO4r/MRABAA
x-77-nzt-ray: af58563025f2e32113bf0f64479f8a2a
x-cache: HIT
x-age: 69681
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
104.22.25.87200 OK 22 kB URL HTTP/2 spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
IP 104.22.25.87:0
File type Unicode text, UTF-8 text, with very long lines (50946), with NEL line terminators
Hash d836397d926d857b3ad2187248aeb936
7a5a9ed70e54874c28b0e266fab70900950741f0
99e5fb6ccb31d83193ebd371548de8b769582b204285d10ebec0296c8620a302
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/javascript
cache-control: public, max-age=3600
cf-bgj: minify
cf-polished: origSize=62056
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://www.thehealthfiles.com
expires: Tue, 14 Mar 2023 01:13:56 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 719
last-modified: Tue, 14 Mar 2023 00:13:56 GMT
server: cloudflare
cf-ray: 7a7861db9fec0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
link1s.com/favicon.ico
151.139.128.10200 OK 1.2 kB IP 151.139.128.10:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 03ab1dfddb257dcdfd97fec99d8a657b
52a797db29d8c765b51ed8aea361c4d52f80346e
f00b1e46b99dc5c05a6bdb89b442da969bf90c7dc59f43e798b2f8ebc2bdbfff
GET /favicon.ico HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/MuseDash310
Cookie: SPSI=8211079302298ef61dd921cf0f58265a; SPSE=XSwgoiuonw5w/+6BNGRJ9ZkZ2pzs7Hd59LbdO50rSLkdgOhWcKXHf4m7OAhmVcIhICcDP8Ognov0Zyh14IjOmw==; spcsrf=c942c2464425437e36d7817ee5c277bc; UTGv2=D-h4dc713a326118625aa22747daaf31301655; lang=en_US; AppSession=jurr5iqb14fi5hskfrs35hsote; csrfToken=29ab678edb58048b9493f9724cf1ca8b65360a6f3759c3d70c7ad201c4a6f1c8bddec58f1042f8a3826ef22a764a9514cf0710f5b6dc1b8fd0200e8f5bb31d86; sp_lit=71O+PsHnZccEc49b+2SIBw==; _pbjs_userid_consent_data=3524755945110770; stpdOrigin={"origin":"direct"}; ab=2; sharedid=054b2733-96e9-44e6-a3ed-67fcb7f8d8f5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
cache-control: max-age=3171
content-length: 1150
content-type: image/x-icon
last-modified: Mon, 15 Jun 2020 09:56:40 GMT
accept-ranges: bytes
etag: "5ee745d8-47e"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1678753555.cds239.sk1.hn,1678753555.cds018.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
162.19.138.82200 43 B URL HTTP/1.1 id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
IP 162.19.138.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/12/9.gif?gdpr=&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Tue, 14-Mar-2023 00:30:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Tue, 14-Mar-2023 00:30:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Tue, 14-Mar-2023 00:30:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Tue, 14-Mar-2023 00:30:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Tue, 14-Mar-2023 00:30:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Tue, 14-Mar-2023 00:30:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Tue, 14 Mar 2023 00:25:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ced.sascdn.com/tag/1097/smart.js
23.36.77.24200 OK 34 kB URL HTTP/1.1 ced.sascdn.com/tag/1097/smart.js
IP 23.36.77.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7c3967264e6f47aebd77f5cb9999daf0
9d0664bb4d97093c8386479865aa5e7707e18271
75c2b1c0be30b8a091487b4583436613eadb1cab2761d1a8e8243ac84470138c
GET /tag/1097/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 33481
Cache-Control: public, max-age=7200
Expires: Tue, 14 Mar 2023 02:25:56 GMT
Date: Tue, 14 Mar 2023 00:25:56 GMT
Connection: keep-alive
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
143.204.42.225200 OK 26 kB URL HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP 143.204.42.225:0
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Mon, 13 Mar 2023 04:20:54 GMT
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ukZYLsQp0UBZegkpgebzxfAz2dXBTrUHi2oAOckdUgPohchb1YuezA==
Age: 72302
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 14 Mar 2023 00:12:29 GMT
expires: Tue, 14 Mar 2023 02:12:29 GMT
cache-control: public, max-age=7200
age: 807
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.8.169304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Tue, 14 Mar 2023 00:25:56 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 2173153
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kuv1T%2F3xl%2BdMG6nBJuIO%2BIEDzF%2BXd0qDbvgEAcAl7pX7NDSSCmBpuImVop29P4Mp2d67HHiw1YzrtYOktCSD5tPxHWTliIZsVqcqIZkRuoZUsb0xvDs36BLPNZdQMhZw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a7861dd489d0b4d-OSL
id5-sync.com/g/v2/481.json
162.19.138.82200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 162.19.138.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 32045133f44c4462068ba88cb1cb3209
13d82074108aed0d66e17a9916bab2a8891f0921
b25c00157600000a4b06d3c0f520cd4d5c0bb92e0366769e553d12cba27a1b3e
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 141
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 14 Mar 2023 00:25:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flink1s.com%2FMuseDash310&id=MTIZ
145.239.193.51200 OK 0 B URL HTTP/1.1 tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flink1s.com%2FMuseDash310&id=MTIZ
IP 145.239.193.51:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wckr.php?ref=https%3A%2F%2Flink1s.com%2FMuseDash310&id=MTIZ HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 14 Mar 2023 00:25:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: 5B5A2A9A:9D79_91EFC133:01BB_640FBF13_8920D704:14262
X-IPLB-Instance: 29922
script.4dex.io/adagio.js
104.26.8.169304 Not Modified 0 B IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Tue, 14 Mar 2023 00:25:56 GMT
Connection: keep-alive
x-amz-id-2: LUZWsTkO7tndKHEUAypIYoYECZDqiFKRPqFYcwBmgsZi1o5jCuowifq3VKDNdpIpyW7MjsdBhRg=
x-amz-request-id: 0P2J7B52ZX2ZH1EQ
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: "c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1562980
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiYsOfwdAjpPooEKAotd%2B8Sh5aJlmWlbkNipEtEZh9jLZH05IjwVApSjEZA3HUfXLDdWw4pkTQ35D8%2Fjupe62vdPUW%2F0GJTtycFzpOMrlO9qiVIS0GAGnTJy8BL0bKVq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7a7861dd8d91b4ee-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0cb93aeaa36318aaa83187deffbf0a10
debe94767529daf48c7c16499a1fec96e851f57b
44b24ac35094f89ccab1f3925ba646ca1ae6364346065e7f62747feaa3071324
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ece84ebca8b1458bda20a68b154ca4c1
97e807138710d0e36b8fc6196e848f92bfedd005
0a88a56d0b3c942b281bbcd1e9fe6ddad1c20004f84633357586ea6d48c0dfb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 660b98530ccb62eba5973e2a3aa360ce
0e1ba3b06eaa655b6af4cfeb2399e6ba72c86817
463a0171f543871c47951e2958c82b0af79901351391824d9212400260dec59e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3928
Cache-Control: max-age=150385
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:56 GMT
Etag: "640f582e-1d7"
Expires: Wed, 15 Mar 2023 18:12:21 GMT
Last-Modified: Mon, 13 Mar 2023 17:06:54 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9160
Expires: Tue, 14 Mar 2023 02:58:36 GMT
Date: Tue, 14 Mar 2023 00:25:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9160
Expires: Tue, 14 Mar 2023 02:58:36 GMT
Date: Tue, 14 Mar 2023 00:25:56 GMT
Connection: keep-alive
adlv.hit.gemius.pl/__/_1678753555319/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
54.38.193.68200 OK 2 B URL HTTP/2 adlv.hit.gemius.pl/__/_1678753555319/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
IP 54.38.193.68:0
Hash e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
GET /__/_1678753555319/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=; HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:56 GMT
expires: Mon, 13 Mar 2023 00:25:56 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlGzdRGGQMQGUm7maexlplMUssGMXP8cFRbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Tue, 21 Mar 2023 00:25:56 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 2
X-Firefox-Spdy: h2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.131200 OK 583 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.131:0
File type ASCII text, with very long lines (921), with no line terminators
Hash 0763b84e570544af18a584bf94129949
0068829158155c7dc6407b47eb471e5131c3b6d3
ad3565d339a6c614b115480bceb1c62a8092d76138f1c17168969011b9974eae
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 14 Mar 2023 00:25:56 GMT
date: Tue, 14 Mar 2023 00:25:56 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca047288-7bb4-4660-a926-d4cb6dfea45f.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca047288-7bb4-4660-a926-d4cb6dfea45f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e632fdbd65134baabbc2eb14bce9e93
1865ba928ef4be511ff4f8cf657d76d2e55fe4c1
dfd1667e8358d5d71795a4e828ef57a93d9ae2f28069057219344205295cb85d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca047288-7bb4-4660-a926-d4cb6dfea45f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7572
x-amzn-requestid: 097ab521-a40e-47ff-94bb-85aba0205874
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bp_vAFMLIAMF7_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640d7992-72ab601672ae6a686da16f30;Sampled=0
x-amzn-remapped-date: Sun, 12 Mar 2023 07:04:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: aJFdCUkofkPhGN64yyYT5-Yie1kfTPGO3ddymablRZfESTUOKX1nHQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 6bdc2963c9ed59b475ec36c35e5932a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Mar 2023 07:17:13 GMT
age: 61723
