iplogger.com/
148.251.234.93301 Moved Permanently 162 B IP 148.251.234.93:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: iplogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 02 Feb 2023 16:15:23 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://iplogger.com/
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11053
Expires: Thu, 02 Feb 2023 19:19:36 GMT
Date: Thu, 02 Feb 2023 16:15:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5724
Expires: Thu, 02 Feb 2023 17:50:47 GMT
Date: Thu, 02 Feb 2023 16:15:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 15:43:31 GMT
content-type: application/json
age: 1912
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4590
Expires: Thu, 02 Feb 2023 17:31:53 GMT
Date: Thu, 02 Feb 2023 16:15:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LL3BHR2O0v6BCshsP3W+FAI63604KO1AHCBBtxp7X253ql67eTUEsHt3dRMyftuvw6mAucC3seg=
x-amz-request-id: 5Z5ZWD49HF2WBFGH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 15:52:02 GMT
age: 1401
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:23 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 15:49:05 GMT
age: 1579
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15386
Expires: Thu, 02 Feb 2023 20:31:50 GMT
Date: Thu, 02 Feb 2023 16:15:24 GMT
Connection: keep-alive
m.servedby-buysellads.com/monetization.js
151.139.128.10200 OK 15 kB URL HTTP/2 m.servedby-buysellads.com/monetization.js
IP 151.139.128.10:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 85d54420276f0a2a1a20a03edcc162be
041a904ac4ca84220ca28fdbcdaca5932881fa71
aeb448acb97854f5cd47b44575c593d83fe34593a15a19531b334f1aaa9f793f
GET /monetization.js HTTP/1.1
Host: m.servedby-buysellads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:24 GMT
cache-control: max-age=2743
content-encoding: gzip
content-length: 14771
content-type: application/javascript
last-modified: Fri, 03 Jun 2022 18:18:52 GMT
accept-ranges: bytes
x-amz-id-2: cPcgeb4RqDpKlugauYsT8YixgTfcaSOzG9PDuk8QPac4gVurRYdrVTnb1cDNgmeWe6GYa9dpCvo=
x-amz-request-id: 6PG1Y74B96RYM0N9
etag: "4896c8077f50520418d4d1ab293b6545"
x-amz-meta-s3cmd-attrs: atime:1654280297/ctime:1654280295/gid:1000/gname:nathan/md5:4896c8077f50520418d4d1ab293b6545/mode:33204/mtime:1654280295/uid:1000/uname:nathan
server: AmazonS3
x-hw: 1675354524.cds240.sk1.hn,1675354524.cds069.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bbeb609cbf32a8842bf96a124588e65e
40c0f548bcb714731f62df5a27cad21adef0463d
502c60a18a13b84598933731d182aafd4b83576bfc56451b36f9238c621a571d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.iplogger.org/js/main.js?1.6.3
148.251.234.83200 OK 721 B URL HTTP/2 cdn.iplogger.org/js/main.js?1.6.3
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CR, LF line terminators
Hash 33889b96d165b0ef1239ae39eaa8df58
c5c6f2284c422fcf9ec33bad57ce3cd107ace941
8ac2358bf1a5388fd9b09e458ef26da4cac7d06e4bdf8f8574b3bc0d9a1616a1
GET /js/main.js?1.6.3 HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: application/javascript
content-length: 721
last-modified: Thu, 28 Jan 2021 05:55:57 GMT
etag: "601251ed-2d1"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/domain.svg
148.251.234.83200 OK 3.1 kB URL HTTP/2 cdn.iplogger.org/domain.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (3068)
Hash 8d5ed8ccf2f2adb7e27fdcfacb633c7b
da17572a71fe5007e3783212c221a9ad47580d99
17ff79820dca4fb785baec7023d40ff31e25f01fde915615c06142340c3f7ac5
GET /domain.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
content-length: 3090
last-modified: Sun, 27 Feb 2022 08:20:56 GMT
etag: "621b3468-c12"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/main-banner/main_banner_bg.webp
148.251.234.83200 OK 32 kB URL HTTP/2 cdn.iplogger.org/main-banner/main_banner_bg.webp
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x891, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 9d5b219da63100f133584032405e4b9e
243f897213524fe7e6a1288e5cf2465a4b0b0e64
bd7b039d14ed94dc5f4d093327eaf1defee0c94bdfb6665721e0f3c65a27a8b8
GET /main-banner/main_banner_bg.webp HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/webp
content-length: 31706
last-modified: Sun, 15 Nov 2020 14:54:59 GMT
etag: "5fb14143-7bda"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.160.57.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.57.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: z9ctb1600+/kb+UsmoCTDA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4Z31KidOa7ShQy/l4lIYVQPh870=
cdn.iplogger.org/logo.png
148.251.234.83200 OK 3.7 kB URL HTTP/2 cdn.iplogger.org/logo.png
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 154 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash b0e687f2ea783da9115b2a27f6882c4c
9e3a6c7acf23d60889abed2f0d006388ffcf4247
5ca5ce4a4016c724e9b6126d554089acc219b45c03ff8c94a3e7ed68ca05b31c
GET /logo.png HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/template.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/png
content-length: 3672
last-modified: Fri, 13 Nov 2020 09:45:42 GMT
etag: "5fae55c6-e58"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/tg-badge.png
148.251.234.83200 OK 15 kB URL HTTP/2 cdn.iplogger.org/tg-badge.png
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 21bc3f260f278abfb71c21200f37f4ea
bda39e7557c5315a1dbbb089387f8aa09270ea1a
9f8b4c21adc1635b2b7a42b6a7e04d37b6ddc677efce940c5fcdc7fc1bbbd777
GET /tg-badge.png HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/template.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/png
content-length: 14794
last-modified: Sat, 22 Oct 2022 09:48:24 GMT
etag: "6353bc68-39ca"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/google-play-badge.png
148.251.234.83200 OK 15 kB URL HTTP/2 cdn.iplogger.org/google-play-badge.png
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 564 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash 890ce811743c1551544c8555f0b54da5
f905e428b5781998d7bd66631631423611c6c281
6794402f4ce1f6e854461259a40105b16f31974a3ae60502d3780b064276554b
GET /google-play-badge.png HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/template.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/png
content-length: 14720
last-modified: Mon, 04 Apr 2022 10:43:31 GMT
etag: "624acbd3-3980"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/icons/tools_arrow_down.svg
148.251.234.83200 OK 504 B URL HTTP/2 cdn.iplogger.org/icons/tools_arrow_down.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (402)
Hash b71237340729353473177bf53124c8ea
b42cb581adfa72d7c96b7c83f9b5f8b9159a9f6b
9242ba850c58937db36bec11db95ab59c01651bc2ca7889d55a35fdcdae3511e
GET /icons/tools_arrow_down.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/template.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
content-length: 504
last-modified: Fri, 13 Nov 2020 18:38:46 GMT
etag: "5faed2b6-1f8"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/main-banner/banner_arrows_down.svg
148.251.234.83200 OK 1.2 kB URL HTTP/2 cdn.iplogger.org/main-banner/banner_arrows_down.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (429)
Hash 09c25f2d65fd597126e04f07d2c80586
3c883ac623152d74c7f84d6e644cb6342c979e06
7cd0f94808f330ada1174fbb1d5c20aece930c6cd03dabbc5d1fd6842d93c565
GET /main-banner/banner_arrows_down.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/main.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
content-length: 1154
last-modified: Fri, 13 Nov 2020 12:11:57 GMT
etag: "5fae780d-482"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/icons/tools_1.svg
148.251.234.83200 OK 2.0 kB URL HTTP/2 cdn.iplogger.org/icons/tools_1.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (486)
Hash 800553b746fea7ece5522481d436920a
cfc6e43dd3897b447fbd8cc35de7edbc6e501bc8
f878cac46f254fdec5d7a5f097470ea7753e52b213f57a9f42492cc96f669a24
GET /icons/tools_1.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/main.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
content-length: 1987
last-modified: Mon, 02 Nov 2020 09:40:53 GMT
etag: "5f9fd425-7c3"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/after_link_arrow.svg
148.251.234.83200 OK 231 B URL HTTP/2 cdn.iplogger.org/after_link_arrow.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 06c865727efa55bf3a77ca036cbef407
52cbdb011e3b66d6ecdb5dabadbb92b06791b531
450c6ad62f1d38659faa4d1808028d4a3bdf23224cca8ceb6c20addab7fa19dc
GET /after_link_arrow.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/main.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
content-length: 231
last-modified: Fri, 13 Nov 2020 12:22:25 GMT
etag: "5fae7a81-e7"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/icons/tools_14.svg
148.251.234.83200 OK 5.7 kB URL HTTP/2 cdn.iplogger.org/icons/tools_14.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1509)
Hash b9fa0be35e8d07a0bf229575f7daf7c6
b510c59b666bf2542a339737954f1cbefbdda81e
366625d97f7aa2fbee7a230694b0e3012a559ca9d1102ca1be32a91758f92b3a
GET /icons/tools_14.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/main.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
content-length: 5690
last-modified: Tue, 05 Jul 2022 10:47:32 GMT
etag: "62c416c4-163a"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/icons/tools_2.svg
148.251.234.83200 OK 2.5 kB URL HTTP/2 cdn.iplogger.org/icons/tools_2.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (784)
Hash 0b2fef95d59ad89ead3b266dd825a3e2
9b94021d96f9c0a2192a994f8b489adeed421a36
0d8ff4fca5c6f7537ffba3c55c92a44adaec6ef252844a1bfb981a4c2f80728f
GET /icons/tools_2.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/main.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
content-length: 2523
last-modified: Mon, 02 Nov 2020 09:42:43 GMT
etag: "5f9fd493-9db"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/icons/tools_4.svg
148.251.234.83200 OK 2.4 kB URL HTTP/2 cdn.iplogger.org/icons/tools_4.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash faa94970a4d54c0c8253e50f395621bf
0688e5cc81221ac008f2943c8be9c5155e8236cc
427e00362ad6cde3343c2622e56e69952b671507e038d7d88e6bd007755969e1
GET /icons/tools_4.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/main.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
content-length: 2412
last-modified: Mon, 02 Nov 2020 09:43:34 GMT
etag: "5f9fd4c6-96c"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/icons/tools_6.svg
148.251.234.83200 OK 9.5 kB URL HTTP/2 cdn.iplogger.org/icons/tools_6.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (761)
Hash b0d55728d58e625f5615828197856141
e3aac9b958c9d1022a6184dfb1e73440add3c06d
00044bc22caa4b65bb3cd2172e23151b1a28821f281455415823ab313f4378ca
GET /icons/tools_6.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/main.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
content-length: 9508
last-modified: Mon, 02 Nov 2020 09:44:22 GMT
etag: "5f9fd4f6-2524"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/icons/tools_5.svg
148.251.234.83200 OK 650 B URL HTTP/2 cdn.iplogger.org/icons/tools_5.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (548)
Hash f99b28ff821eddc7f9ca4d02c03f8067
2f03134e6935cc5541a1682f8a050b1331f730c8
79ef3b24be098db722380c42c08c9ebaa16d432021a1674f6f1889ae98a5722f
GET /icons/tools_5.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/main.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
content-length: 650
last-modified: Mon, 02 Nov 2020 09:43:59 GMT
etag: "5f9fd4df-28a"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/icons/tools_7.svg
148.251.234.83200 OK 3.3 kB URL HTTP/2 cdn.iplogger.org/icons/tools_7.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (411)
Hash 4c6eaf0cf7bc3a828ed7ea8084d356bf
70bd107d73183b4bd57841a9d2f6f427602628e2
56fdcfd42941f5cdf5a51c1a2b8c928ca33103b571fde7f599aa7a364c8e78b1
GET /icons/tools_7.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/main.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
content-length: 3288
last-modified: Thu, 31 Mar 2022 10:47:26 GMT
etag: "624586be-cd8"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/icons/tools_12.svg
148.251.234.83200 OK 4.9 kB URL HTTP/2 cdn.iplogger.org/icons/tools_12.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 84102ce0802b8712a1fdc8a1efa72e55
26ba4179271e9fe59c68b1a1c2bbf422e7b99969
fc868906b9c6da83202bd4cfa1685ca822b8d1606f6a11d0e6483f26eeb64c6c
GET /icons/tools_12.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/main.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
content-length: 4880
last-modified: Mon, 09 Aug 2021 07:31:47 GMT
etag: "6110d9e3-1310"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn4.buysellads.net/pub/iplogger.js?1675354200000
151.139.128.10200 OK 174 kB URL HTTP/2 cdn4.buysellads.net/pub/iplogger.js?1675354200000
IP 151.139.128.10:0
File type ASCII text, with very long lines (62599)
Size 174 kB (174225 bytes)
Hash 8a79119de1aeae48f43d8be03cb84c34
13d5b7c7907426ed934bfa1c593544486cc5da75
232f8c0b89c9d7c0e0bcd469160537a3fee82a2bcd21658f36e8d752c529d420
GET /pub/iplogger.js?1675354200000 HTTP/1.1
Host: cdn4.buysellads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:25 GMT
content-encoding: gzip
content-length: 174225
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 16:02:05 GMT
accept-ranges: bytes
x-amz-id-2: EkYFVdPuBd3G9JXgCIQ8NuVhrWKYDxjzX6CErya7hhFrBFk/QQXMpSkFLnaTamjtAuPXErshS8c=
x-amz-request-id: QSTYXHFW89QY3P1P
etag: "eb6f8ed8154f3024c11596b865688615"
cache-control: max-age=3600
server: AmazonS3
x-hw: 1675354525.cds213.sk1.hn,1675354525.cds223.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.iplogger.org/icons/tools_3.svg
148.251.234.83200 OK 43 kB URL HTTP/2 cdn.iplogger.org/icons/tools_3.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
Hash e7888deaf9335bcaed80025e3779b171
c99edb4e76be87afad83636455060f414cd50d32
ee86faf37e2b1007c4db6c06d6573af7fa9cab2efa8dabb54cbebf17615b7d34
GET /icons/tools_3.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/main.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
last-modified: Wed, 02 Feb 2022 10:20:27 GMT
etag: W/"61fa5aeb-1d988"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.iplogger.org/css/libs.css?1.6.3
148.251.234.83200 OK 26 kB URL HTTP/2 cdn.iplogger.org/css/libs.css?1.6.3
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
Hash 4703dbaef7c6174a1d71bcf2b5112597
f3ecb6ef48b636398287131dbd1c5d4a953e0b90
851053d43b1903fb297a99dcccd44d01e9882d10ee75acb7f131fae27b9698dc
GET /css/libs.css?1.6.3 HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: text/css
last-modified: Sat, 11 Jun 2022 04:52:36 GMT
etag: W/"62a41f94-7294"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.iplogger.org/js/selectize.min.js
148.251.234.83200 OK 53 kB URL HTTP/2 cdn.iplogger.org/js/selectize.min.js
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
Hash 5579876efa21cee5d6c015d253e68d37
4b18eb369d72364fb3069fa15fdd71ecca4334f9
fdeee2550e2955bf66e37abdfa67c26ac3168add8f8c0d651b93064c669b2383
GET /js/selectize.min.js HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: application/javascript
last-modified: Wed, 21 Nov 2018 16:23:58 GMT
etag: W/"5bf5869e-b309"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.iplogger.org/attention.svg
148.251.234.83200 OK 2.5 kB URL HTTP/2 cdn.iplogger.org/attention.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1289)
Hash 62bf639b60807545c01ffe93a069290d
1eea3343765a3c8770b0ae396a9da94f78e972de
7dc30d6928e58f058f551f23e6dcaf155a06a771c2de6a270ba089ce1fc2c9fa
GET /attention.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/template.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
content-length: 2504
last-modified: Fri, 13 Nov 2020 10:29:05 GMT
etag: "5fae5ff1-9c8"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/css/template.css?1.6.3
148.251.234.83200 OK 9.9 kB URL HTTP/2 cdn.iplogger.org/css/template.css?1.6.3
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
Hash 48a7e79b515ca911241a98eafa481150
72c90747785ae1f1a95b8dd026ac77e0081e3e92
fc5ae380ffd31d068bd9680c802af97de221f913a60d1ec02b5f076e6c5ff3a8
GET /css/template.css?1.6.3 HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: text/css
last-modified: Fri, 16 Dec 2022 07:16:52 GMT
etag: W/"639c1b64-a0cc"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.iplogger.org/logo-twitter-white-opacity.svg
148.251.234.83200 OK 2.3 kB URL HTTP/2 cdn.iplogger.org/logo-twitter-white-opacity.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1211)
Hash 7ded801722c3354adb6663b5ba74a24c
9d18d8425cfc9ce6eaa4223f38bfc5a5c1997dc6
84cf569fc6c79862aaf9727156a2d9fa077e6cb264b2f8e8f58c1551ef7597a3
GET /logo-twitter-white-opacity.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/template.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
content-length: 2257
last-modified: Thu, 21 Jun 2018 11:04:42 GMT
etag: "5b2b864a-8d1"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/js/jquery-3.6.1.min.js
148.251.234.83200 OK 32 kB URL HTTP/2 cdn.iplogger.org/js/jquery-3.6.1.min.js
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
Hash 05827e5dd1e0c99798424529d30d71e2
5f832c182caba001d1b91bb432db85786f14459e
6f34b1b01427b3c0c2dd23bdcc3a3a2788ac636179e5be626e6371d202b76178
GET /js/jquery-3.6.1.min.js HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: application/javascript
last-modified: Fri, 11 Nov 2022 06:50:33 GMT
etag: W/"636df0b9-15e40"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.iplogger.org/css/main.css?1.6.3
148.251.234.83200 OK 4.8 kB URL HTTP/2 cdn.iplogger.org/css/main.css?1.6.3
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
Hash 412fa905157828493e613644e6367ae6
517c1c34cc1d582c6babd6417ee0148ee9cd52c6
05880dc773635771211df812ff06b5a2e71ab4722e197e43972712c62a68637f
GET /css/main.css?1.6.3 HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: text/css
last-modified: Sun, 06 Nov 2022 11:47:32 GMT
etag: W/"63679ed4-29ae"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 324805
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.iplogger.org/countries/us.webp
148.251.234.83200 OK 290 B URL HTTP/2 cdn.iplogger.org/countries/us.webp
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Hash b8250af6fd4a450b84ea6c3eb434cc15
1f14234b1e74000a1f2e44f3e0ea66ad8d25a20b
b328b80a033e87926e4d9c7963e8bdc071b4051c55144489ad1569d1213986da
GET /countries/us.webp HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/libs.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/webp
content-length: 290
last-modified: Mon, 06 Apr 2020 17:14:38 GMT
etag: "5e8b637e-122"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/countries/ru.webp
148.251.234.83200 OK 56 B URL HTTP/2 cdn.iplogger.org/countries/ru.webp
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Hash 34a475743b6398ef29bdb2693290987b
18c17057c7a1e7d3f98428f381e5ef72e64e1f22
e0695d487d92393f8d9380a8178772da3aaeddaa6156d3b0b400a7b3a0e47cce
GET /countries/ru.webp HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/libs.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/webp
content-length: 56
last-modified: Mon, 06 Apr 2020 17:14:36 GMT
etag: "5e8b637c-38"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/countries/es.webp
148.251.234.83200 OK 276 B URL HTTP/2 cdn.iplogger.org/countries/es.webp
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type RIFF (little-endian) data, Web/P image\012- data
Hash b84d75358a551b070720f47e79e8a72c
46ef9d5708d3830f0f3666d8bc89f85b16dc8a4a
829416046a1f4c95b98b95b1d8806039685a7e0c418649d2299963c7029c990d
GET /countries/es.webp HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/libs.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/webp
content-length: 276
last-modified: Mon, 06 Apr 2020 17:14:36 GMT
etag: "5e8b637c-114"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
iplogger.com/
148.251.234.93301 Moved Permanently 10 kB IP 148.251.234.93:0
ASN #24940 Hetzner Online GmbH
File type gzip compressed data, from Unix\012- data
Hash 1c5ef0101adfa124dbc23bc4d9a25ddd
b7507fb6cb23fbe7bf6d023afa3b6d6a6005d54f
b79c59aa79268b75d114a5524ccd156fbd2a935f1900b381c27670c9efe549a7
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: iplogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: text/html; charset=UTF-8
location: https://iplogger.org/
set-cookie: clhf03028ja=91.90.42.154; expires=Fri, 02-Feb-2024 16:15:24 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict
strict-transport-security: max-age=604800
content-security-policy: img-src https: data:; upgrade-insecure-requests
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
iplogger.org/1nFPF4.png
148.251.234.83200 OK 9.7 kB IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash c146e0ba54b1fa73628fd5fa571f5b0f
9f95e981f7c9b7acf7a3025f1883ad7da335d6cb
f524bd338a40c16622becaec6e694c344c02d5b0d22741f478f390d9d9be7c59
GET /1nFPF4.png HTTP/1.1
Host: iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/png
set-cookie: clhf03028ja=91.90.42.154; expires=Fri, 02-Feb-2024 16:15:24 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict
375263811532635802=2; expires=Fri, 02-Feb-2024 16:15:24 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict
expires: Thu, 02 Feb 2023 16:15:24 +0000
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
142.250.74.74200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
IP 142.250.74.74:0
Hash ad52981fc2b42f5d0708c9c7c6188a63
fb1a15f53908febd3862cfe125650f3af6ab58f4
a4ff29c47ae2f71b13e7ae37b6be5cd8160e36396041ad4b168bfe8a22687600
GET /css2?family=Roboto:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 02 Feb 2023 16:15:24 GMT
date: Thu, 02 Feb 2023 16:15:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn4.buysellads.net/acceptable.gif?ch=1&rn=8.944427304428444
151.139.128.10200 OK 43 B URL HTTP/2 cdn4.buysellads.net/acceptable.gif?ch=1&rn=8.944427304428444
IP 151.139.128.10:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /acceptable.gif?ch=1&rn=8.944427304428444 HTTP/1.1
Host: cdn4.buysellads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:25 GMT
accept-ranges: bytes
cache-control: no-cache
content-length: 43
content-type: image/gif
x-hw: 1675354525.cds213.sk1.hn,1675354525.cds249.sk1.sc,1675354525.cds249.sk1.p
x-amz-id-2: jidOqHj4S0pOHRF9mH2fW3cOgQCZSkruWtaPhBMR8tdfu4cxy3+KNZW5Yoof0Wamzqd7ruopVY0=
x-amz-request-id: CDBWS8KYV1QPJW24
etag: "b4491705564909da7f9eaf749dbbfbb1"
server: AmazonS3
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn4.buysellads.net/acceptable.gif?ch=2&rn=9.95674656210913
151.139.128.10200 OK 43 B URL HTTP/2 cdn4.buysellads.net/acceptable.gif?ch=2&rn=9.95674656210913
IP 151.139.128.10:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /acceptable.gif?ch=2&rn=9.95674656210913 HTTP/1.1
Host: cdn4.buysellads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:25 GMT
accept-ranges: bytes
cache-control: no-cache
content-length: 43
content-type: image/gif
x-hw: 1675354525.cds213.sk1.hn,1675354525.cds213.sk1.sc,1675354525.cds213.sk1.p
x-amz-id-2: 6m+MqHRbJv0dCKC2fcdxqsQ2lk8O/KIfuJ8zSiNqo5TkVOtNJfTWS8bykPjsdTfVh20HBjjxVZs=
x-amz-request-id: CDBG2WCASTH9WSQE
etag: "b4491705564909da7f9eaf749dbbfbb1"
server: AmazonS3
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d919252f27c43599fab6a10331b3133a
12381ec6f1ea484e49568fe296e640a59d4c50a6
d85a3ebe52fd750317e266098d342dedf20ef7578daf627ac6e8aafb366bca40
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 06:26:33 GMT
Expires: Wed, 08 Feb 2023 06:26:32 GMT
Etag: "12381ec6f1ea484e49568fe296e640a59d4c50a6"
Cache-Control: max-age=482466,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793439b5b9afb4fd-OSL
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 183979
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn4.buysellads.net/acceptable.gif?ch=1&rn=9.95674656210913
151.139.128.10200 OK 43 B URL HTTP/2 cdn4.buysellads.net/acceptable.gif?ch=1&rn=9.95674656210913
IP 151.139.128.10:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /acceptable.gif?ch=1&rn=9.95674656210913 HTTP/1.1
Host: cdn4.buysellads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:25 GMT
accept-ranges: bytes
cache-control: no-cache
content-length: 43
content-type: image/gif
x-hw: 1675354525.cds213.sk1.hn,1675354525.cds022.sk1.sc,1675354525.cds022.sk1.p
x-amz-id-2: O9i7EmvrdXmyaett91+e3y/I7YjNU5jD5ozriN40CF7unJi8DP6ZDLmsdsJ6D1PP98c5mcCloWM=
x-amz-request-id: CDBJRECZFBRYB503
etag: "b4491705564909da7f9eaf749dbbfbb1"
server: AmazonS3
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn4.buysellads.net/acceptable.gif?ch=2&rn=8.944427304428444
151.139.128.10200 OK 43 B URL HTTP/2 cdn4.buysellads.net/acceptable.gif?ch=2&rn=8.944427304428444
IP 151.139.128.10:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /acceptable.gif?ch=2&rn=8.944427304428444 HTTP/1.1
Host: cdn4.buysellads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:25 GMT
accept-ranges: bytes
cache-control: no-cache
content-length: 43
content-type: image/gif
x-hw: 1675354525.cds213.sk1.hn,1675354525.cds016.sk1.sc,1675354525.cds016.sk1.p
x-amz-id-2: vaAdcGNEpYt/pM9EkdFxpmHQJ7DF7fNwXNShWOXCYaKd7ESEDdfx2OYQ4nHhHUzDlwQ9xCBvK2Y=
x-amz-request-id: CDBXP1CHGFSD2GJV
etag: "b4491705564909da7f9eaf749dbbfbb1"
server: AmazonS3
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