etag: "1865ba928ef4be511ff4f8cf657d76d2e55fe4c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa53063ea-1286-4ae3-9fbc-c058dbf26eab.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa53063ea-1286-4ae3-9fbc-c058dbf26eab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 698b47dd1706ca66d3da41bfd839cfbc
2062c1b3d8e755a78a4509a195cdda001cff48e1
f62bb48cffd09e0623f854196aebc8ce940bd5c8dff52605fd9518b56597b7b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa53063ea-1286-4ae3-9fbc-c058dbf26eab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3294
x-amzn-requestid: 4ff86b35-45cf-4e66-b82e-9e443b5720c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BtSsXGqQIAMFe_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640ecb1b-134a775e72ae6b9b2834eab5;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 07:04:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: AvEZolcvVKzRbNxT6TN9C85jCftnT-ZJM687ow00qrM3_jIYb4ulbg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Mar 2023 07:19:53 GMT
age: 61563
etag: "2062c1b3d8e755a78a4509a195cdda001cff48e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9160
Expires: Tue, 14 Mar 2023 02:58:36 GMT
Date: Tue, 14 Mar 2023 00:25:56 GMT
Connection: keep-alive
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
178.250.0.157200 OK 909 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
IP 178.250.0.157:0
Hash 8af0c47eba589b8f34d19f3dc27c3cab
1cc7e272130a8d002d384acd5e7986a05152c6d0
994f970154bd5576dbbfe0f5b671c7e68867d86832a0a6d5d906a2f06d26b1f6
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 1364973
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc20f2b31-8a32-4e66-bba7-e76e1c14f5ce.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc20f2b31-8a32-4e66-bba7-e76e1c14f5ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd8a4e29260d209803408596cb286f8f
20f6796c0c7064542cc8eefe138076d16d66e8d8
54a328e054b23ddbf531b69a7c5bb817704c0dd98bc7625c9571df19df982a17
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc20f2b31-8a32-4e66-bba7-e76e1c14f5ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8091
x-amzn-requestid: 7e6e055a-de20-4f2f-8f76-2fe57747ed08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgDFEMoAMFXIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-1e932e3a10bd39d630310c65;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 8PtI7M0lBQx0BzzkLgbxlRJU-tGNlPtAI-lv-8TLbh7XKMbMOAAw9Q==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ea699166e6ec77aa410ff505b0a8ce18.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Mar 2023 21:48:49 GMT
age: 9427
etag: "20f6796c0c7064542cc8eefe138076d16d66e8d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2573307db8caef0a070ba3ebd4f61e2e
28e8cb63280e9b5e4184017cb22aa5f197007450
87e4699d8ded9c722f137c21826dfe419beb8675f226b91081342c90838cb818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87E4699D8DED9C722F137C21826DFE419BEB8675F226B91081342C90838CB818"
Last-Modified: Sat, 11 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9160
Expires: Tue, 14 Mar 2023 02:58:36 GMT
Date: Tue, 14 Mar 2023 00:25:56 GMT
Connection: keep-alive
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 48 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (3595)
Hash a8c88f8686a5c668259b99e536551488
371dae63a56c11745f3e77c687fb13ea4327f907
788dbbbb651c3635d910658b8421388d9040514cc632bf7703718d8ddb7bff65
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 14 Mar 2023 00:25:56 GMT
expires: Tue, 14 Mar 2023 00:25:56 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 7792148126291349053
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48297
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e1bb50-5b96-42fe-b3de-b38908dc343e.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e1bb50-5b96-42fe-b3de-b38908dc343e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c36ea48b66c265a323fe3fe4a0b60fd
e7803eca6c2163fa031cd502cedf13cbb333172a
32b4d84ec31445a623b4d8daf1f7bca0b5bad5a53f06597013d0a679d8591cb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99e1bb50-5b96-42fe-b3de-b38908dc343e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5658
x-amzn-requestid: 65fcb591-56a0-4983-bf15-1781a17c3d6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvShMET3oAMF-lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f97a0-3380358c78140fbc761ff2a3;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: wKNjGhfQ9jZiiuktiga9-k1EROAQOWV6RgZgH6heNX2flvNP600mzw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Mar 2023 21:49:01 GMT
age: 9415
etag: "e7803eca6c2163fa031cd502cedf13cbb333172a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=50076539851
178.250.1.8204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=50076539851
IP 178.250.1.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=6.6.0&cb=50076539851 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 347
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 14 Mar 2023 00:25:55 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://link1s.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78453ba98b72eff3879ef163b59c86ed
80519bb3726ee1f9f211344cd433cefaed3a7f2e
61adfeff11af9583355ac7d1500e8a8d97357b2846f151f2421001994fb06655
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8afa2cdb-a5f3-4c78-a2ab-132c8b752b4b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10338
x-amzn-requestid: 9f880b5b-056c-44bb-a811-36ea27c232aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvSgFGENoAMFuVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f9799-2318d444248f7610300c658f;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:37:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: kKDBY_dsQIw--1CfTas615lAVqWWUFWGzI2XjjignvOcHii-v5Xh3Q==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Mar 2023 21:48:49 GMT
age: 9427
etag: "80519bb3726ee1f9f211344cd433cefaed3a7f2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 977
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
date: Tue, 14 Mar 2023 00:25:55 GMT
X-Firefox-Spdy: h2
id5-sync.com/api/config/prebid
162.19.138.82200 134 B URL HTTP/1.1 id5-sync.com/api/config/prebid
IP 162.19.138.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99be75395b3c89cdd6781761e5a85ad2
225a8b587c3545be2581aa9ac2b630b51679d7be
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
POST /api/config/prebid HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 95
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 14 Mar 2023 00:25:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 625
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 14 Mar 2023 00:25:56 GMT
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42f1ad15-0926-4540-9411-bdb200eb99d7.webp
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42f1ad15-0926-4540-9411-bdb200eb99d7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70d6384c8dae0fa7892204700e202c78
99cb9a20a88de2eff58dc8f3b729cb9934a13122
d6310363099964039190fb2a69aa904dd5f9684693a1854eb195ebc80b2065f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42f1ad15-0926-4540-9411-bdb200eb99d7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7617
x-amzn-requestid: d3fb61c2-a5fb-4424-b852-d0019539694a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BvTTzFa9IAMFb1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640f98e4-651b6df47ebcc8f45cfaa2cb;Sampled=0
x-amzn-remapped-date: Mon, 13 Mar 2023 21:43:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: HqzT4COrzVAjsfDakJ-rJzdEzchdnwXquL_NP8l1jjGOfLg9uJ5KVA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 13 Mar 2023 21:57:29 GMT
etag: "99cb9a20a88de2eff58dc8f3b729cb9934a13122"
content-type: image/jpeg
age: 8907
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.3.114204 No Content 400 B IP 104.18.3.114:0
File type gzip compressed data, max speed, from Unix\012- data
Hash 279689fa46073e9d52c9710234c10c79
4fabd2bc9549261a0092fa85a81cb66ce3404011
159e3a500609b7cc0bfd96ddf863301fa0093c3d607e6738662e4382bc4d32a5
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1758
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 14 Mar 2023 00:25:56 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. adstxt lines or seller entries are incomplete
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a7861de3e8fb500-OSL
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 808
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: max-age=0, private, must-revalidate
date: Tue, 14 Mar 2023 00:25:56 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
set-cookie: X-Contour-Session-Affinity="264c4555377beb47"; Path=/; HttpOnly
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ece84ebca8b1458bda20a68b154ca4c1
97e807138710d0e36b8fc6196e848f92bfedd005
0a88a56d0b3c942b281bbcd1e9fe6ddad1c20004f84633357586ea6d48c0dfb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
onetag-sys.com/prebid-request
51.89.9.253200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1159
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://link1s.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.6.252204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 640
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 14 Mar 2023 00:25:56 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://link1s.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0cb93aeaa36318aaa83187deffbf0a10
debe94767529daf48c7c16499a1fec96e851f57b
44b24ac35094f89ccab1f3925ba646ca1ae6364346065e7f62747feaa3071324
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rtb.adxpremium.services/openrtb2/auction
185.106.140.18200 OK 2.0 kB URL HTTP/1.1 rtb.adxpremium.services/openrtb2/auction