srv.buysellads.com/ads/CK7IT53I.json?segment=placement:iploggerorg
206.189.18.245200 OK 990 B URL HTTP/2 srv.buysellads.com/ads/CK7IT53I.json?segment=placement:iploggerorg
IP 206.189.18.245:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (1813), with no line terminators
Hash a9180e9321ee969402f9d886b250ded1
de77e04c7c373bb8739becf36d495ac435f63f81
8ea90ced7452d3c9fbec0e1c91825b3b95db1148fdcd12f783696345b338c75d
GET /ads/CK7IT53I.json?segment=placement:iploggerorg HTTP/1.1
Host: srv.buysellads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: application/json; charset=utf-8
server: //srv.buysellads.com
vary: Accept-Encoding
content-length: 990
date: Thu, 02 Feb 2023 16:15:25 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash d919252f27c43599fab6a10331b3133a
12381ec6f1ea484e49568fe296e640a59d4c50a6
d85a3ebe52fd750317e266098d342dedf20ef7578daf627ac6e8aafb366bca40
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:25 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 06:26:33 GMT
Expires: Wed, 08 Feb 2023 06:26:32 GMT
Etag: "12381ec6f1ea484e49568fe296e640a59d4c50a6"
Cache-Control: max-age=482466,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793439b59c29b4f9-OSL
srv.buysellads.com/ads/CK7IT53W.json?segment=placement:iploggerorg
206.189.18.245200 OK 472 B URL HTTP/2 srv.buysellads.com/ads/CK7IT53W.json?segment=placement:iploggerorg
IP 206.189.18.245:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (632), with no line terminators
Hash c05ea26ab1e843edc11884cd2a7ba09c
5028383770c3ef1bcfb9315aa287408401e0da45
531085440e9ff78f2cb1bbb7a6683c0417dc6f8ba7a13320feae0e1641e30df1
GET /ads/CK7IT53W.json?segment=placement:iploggerorg HTTP/1.1
Host: srv.buysellads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: application/json; charset=utf-8
server: //srv.buysellads.com
vary: Accept-Encoding
content-length: 472
date: Thu, 02 Feb 2023 16:15:25 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 188b913b398022b5428efdd7d834c069
c6193ceb7a6286f19d92e7f0906f0f3b9b9802e8
cd94e2a243252d800c699a991895088ba908f6ce5f9b1f34415b98ce4a3161ae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2862
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Last-Modified: Thu, 02 Feb 2023 15:27:43 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 278
btloader.com/tag?o=5102648370397184&upapi=true
104.26.6.139200 OK 11 kB URL HTTP/2 btloader.com/tag?o=5102648370397184&upapi=true
IP 104.26.6.139:0
File type ASCII text, with very long lines (19688)
Hash a5c6b91d6eaf8ffb09d9a0fd3478e4a7
1a41ab884b59b160f7f0ec45fc93daf1b5de058e
a5c061fa09f112e511499f236c641f18e51c815a802056e6b2593ebcee46c986
GET /tag?o=5102648370397184&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:25 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
etag: W/"edbce11b37c9cb48346bdc0596a0b786"
last-modified: Thu, 02 Feb 2023 15:45:33 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 1791
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OQGhpyVg4H2p8GGNkZ8vy1ry%2FIbjQmSm7ViV%2BDUt3uiUqyORVI%2BZum7YtGnmMQIiLC7e71d1GgQBj2XWXuBCqjftd8EJmEmSfGau%2FWqPy%2BU%2FwwpMaOGJXBsuMOOkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793439b72cdf1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6ba2ba33748e331bcc34e0ae5551d86f
dcd0d9700eec902f14c70a0b3f0f0d36dab7e76c
673de5d283e60e2d95928509ed2b9e091ce5e9d5dd961f6f8cfb54355d66f1fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5651
Cache-Control: max-age=153111
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Etag: "63db7ea1-117"
Expires: Sat, 04 Feb 2023 10:47:16 GMT
Last-Modified: Thu, 02 Feb 2023 09:13:05 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6ba2ba33748e331bcc34e0ae5551d86f
dcd0d9700eec902f14c70a0b3f0f0d36dab7e76c
673de5d283e60e2d95928509ed2b9e091ce5e9d5dd961f6f8cfb54355d66f1fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5651
Cache-Control: max-age=153111
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Etag: "63db7ea1-117"
Expires: Sat, 04 Feb 2023 10:47:16 GMT
Last-Modified: Thu, 02 Feb 2023 09:13:05 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
ad-delivery.net/px.gif?ch=2
188.114.98.234200 OK 43 B URL HTTP/2 ad-delivery.net/px.gif?ch=2
IP 188.114.98.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:25 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdvRyQuiKR7vao0d0gZH1fD4TACxVBfdiOoBZcjsTHe5pQD9btOiEjggzyh8C86yatVzyUlYTAFym5Cc073wIsWMUTACWflM
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 26 Jan 2023 22:54:58 GMT
cache-control: public, max-age=86400
age: 584253
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F489dOrPJtkWf5%2FRKU%2BWf1RZPxniKwV%2FfxNSioysv%2BJ4oEEfdSb%2FuYULnJjWL9KRXgsLzLImm%2Byl6Gmq%2FwCBkg%2Fau3cq3PaoI9lSNXoAsDG%2FE%2B3pPc%2FXEHYBc8HqocIoQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793439b79f1eb4f9-OSL
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=1&e=0.4520932677265441
188.114.98.234200 OK 43 B URL HTTP/2 ad-delivery.net/px.gif?ch=1&e=0.4520932677265441
IP 188.114.98.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.4520932677265441 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:25 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdvRyQuiKR7vao0d0gZH1fD4TACxVBfdiOoBZcjsTHe5pQD9btOiEjggzyh8C86yatVzyUlYTAFym5Cc073wIsWMUTACWflM
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 26 Jan 2023 22:54:58 GMT
cache-control: public, max-age=86400
age: 584253
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XET0OYgBYoZKfTvpH%2BfPZRboqtSZ06ZKPqHMUfMCkrDkRwGDJ54UoBImWQPruD9aS%2FDmlO5VEuD02CwByg48zICMK4ZOPcvDiPtQOonNoMzxe0hOw%2BJv4ltqwLnxnsaVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793439b7af34b4f9-OSL
X-Firefox-Spdy: h2
cdn4.buysellads.net/acceptable.gif?ch=1&rn=3.4316413882161267
151.139.128.10200 OK 43 B URL HTTP/2 cdn4.buysellads.net/acceptable.gif?ch=1&rn=3.4316413882161267
IP 151.139.128.10:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /acceptable.gif?ch=1&rn=3.4316413882161267 HTTP/1.1
Host: cdn4.buysellads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:25 GMT
accept-ranges: bytes
cache-control: no-cache
content-length: 43
content-type: image/gif
x-hw: 1675354525.cds213.sk1.hn,1675354525.cds067.sk1.sc,1675354525.cds067.sk1.p
x-amz-id-2: 6HTruA129bR9PDgndAn3L2l3LpHfbRVw2+tJ8OZY5VQU2R5m67XEgO26SnZvDY8msmZDulFHzNc=
x-amz-request-id: CDBJ9VYDFNX1W8RM
etag: "b4491705564909da7f9eaf749dbbfbb1"
server: AmazonS3
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn4.buysellads.net/acceptable.gif?ch=2&rn=3.4316413882161267
151.139.128.10200 OK 43 B URL HTTP/2 cdn4.buysellads.net/acceptable.gif?ch=2&rn=3.4316413882161267
IP 151.139.128.10:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /acceptable.gif?ch=2&rn=3.4316413882161267 HTTP/1.1
Host: cdn4.buysellads.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:25 GMT
accept-ranges: bytes
cache-control: no-cache
content-length: 43
content-type: image/gif
x-hw: 1675354525.cds213.sk1.hn,1675354525.cds235.sk1.sc,1675354525.cds235.sk1.p
x-amz-id-2: iZVsnn6Ofy1xAOfX98UFRqqgApoyziNiqVs/QkyZZ0LXyfXIONeyrF02jaCESY09SYy14REYg3TpDEtNohC7LA==
x-amz-request-id: CDBXE8S5F5VRDNQ8
etag: "b4491705564909da7f9eaf749dbbfbb1"
server: AmazonS3
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.iplogger.org/logo/512.png
148.251.234.83200 OK 60 kB URL HTTP/2 cdn.iplogger.org/logo/512.png
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e43a3852a51311b7313ec73df226eb9
a1d198e8a97acc4812a1fed4984dce16cb9b24a8
950339f20655043bf6be4451fe18cbe27e6b56508dc0571fcdc2e1c8afc81690
GET /logo/512.png HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:25 GMT
content-type: image/png
content-length: 60116
last-modified: Fri, 15 Jan 2021 10:07:06 GMT
etag: "6001694a-ead4"
expires: Fri, 02 Feb 2024 16:15:25 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.iplogger.org/favicon.ico
148.251.234.83200 OK 2.8 kB URL HTTP/2 cdn.iplogger.org/favicon.ico
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 18c023bc439b446f91bf942270882422
768d59e3085976dba252232a65a4af562675f782
e0e71acef1efbfab69a1a60cd8fadded948d0e47a0a27c59a0be7033f6a84482
GET /favicon.ico HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:25 GMT
content-type: image/x-icon
content-length: 2833
last-modified: Tue, 07 Jun 2022 11:44:38 GMT
etag: "629f3a26-b11"
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9c45ea25709afbea416f215ee34611b0
117c52c0ee3ff15a2485c0b1e39cc12c7c2021ed
7fbc3c806c7fc6d70d70b55723dbbfc00698b14fcad55014218bc5e03e92a118
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a456cd9684a2ff020b854f178c06b509
b5a9e34f112cbe6d41b695ce7234cfe83de1356e
75b3ff1ea527598880cd41f65ebc03440b0ed019d53f8de1b4588de04bc4919e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
216.239.34.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 02 Feb 2023 15:45:20 GMT
expires: Thu, 02 Feb 2023 17:45:20 GMT
cache-control: public, max-age=7200
age: 1805
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.iplogger.org/icons/tools_15.svg
148.251.234.83200 OK 4.9 kB URL HTTP/2 cdn.iplogger.org/icons/tools_15.svg
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- data
Hash 5a233c6f0f65888a9453d3e97838ae52
63d74c0513ffecbe77e4cc76b306f6d4b919f920
8c2ed752bce92b8bfe3b591f8b20cb9371d32616f0281617119773af21d6bd85
GET /icons/tools_15.svg HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.iplogger.org/css/main.css?1.6.3
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: image/svg+xml
last-modified: Sun, 06 Nov 2022 11:57:58 GMT
etag: W/"6367a146-362f"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash 0afaf01b2a0d1e099a5b0f3cc9f39c8b
2be8343b899a68d62f3c98524bc9556cc6bd6655
4c3fcf63bc417e48427bce1d0caf033a130ebe8b7f6307733edb4e135e53bdaf
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:25 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Mon, 06 Feb 2023 14:04:18 GMT
ETag: "2be8343b899a68d62f3c98524bc9556cc6bd6655"
Last-Modified: Thu, 02 Feb 2023 14:04:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1963
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793439b84bd1b509-OSL
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6886789169244828
142.250.74.162200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6886789169244828
IP 142.250.74.162:0
File type ASCII text, with very long lines (3649)
Hash 44bbde6e79db465774db261cf1d9cd68
77589ef101cd7ab3fdba023934493bb4cfd29b67
68d330065aacadcf575d3ad00a8bd538febaa83aa0014772155bd30b806c0ccd
GET /pagead/js/adsbygoogle.js?client=ca-pub-6886789169244828 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 02 Feb 2023 16:15:25 GMT
expires: Thu, 02 Feb 2023 16:15:25 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 11472645420129153648
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 50091
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagservices.com/tag/js/gpt.js
142.250.74.34200 OK 27 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (39525)
Hash 27c8b16ac683e12c693f5e6fb29d120e
88cbe5f5e1f1a25ba6baf0a3cb50e5c5585032aa
6319e2ef4ce41d47f78b51b320ff33ded3ece68212d48d40c856fa0eec05c5b5
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27271
date: Thu, 02 Feb 2023 16:15:25 GMT
expires: Thu, 02 Feb 2023 16:15:25 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1470 / 362 of 1000 / last-modified: 1675339640"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
counter.yadro.ru/hit?t44.6;r;s1280*1024*24;uhttps%3A//iplogger.org/;hIP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses;0.3818648278164539
88.212.202.52200 OK 132 B URL HTTP/1.1 counter.yadro.ru/hit?t44.6;r;s1280*1024*24;uhttps%3A//iplogger.org/;hIP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses;0.3818648278164539
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 31 x 31\012- data
Hash 0223d80a320a983871bfa82aa6d698ea
f4e06fe8e83c662bb565f175d7de22f51c1e7c9d
fa523f248a332cb89ae3ad8cf51d840153e0f96bcc2a4c8db736e02a340dab48
GET /hit?t44.6;r;s1280*1024*24;uhttps%3A//iplogger.org/;hIP%20Logger%20URL%20Shortener%20-%20Log%20and%20Track%20IP%20addresses;0.3818648278164539 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 02 Feb 2023 16:15:25 GMT
Content-Type: image/gif
Content-Length: 132
Connection: keep-alive
Expires: Tue, 01 Feb 2022 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2751084b42dd111d0a7f28241a77201b
680a9ac2f4cf451c9a8449c4df3587595ed9cc4c
1c68a770afbcdb5405fe330f2eabefa576ea1d08740719956083d7f6b490ccf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.354962347;dc_trk_aid=545821812;dc_trk_cid=183807839;ord=1675354525;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=?