IP 185.106.140.18:0
File type JSON data\012- , ASCII text, with very long lines (1982)
Hash 7c7c21d37e6379c978efefff3b84d1b8
92dd528041ade6f60da5adee0376877c90d782f9
5e8c9c41fd657dbfe1a1a54685e32a2b759112fbace8ff71c11550f9ba04c466
POST /openrtb2/auction HTTP/1.1
Host: rtb.adxpremium.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 755
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 14 Mar 2023 00:25:56 GMT
Content-Type: application/json
Content-Length: 1983
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Vary: Origin
X-Prebid: pbs-go/unknown
adlv.hit.gemius.pl/_1678753555730/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
54.38.193.68301 Moved Permanently 0 B URL HTTP/2 adlv.hit.gemius.pl/_1678753555730/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
IP 54.38.193.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /_1678753555730/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=; HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 14 Mar 2023 00:25:56 GMT
expires: Mon, 13 Mar 2023 00:25:56 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlGu-MMGQMQGWWjj-ePlplMUssGMXP8cFRbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Tue, 21 Mar 2023 00:25:56 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1678753555730/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
content-length: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 068ce1b83b63f2d5ab5177ffedcc3344
f1945cb7b24375a71a774611ffedd316877beaf9
4e5cf5b5d45f48e01911d7d83e2e36b0fc0cd15c0baa18a19f6f42e3bf8f2d80
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 14 Mar 2023 00:25:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 13 Mar 2023 07:14:51 GMT
Expires: Mon, 20 Mar 2023 07:14:50 GMT
Etag: "f1945cb7b24375a71a774611ffedd316877beaf9"
Cache-Control: max-age=542333,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a7861de0b550b55-OSL
ib.adnxs.com/ut/v3/prebid
37.252.171.21200 OK 145 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.171.21:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bad67a6b3bfcae2acb9bec3470cd98db
55f845a50b3bf651cd90bbab42957009c3d80dbe
4f41ecd02c6a7af52ba01b64eda6071153c8fb2e3a825ad7ffbae096cd246b46
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 814
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 14 Mar 2023 00:25:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 145
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://link1s.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 60ed9568-f1fe-4247-9a99-d9fb0f729a59
Set-Cookie: icu=ChgI6fZ8EAoYASABKAEwlP6-oAY4AUABSAEQlP6-oAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Jun-2023 00:25:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=5942572030760983800; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Jun-2023 00:25:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
s.cpx.to/fire.js?pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2FMuseDash310&hn_ver=40&fid=4e1dd559-9f21-441b-a65c-583f5ab47774&dsp=pub_common&dsp_uid=1ef765b7-c21e-4400-9c3c-a206d15bd329
52.30.74.23200 OK 725 B URL HTTP/1.1 s.cpx.to/fire.js?pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2FMuseDash310&hn_ver=40&fid=4e1dd559-9f21-441b-a65c-583f5ab47774&dsp=pub_common&dsp_uid=1ef765b7-c21e-4400-9c3c-a206d15bd329
IP 52.30.74.23:0
File type ASCII text, with very long lines (725), with no line terminators
Hash 4d06b4ae00c1d57c43eea3415bc10f70
ee7af76b420921bb22545052b670a0e5ab88dabe
42ea9e05fe53d739d1379c84bccada670160a47fa2de8564670297c40fc3654c
GET /fire.js?pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2FMuseDash310&hn_ver=40&fid=4e1dd559-9f21-441b-a65c-583f5ab47774&dsp=pub_common&dsp_uid=1ef765b7-c21e-4400-9c3c-a206d15bd329 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 14 Mar 2023 00:25:56 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 725
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
p3p: CP="NOI DEV ADM"
expires: Mon, 30 Jan 2023 15:28:39 UTC
set-cookie: cpSess=18e753d8e562529c; Expires=Wed, 13 Mar 2024 00:25:56 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
id5-sync.com/g/v2/102.json
162.19.138.82200 216 B URL HTTP/1.1 id5-sync.com/g/v2/102.json
IP 162.19.138.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 67509a1939bd1c58ad505a238f0d3861
345f3c87fe0f87d6293b6ad0f31224776d72774e
c9be687376a025f426b2202cd4b78767a6ec3e508a0499e28a110929e8c03db8
POST /g/v2/102.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 173
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 14 Mar 2023 00:25:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
216.58.211.10200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (32034)
Hash c54aac7ef64c39b4f384e0d5771d3b46
d3e059104378a3844862a5ed12a13f5d423e86b6
3e1b5002dd64d185f806edeefd333348f423584d876cfc966b5c13884c8fe3da
GET /ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Mar 2023 17:30:40 GMT
expires: Fri, 08 Mar 2024 17:30:40 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 370516
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (554)
Size 164 kB (163842 bytes)
Hash 67145d1dd8c7201ad506c8734df41708
9f10d87858deb8ee394d47a6268494905ee9f0c0
e0ebeeb232953726660519b937e1cadaf1cb2461e8c044044ff2e9a481f085a0
GET /recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 12 Mar 2023 14:21:29 GMT
expires: Mon, 11 Mar 2024 14:21:29 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 122667
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 43a37616ce6d05851b039c5ef2ab8468
7423714b3519333af75bedd33198cc82e4b849b5
bec628d56b9e7d1c08d78fe9c418493b242a294b761acbc3993f4d0ec3ff8bc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEC628D56B9E7D1C08D78FE9C418493B242A294B761ACBC3993F4D0EC3FF8BC5"
Last-Modified: Sun, 12 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11359
Expires: Tue, 14 Mar 2023 03:35:15 GMT
Date: Tue, 14 Mar 2023 00:25:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 43a37616ce6d05851b039c5ef2ab8468
7423714b3519333af75bedd33198cc82e4b849b5
bec628d56b9e7d1c08d78fe9c418493b242a294b761acbc3993f4d0ec3ff8bc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BEC628D56B9E7D1C08D78FE9C418493B242A294B761ACBC3993F4D0EC3FF8BC5"
Last-Modified: Sun, 12 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11359
Expires: Tue, 14 Mar 2023 03:35:15 GMT
Date: Tue, 14 Mar 2023 00:25:56 GMT
Connection: keep-alive
adlv.hit.gemius.pl/__/_1678753555730/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
54.38.193.68200 OK 2 B URL HTTP/2 adlv.hit.gemius.pl/__/_1678753555730/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=;
IP 54.38.193.68:0
Hash e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
GET /__/_1678753555730/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=smcldomsfq/fastid=macomfkanteeofbtbnvbwptarwkf/sarg=NC;/inner=%7C;/extra=; HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:56 GMT
expires: Mon, 13 Mar 2023 00:25:56 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlSuxRGGQMQGicDZDerlplMUssGMXP8cFRbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Tue, 21 Mar 2023 00:25:56 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 2
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 312 B IP 192.229.221.95:0
Hash aa457e3fdc53c7070e6b11c6b121c8f1
837b9c200fcb7d76b803bebfa8cb3c71f096ea95
d02cb8f46f7e28c0a882d95088bc8efff3403f3bde35c735c5c72097814e9de9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6286
Cache-Control: max-age=152046
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:56 GMT
Etag: "640f5574-138"
Expires: Wed, 15 Mar 2023 18:40:02 GMT
Last-Modified: Mon, 13 Mar 2023 16:55:16 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 312
rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
54.230.111.4200 OK 676 B URL HTTP/2 rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
IP 54.230.111.4:0
Hash c6a267c3c31bccba931ec18e493d5ea5
ef8ad7f66eb8365a162104e75121de2e230de1ef
8128cb256b5167e9c032fd2544ea7f21e9d2ae4fc1d58d054edd1f74e2281481
GET /rules-p-6Fv0cGNfc_bw8.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Tue, 14 Mar 2023 00:13:32 GMT
cache-control: max-age=3600
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k-ixEjuFswUrgQzlotrbFYSt9J8mra78KbWBgSQsPNRfX48qAKpD9A==
age: 744
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 9e5c034138fe091c3ef2e01399e6beb5
cfcc00449ae7cceb2433d3400ddd56da59b2fbee
a5b8e5672506ed8caa74eb5279b4a8a5024f3ef1041c93a21e2e6a28d3f01f05
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 14 Mar 2023 00:25:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 17 Mar 2023 23:42:23 GMT
ETag: "cfcc00449ae7cceb2433d3400ddd56da59b2fbee"
Last-Modified: Mon, 13 Mar 2023 23:42:24 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 828
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a7861e0bae7b4fa-OSL
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.StartInit~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Flink1s.com%252FMuseDash310%26hn_ver%3D40%26fid%3D4e1dd559-9f21-441b-a65c-583f5ab47774%26dsp%3Dpub_common%26dsp_uid%3D1ef765b7-c21e-4400-9c3c-a206d15bd329
37.252.171.21307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Flink1s.com%252FMuseDash310%26hn_ver%3D40%26fid%3D4e1dd559-9f21-441b-a65c-583f5ab47774%26dsp%3Dpub_common%26dsp_uid%3D1ef765b7-c21e-4400-9c3c-a206d15bd329