216.58.207.230200 OK 42 B URL HTTP/2 ad.doubleclick.net/ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.354962347;dc_trk_aid=545821812;dc_trk_cid=183807839;ord=1675354525;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=?
IP 216.58.207.230:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/trackimp/N718679.452584BUYSELLADS.COM/B29090009.354962347;dc_trk_aid=545821812;dc_trk_cid=183807839;ord=1675354525;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$;gdpr_consent=$;ltd=? HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 02 Feb 2023 16:15:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 02-Feb-2023 16:30:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dc2e297877f6332a114de88eeeaca61
cc91e58f3dd132b078223d21cd3177f0819e40e7
94f1191402d63bc2757d7ec854bc418dd6929b5aa9efb815d9bd35f8dab98fef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 636897389814ca4d23aa4009b8fb1458
14394dbd8f0e226b71e1bd35c6da2278828feae4
85bcc6e816cf5ea2028e9dc4862f3de068d0606949b3fef3fcc5b32fab37ad86
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash d61b9d70ea89f878e4d9bb9cb9b615da
9aed0a705a8400f15d88fb0b76cc6ef28dd9d2e1
0d2c6227a64d7bcbfde6fd1fb310b79394ec84064fef44ea7b3f823a20466af9
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash d61b9d70ea89f878e4d9bb9cb9b615da
9aed0a705a8400f15d88fb0b76cc6ef28dd9d2e1
0d2c6227a64d7bcbfde6fd1fb310b79394ec84064fef44ea7b3f823a20466af9
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230131/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230131/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:39:37 GMT
expires: Thu, 16 Feb 2023 00:39:37 GMT
cache-control: public, max-age=1209600
age: 56148
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.btloader.com/country
130.211.23.194200 OK 16 B IP 130.211.23.194:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 452880c1a375b8fba8c9499f0930d05f
ffe5484a23512c2a574d837fe2d3267b134e48c8
8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d
GET /country HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Thu, 02 Feb 2023 16:15:25 GMT
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.btloader.com/pv?tid=gyJmxZHOdb&w=4875027420282880&o=5102648370397184&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=https%3A%2F%2Fiplogger.org%2F&sid=8OVMCdKJn&upapi=true
130.211.23.194204 No Content 0 B URL HTTP/2 api.btloader.com/pv?tid=gyJmxZHOdb&w=4875027420282880&o=5102648370397184&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=https%3A%2F%2Fiplogger.org%2F&sid=8OVMCdKJn&upapi=true
IP 130.211.23.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?tid=gyJmxZHOdb&w=4875027420282880&o=5102648370397184&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=https%3A%2F%2Fiplogger.org%2F&sid=8OVMCdKJn&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Thu, 02 Feb 2023 16:15:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash d61b9d70ea89f878e4d9bb9cb9b615da
9aed0a705a8400f15d88fb0b76cc6ef28dd9d2e1
0d2c6227a64d7bcbfde6fd1fb310b79394ec84064fef44ea7b3f823a20466af9
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
srv.buysellads.com/ads/CEAIVKQ7.json?forcebanner=487987&ignoretargeting=yes
206.189.18.245200 OK 553 B URL HTTP/2 srv.buysellads.com/ads/CEAIVKQ7.json?forcebanner=487987&ignoretargeting=yes
IP 206.189.18.245:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (929), with no line terminators
Hash c3bdcc6e29b2a3655926893b9847849e
315ab198b4ccf937d1801d93ac1758e592ffc61e
2e1fc842dea1aea6843243f117bd1aeef94d260139d3f34d38ee0362659db73b
GET /ads/CEAIVKQ7.json?forcebanner=487987&ignoretargeting=yes HTTP/1.1
Host: srv.buysellads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
content-encoding: gzip
content-type: application/json; charset=utf-8
server: //srv.buysellads.com
vary: Accept-Encoding
content-length: 553
date: Thu, 02 Feb 2023 16:15:25 GMT
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
172.67.75.241200 OK 268 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 172.67.75.241:0
File type ASCII text, with very long lines (482)
Hash 58fe1f2623397cca72ecea6ee95d76b9
ac4d33ae761cf330574597936273a9c5d82f96d0
7cb0b5944c53bbacc5983fbef96aa0c1f514ec12da81666765610eae562a9020
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1809987
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1XiAuPx2q3qaMSpLqDFJFE19aeHRGeyhlRbXLY9NMW3A1zHaxWdLCyet5KHxLsdq3yGDgW6Pw9dFF%2FGh4kMGuoixPZjP5QAOCV11wofEADs01z87doA%2FBHGnrKFPrQW"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793439bb0b4eb4f4-OSL
Content-Encoding: br
script.4dex.io/adagio.js
172.67.75.241200 OK 23 kB IP 172.67.75.241:0
File type ASCII text, with very long lines (65354)
Hash 532a99fc0eb7b2c50a6bb0e5238b8dbb
d84157eb7e55c39d52ba5dde6e5bd4666f596e71
e6fa5d38f82f6bebf5dba12f2e84db1383827936fe077374593c6285f94e784c
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:26 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: VDLLmw1Ntbzs8QTlyjt/ialMmUmYBwiXuVaXOL1nCqv3R50xIcz9BKmVoZTkqmw49Xl26HBzbh8=
x-amz-request-id: GEP47J3Q98ZMMVG3
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 881409
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNL3oKd70A%2B2EWcjtZZbevKrSuJ%2BlmyuLuYj%2FmlFOczdt47wVRAv3Rei3MdesnJ8W2OMoykeI8vUBBUgMitkOrZzcmWaIGdvS76ggLAu%2F9XogfVsXoMYh20wRMQkQKx6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 793439bbafa20b45-OSL
Content-Encoding: br
ib.adnxs.com/ut/v3/prebid
185.89.210.20200 OK 359 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.20:0
File type JSON data\012- , ASCII text, with very long lines (359), with no line terminators
Hash 9cf14b05362555eb210de6b67c2c3e82
f13a032d0f69369b4ebed4ae8d01f9741cb55cf2
01a72bdbc2e4e34a6e60af0421bb6c0ae471f36946e524ac4be8bd5eb98adcfd
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1960
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 16:15:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 359
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://iplogger.org
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: c27e24cb-b1f6-4ff8-80ba-c19887e89b1f
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash dff38dffeadd71c065a1ae8e702ff586
531575a2687ab048a09d8518ecebe6eaf1bf925a
5ec4a452f9f49ba07aab0c7b1d20a5d0d8aef755a2ebf0d28474be5bb7f5bce8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6544
Cache-Control: max-age=170188
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:26 GMT
Etag: "63dbbdda-138"
Expires: Sat, 04 Feb 2023 15:31:54 GMT
Last-Modified: Thu, 02 Feb 2023 13:42:50 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4c2efc5f68af9b0b40e373e5477fb44a
83915aff60044717b555a8318921f3f2ae238256
289c77844b3883b2a24fd14e03baf0b2a72124a7a4df4571910c1d5d0ed8be15
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3524
Cache-Control: max-age=170786
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:26 GMT
Etag: "63dbcbfc-117"
Expires: Sat, 04 Feb 2023 15:41:52 GMT
Last-Modified: Thu, 02 Feb 2023 14:43:08 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 0357ce1eaac9d331781303579d73b50c
2f84b8aef61ded4d952b62558ecf0b4869fa3905
72222d88f13cf90b534ac445d8a0ab59c14dd5935f798a472ffea10b3eae48d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 363
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:26 GMT
Last-Modified: Thu, 02 Feb 2023 16:09:23 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 312
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 541bba3254f7bcd30bf49691647c7597
bbd822953305e4dac4351ac9a1fe14061949899b
6d4c493e58eca2e2fb08a33da6f25c56e472e48292bd3139615b200abd814c46
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 19:45:27 GMT
Expires: Tue, 07 Feb 2023 19:45:26 GMT
Etag: "bbd822953305e4dac4351ac9a1fe14061949899b"
Cache-Control: max-age=443999,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793439bc0b22b4fd-OSL
mp.4dex.io/prebid
104.18.3.114204 No Content 0 B IP 104.18.3.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4577
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:15:26 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://iplogger.org
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. org/site not found
x-version: 3.0.0-gcp-ams
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 793439bc4dd7b511-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aeea9e144cc0f54034a171c595f109db
10492fe44c12c2ac14e85aabab86ce062c2fbb2a
32d7b2564e83e3e9b695af9b7237949dbbaf5b0012b5f2a5ad314483ea02b3af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3885
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:26 GMT
Last-Modified: Thu, 02 Feb 2023 15:10:41 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0caad9653a3fed28b8a974a38f9eaabc
ee5a8a8f3098f11eef6ca3be3ea2efde4c1c34f7
a4ae5026fb8b9ecc120c3e0dd664a0d4072ab7ed42749421c75fa6d5d4870326
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5755
Cache-Control: max-age=150717
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:26 GMT
Etag: "63db74e0-1d7"
Expires: Sat, 04 Feb 2023 10:07:23 GMT
Last-Modified: Thu, 02 Feb 2023 08:31:28 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4a7a8b974724310f7ae84caf23caa1cb
05ed54af50a0ae5b18294590b56b3de980e73c08
cf947c42522a4406ba62cad6e23967316f25179ed52caa141e731fab3a61a8f1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 03:11:55 GMT
Expires: Wed, 08 Feb 2023 03:11:54 GMT
Etag: "05ed54af50a0ae5b18294590b56b3de980e73c08"
Cache-Control: max-age=470787,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793439bc5d4cb4f9-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0caad9653a3fed28b8a974a38f9eaabc
ee5a8a8f3098f11eef6ca3be3ea2efde4c1c34f7
a4ae5026fb8b9ecc120c3e0dd664a0d4072ab7ed42749421c75fa6d5d4870326
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5755
Cache-Control: max-age=150717
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:26 GMT
Etag: "63db74e0-1d7"
Expires: Sat, 04 Feb 2023 10:07:23 GMT
Last-Modified: Thu, 02 Feb 2023 08:31:28 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 4ecfc9be08b545fcf1f586d6eb10b2a1
6c93b4b89d6047b463026aa127471026c30a5362
c11e9af495e73aa4aa9de2d80f2cb31b9072bc5ad8d67aad5e2a4bba7bebbf16
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 16:15:26 GMT
Last-Modified: Thu, 02 Feb 2023 14:29:54 GMT
Server: ECS (nyb/1D0F)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2obMe1iPsH7NJqO3qhZN-7BSo4rfyqO_IXIP45YhvuCobnsbJMWaQQ==
Age: 6332
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.10.0&cb=8278459980&lsavail=1