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Flink1s.com%252FMuseDash310%26hn_ver%3D40%26fid%3D4e1dd559-9f21-441b-a65c-583f5ab47774%26dsp%3Dpub_common%26dsp_uid%3D1ef765b7-c21e-4400-9c3c-a206d15bd329 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 14 Mar 2023 00:25:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12762%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Flink1s.com%25252FMuseDash310%2526hn_ver%253D40%2526fid%253D4e1dd559-9f21-441b-a65c-583f5ab47774%2526dsp%253Dpub_common%2526dsp_uid%253D1ef765b7-c21e-4400-9c3c-a206d15bd329
AN-X-Request-Uuid: efe63dac-f2c7-4af6-9632-73ecefca9793
Set-Cookie: uuid2=4119699860811174614; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Jun-2023 00:25:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
35.71.131.137200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1
IP 35.71.131.137:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=0fkciot&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:56 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12762%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Flink1s.com%25252FMuseDash310%2526hn_ver%253D40%2526fid%253D4e1dd559-9f21-441b-a65c-583f5ab47774%2526dsp%253Dpub_common%2526dsp_uid%253D1ef765b7-c21e-4400-9c3c-a206d15bd329
37.252.171.21302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12762%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Flink1s.com%25252FMuseDash310%2526hn_ver%253D40%2526fid%253D4e1dd559-9f21-441b-a65c-583f5ab47774%2526dsp%253Dpub_common%2526dsp_uid%253D1ef765b7-c21e-4400-9c3c-a206d15bd329
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12762%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Flink1s.com%25252FMuseDash310%2526hn_ver%253D40%2526fid%253D4e1dd559-9f21-441b-a65c-583f5ab47774%2526dsp%253Dpub_common%2526dsp_uid%253D1ef765b7-c21e-4400-9c3c-a206d15bd329 HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Tue, 14 Mar 2023 00:25:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://s.cpx.to/an_fire?app_nexus_uid=0&pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2FMuseDash310&hn_ver=40&fid=4e1dd559-9f21-441b-a65c-583f5ab47774&dsp=pub_common&dsp_uid=1ef765b7-c21e-4400-9c3c-a206d15bd329
AN-X-Request-Uuid: f1c6b470-a5c6-47ae-8e6c-0b57335ca64b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
s.cpx.to/ca.png?dsp=dbm&fid=4e1dd559-9f21-441b-a65c-583f5ab47774&google_error=3
52.30.74.23200 OK 95 B URL HTTP/1.1 s.cpx.to/ca.png?dsp=dbm&fid=4e1dd559-9f21-441b-a65c-583f5ab47774&google_error=3
IP 52.30.74.23:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /ca.png?dsp=dbm&fid=4e1dd559-9f21-441b-a65c-583f5ab47774&google_error=3 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Cookie: cpSess=18e753d8e562529c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 14 Mar 2023 00:25:56 GMT
Content-Type: image/png
Content-Length: 95
Connection: keep-alive
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: default-src 'self'
x-permitted-cross-domain-policies: none
cache-control: no-store, must-revalidate, private, max-age=0
pragma: no-cache
set-cookie: cpSess=18e753d8e562529c; Expires=Wed, 13 Mar 2024 00:25:56 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
prebid-stag.setupad.net/openrtb2/auction
172.67.68.162200 OK 286 B URL HTTP/2 prebid-stag.setupad.net/openrtb2/auction
IP 172.67.68.162:0
File type JSON data\012- , ASCII text
Hash 723c3ae369a225ac974a95c8e665d348
6fcc08c584f59abc7ecf59707079ea904b4fd443
d0ed31d9409905415fe83fcab58103b6e53def410494231ea03e5eef690f9f95
POST /openrtb2/auction HTTP/1.1
Host: prebid-stag.setupad.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1045
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:56 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
x-prebid: pbs-go/0.234.0-3-gde6ed827
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNA3Db3jAfHg6%2BaxiCBz%2BGG6RAg1RecIQNgG14BglvkeLXct39HgXCCOSaFMg7oNie61cEo5fNTOi1n8n6ei16bPxifUlUmKhQUWjUtojV27Ey5Us4GgzCHu1xsAazAObr86%2BLUGBLM9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a7861de19ef0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 23 kB URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (36489)
Hash b99c9dfd0197169c2f89d6dc12148bf1
667ea2859963de86fdf1867e40bb479788febdac
43adbd58a63a5e48ff8641498b1e6ffd2493798f37671da693d0e9894e482b8e
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 430
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 14 Mar 2023 00:25:56 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 91d6fd0766e7ba4f17aff04db806a2b8
4c1bbfb4566906c28006cdfe0a30ec23b1b6872f
7f25a47881218b352aba2c235120b537377b79750391f59ab803968dc528caee
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5540
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:56 GMT
Last-Modified: Mon, 13 Mar 2023 22:53:36 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 471
cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
37.157.6.246200 OK 43 B URL HTTP/2 cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
IP 37.157.6.246:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 14 Mar 2023 00:25:56 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
54.194.130.56200 OK 20 B URL HTTP/1.1 adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
IP 54.194.130.56:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://link1s.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Tue, 14 Mar 2023 00:25:56 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 14 Mar 2023 00:25:56 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
node.setupad.com/node/node.php
159.89.25.223200 OK 15 kB URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
Hash 8da3f2039b6f44cf8d2c6205a8bf8707
93530796e9038be35a202299130f4f56e334a5b9
c7b43bff27ec2876ed14fb4bdae501768881f59a6738d9f27212cf2d947b3a01
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 430
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 14 Mar 2023 00:25:57 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?t=prebid
188.42.34.64200 OK 539 B URL HTTP/2 ads.betweendigital.com/adjson?t=prebid
IP 188.42.34.64:0
Hash 13d83c2f35c74c6c4f7bc2a18873e561
f6189a7de85e24074d270e69b854d3b18100c624
df1d8f44ed021d701d82fb8d49d9927ff7b77f01a463263a6519284f43f74d6d
POST /adjson?t=prebid HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 490
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:25:56 GMT; Path=/; Domain=.betweendigital.com
tuuid=51bdd52d-4add-5249-bdce-cc4dd9c17359; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:25:56 GMT; Path=/; Domain=.betweendigital.com
ut=ZA-_FAADQ_DxmtiDg602scH-X5ZbhDqHhaPHRQ==; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:25:56 GMT; Path=/; Domain=.betweendigital.com
unm=1; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:25:56 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.1.11200 OK 0 B IP 178.250.1.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:57 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=PVpiMF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVLanF5Z1lGVVNrTVQ4SVVkSjg3eGRqTU1OYUJTSUNVVSUyQjhXZXpiRTh0SA; expires=Sun, 07 Apr 2024 00:25:57 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 166772
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=bfe19ae0-1d97-40bc-4672-730d2ebbf8a3&reqId=0169684a-8fc0-4e86-66e5-fc6f6f3e12a6&zdid=1258&google_error=3
104.22.25.87200 OK 95 B URL HTTP/2 mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=bfe19ae0-1d97-40bc-4672-730d2ebbf8a3&reqId=0169684a-8fc0-4e86-66e5-fc6f6f3e12a6&zdid=1258&google_error=3
IP 104.22.25.87:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=bfe19ae0-1d97-40bc-4672-730d2ebbf8a3&reqId=0169684a-8fc0-4e86-66e5-fc6f6f3e12a6&zdid=1258&google_error=3 HTTP/1.1
Host: mwzeom.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Cookie: zc=bfe19ae0-1d97-40bc-4672-730d2ebbf8a3; zsc=~%87%D2Z%ADf%09%9F%145%FB%60%8Fz%EF%E7J%8B%F4%B5.%D7%F1n%B0%E6%87%F0%0F%0C%B7%19%BD%A49j%B5%7D%E9%60%CF%5E%8C%E46%B4%0DN%27%BF%A3%BB%D4%06h%2C%92%ABM%0B%E4%25%9Ft%DBJ%C2%7C%E8c%27%3D%92f%29i%F2%02%BE%9B%C8eT
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:57 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://link1s.com
set-cookie: zc=bfe19ae0-1d97-40bc-4672-730d2ebbf8a3; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a7861e62c700b45-OSL
X-Firefox-Spdy: h2
cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
37.157.6.246200 OK 43 B URL HTTP/2 cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID
IP 37.157.6.246:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 14 Mar 2023 00:25:57 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3ab446663db97ec26b83bf1478480792
aee3f4ca45f3dcf434fb4f012789e181ce4cc3b6
e7bcdbc93fe6b82330da8b5e18635abc9cfa5c6e6fdf2c37d7ac3bc2eafd60b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7BCDBC93FE6B82330DA8B5E18635ABC9CFA5C6E6FDF2C37D7AC3BC2EAFD60B1"
Last-Modified: Sun, 12 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4526
Expires: Tue, 14 Mar 2023 01:41:23 GMT
Date: Tue, 14 Mar 2023 00:25:57 GMT
Connection: keep-alive
lb.eu-1-id5-sync.com/lb/v1
141.95.33.111200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1de802ebf424ae8927531dfd8a9a70b2
562db39c2c0e02a0c1b7fb182502b7db3cd7fdd6
5d8d9b8365cefd2447b83ed8dc87e219d699bffd146655024ed9c7a8bdfd01be
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 14 Mar 2023 00:25:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/g/v2/12.json
162.19.138.82200 216 B URL HTTP/1.1 id5-sync.com/g/v2/12.json
IP 162.19.138.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1967fe0d38d848aff641316d706cae31
2d05115990a74bcca3f74a0573ee4cd083da7423
f64d95b47535fd1ec5419a66db1f64aeca6b39261b2062be63a584e82a902ba0
POST /g/v2/12.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 265