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.10.0&cb=8278459980&lsavail=1
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=34&wv=7.10.0&cb=8278459980&lsavail=1 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1722
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:25 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://iplogger.org
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12497
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 16:15:26 GMT
Connection: keep-alive
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12497
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 16:15:26 GMT
Connection: keep-alive
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12497
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 16:15:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12497
Expires: Thu, 02 Feb 2023 19:43:43 GMT
Date: Thu, 02 Feb 2023 16:15:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:54:58 GMT
age: 66028
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0f85742f336de59ca88f7f964a8b33f4
0fc7177f8cb06421a8807e93989f651bda743567
fbd5fd39c39c218b0fa956f8cb8050cbdbfcb109a92303f6175d73cc8c339526
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff2ba7c-95eb-402b-8e98-e95f8ac322aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8642
x-amzn-requestid: f47f7616-41aa-4983-8ada-20f6f0b6856b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frfXtHkUoAMFr1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadf64-083a903959cdab540bd38265;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:53:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UqoeSWse0jZAC3IEIWk5fj9q_4xsAoZRkn67U4m2L5NkayHxsAYmlA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:00:35 GMT
age: 65691
etag: "0fc7177f8cb06421a8807e93989f651bda743567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 0 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-openrtb-version
Referer: https://iplogger.org/
Origin: https://iplogger.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 0
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-credentials: true
access-control-max-age: 600
age: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Ybz4mmNUwsKOkpz6GFm4nLz7iGX5gJ--EiUjqrs8G92GBLn6qaF7IQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 21:57:51 GMT
age: 65855
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash de50b466d8e08f11306eb812aa2cf17b
b7c3995e41869c91cc2855550b95345019b42a73
cdcf09b0692c2d66d3d748acda89be35e216694e5710c567b0e43cc1d592c3e6
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1191
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0224e848c34cb32cf932ed99dfd8468a
31c1abac8979bca5a998a6649ca3e6f59c0fb2f5
f93d5a69758e57d4d2b0d307ce98ad5ea8d86b825108873e8ea5bc36567dc5c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04301881-7728-4218-a61a-642cd5ffae53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5061
x-amzn-requestid: e8e96b85-5b24-48b4-bea3-6c1b93c55ca1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKVGf3oAMFj1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-558cb5ec6f31497d284518be;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: AeFT9dVmzOw8800DKN7VouWS3HGHRYp64On9sF62J-aOK_OGtvAa7w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:52 GMT
age: 64954
etag: "31c1abac8979bca5a998a6649ca3e6f59c0fb2f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:16:08 GMT
age: 32358
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3b16780ce64de50cc028964e72f58253
2609517135d62e81fc818367fd8baa00d64cd2b8
0d3465e1294d16c35ebd537afba89e14f404819370b5a0a173c4bfdc61ae7f97
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1060
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i697kJpdT4ZPeMLWIftWf16pWCic0-v4tL4GDKfVfTZLo-E4-3FwDQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:21:38 GMT
age: 64428
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 386efcee41a7c3731a717f91cea51f4c
d69c1b841939c14fc8a2000bf6eaf0b7be70f769
902df0362b25415adfc4e1cd7b7e8398ba912d736a418ff2f543fff136ec9d5e
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1191
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fb8e70c656ac6d0e75d5d913c71f4521
3c2335fc6135722816925adb8ab608589c52a2ab
58a9e02386ce3096b5bd458b7b2cf1c63bfc541f346ebed810cb4fdef50e8fdc
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1192
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.190.77204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.190.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 4587
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://iplogger.org
cache-control: no-cache, no-store, must-revalidate
date: Thu, 02 Feb 2023 16:15:25 GMT
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cbe21f99ac10f6ee2006367d7370c39c
e583bb133f23420aede5dcdd1f023104e3c4a2a2
aed79024ea38b66f360a4608639368f26a713c798dd3eb8efc79844ad4e5993a
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1192
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 47ca38401731c4b4cbeb9705e05813fe
634b064c9bd42508698309df3287b1a2d95c7fbb
146fcdf4d1b4298103ac100ce664686deea1941eedcc2e49ac13940b6d4bc3ee
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1191
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3daaaa4204744a74799c1ad3a858e66c
03a3e6af47d426c3f757197bf5c0462f155d7eff
865ee5773684b16dfde8580a7132c86f70122b8a13030e25e07a25a3341fa040
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1049
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2272e0b3e53bf49e5eb069ade0bbedcc
073e41b63bec74e2b86b92711d35fabc3ec880f8
f37697df175794b19fad851c33870e7ad6656a806e0a9ef895d7654754d5a9c8
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1191
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e49c07dc18288b889fade4653757502
13d0423465f837ac44528a23c5c4fed0e1c949da
b7b8771666ad6bc59a4817d01ed465c2f0c4d20e11b1a3a910602e7a886548a1
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1191
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2eb6867c212d625902d8cf577d4c13b1
56116b9d1b1e0eab3950a9c9d57197af4e38f56c
7aafa70edcb0562fba1b90fa7c7fadef0d4384f8768066978bc72a468cb7a0d4
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1191
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 82 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e9f704d86a1e07114735dcdc65dda677
a9bf6b4247298f7b975e88b49da4fce5a37f6678
bc989827daaa1cbceb26d9ac0202e74590cc3626059ecf159fac8dc1163d0670
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1190
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=utf-8
content-length: 82
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1b6dcced1ba3ff60d0ea8fe6dd479852
624bd9e63a667e2fc74bdde5a452597607fc7366
bdc3c5e34ea865f5249d0a41db15bc430d633765152aeff1dc7bc586bb4b0a6b
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1059
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 82 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3093831e47e9e4ff9c7b181a2d6a5395
7bea94f3a597ff4ce2c6da6d50f12bee2a228ba2
36021b6c955cc35550932a264450a067df0ff4c853b5bef7e78e9885b93943a5
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1060
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=utf-8
content-length: 82
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
c2shb.pubgw.yahoo.com/bidRequest
35.157.246.167200 OK 84 B URL HTTP/2 c2shb.pubgw.yahoo.com/bidRequest
IP 35.157.246.167:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2b6bbee61d1ae6d1c68e445437056a8b
1d73fc466cef80ceff35239fb1851457bb232bbc
c7b48237fd77ec7c5cd98d4db64235175b6bb7fef582cb4a0d8050cf624e80d6
POST /bidRequest HTTP/1.1
Host: c2shb.pubgw.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-openrtb-version: 2.5
Content-Type: application/json
Content-Length: 1191
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=utf-8
content-length: 84
server: ATS/9.1.10.25
access-control-allow-origin: https://iplogger.org
access-control-allow-methods: POST,GET,HEAD,OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-credentials: true
content-encoding: gzip
age: 0
X-Firefox-Spdy: h2
hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fiplogger.org%2F
185.255.84.151200 OK 372 B URL HTTP/2 hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fiplogger.org%2F
IP 185.255.84.151:0
ASN #200271 Iguane Solutions SAS
File type JSON data\012- , ASCII text, with very long lines (1430)
Hash cdac6152b9e33407f1a77d57021ad72e
e90196be86ac0d8178cda5fa99e2154b4fd9b225
1567fd021b3e92000af9e40abb99f507e0a5ce28757b6742257d59839adfedfe
POST /hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fiplogger.org%2F HTTP/1.1
Host: hb-api.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2556
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://iplogger.org
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=bdcd88523fbe3b10d18659da95790ab4; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 16:15:26 GMT
content-length: 372
x-envoy-upstream-service-time: 51
server: ayl-lb-fra02
X-Firefox-Spdy: h2
onetag-sys.com/prebid-request
51.75.86.98200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.75.86.98:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3042
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://iplogger.org
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-67516667-1&cid=144155705.1675354552&jid=18121093&gjid=548312888&_gid=1602754091.1675354552&_u=IEBAAEAAAAAAACAAI~&z=1560537298
142.251.1.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-67516667-1&cid=144155705.1675354552&jid=18121093&gjid=548312888&_gid=1602754091.1675354552&_u=IEBAAEAAAAAAACAAI~&z=1560537298
IP 142.251.1.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-67516667-1&cid=144155705.1675354552&jid=18121093&gjid=548312888&_gid=1602754091.1675354552&_u=IEBAAEAAAAAAACAAI~&z=1560537298 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://iplogger.org
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Feb 2023 16:15:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=iplogger.org
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=iplogger.org
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=iplogger.org HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 16:15:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=iplogger.org
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=iplogger.org
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=iplogger.org HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 02 Feb 2023 16:15:26 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4253e662d539c01b8656dbb6d73aab1
08f71eead367b6fa76b99f7f590680a5f5650b62
f05b99f6b0c8fb5c38221d02c0c9ed96389fbd5105d6329cdc733d1fae411df2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d06fd066caf4dfa1e21a722a5c468158
acb765577662906ae8e11242bed487ce1051db28
4b45760de269e60345d43ff2da6c5803722f7c052edd0a9f5258ce69b2ffa32f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d4057e3799ee6dd3fb5fa33bed5c2def.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 2.7 kB URL HTTP/2 d4057e3799ee6dd3fb5fa33bed5c2def.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: d4057e3799ee6dd3fb5fa33bed5c2def.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Thu, 02 Feb 2023 16:15:26 GMT
expires: Fri, 02 Feb 2024 16:15:26 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b204f3abe06417a75a9703b1ed69bb37
f636ae39c412c40c3737e9c3c99a5e2e30a7e861
209edba54e970905fc4efd62b8736ef3f5d5021ccb82ea63e7ebfe0baf3e1896
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Thu, 02 Feb 2023 16:15:26 GMT
expires: Thu, 02 Feb 2023 16:15:26 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
216.58.207.193200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 08:42:42 GMT
expires: Fri, 02 Feb 2024 08:42:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 27164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash df4a6d84addba49571d9f6ae44c61a3f
28c8093de27e27645cf6dfd5ae93a62fc77b9be5
cb6623b08b6245ea11bb871729613e453046d427d738a8c6431c5da8347e6e05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 5ab7d731fbb74a25baea52523f2c3b4d
9f393b95fd977612377a04b3d5685de5a5927fbb
83942f401bb0ecde95e55476858f3c7abeea04509bb0b436c7339684017cc348
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 02 Feb 2023 16:15:26 GMT
date: Thu, 02 Feb 2023 16:15:26 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-TlcrDEwLj7PaZCfSSFjWbg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5540624c22f3c0e1f095022295ba0a40
2046e0fb639dd8598753620aef85160d5a68c729
e1f339a32daea6d0e5498312ea8d04d742732df7086f6447738fc84213541bcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 192e540aaeaac8945f96a17637257d86
a8e0425979969412fd5d4a78dc88b15208a98143
77baa0cb3c8ddb68e1a0c897242d04160f67dd76a1e9d1b532a113cdfd5baabe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5540624c22f3c0e1f095022295ba0a40
2046e0fb639dd8598753620aef85160d5a68c729
e1f339a32daea6d0e5498312ea8d04d742732df7086f6447738fc84213541bcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5540624c22f3c0e1f095022295ba0a40
2046e0fb639dd8598753620aef85160d5a68c729
e1f339a32daea6d0e5498312ea8d04d742732df7086f6447738fc84213541bcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5540624c22f3c0e1f095022295ba0a40
2046e0fb639dd8598753620aef85160d5a68c729
e1f339a32daea6d0e5498312ea8d04d742732df7086f6447738fc84213541bcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
216.58.207.193200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash c84202220125aee9bd368d2036235130
a18a7c9251c3bc1a5a96de74db84ed5af86ba618
f2f5cf1534589a8934ca4ac301eb38863fc89c48648da9a8807656a2d4a22b94
GET /rtv/012301181928000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61734
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 13:07:14 GMT
expires: Fri, 02 Feb 2024 13:07:14 GMT
cache-control: public, max-age=31536000
etag: "5b4f5406239652c8"
content-type: text/javascript; charset=UTF-8
age: 11293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs
216.58.207.193200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (65534)
Hash 71f3ba24b0a01ade500d97ad0b8f3617
508b7affbf3e3c2b8bf4f46ebcb69ea29855bf9a
34c90f195073264a8f3e51bb9582b73665f65d7b053a031400c48bf627ca9d69
GET /rtv/012301181928000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iplogger.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28817
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "6eb387830c268337"
content-type: text/javascript; charset=UTF-8
age: 252650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs
216.58.207.193200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (14751)
Hash 73e00d54af81c3fab604b50e24c8e9c3
69acac1ec53fcbcf886bb240adabd050520197f9
3347e49ea6e174315c1bee3660a9988e4c7fe184a7a1176cf2aceb307c73125a
GET /rtv/012301181928000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iplogger.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5218
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "47662644ea8653a3"
content-type: text/javascript; charset=UTF-8
age: 252650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs
216.58.207.193200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (5021)
Hash 15dbec6a43680f6683938949e1b50562
fd479e89a3460ca0e48b5001aad0a2836df31dab
d08eefabc738f11545330db83c2d3e9a855add08db6b9d9217a15dd783c4f5c8
GET /rtv/012301181928000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iplogger.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1914
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "f13d3e1d36b26a3d"
content-type: text/javascript; charset=UTF-8
age: 252650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs
216.58.207.193200 OK 295 B URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs
IP 216.58.207.193:0
Hash d848a2953307aa510bdad31f5bf84671
e9d6d8daa9255f99e4e778ff4c4b47806bdb18c1
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
GET /rtv/012301181928000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://iplogger.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12960
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "f74ebce85e2cb18a"
content-type: text/javascript; charset=UTF-8
age: 252650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5540624c22f3c0e1f095022295ba0a40
2046e0fb639dd8598753620aef85160d5a68c729
e1f339a32daea6d0e5498312ea8d04d742732df7086f6447738fc84213541bcc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 14:34:21 GMT
expires: Fri, 02 Feb 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 6066
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
142.250.74.35200 OK 205 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 4087858e2c9db9aa8f6a840aedcfb533
d1ffe861da6bd0e95fd1a365b0c3d3ceb6cd58a3
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
GET /images/icons/material/system/2x/feedback_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d4057e3799ee6dd3fb5fa33bed5c2def.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 01:03:27 GMT
expires: Fri, 02 Feb 2024 01:03:27 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 54720
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
142.250.74.35200 OK 604 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 7bd42e5a35b5fb3ff852d6ea9191ca83
8a141eb392a05a2dea3dcd83b97940ef70a81ebc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
GET /images/icons/material/system/2x/settings_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d4057e3799ee6dd3fb5fa33bed5c2def.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 13:30:57 GMT
expires: Thu, 01 Feb 2024 13:30:57 GMT
cache-control: public, max-age=31536000
age: 96270
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
142.250.74.35200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
IP 142.250.74.35:0
File type C++ source, ASCII text, with very long lines (1688)
Hash 3582c692298538eabf17eebd7434e582
587a6222383df174947008131dcccc13efbd3dba
ac83b4d1ea4abd201377d450290a7cc306499837a4b6ff1cd2b0f8d275baaa82
GET /mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d4057e3799ee6dd3fb5fa33bed5c2def.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 14079
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 14:04:08 GMT
expires: Tue, 02 May 2023 14:04:08 GMT
cache-control: public, max-age=7776000
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
content-type: text/javascript
age: 94279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 62bf9bb700c30c02c7cb00aa01993e62
0a1941e5954c9dd1dd774d7064dce2e03001632e
331ff8e6435e7314255327b427ef7a31dddd9faac65d13f460993eb8038029d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "331FF8E6435E7314255327B427EF7A31DDDD9FAAC65D13F460993EB8038029D9"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12628
Expires: Thu, 02 Feb 2023 19:45:55 GMT
Date: Thu, 02 Feb 2023 16:15:27 GMT
Connection: keep-alive
hal9000.redintelligence.net/zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqVumnuHbY_OVINmO78EP5oCluAvJuaKcacytzc7VD_AuEAEgweW6lwFgw4SAgJgYyAEJqQLL5yCrq22yPqgDAaoE5gFP0AxN9_t393YWNQHsWK1KkP-4M6WUxLV8l6BbgpetrMmlj6PfcC0LedFwJP1h_TbzY1wJ1wBEUHdyPNfra5FScQUu4Ax7nZsiJLY-Cd9qD3HAYmfQ18LcFcP0SkILaK5o3CGl3KPNGGgCvQAPGW859Dbs_dBsScl-5f05cWqCUzKBY0qMHhFmI-ibu7FnvCcQZS2vjVqFD9GDW8KI3iShflt2g52AgV9QCRBTT2f0n7foU5Cj2ONa4FIOOLDq5oQblA86C6v-4k6c_pglCdYkbAAjiQGnFZ_fQO7F9B90clJ8M_ko88AEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymUIhXn6Sr7AWxd-xbUcmP-KiyxaNTYmJa9DJgrVCWoAMRc6JrF_pEopMEqBaMF2McrRDGVt2R9Or3_Z6LtfrqdBf4ZYEySQMYAQ%26sig%3DAOD64_1aoHFsyrsWcgu1rV7s_3Elx4gE2w%26client%3Dca-pub-4148412233530777%26dbm_c%3DAKAmf-DIu9bDs73Ipp6wIytND8NapxvAEsrAJsDFZyPs5rZ3UByoyx1RfcGS76AV0wXVrWxh2-FzSPahv83gtpqSrZ9VfRN33uP_ibcbOXho_MQ4htxsMfLhV3ffTCyZsDbPCZr-1RWg15zkFKN50QGp44xLnkIzTDEY6S9xIot4g6qrZQ4U76g%26cry%3D1%26dbm_d%3DAKAmf-BkJ9hMtk6RrOvZTC4l0XSAoMlcsfUx6kaDqGjxgrUp0Q4p0A6IZdP9Xo1ywnFBARyhwi9m6zvT8FmaQPbci56Rz9CKqhgIaMQ7ECP6ocg7K9K2FneBZ-XKKRgGfF0VHmPBHsxLRUp2KAi9ysoY0tAeucWvlXeDdvI5NTvCIGWH63hnEjKSpJ9YzHszfkbn5BDsUFnlsJQU9FuOENOy-TuQLt0GJ4TGXINaOUSDdEmgVEaLLpuv1gGNd9BXxfRyLMFOeYcGHowJ8CDDRjX1IE84jSVMHey0CoSlLzMmjo7qu98_hlH-GD1RiAVLOcIPQtK9aZekaoB8Q31S115DZ9J3b-PdrQVE9uKgTIMV6ybJDre54QvGYcMg4mKtrTsDlabc-aY1U_HeTu5h2LnO_EE9Y5kQU8-EtsjvuH8smLaBsAhG0fT7Xy-qj_xN8MImCm8RSSGQ_uMWy2bZD6zctCAK748KBotQUVC-EumC5SYlgvu14Gev9e3KqkekwC2_svnDjmzzrj-OyLyC4cA0DWpOmTEJDg%26adurl%3D