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 14 Mar 2023 00:25:57 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash ea81073544f97b221772486ac584488c
f49bba3e5d198f7021956b4c2b14a023fe69d0c2
6a15326b603017fbdb6f97bfef75a2a47fb876b73b5bf1cae384aa6462bef77a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5742
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:57 GMT
Last-Modified: Mon, 13 Mar 2023 22:50:15 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash ea81073544f97b221772486ac584488c
f49bba3e5d198f7021956b4c2b14a023fe69d0c2
6a15326b603017fbdb6f97bfef75a2a47fb876b73b5bf1cae384aa6462bef77a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3350
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:57 GMT
Last-Modified: Mon, 13 Mar 2023 23:30:07 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 313
intake.pbstck.com/v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=NO
104.22.1.93204 No Content 0 B URL HTTP/2 intake.pbstck.com/v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=NO
IP 104.22.1.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=NO HTTP/1.1
Host: intake.pbstck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1579
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 14 Mar 2023 00:25:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a7861e85aebb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
intake.pbstck.com/v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=NO
104.22.1.93204 No Content 0 B URL HTTP/2 intake.pbstck.com/v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=NO
IP 104.22.1.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=NO HTTP/1.1
Host: intake.pbstck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1624
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 14 Mar 2023 00:25:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a7861e85aecb4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=rtus&domain=link1s.com&sn=FirefoxSyncframe&so=3&topUrl=link1s.com&bundle=obBm219NeEltQk1STGxoV2VocXN4bGl3NERWJTJGRDQ5Z0plUmgxbjB2TnBNZlRMQkR3Z0NOV2ZtYXElMkJCNDQ3T21NTlFWZFR2MXFCQWVWTzFZZE5tTGVkOHVwSFYlMkZNOURqWkh1UyUyQiUyQnoyVlR0a2duMzhRNFJKbEFvZURQT2ZUNmplclM1WXc&info=Bk6wCF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVLanF5Z1lGVVNrTVQ4SVVkSjg3eGNpcTB0eDdXSkd4N3FzNndqM2puYWE&idsd=-1815124087,-489648259&cw=1&rtusCallerId=147&lsw=1
178.250.0.157200 OK 322 B URL HTTP/2 gum.criteo.com/sid/json?origin=rtus&domain=link1s.com&sn=FirefoxSyncframe&so=3&topUrl=link1s.com&bundle=obBm219NeEltQk1STGxoV2VocXN4bGl3NERWJTJGRDQ5Z0plUmgxbjB2TnBNZlRMQkR3Z0NOV2ZtYXElMkJCNDQ3T21NTlFWZFR2MXFCQWVWTzFZZE5tTGVkOHVwSFYlMkZNOURqWkh1UyUyQiUyQnoyVlR0a2duMzhRNFJKbEFvZURQT2ZUNmplclM1WXc&info=Bk6wCF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVLanF5Z1lGVVNrTVQ4SVVkSjg3eGNpcTB0eDdXSkd4N3FzNndqM2puYWE&idsd=-1815124087,-489648259&cw=1&rtusCallerId=147&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (401), with no line terminators
Hash 506cb6959f9e0900bba4e16b5ad9e3c8
9c38961488b107217e44f88ad60620650150bcf2
b3c458b41d6e42140de90730128551c737d4f0a9aa24331d9db53340a3761b08
GET /sid/json?origin=rtus&domain=link1s.com&sn=FirefoxSyncframe&so=3&topUrl=link1s.com&bundle=obBm219NeEltQk1STGxoV2VocXN4bGl3NERWJTJGRDQ5Z0plUmgxbjB2TnBNZlRMQkR3Z0NOV2ZtYXElMkJCNDQ3T21NTlFWZFR2MXFCQWVWTzFZZE5tTGVkOHVwSFYlMkZNOURqWkh1UyUyQiUyQnoyVlR0a2duMzhRNFJKbEFvZURQT2ZUNmplclM1WXc&info=Bk6wCF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVLanF5Z1lGVVNrTVQ4SVVkSjg3eGNpcTB0eDdXSkd4N3FzNndqM2puYWE&idsd=-1815124087,-489648259&cw=1&rtusCallerId=147&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:56 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1157442
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.147.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.147.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.147.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.147.Headers.Bundle~1&entry=c~Idfs.Rtus.147.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:57 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 314 B IP 192.229.221.95:0
Hash c7434f90776a108375f8c20a08701c47
861737253a0403a53de5133f8773a08eb865ede1
4a34d2d83501c59ee535a96c9a647dfd3363c34abd452c38586bcccea2a527ef
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4638
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 14 Mar 2023 00:25:58 GMT
Last-Modified: Mon, 13 Mar 2023 23:08:40 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 314
dnacdn.net/dna
178.250.1.11200 OK 442 B IP 178.250.1.11:0
File type JSON data\012- , ASCII text, with very long lines (494), with no line terminators
Hash 26cb4673fa84eab78ab0300db98009d1
e6c7a9005c81c1234f7e5a958fbd7ea873b6bcc6
37255e63e4f6dce483ff9876f10827989cc53fd861526acda92e24eee17846bc
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=Bk6wCF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVLanF5Z1lGVVNrTVQ4SVVkSjg3eGNpcTB0eDdXSkd4N3FzNndqM2puYWE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:58 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=zD_deV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVLanF5Z1lGVVNrTVQ4SVVkSjg3eGNKcG91UlpBYURicTZqJTJCUno5bGxyTQ; expires=Sun, 07 Apr 2024 00:25:58 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 180579
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
onetag-sys.com/usync/?cb=1678753556876
51.89.9.253204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?cb=1678753556876
IP 51.89.9.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1678753556876 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ads.betweendigital.com/sspmatch-iframe
188.42.34.64302 Found 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe
IP 188.42.34.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
tuuid=4246cd8e-5dff-5249-86fc-ce94e2f3718c; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
ut=ZA-_GAAEB0C74e9pHaeg016TOznr9s2o2k9V-A==; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&p=156191 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=33989
expires: Tue, 14 Mar 2023 09:52:29 GMT
date: Tue, 14 Mar 2023 00:26:00 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156191
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&p=156191 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=33989
expires: Tue, 14 Mar 2023 09:52:29 GMT
date: Tue, 14 Mar 2023 00:26:00 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.betweendigital.com/sspmatch-iframe
188.42.34.64302 Found 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe
IP 188.42.34.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
tuuid=e516f034-896f-5249-9a04-f19cfe0b4e84; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
ut=ZA-_GAAEvtj7jpGhpbKNdSBZkJ9DG7gfDihXpA==; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ads.betweendigital.com/sspmatch-iframe?crf=1
188.42.34.64200 OK 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe?crf=1
IP 188.42.34.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe?crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
tuuid=e37e847a-c8c3-5249-89fb-2060edf49f78; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
ut=ZA-_GAAEypAROC-GqQOHZzI1Ti-HSx81cS6Ldg==; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.87.1200 OK 17 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.87.1:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash cfebdd1e23146390c4269a3b7fde6027
1b3e5031d7da0194df90b1fa7fdc1d554a050367
8b6c83050ce5a2e5af51c3891c6cdecac28405cba7c9c44e866bd0ffd19a2069
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:58 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 62297
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
2.18.172.187200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 2.18.172.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: "623de86a-cf34"
Unused62: 8096267
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 15 Mar 2023 00:26:02 GMT
Date: Tue, 14 Mar 2023 00:26:00 GMT
Connection: keep-alive
Vary: Accept-Encoding
ads.betweendigital.com/sspmatch-iframe?crf=1
188.42.34.64200 OK 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe?crf=1
IP 188.42.34.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe?crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
tuuid=d34b0bad-163d-5249-8f47-b0faeb480fe2; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
ut=ZA-_GAAFhhDX-30AL7iqi5ds5xdT14CpfyVGiw==; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.21307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 14 Mar 2023 00:26:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 3597af0c-c699-49f9-9420-32e04618ad29
Set-Cookie: uuid2=3030135491483369929; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Jun-2023 00:26:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.21307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 14 Mar 2023 00:26:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: a8a40405-addb-4ea5-b759-87b1133c1017
Set-Cookie: uuid2=4442032482430138837; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Jun-2023 00:26:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
185.64.189.115200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 185.64.189.115:0
File type ASCII text, with no line terminators
Hash d32e73c543072cceee79548435202266
9d6e3ab372e215a72b22f2f78cb1fbf7cc1caea8
18f3437b48f5344874e32ebe59f8063242516777fd9842659752dacb9fb600a8
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Sun, 11 Jun 2023 17:09:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 14 Mar 2023 00:26:00 GMT
content-length: 60