138.201.63.150200 OK 4.1 kB URL HTTP/1.1 hal9000.redintelligence.net/zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqVumnuHbY_OVINmO78EP5oCluAvJuaKcacytzc7VD_AuEAEgweW6lwFgw4SAgJgYyAEJqQLL5yCrq22yPqgDAaoE5gFP0AxN9_t393YWNQHsWK1KkP-4M6WUxLV8l6BbgpetrMmlj6PfcC0LedFwJP1h_TbzY1wJ1wBEUHdyPNfra5FScQUu4Ax7nZsiJLY-Cd9qD3HAYmfQ18LcFcP0SkILaK5o3CGl3KPNGGgCvQAPGW859Dbs_dBsScl-5f05cWqCUzKBY0qMHhFmI-ibu7FnvCcQZS2vjVqFD9GDW8KI3iShflt2g52AgV9QCRBTT2f0n7foU5Cj2ONa4FIOOLDq5oQblA86C6v-4k6c_pglCdYkbAAjiQGnFZ_fQO7F9B90clJ8M_ko88AEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymUIhXn6Sr7AWxd-xbUcmP-KiyxaNTYmJa9DJgrVCWoAMRc6JrF_pEopMEqBaMF2McrRDGVt2R9Or3_Z6LtfrqdBf4ZYEySQMYAQ%26sig%3DAOD64_1aoHFsyrsWcgu1rV7s_3Elx4gE2w%26client%3Dca-pub-4148412233530777%26dbm_c%3DAKAmf-DIu9bDs73Ipp6wIytND8NapxvAEsrAJsDFZyPs5rZ3UByoyx1RfcGS76AV0wXVrWxh2-FzSPahv83gtpqSrZ9VfRN33uP_ibcbOXho_MQ4htxsMfLhV3ffTCyZsDbPCZr-1RWg15zkFKN50QGp44xLnkIzTDEY6S9xIot4g6qrZQ4U76g%26cry%3D1%26dbm_d%3DAKAmf-BkJ9hMtk6RrOvZTC4l0XSAoMlcsfUx6kaDqGjxgrUp0Q4p0A6IZdP9Xo1ywnFBARyhwi9m6zvT8FmaQPbci56Rz9CKqhgIaMQ7ECP6ocg7K9K2FneBZ-XKKRgGfF0VHmPBHsxLRUp2KAi9ysoY0tAeucWvlXeDdvI5NTvCIGWH63hnEjKSpJ9YzHszfkbn5BDsUFnlsJQU9FuOENOy-TuQLt0GJ4TGXINaOUSDdEmgVEaLLpuv1gGNd9BXxfRyLMFOeYcGHowJ8CDDRjX1IE84jSVMHey0CoSlLzMmjo7qu98_hlH-GD1RiAVLOcIPQtK9aZekaoB8Q31S115DZ9J3b-PdrQVE9uKgTIMV6ybJDre54QvGYcMg4mKtrTsDlabc-aY1U_HeTu5h2LnO_EE9Y5kQU8-EtsjvuH8smLaBsAhG0fT7Xy-qj_xN8MImCm8RSSGQ_uMWy2bZD6zctCAK748KBotQUVC-EumC5SYlgvu14Gev9e3KqkekwC2_svnDjmzzrj-OyLyC4cA0DWpOmTEJDg%26adurl%3D
IP 138.201.63.150:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1643), with CRLF line terminators
Hash e2db04d6d857049f9e741757776be2e3
5a8022423e621b31b41ea24bc9d54e5eeaa7c743
a323293dd4baeee2fef7eaf18ed4ec1e08f6574c14367429810cd8b9815a501b
GET /zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqVumnuHbY_OVINmO78EP5oCluAvJuaKcacytzc7VD_AuEAEgweW6lwFgw4SAgJgYyAEJqQLL5yCrq22yPqgDAaoE5gFP0AxN9_t393YWNQHsWK1KkP-4M6WUxLV8l6BbgpetrMmlj6PfcC0LedFwJP1h_TbzY1wJ1wBEUHdyPNfra5FScQUu4Ax7nZsiJLY-Cd9qD3HAYmfQ18LcFcP0SkILaK5o3CGl3KPNGGgCvQAPGW859Dbs_dBsScl-5f05cWqCUzKBY0qMHhFmI-ibu7FnvCcQZS2vjVqFD9GDW8KI3iShflt2g52AgV9QCRBTT2f0n7foU5Cj2ONa4FIOOLDq5oQblA86C6v-4k6c_pglCdYkbAAjiQGnFZ_fQO7F9B90clJ8M_ko88AEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymUIhXn6Sr7AWxd-xbUcmP-KiyxaNTYmJa9DJgrVCWoAMRc6JrF_pEopMEqBaMF2McrRDGVt2R9Or3_Z6LtfrqdBf4ZYEySQMYAQ%26sig%3DAOD64_1aoHFsyrsWcgu1rV7s_3Elx4gE2w%26client%3Dca-pub-4148412233530777%26dbm_c%3DAKAmf-DIu9bDs73Ipp6wIytND8NapxvAEsrAJsDFZyPs5rZ3UByoyx1RfcGS76AV0wXVrWxh2-FzSPahv83gtpqSrZ9VfRN33uP_ibcbOXho_MQ4htxsMfLhV3ffTCyZsDbPCZr-1RWg15zkFKN50QGp44xLnkIzTDEY6S9xIot4g6qrZQ4U76g%26cry%3D1%26dbm_d%3DAKAmf-BkJ9hMtk6RrOvZTC4l0XSAoMlcsfUx6kaDqGjxgrUp0Q4p0A6IZdP9Xo1ywnFBARyhwi9m6zvT8FmaQPbci56Rz9CKqhgIaMQ7ECP6ocg7K9K2FneBZ-XKKRgGfF0VHmPBHsxLRUp2KAi9ysoY0tAeucWvlXeDdvI5NTvCIGWH63hnEjKSpJ9YzHszfkbn5BDsUFnlsJQU9FuOENOy-TuQLt0GJ4TGXINaOUSDdEmgVEaLLpuv1gGNd9BXxfRyLMFOeYcGHowJ8CDDRjX1IE84jSVMHey0CoSlLzMmjo7qu98_hlH-GD1RiAVLOcIPQtK9aZekaoB8Q31S115DZ9J3b-PdrQVE9uKgTIMV6ybJDre54QvGYcMg4mKtrTsDlabc-aY1U_HeTu5h2LnO_EE9Y5kQU8-EtsjvuH8smLaBsAhG0fT7Xy-qj_xN8MImCm8RSSGQ_uMWy2bZD6zctCAK748KBotQUVC-EumC5SYlgvu14Gev9e3KqkekwC2_svnDjmzzrj-OyLyC4cA0DWpOmTEJDg%26adurl%3D HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d4057e3799ee6dd3fb5fa33bed5c2def.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:27 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4066
Connection: close
Content-Type: text/html; charset=UTF-8
hal90001.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=f881b3e330&subid=&uid=48db21aa31ce83bb&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqVumnuHbY_OVINmO78EP5oCluAvJuaKcacytzc7VD_AuEAEgweW6lwFgw4SAgJgYyAEJqQLL5yCrq22yPqgDAaoE5gFP0AxN9_t393YWNQHsWK1KkP-4M6WUxLV8l6BbgpetrMmlj6PfcC0LedFwJP1h_TbzY1wJ1wBEUHdyPNfra5FScQUu4Ax7nZsiJLY-Cd9qD3HAYmfQ18LcFcP0SkILaK5o3CGl3KPNGGgCvQAPGW859Dbs_dBsScl-5f05cWqCUzKBY0qMHhFmI-ibu7FnvCcQZS2vjVqFD9GDW8KI3iShflt2g52AgV9QCRBTT2f0n7foU5Cj2ONa4FIOOLDq5oQblA86C6v-4k6c_pglCdYkbAAjiQGnFZ_fQO7F9B90clJ8M_ko88AEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymUIhXn6Sr7AWxd-xbUcmP-KiyxaNTYmJa9DJgrVCWoAMRc6JrF_pEopMEqBaMF2McrRDGVt2R9Or3_Z6LtfrqdBf4ZYEySQMYAQ%26sig%3DAOD64_1aoHFsyrsWcgu1rV7s_3Elx4gE2w%26client%3Dca-pub-4148412233530777%26dbm_c%3DAKAmf-DIu9bDs73Ipp6wIytND8NapxvAEsrAJsDFZyPs5rZ3UByoyx1RfcGS76AV0wXVrWxh2-FzSPahv83gtpqSrZ9VfRN33uP_ibcbOXho_MQ4htxsMfLhV3ffTCyZsDbPCZr-1RWg15zkFKN50QGp44xLnkIzTDEY6S9xIot4g6qrZQ4U76g%26cry%3D1%26dbm_d%3DAKAmf-BkJ9hMtk6RrOvZTC4l0XSAoMlcsfUx6kaDqGjxgrUp0Q4p0A6IZdP9Xo1ywnFBARyhwi9m6zvT8FmaQPbci56Rz9CKqhgIaMQ7ECP6ocg7K9K2FneBZ-XKKRgGfF0VHmPBHsxLRUp2KAi9ysoY0tAeucWvlXeDdvI5NTvCIGWH63hnEjKSpJ9YzHszfkbn5BDsUFnlsJQU9FuOENOy-TuQLt0GJ4TGXINaOUSDdEmgVEaLLpuv1gGNd9BXxfRyLMFOeYcGHowJ8CDDRjX1IE84jSVMHey0CoSlLzMmjo7qu98_hlH-GD1RiAVLOcIPQtK9aZekaoB8Q31S115DZ9J3b-PdrQVE9uKgTIMV6ybJDre54QvGYcMg4mKtrTsDlabc-aY1U_HeTu5h2LnO_EE9Y5kQU8-EtsjvuH8smLaBsAhG0fT7Xy-qj_xN8MImCm8RSSGQ_uMWy2bZD6zctCAK748KBotQUVC-EumC5SYlgvu14Gev9e3KqkekwC2_svnDjmzzrj-OyLyC4cA0DWpOmTEJDg%26adurl%3D&documentReferer=https%3A%2F%2Fiplogger.org%2F&ancestorOrigins=null&random=5568818344526&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
46.4.10.49302 Found 0 B URL HTTP/1.1 hal90001.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=f881b3e330&subid=&uid=48db21aa31ce83bb&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqVumnuHbY_OVINmO78EP5oCluAvJuaKcacytzc7VD_AuEAEgweW6lwFgw4SAgJgYyAEJqQLL5yCrq22yPqgDAaoE5gFP0AxN9_t393YWNQHsWK1KkP-4M6WUxLV8l6BbgpetrMmlj6PfcC0LedFwJP1h_TbzY1wJ1wBEUHdyPNfra5FScQUu4Ax7nZsiJLY-Cd9qD3HAYmfQ18LcFcP0SkILaK5o3CGl3KPNGGgCvQAPGW859Dbs_dBsScl-5f05cWqCUzKBY0qMHhFmI-ibu7FnvCcQZS2vjVqFD9GDW8KI3iShflt2g52AgV9QCRBTT2f0n7foU5Cj2ONa4FIOOLDq5oQblA86C6v-4k6c_pglCdYkbAAjiQGnFZ_fQO7F9B90clJ8M_ko88AEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymUIhXn6Sr7AWxd-xbUcmP-KiyxaNTYmJa9DJgrVCWoAMRc6JrF_pEopMEqBaMF2McrRDGVt2R9Or3_Z6LtfrqdBf4ZYEySQMYAQ%26sig%3DAOD64_1aoHFsyrsWcgu1rV7s_3Elx4gE2w%26client%3Dca-pub-4148412233530777%26dbm_c%3DAKAmf-DIu9bDs73Ipp6wIytND8NapxvAEsrAJsDFZyPs5rZ3UByoyx1RfcGS76AV0wXVrWxh2-FzSPahv83gtpqSrZ9VfRN33uP_ibcbOXho_MQ4htxsMfLhV3ffTCyZsDbPCZr-1RWg15zkFKN50QGp44xLnkIzTDEY6S9xIot4g6qrZQ4U76g%26cry%3D1%26dbm_d%3DAKAmf-BkJ9hMtk6RrOvZTC4l0XSAoMlcsfUx6kaDqGjxgrUp0Q4p0A6IZdP9Xo1ywnFBARyhwi9m6zvT8FmaQPbci56Rz9CKqhgIaMQ7ECP6ocg7K9K2FneBZ-XKKRgGfF0VHmPBHsxLRUp2KAi9ysoY0tAeucWvlXeDdvI5NTvCIGWH63hnEjKSpJ9YzHszfkbn5BDsUFnlsJQU9FuOENOy-TuQLt0GJ4TGXINaOUSDdEmgVEaLLpuv1gGNd9BXxfRyLMFOeYcGHowJ8CDDRjX1IE84jSVMHey0CoSlLzMmjo7qu98_hlH-GD1RiAVLOcIPQtK9aZekaoB8Q31S115DZ9J3b-PdrQVE9uKgTIMV6ybJDre54QvGYcMg4mKtrTsDlabc-aY1U_HeTu5h2LnO_EE9Y5kQU8-EtsjvuH8smLaBsAhG0fT7Xy-qj_xN8MImCm8RSSGQ_uMWy2bZD6zctCAK748KBotQUVC-EumC5SYlgvu14Gev9e3KqkekwC2_svnDjmzzrj-OyLyC4cA0DWpOmTEJDg%26adurl%3D&documentReferer=https%3A%2F%2Fiplogger.org%2F&ancestorOrigins=null&random=5568818344526&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
IP 46.4.10.49:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=f881b3e330&subid=&uid=48db21aa31ce83bb&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqVumnuHbY_OVINmO78EP5oCluAvJuaKcacytzc7VD_AuEAEgweW6lwFgw4SAgJgYyAEJqQLL5yCrq22yPqgDAaoE5gFP0AxN9_t393YWNQHsWK1KkP-4M6WUxLV8l6BbgpetrMmlj6PfcC0LedFwJP1h_TbzY1wJ1wBEUHdyPNfra5FScQUu4Ax7nZsiJLY-Cd9qD3HAYmfQ18LcFcP0SkILaK5o3CGl3KPNGGgCvQAPGW859Dbs_dBsScl-5f05cWqCUzKBY0qMHhFmI-ibu7FnvCcQZS2vjVqFD9GDW8KI3iShflt2g52AgV9QCRBTT2f0n7foU5Cj2ONa4FIOOLDq5oQblA86C6v-4k6c_pglCdYkbAAjiQGnFZ_fQO7F9B90clJ8M_ko88AEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymUIhXn6Sr7AWxd-xbUcmP-KiyxaNTYmJa9DJgrVCWoAMRc6JrF_pEopMEqBaMF2McrRDGVt2R9Or3_Z6LtfrqdBf4ZYEySQMYAQ%26sig%3DAOD64_1aoHFsyrsWcgu1rV7s_3Elx4gE2w%26client%3Dca-pub-4148412233530777%26dbm_c%3DAKAmf-DIu9bDs73Ipp6wIytND8NapxvAEsrAJsDFZyPs5rZ3UByoyx1RfcGS76AV0wXVrWxh2-FzSPahv83gtpqSrZ9VfRN33uP_ibcbOXho_MQ4htxsMfLhV3ffTCyZsDbPCZr-1RWg15zkFKN50QGp44xLnkIzTDEY6S9xIot4g6qrZQ4U76g%26cry%3D1%26dbm_d%3DAKAmf-BkJ9hMtk6RrOvZTC4l0XSAoMlcsfUx6kaDqGjxgrUp0Q4p0A6IZdP9Xo1ywnFBARyhwi9m6zvT8FmaQPbci56Rz9CKqhgIaMQ7ECP6ocg7K9K2FneBZ-XKKRgGfF0VHmPBHsxLRUp2KAi9ysoY0tAeucWvlXeDdvI5NTvCIGWH63hnEjKSpJ9YzHszfkbn5BDsUFnlsJQU9FuOENOy-TuQLt0GJ4TGXINaOUSDdEmgVEaLLpuv1gGNd9BXxfRyLMFOeYcGHowJ8CDDRjX1IE84jSVMHey0CoSlLzMmjo7qu98_hlH-GD1RiAVLOcIPQtK9aZekaoB8Q31S115DZ9J3b-PdrQVE9uKgTIMV6ybJDre54QvGYcMg4mKtrTsDlabc-aY1U_HeTu5h2LnO_EE9Y5kQU8-EtsjvuH8smLaBsAhG0fT7Xy-qj_xN8MImCm8RSSGQ_uMWy2bZD6zctCAK748KBotQUVC-EumC5SYlgvu14Gev9e3KqkekwC2_svnDjmzzrj-OyLyC4cA0DWpOmTEJDg%26adurl%3D&documentReferer=https%3A%2F%2Fiplogger.org%2F&ancestorOrigins=null&random=5568818344526&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP/1.1
Host: hal90001.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://d4057e3799ee6dd3fb5fa33bed5c2def.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 02 Feb 2023 16:15:28 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 02 Feb 2023 16:15:28 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=5c998973d593d0cc; expires=Wed, 03-May-2023 16:15:28 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=f881b3e330&subid=&uid=48db21aa31ce83bb&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqVumnuHbY_OVINmO78EP5oCluAvJuaKcacytzc7VD_AuEAEgweW6lwFgw4SAgJgYyAEJqQLL5yCrq22yPqgDAaoE5gFP0AxN9_t393YWNQHsWK1KkP-4M6WUxLV8l6BbgpetrMmlj6PfcC0LedFwJP1h_TbzY1wJ1wBEUHdyPNfra5FScQUu4Ax7nZsiJLY-Cd9qD3HAYmfQ18LcFcP0SkILaK5o3CGl3KPNGGgCvQAPGW859Dbs_dBsScl-5f05cWqCUzKBY0qMHhFmI-ibu7FnvCcQZS2vjVqFD9GDW8KI3iShflt2g52AgV9QCRBTT2f0n7foU5Cj2ONa4FIOOLDq5oQblA86C6v-4k6c_pglCdYkbAAjiQGnFZ_fQO7F9B90clJ8M_ko88AEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymUIhXn6Sr7AWxd-xbUcmP-KiyxaNTYmJa9DJgrVCWoAMRc6JrF_pEopMEqBaMF2McrRDGVt2R9Or3_Z6LtfrqdBf4ZYEySQMYAQ%26sig%3DAOD64_1aoHFsyrsWcgu1rV7s_3Elx4gE2w%26client%3Dca-pub-4148412233530777%26dbm_c%3DAKAmf-DIu9bDs73Ipp6wIytND8NapxvAEsrAJsDFZyPs5rZ3UByoyx1RfcGS76AV0wXVrWxh2-FzSPahv83gtpqSrZ9VfRN33uP_ibcbOXho_MQ4htxsMfLhV3ffTCyZsDbPCZr-1RWg15zkFKN50QGp44xLnkIzTDEY6S9xIot4g6qrZQ4U76g%26cry%3D1%26dbm_d%3DAKAmf-BkJ9hMtk6RrOvZTC4l0XSAoMlcsfUx6kaDqGjxgrUp0Q4p0A6IZdP9Xo1ywnFBARyhwi9m6zvT8FmaQPbci56Rz9CKqhgIaMQ7ECP6ocg7K9K2FneBZ-XKKRgGfF0VHmPBHsxLRUp2KAi9ysoY0tAeucWvlXeDdvI5NTvCIGWH63hnEjKSpJ9YzHszfkbn5BDsUFnlsJQU9FuOENOy-TuQLt0GJ4TGXINaOUSDdEmgVEaLLpuv1gGNd9BXxfRyLMFOeYcGHowJ8CDDRjX1IE84jSVMHey0CoSlLzMmjo7qu98_hlH-GD1RiAVLOcIPQtK9aZekaoB8Q31S115DZ9J3b-PdrQVE9uKgTIMV6ybJDre54QvGYcMg4mKtrTsDlabc-aY1U_HeTu5h2LnO_EE9Y5kQU8-EtsjvuH8smLaBsAhG0fT7Xy-qj_xN8MImCm8RSSGQ_uMWy2bZD6zctCAK748KBotQUVC-EumC5SYlgvu14Gev9e3KqkekwC2_svnDjmzzrj-OyLyC4cA0DWpOmTEJDg%26adurl%3D&documentReferer=https%3A%2F%2Fiplogger.org%2F&ancestorOrigins=null&random=5568818344526&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash f8d8478f6fd65ccb723aafc9fa19ac4b
de1c2b7881907cc7c06c816b365da09df429ba7a
e4f4422c14320af3bf6e865e98d42ab5e8f5ef06a41c10f42670ae2d533e534a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1409
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:28 GMT
Last-Modified: Thu, 02 Feb 2023 15:51:59 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