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.21200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 14 Mar 2023 00:26:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 742c3883-8757-42d0-8309-4a3238dd3743
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.r2m01.amazontrust.com/
143.204.48.16200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 143.204.48.16:0
Hash b69cbae9f2c1be06ace39e5dfc5477cd
279e1b55345a0ebb3330421a741ebb915554ee90
84da70a8356f35ee714857fa11ae9afeba9a281b6a229f674ad51125dccd8653
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 14 Mar 2023 00:26:00 GMT
Last-Modified: Mon, 13 Mar 2023 23:21:18 GMT
Server: ECAcc (bsa/EA9D)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: I4iZx_qqL7TMD6v8cJyuiWm0oAtDwgcsEnuk3ydFUC97iGJL3GZENQ==
Age: 3882
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.21200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 14 Mar 2023 00:26:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 15c956e6-ad35-4d0c-b800-c69f3be8430e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
13.248.245.213200 OK 37 B URL HTTP/2 eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
IP 13.248.245.213:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:26:00 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
onetag-sys.com/usync/?cb=1678753557549
51.89.9.253204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?cb=1678753557549
IP 51.89.9.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1678753557549 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ads.betweendigital.com/sspmatch-iframe
188.42.34.64302 Found 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe
IP 188.42.34.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
tuuid=fa661797-57f3-5249-b81a-c5bcdc157aa4; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
ut=ZA-_GAAI-OCf-kKfCBS4d0ZHqtatEF8L0kCmpg==; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ads.betweendigital.com/sspmatch-iframe?crf=1
188.42.34.64200 OK 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe?crf=1
IP 188.42.34.64:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe?crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
tuuid=c1b63156-176f-5249-af41-77f4cb4ec8ec; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
ut=ZA-_GAAJmQgitcTqhIudMV1nSgysDTiJMua07g==; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:26:00 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.21307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 14 Mar 2023 00:26:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 67544e81-077f-44d5-b59b-ab3868e794ac
Set-Cookie: uuid2=1948000748984581228; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Jun-2023 00:26:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.21200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 14 Mar 2023 00:26:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 01325a55-ed4c-423a-bebb-4dd06e43097e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DF0A10A19-0C9D-4254-A657-33C7ACBB2F66%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
2.18.172.200200 OK 878 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DF0A10A19-0C9D-4254-A657-33C7ACBB2F66%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1524), with no line terminators
Hash 2d4d43862bd7f604d0034d47cb2e5549
8d3bc9e49c3823d379b92d21f11f36274a118391
700ca0b0c89a1732084acaec0f049d37cdc8c014d51db719e70fc4bb9354d685
GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DF0A10A19-0C9D-4254-A657-33C7ACBB2F66%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 08 Feb 2023 05:37:50 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 878
content-type: text/html
cache-control: max-age=54893
expires: Tue, 14 Mar 2023 15:40:53 GMT
date: Tue, 14 Mar 2023 00:26:00 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=156191&sc=1&u=F0A10A19-0C9D-4254-A657-33C7ACBB2F66&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 1.2 kB URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=156191&sc=1&u=F0A10A19-0C9D-4254-A657-33C7ACBB2F66&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1524)
Hash 037ac2d50f3d7f7d465e2857cd6e8374
ceb2d951889de71fd2d58cdd1c48699868c542d3
2f9682b39672774e64ca4ab390a3ee3599c712ddb2b630cd770cee4e0e9d6426
GET /AdServer/SPug?o=1&p=156191&sc=1&u=F0A10A19-0C9D-4254-A657-33C7ACBB2F66&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 14 Mar 2023 00:26:00 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=156191&sc=1&u=F0A10A19-0C9D-4254-A657-33C7ACBB2F66&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 1.2 kB URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=156191&sc=1&u=F0A10A19-0C9D-4254-A657-33C7ACBB2F66&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1524)
Hash 037ac2d50f3d7f7d465e2857cd6e8374
ceb2d951889de71fd2d58cdd1c48699868c542d3
2f9682b39672774e64ca4ab390a3ee3599c712ddb2b630cd770cee4e0e9d6426
GET /AdServer/SPug?o=1&p=156191&sc=1&u=F0A10A19-0C9D-4254-A657-33C7ACBB2F66&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 14 Mar 2023 00:25:59 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 23bea55978aecf75acc4a13cb95aeac3
db838dbde8501244b69e4618df16dccc10fb3ae7
c786ce258833a69426fc0f0f26669715119b114cfe5348e3a20e5c3d70b78b1f
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 14 Mar 2023 00:26:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 13 Mar 2023 20:07:44 GMT
Expires: Tue, 14 Mar 2023 20:07:44 GMT
ETag: "db838dbde8501244b69e4618df16dccc10fb3ae7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
172.67.214.199200 OK 2.7 kB URL HTTP/2 adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
IP 172.67.214.199:0
File type HTML document, ASCII text, with very long lines (7486)
Hash 36791584a2c731b29c57cad29eae8132
d540fabf54fc0d210e8e3ea1149b5e928f921012
170da863748a9be05adaef00d6757dfc2ad8c35fc35259bf357f9474f62e1b69
GET /sync-all.html?gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: adxbid.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:26:00 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 26 Jan 2023 09:50:58 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNKTRTj8Xt9MGG%2FV0YkKv0J747kPXf0tJMux3L7ZnZjmh1%2B4K13ihcnBnifRkoFjXwzZn7QQunl%2F12TY8DdqBIyJnnRQoJu5mURuqInvGl7mu%2BYI63OAre8DDhERHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a7861f82d6c0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
user-sync.adxpremium.services/setuid?bidder=smartyads&uid=48ff1793fdf2cd384dc3e94c3fa1cb36d68dfa19f2f161745ba63500efe7a824
135.125.163.79200 OK 86 B URL HTTP/1.1 user-sync.adxpremium.services/setuid?bidder=smartyads&uid=48ff1793fdf2cd384dc3e94c3fa1cb36d68dfa19f2f161745ba63500efe7a824
IP 135.125.163.79:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c6641b08f4be6f479f1588af08054b3
8da28b3146834c48fd843b108749191516d2a65d
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
GET /setuid?bidder=smartyads&uid=48ff1793fdf2cd384dc3e94c3fa1cb36d68dfa19f2f161745ba63500efe7a824 HTTP/1.1
Host: user-sync.adxpremium.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adxbid.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 86
content-type: image/png
set-cookie: uids=eyJ0ZW1wVUlEcyI6eyJzbWFydHlhZHMiOnsidWlkIjoiNDhmZjE3OTNmZGYyY2QzODRkYzNlOTRjM2ZhMWNiMzZkNjhkZmExOWYyZjE2MTc0NWJhNjM1MDBlZmU3YTgyNCIsImV4cGlyZXMiOiIyMDIzLTAzLTI4VDAyOjI2OjAxLjE3ODQ3NTQ2MSswMjowMCJ9fSwiYmRheSI6IjIwMjMtMDMtMTRUMDE6MjY6MDEuMTc4NDc1MDcxKzAxOjAwIn0=; Path=/; Domain=adxpremium.services; Expires=Mon, 12 Jun 2023 00:26:01 GMT
date: Tue, 14 Mar 2023 00:26:01 GMT
static.criteo.net/js/ld/publishertag.prebid.117.js
178.250.1.3200 OK 31 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.117.js
IP 178.250.1.3:0
Hash 4344c5923a6aa1d84715a31b6a74008b
0066682a347442edc8f0e95ec6b9f6a02671d508
1553d5435a9aea37cb6ad4ce8d58669033f5bad58869c0a7dddb6a39ebd282eb
GET /js/ld/publishertag.prebid.117.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 14 Mar 2023 00:25:58 GMT
content-type: text/javascript
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
etag: W/"61cc54f6-15c19"
expires: Wed, 15 Mar 2023 00:25:58 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.171.21307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 14 Mar 2023 00:26:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: dfaf9907-5a8b-406f-a69f-e47a1ce70259
Set-Cookie: uuid2=2783037891230301364; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 12-Jun-2023 00:26:01 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.21200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 14 Mar 2023 00:26:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: cb0bd355-ccdd-43ff-a68d-93c9393c1814
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.171.21200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.171.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Tue, 14 Mar 2023 00:26:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: e7dde59b-718f-4498-bc39-792ae1ff90c8
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
static.criteo.net/js/ld/publishertag.prebid.js
178.250.1.3200 OK 30 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.1.3:0
File type ASCII text, with very long lines (65354)
Hash ac8c2a58a428b26340f1c1cf6da0c874
28d08b7b2bcd13d290dbcc5798692575207ca9ce
7d6117b6e22204ec2bff5ce8ce4dee0708db947887d011a8f85224fb9c6245a4
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 14 Mar 2023 00:25:58 GMT
content-type: text/javascript
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
etag: W/"63f86dec-16386"
expires: Wed, 15 Mar 2023 00:25:58 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
185.76.9.22200 OK 18 kB URL HTTP/2 vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (49655)
Hash 603b386efba733557a8b6bbce9c0340b
7c10e4c91880da2a08450634e10b4e5ee321a4a6
471c490ba796bab33d971353e11be3c06ab519d2e51b1bf49ba1a6ae6b0549e1
GET /sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D HTTP/1.1
Host: vid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:26:01 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 07 Feb 2023 16:45:57 GMT
etag: W/"63e28045-c234"
access-control-allow-origin: *
x-accel-expires: @1678899118
server: CDN77-Turbo
x-77-nzt: AblMCRTT0hj/a5kNAA
x-77-nzt-ray: af585630bd0cc13d19bf0f641188ac1a
x-cache: HIT
x-age: 891243
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 000bf0c1341a4944746d0c2c4bc90ebc
4dd76c74c9621c7901ca71c85caf1ce1dca9dbcb
5eced644a25ced1b694fe44ab90cfb9f8b522ee2e01b2764a7ffec6d145335a5
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 14 Mar 2023 00:26:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 13 Mar 2023 21:40:26 GMT
Expires: Tue, 14 Mar 2023 21:40:26 GMT
ETag: "4dd76c74c9621c7901ca71c85caf1ce1dca9dbcb"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
simage4.pubmatic.com/AdServer/SPug?o=1&p=156191&sc=1&u=F0A10A19-0C9D-4254-A657-33C7ACBB2F66&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 19 kB URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=156191&sc=1&u=F0A10A19-0C9D-4254-A657-33C7ACBB2F66&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (49655)
Hash cf2c21623e21489fba2d523323d4f92c
d08911a90034eecd5cc147d978b7b19aaedc395b
dfff23882cbaaab35177fa2f8afa29c0766cc849581d3c017e1e07b41a9e4d16
GET /AdServer/SPug?o=1&p=156191&sc=1&u=F0A10A19-0C9D-4254-A657-33C7ACBB2F66&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 14 Mar 2023 00:26:00 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
vpaid.vidoomy.com/sync/urlsvid.json
185.76.9.26200 OK 391 B URL HTTP/2 vpaid.vidoomy.com/sync/urlsvid.json
IP 185.76.9.26:0
ASN #60068 Datacamp Limited
File type JSON data\012- , ASCII text
Hash 967384cd9b729ca3ba6afd944cf148e8
72f1e924e24b7b25c5543ddecba9de3f3ea0953b
4e84d80da21ae7d36d6e7b60d4ba947035fab9a4074f3d2b2b3d10c6b019b816
GET /sync/urlsvid.json HTTP/1.1
Host: vpaid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vid.vidoomy.com
Connection: keep-alive
Referer: https://vid.vidoomy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:26:01 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 09 Feb 2023 09:51:05 GMT
etag: W/"63e4c209-42e"
access-control-allow-credentials: true
access-control-allow-origin: *
x-accel-expires: @1678893674
server: CDN77-Turbo
x-77-nzt: AblMCRSJNov/r64NAA
x-77-nzt-ray: af58563094ecbc3e19bf0f64e903a529
x-cache: HIT
x-age: 896687
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
user-sync.adxpremium.services/setuid?bidder=ix&uid=0
135.125.163.79200 OK 86 B URL HTTP/1.1 user-sync.adxpremium.services/setuid?bidder=ix&uid=0
IP 135.125.163.79:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c6641b08f4be6f479f1588af08054b3
8da28b3146834c48fd843b108749191516d2a65d
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
GET /setuid?bidder=ix&uid=0 HTTP/1.1
Host: user-sync.adxpremium.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://adxbid.info/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 86
content-type: image/png
set-cookie: uids=eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiIwIiwiZXhwaXJlcyI6IjIwMjMtMDMtMjhUMDI6MjY6MDEuOTQ1ODY1MTY5KzAyOjAwIn19LCJiZGF5IjoiMjAyMy0wMy0xNFQwMToyNjowMS45NDU4NjQ3NTErMDE6MDAifQ==; Path=/; Domain=adxpremium.services; Expires=Mon, 12 Jun 2023 00:26:01 GMT
date: Tue, 14 Mar 2023 00:26:01 GMT
ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=33988
expires: Tue, 14 Mar 2023 09:52:29 GMT
date: Tue, 14 Mar 2023 00:26:01 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
185.76.9.22200 OK 24 kB URL HTTP/2 vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (49655)
Hash 4eadedcd432ba52d0412010eb92e9c1e
9832138d0e6be10aa4761250b1447e585c9a33c6
578bef072518579abad34dd45394bec1ccf43abd65f7fa5483dc9cae32497ada
GET /sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D HTTP/1.1
Host: vid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:26:01 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Tue, 07 Feb 2023 16:45:57 GMT
etag: W/"63e28045-c234"
access-control-allow-origin: *
x-accel-expires: @1678899118
server: CDN77-Turbo
x-77-nzt: AblMCRSAKh7/a5kNAA
x-77-nzt-ray: af585630bd0cc13d19bf0f645976941a
x-cache: HIT
x-age: 891243
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
2.18.172.200200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
IP 2.18.172.200:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=33987
expires: Tue, 14 Mar 2023 09:52:29 GMT
date: Tue, 14 Mar 2023 00:26:02 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
prebid-stag.setupad.net/openrtb2/auction
172.67.68.162200 OK 2.0 kB URL HTTP/2 prebid-stag.setupad.net/openrtb2/auction
IP 172.67.68.162:0
File type JSON data\012- , ASCII text
Hash 8b867eba5657f58cb8dd7029c3581810
39358b4137f61fbc7c8b0f64547be1f7f0286818
57afd79916d311996aba457da2597378c17467b12a275c46937dab71779b0881
POST /openrtb2/auction HTTP/1.1
Host: prebid-stag.setupad.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 954
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
x-prebid: pbs-go/0.234.0-3-gde6ed827
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2F2ue8uM1qbd8U%2FHQO7R28on%2BluXi7qg84wZSlkME%2BAwB6WabCRV7Dnev0W0sIVuaqUDerlIa5Y7LOXmioXg7pxznp9eNMl%2Bm%2FK1vN8L58mAS6K7WsFv%2BRVRw8NSxyrXX9b12W%2BhwjfL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a7861da0fb80b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
216.52.2.48204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
IP 216.52.2.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adxbid.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 14 Mar 2023 00:26:02 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap5ams1
adx.adform.net/adx/openrtb
37.157.6.252200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.252:0
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 640
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://link1s.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 0 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 430
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 14 Mar 2023 00:25:57 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 921804
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
prebid-stag.setupad.net/cookie_sync
172.67.68.162200 OK 0 B URL HTTP/2 prebid-stag.setupad.net/cookie_sync
IP 172.67.68.162:0
POST /cookie_sync HTTP/1.1
Host: prebid-stag.setupad.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 82
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oCyNOW4vkz3wuQptau3tLkLhZQjIeerHh6zPlVCfxTsdoXViJ2zCATtLXkBuL6Ur9yTAl7Xl89WPW5JIr7HRudFj7Kc2fvxlxS5R%2BEjCyln9h5JSX5wifOFJg9Sd0yUBLIEvfd3dStp1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a7861db98930b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
x-crto-bundle: ZmJjh19Rd2JndVFobkhzMUQlMkIlMkJURUlieVZlV2FEUWV5MmthOGpQdUVYQnZoamFYd3ZBTHl1em9Oc1oybG01c1MxU2RrWERqQVowVklnWFglMkZ4NVpsRndFbGFuM2FyV2trWUJPWDRJWnd3OVM0JTJCdEZScVlKUmFpRkR3dk5JbzhVJTJGUkFxJTJCamFEOXRTQkVUalZnZ2xvRnluS3NxT3clM0QlM0Q
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:57 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 2242416
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5
185.76.9.24200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=79438&formatId=5 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
x-accel-expires: @1679289082
server: CDN77-Turbo
x-77-nzt: AblMCRQHrQL/lw4BAA
x-77-nzt-ray: af58563025f2e32111bf0f643165753b
x-cache: HIT
x-age: 69271
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.pbstck.com/index-refresh-301583c.js
104.22.1.93200 OK 0 B URL HTTP/2 cdn.pbstck.com/index-refresh-301583c.js
IP 104.22.1.93:0
GET /index-refresh-301583c.js HTTP/1.1
Host: cdn.pbstck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsVGBTrV5dskGRvKNDCwdMume1chPu_TyapYiwbFCbRNwS2Mncom76UqiFt4SP-kuhCmOFcqZXbFY8iScfGF3ajWg
x-goog-generation: 1670862129104500
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 41934
x-goog-hash: crc32c=krrFFQ==, md5=S/yUNDSMr1PgOgXz57Wm4w==
x-goog-storage-class: STANDARD
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Wed, 15 Mar 2023 01:27:10 GMT
cache-control: public, max-age=604800, immutable
last-modified: Mon, 12 Dec 2022 16:22:09 GMT
etag: W/"4bfc9434348caf53e03a05f3e7b5a6e3"
age: 513556
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 7a7861d88b00b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.6.252200 OK 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.252:0
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 14 Mar 2023 00:25:55 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://link1s.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.232200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.232:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:57 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 73768
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
link1s.com/MuseDash310
151.139.128.10200 OK 0 B IP 151.139.128.10:0
GET /MuseDash310 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:53 GMT
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
set-cookie: SPSI=8211079302298ef61dd921cf0f58265a; path=/; HttpOnly; SameSite=Lax;
SPSE=XSwgoiuonw5w/+6BNGRJ9ZkZ2pzs7Hd59LbdO50rSLkdgOhWcKXHf4m7OAhmVcIhICcDP8Ognov0Zyh14IjOmw==; path=/; HttpOnly; SameSite=Lax;
spcsrf=c942c2464425437e36d7817ee5c277bc; path=/; SameSite=Strict; HttpOnly; expires=Tue, 14-Mar-23 02:25:53 GMT
adOtr=obsvl; path=/; SameSite=Lax; expires=Thu, 2 Aug 2001 20:47:11 UTC
UTGv2=D-h4dc713a326118625aa22747daaf31301655; path=/; SameSite=Lax; expires=Sun, 10-Sep-23 00:25:53 GMT
lang=en_US; expires=Fri, 08-Mar-2024 00:25:53 GMT; Max-Age=31104000; path=/
AppSession=jurr5iqb14fi5hskfrs35hsote; path=/; HttpOnly
csrfToken=29ab678edb58048b9493f9724cf1ca8b65360a6f3759c3d70c7ad201c4a6f1c8bddec58f1042f8a3826ef22a764a9514cf0710f5b6dc1b8fd0200e8f5bb31d86; path=/; HttpOnly
sp_lit=71O+PsHnZccEc49b+2SIBw==; path=/; SameSite=Strict; HttpOnly; expires=Tue, 14-Mar-23 00:30:53 GMT
x-hw: 1678753553.cds239.sk1.hn,1678753553.cds220.sk1.sc,1678753553.cdn2-wafbe04-arn1.stackpath.systems.-.wx,1678753553.cds220.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=5
185.76.9.24200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=5
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /s/gen.js?type=5 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=604800
x-accel-expires: @1679288680
server: CDN77-Turbo
x-77-nzt: AblMCRR0oCb/KRABAA
x-77-nzt-ray: af58563025f2e32111bf0f6492295c3b
x-cache: HIT
x-age: 69673
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
prebid-stag.setupad.net/openrtb2/auction
172.67.68.162200 OK 0 B URL HTTP/2 prebid-stag.setupad.net/openrtb2/auction
IP 172.67.68.162:0
POST /openrtb2/auction HTTP/1.1
Host: prebid-stag.setupad.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1045
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
x-prebid: pbs-go/0.234.0-3-gde6ed827
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YbMyIAUqjC7AsQWGHSM6v%2Bcn7haWCzu6zPdFjdw9FfBH6%2BqNegjkQAopy3oZjAyEnwBeL4eJATKtk4lTwzJsMhuMi81d2TUDkN7%2FcGFS6p4ftjhQqh3gsaH%2BNYOM7iF4FO6Rdjtr1BjU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a7861db98950b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.159200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.159:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:56 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "sCsI4IX19r4ykIX4lYSZTA=="
expires: Tue, 21 Mar 2023 00:25:56 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.1.11200 OK 0 B IP 178.250.1.11:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=PVpiMF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVLanF5Z1lGVVNrTVQ4SVVkSjg3eGRqTU1OYUJTSUNVVSUyQjhXZXpiRTh0SA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:57 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=Bk6wCF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czVLanF5Z1lGVVNrTVQ4SVVkSjg3eGNpcTB0eDdXSkd4N3FzNndqM2puYWE; expires=Sun, 07 Apr 2024 00:25:57 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 190957
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:300,400,700,900
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:300,400,700,900
IP 142.250.74.106:0
GET /css?family=Lato:300,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 14 Mar 2023 00:25:54 GMT
date: Tue, 14 Mar 2023 00:25:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
prebid-stag.setupad.net/cookie_sync
172.67.68.162200 OK 0 B URL HTTP/2 prebid-stag.setupad.net/cookie_sync
IP 172.67.68.162:0
POST /cookie_sync HTTP/1.1
Host: prebid-stag.setupad.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 82
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psAIfOLLwjepzTSXVsye2pJoYTvxTFUdyJMCc41nmv5MDohY2x13%2BEV153HIp5Yifv4dHSzoGA%2Fcl64CN3TW%2F8ncwAroObJQ6AuifkuLXr%2FD9k9AYu%2FWR8UkthtaLwsnjR6O1ppjof7b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a7861da0fba0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
185.76.9.24200 OK 0 B URL HTTP/2 ads.themoneytizer.com/moneybid7_35/build/dist/prebid.js
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /moneybid7_35/build/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 06 Feb 2023 22:21:08 GMT
expires: Tue, 14 Mar 2023 05:04:33 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1678770273
server: CDN77-Turbo
x-77-nzt: AblMCRSydef/MhABAA
x-77-nzt-ray: af58563025f2e32113bf0f64a034d92b
x-cache: HIT
x-age: 69682
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
vpaid.vidoomy.com/sync/urlsvid.json
185.76.9.26200 OK 0 B URL HTTP/2 vpaid.vidoomy.com/sync/urlsvid.json
IP 185.76.9.26:0
ASN #60068 Datacamp Limited
GET /sync/urlsvid.json HTTP/1.1
Host: vpaid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vid.vidoomy.com
Connection: keep-alive
Referer: https://vid.vidoomy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:26:01 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 09 Feb 2023 09:51:05 GMT
etag: W/"63e4c209-42e"
access-control-allow-credentials: true
access-control-allow-origin: *
x-accel-expires: @1678893674
server: CDN77-Turbo
x-77-nzt: AblMCRRywIr/r64NAA
x-77-nzt-ray: af58563094ecbc3e19bf0f64e403b828
x-cache: HIT
x-age: 896687
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?t=prebid
188.42.34.64200 OK 0 B URL HTTP/2 ads.betweendigital.com/adjson?t=prebid
IP 188.42.34.64:0
POST /adjson?t=prebid HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 439
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:25:55 GMT; Path=/; Domain=.betweendigital.com
tuuid=fc6fac61-7464-5249-b9a6-e0b9dda95faa; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:25:55 GMT; Path=/; Domain=.betweendigital.com
ut=ZA-_EwAKuhhe-TjReuDMJ-e4rQ_k7es8Vph_Mg==; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:25:55 GMT; Path=/; Domain=.betweendigital.com
unm=1; Max-Age=31536000; Expires=Wed, 13 Mar 2024 00:25:55 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 581979
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=link1s.com
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=link1s.com
IP 178.250.0.157:0
GET /syncframe?origin=publishertag&topUrl=link1s.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:57 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=315ac8b2-2163-49b8-bf31-cc48efe26958; expires=Sun, 07 Apr 2024 00:25:58 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 567939
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 0 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 433
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 14 Mar 2023 00:25:56 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 0 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 430
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 14 Mar 2023 00:25:56 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
104.22.0.93200 OK 0 B URL HTTP/2 boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
IP 104.22.0.93:0
GET /v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 HTTP/1.1
Host: boot.pbstck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a7861d7ccb30b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.pbstck.com/index-monitoring-301583c.js
104.22.1.93200 OK 0 B URL HTTP/2 cdn.pbstck.com/index-monitoring-301583c.js
IP 104.22.1.93:0
GET /index-monitoring-301583c.js HTTP/1.1
Host: cdn.pbstck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycduYzpOirRYTJkPVFrEXZz1R1EfwPcp-mV2g8LWBnD6d3j5pHi0wwi9tX2CI3l52kGrfUO70gbfL0RA-rizISUxOjQ
x-goog-generation: 1670862125732888
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 50705
x-goog-hash: crc32c=K58Y6w==, md5=J5Ko9RAqKOo1ZwtMEdZrfQ==
x-goog-storage-class: STANDARD
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Wed, 15 Mar 2023 11:13:35 GMT
cache-control: public, max-age=604800, immutable
last-modified: Mon, 12 Dec 2022 16:22:05 GMT
etag: W/"2792a8f5102a28ea35670b4c11d66b7d"
age: 477743
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 7a7861d88b03b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
104.22.25.87200 OK 0 B URL HTTP/2 spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
IP 104.22.25.87:0
GET /?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://link1s.com
set-cookie: zc=bfe19ae0-1d97-40bc-4672-730d2ebbf8a3; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
zsc=~%87%D2Z%ADf%09%9F%145%FB%60%8Fz%EF%E7J%8B%F4%B5.%D7%F1n%B0%E6%87%F0%0F%0C%B7%19%BD%A49j%B5%7D%E9%60%CF%5E%8C%E46%B4%0DN%27%BF%A3%BB%D4%06h%2C%92%ABM%0B%E4%25%9Ft%DBJ%C2%7C%E8c%27%3D%92f%29i%F2%02%BE%9B%C8eT; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7a7861dc08250b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4e1dd559-9f21-441b-a65c-583f5ab47774
185.64.189.110302 Found 0 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4e1dd559-9f21-441b-a65c-583f5ab47774
IP 185.64.189.110:0
GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4e1dd559-9f21-441b-a65c-583f5ab47774 HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 14 Mar 2023 00:25:55 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Mon, 12-Jun-2023 00:25:55 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D4e1dd559-9f21-441b-a65c-583f5ab47774
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 433035
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
prebid-stag.setupad.net/cookie_sync
172.67.68.162200 OK 0 B URL HTTP/2 prebid-stag.setupad.net/cookie_sync
IP 172.67.68.162:0
POST /cookie_sync HTTP/1.1
Host: prebid-stag.setupad.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 82
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 14 Mar 2023 00:25:56 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PK7Y9%2FhiSVplp%2B0ZSV1mOprhTbc%2FgoPO4sOqi4vAO4pNXpyE0%2BJYbgI2gcye5jnw1hwfVAdncwlq%2BMLOrCdSzhcDUMmqTXdSRw1vP1ZI0s7CWD%2BgCtpX4xW8oFCHow1BL845ztPwSADv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a7861de09ea0b02-OSL
content-encoding: br
X-Firefox-Spdy: h2