hal90001.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=f881b3e330&subid=&uid=48db21aa31ce83bb&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqVumnuHbY_OVINmO78EP5oCluAvJuaKcacytzc7VD_AuEAEgweW6lwFgw4SAgJgYyAEJqQLL5yCrq22yPqgDAaoE5gFP0AxN9_t393YWNQHsWK1KkP-4M6WUxLV8l6BbgpetrMmlj6PfcC0LedFwJP1h_TbzY1wJ1wBEUHdyPNfra5FScQUu4Ax7nZsiJLY-Cd9qD3HAYmfQ18LcFcP0SkILaK5o3CGl3KPNGGgCvQAPGW859Dbs_dBsScl-5f05cWqCUzKBY0qMHhFmI-ibu7FnvCcQZS2vjVqFD9GDW8KI3iShflt2g52AgV9QCRBTT2f0n7foU5Cj2ONa4FIOOLDq5oQblA86C6v-4k6c_pglCdYkbAAjiQGnFZ_fQO7F9B90clJ8M_ko88AEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymUIhXn6Sr7AWxd-xbUcmP-KiyxaNTYmJa9DJgrVCWoAMRc6JrF_pEopMEqBaMF2McrRDGVt2R9Or3_Z6LtfrqdBf4ZYEySQMYAQ%26sig%3DAOD64_1aoHFsyrsWcgu1rV7s_3Elx4gE2w%26client%3Dca-pub-4148412233530777%26dbm_c%3DAKAmf-DIu9bDs73Ipp6wIytND8NapxvAEsrAJsDFZyPs5rZ3UByoyx1RfcGS76AV0wXVrWxh2-FzSPahv83gtpqSrZ9VfRN33uP_ibcbOXho_MQ4htxsMfLhV3ffTCyZsDbPCZr-1RWg15zkFKN50QGp44xLnkIzTDEY6S9xIot4g6qrZQ4U76g%26cry%3D1%26dbm_d%3DAKAmf-BkJ9hMtk6RrOvZTC4l0XSAoMlcsfUx6kaDqGjxgrUp0Q4p0A6IZdP9Xo1ywnFBARyhwi9m6zvT8FmaQPbci56Rz9CKqhgIaMQ7ECP6ocg7K9K2FneBZ-XKKRgGfF0VHmPBHsxLRUp2KAi9ysoY0tAeucWvlXeDdvI5NTvCIGWH63hnEjKSpJ9YzHszfkbn5BDsUFnlsJQU9FuOENOy-TuQLt0GJ4TGXINaOUSDdEmgVEaLLpuv1gGNd9BXxfRyLMFOeYcGHowJ8CDDRjX1IE84jSVMHey0CoSlLzMmjo7qu98_hlH-GD1RiAVLOcIPQtK9aZekaoB8Q31S115DZ9J3b-PdrQVE9uKgTIMV6ybJDre54QvGYcMg4mKtrTsDlabc-aY1U_HeTu5h2LnO_EE9Y5kQU8-EtsjvuH8smLaBsAhG0fT7Xy-qj_xN8MImCm8RSSGQ_uMWy2bZD6zctCAK748KBotQUVC-EumC5SYlgvu14Gev9e3KqkekwC2_svnDjmzzrj-OyLyC4cA0DWpOmTEJDg%26adurl%3D&documentReferer=https%3A%2F%2Fiplogger.org%2F&ancestorOrigins=null&random=5568818344526&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
46.4.10.49200 OK 513 B URL HTTP/1.1 hal90001.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=f881b3e330&subid=&uid=48db21aa31ce83bb&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqVumnuHbY_OVINmO78EP5oCluAvJuaKcacytzc7VD_AuEAEgweW6lwFgw4SAgJgYyAEJqQLL5yCrq22yPqgDAaoE5gFP0AxN9_t393YWNQHsWK1KkP-4M6WUxLV8l6BbgpetrMmlj6PfcC0LedFwJP1h_TbzY1wJ1wBEUHdyPNfra5FScQUu4Ax7nZsiJLY-Cd9qD3HAYmfQ18LcFcP0SkILaK5o3CGl3KPNGGgCvQAPGW859Dbs_dBsScl-5f05cWqCUzKBY0qMHhFmI-ibu7FnvCcQZS2vjVqFD9GDW8KI3iShflt2g52AgV9QCRBTT2f0n7foU5Cj2ONa4FIOOLDq5oQblA86C6v-4k6c_pglCdYkbAAjiQGnFZ_fQO7F9B90clJ8M_ko88AEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymUIhXn6Sr7AWxd-xbUcmP-KiyxaNTYmJa9DJgrVCWoAMRc6JrF_pEopMEqBaMF2McrRDGVt2R9Or3_Z6LtfrqdBf4ZYEySQMYAQ%26sig%3DAOD64_1aoHFsyrsWcgu1rV7s_3Elx4gE2w%26client%3Dca-pub-4148412233530777%26dbm_c%3DAKAmf-DIu9bDs73Ipp6wIytND8NapxvAEsrAJsDFZyPs5rZ3UByoyx1RfcGS76AV0wXVrWxh2-FzSPahv83gtpqSrZ9VfRN33uP_ibcbOXho_MQ4htxsMfLhV3ffTCyZsDbPCZr-1RWg15zkFKN50QGp44xLnkIzTDEY6S9xIot4g6qrZQ4U76g%26cry%3D1%26dbm_d%3DAKAmf-BkJ9hMtk6RrOvZTC4l0XSAoMlcsfUx6kaDqGjxgrUp0Q4p0A6IZdP9Xo1ywnFBARyhwi9m6zvT8FmaQPbci56Rz9CKqhgIaMQ7ECP6ocg7K9K2FneBZ-XKKRgGfF0VHmPBHsxLRUp2KAi9ysoY0tAeucWvlXeDdvI5NTvCIGWH63hnEjKSpJ9YzHszfkbn5BDsUFnlsJQU9FuOENOy-TuQLt0GJ4TGXINaOUSDdEmgVEaLLpuv1gGNd9BXxfRyLMFOeYcGHowJ8CDDRjX1IE84jSVMHey0CoSlLzMmjo7qu98_hlH-GD1RiAVLOcIPQtK9aZekaoB8Q31S115DZ9J3b-PdrQVE9uKgTIMV6ybJDre54QvGYcMg4mKtrTsDlabc-aY1U_HeTu5h2LnO_EE9Y5kQU8-EtsjvuH8smLaBsAhG0fT7Xy-qj_xN8MImCm8RSSGQ_uMWy2bZD6zctCAK748KBotQUVC-EumC5SYlgvu14Gev9e3KqkekwC2_svnDjmzzrj-OyLyC4cA0DWpOmTEJDg%26adurl%3D&documentReferer=https%3A%2F%2Fiplogger.org%2F&ancestorOrigins=null&random=5568818344526&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
IP 46.4.10.49:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash f1303727a6739823a276fe3accaec476
779741f85b7754801e243c6e7a39b3ec1c9ed4ce
2a9bc62fbe714f44f29e5ca7ee3b978d3bb252676cc8dc3f8be0fba74c86d1d1
GET /request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=f881b3e330&subid=&uid=48db21aa31ce83bb&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCqVumnuHbY_OVINmO78EP5oCluAvJuaKcacytzc7VD_AuEAEgweW6lwFgw4SAgJgYyAEJqQLL5yCrq22yPqgDAaoE5gFP0AxN9_t393YWNQHsWK1KkP-4M6WUxLV8l6BbgpetrMmlj6PfcC0LedFwJP1h_TbzY1wJ1wBEUHdyPNfra5FScQUu4Ax7nZsiJLY-Cd9qD3HAYmfQ18LcFcP0SkILaK5o3CGl3KPNGGgCvQAPGW859Dbs_dBsScl-5f05cWqCUzKBY0qMHhFmI-ibu7FnvCcQZS2vjVqFD9GDW8KI3iShflt2g52AgV9QCRBTT2f0n7foU5Cj2ONa4FIOOLDq5oQblA86C6v-4k6c_pglCdYkbAAjiQGnFZ_fQO7F9B90clJ8M_ko88AEwb2U_PMD4AQDkAYBoAZNgAesrfWfA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATnKLNDtATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ymUIhXn6Sr7AWxd-xbUcmP-KiyxaNTYmJa9DJgrVCWoAMRc6JrF_pEopMEqBaMF2McrRDGVt2R9Or3_Z6LtfrqdBf4ZYEySQMYAQ%26sig%3DAOD64_1aoHFsyrsWcgu1rV7s_3Elx4gE2w%26client%3Dca-pub-4148412233530777%26dbm_c%3DAKAmf-DIu9bDs73Ipp6wIytND8NapxvAEsrAJsDFZyPs5rZ3UByoyx1RfcGS76AV0wXVrWxh2-FzSPahv83gtpqSrZ9VfRN33uP_ibcbOXho_MQ4htxsMfLhV3ffTCyZsDbPCZr-1RWg15zkFKN50QGp44xLnkIzTDEY6S9xIot4g6qrZQ4U76g%26cry%3D1%26dbm_d%3DAKAmf-BkJ9hMtk6RrOvZTC4l0XSAoMlcsfUx6kaDqGjxgrUp0Q4p0A6IZdP9Xo1ywnFBARyhwi9m6zvT8FmaQPbci56Rz9CKqhgIaMQ7ECP6ocg7K9K2FneBZ-XKKRgGfF0VHmPBHsxLRUp2KAi9ysoY0tAeucWvlXeDdvI5NTvCIGWH63hnEjKSpJ9YzHszfkbn5BDsUFnlsJQU9FuOENOy-TuQLt0GJ4TGXINaOUSDdEmgVEaLLpuv1gGNd9BXxfRyLMFOeYcGHowJ8CDDRjX1IE84jSVMHey0CoSlLzMmjo7qu98_hlH-GD1RiAVLOcIPQtK9aZekaoB8Q31S115DZ9J3b-PdrQVE9uKgTIMV6ybJDre54QvGYcMg4mKtrTsDlabc-aY1U_HeTu5h2LnO_EE9Y5kQU8-EtsjvuH8smLaBsAhG0fT7Xy-qj_xN8MImCm8RSSGQ_uMWy2bZD6zctCAK748KBotQUVC-EumC5SYlgvu14Gev9e3KqkekwC2_svnDjmzzrj-OyLyC4cA0DWpOmTEJDg%26adurl%3D&documentReferer=https%3A%2F%2Fiplogger.org%2F&ancestorOrigins=null&random=5568818344526&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 HTTP/1.1
Host: hal90001.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d4057e3799ee6dd3fb5fa33bed5c2def.safeframe.googlesyndication.com/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=5c998973d593d0cc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:28 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 02 Feb 2023 16:15:28 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=5c998973d593d0cc; expires=Wed, 03-May-2023 16:15:28 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
X-NEORY-SubId: 99568600114945804438336012223001
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 513
Connection: close
Content-Type: application/x-javascript; charset=utf-8
static.criteo.net/js/ld/publishertag.prebid.123.js
178.250.2.130200 OK 60 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.123.js
IP 178.250.2.130:0
File type ASCII text, with very long lines (65354)
Hash 8b62811aa3fb14d618ec97976dfc0d2b
f69d1e344ed583e0123ca84c79e2f3f5102304e0
6c6a577b310896c76a8f3c5091d249f1b55f898b23ee3dee7ce76ca57ca50463
GET /js/ld/publishertag.prebid.123.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:28 GMT
content-type: text/javascript
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Fri, 03 Feb 2023 16:15:28 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 3de4fcca2691e9899de00c51ec720ad5
c3df63b0511cbdfb588e417692be11efab596f9c
24452e5e022f648140174cec0933dd72d3fbf7f8d566439928b73bbfa5282288
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5476
Cache-Control: max-age=168734
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:28 GMT
Etag: "63dbbc5a-139"
Expires: Sat, 04 Feb 2023 15:07:42 GMT
Last-Modified: Thu, 02 Feb 2023 13:36:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/syncframe?origin=publishertag&topUrl=iplogger.org
178.250.0.157200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=iplogger.org
IP 178.250.0.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 2cf12a61c5f3f23abe6f26d2181f908c
7cc44e27a14d87f3a8180a7b3a99f6fbc52f99c8
f0b7a85374c53a3a5e3dc9074aa1587df2e43cbd4835cb777f23ae7492cf2041
GET /syncframe?origin=publishertag&topUrl=iplogger.org HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:28 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=b73ab2c3-cd3e-42c9-89fc-f426507b85c0; expires=Tue, 27 Feb 2024 16:15:28 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 382977
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 1fa4a1bbc4eef369c1062f928bce8021
93c8b2e83d7238394892d83005f899ec7b1ab3db
549ad164c2c23cbee22a33358e6d837f9546466b11f996adf713b543b11becfc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5355
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:28 GMT
Last-Modified: Thu, 02 Feb 2023 14:46:13 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 1fa4a1bbc4eef369c1062f928bce8021
93c8b2e83d7238394892d83005f899ec7b1ab3db
549ad164c2c23cbee22a33358e6d837f9546466b11f996adf713b543b11becfc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5355
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:28 GMT
Last-Modified: Thu, 02 Feb 2023 14:46:13 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 314
hal90001.redintelligence.net/viewability?s=99568600114945804438336012223001&a=a680c0f1&vb=m
46.4.10.49200 OK 0 B URL HTTP/1.1 hal90001.redintelligence.net/viewability?s=99568600114945804438336012223001&a=a680c0f1&vb=m
IP 46.4.10.49:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=99568600114945804438336012223001&a=a680c0f1&vb=m HTTP/1.1
Host: hal90001.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal90001.redintelligence.net/request_content.php?s=99568600114945804438336012223001&a=23cd918c
Cookie: 8lcfmzhxc8d6_uid=5c998973d593d0cc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:29 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ag.gbc.criteo.com/newidsd
178.250.6.224200 OK 81 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.224:0
Hash 005f4abca97679df2f2484fa1ef1bdf4
4b5fd3004078435e5bd3e40d916d20ce26791d6a
e7352ff89d1b4bae488b657b8d5087e6bfc73c09a0382930eca4e90e300ac8c5
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:28 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 125914
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.contentspread.net/24i/content/soberfb/EN/S-970x250.gif
51.75.147.170200 OK 87 kB URL HTTP/1.1 cdn.contentspread.net/24i/content/soberfb/EN/S-970x250.gif
IP 51.75.147.170:0
File type GIF image data, version 89a, 970 x 250\012- data
Hash 0e28e66e2adf8c90c21d5be5fb9e6fa6
1a0381040dccb97e0cbdd872d1a83b84356b9132
b597da368fd908257c568452ca805b3fb9023d6ad26b7675c5afc1fffb46fea9
GET /24i/content/soberfb/EN/S-970x250.gif HTTP/1.1
Host: cdn.contentspread.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal90001.redintelligence.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 Feb 2023 16:15:29 GMT
Content-Type: image/gif
Content-Length: 86664
Last-Modified: Mon, 23 Jul 2018 15:20:13 GMT
Connection: close
ETag: "5b55f22d-15288"
Accept-Ranges: bytes
onetag-sys.com/usync/?cb=1675354553191
51.75.86.98204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?cb=1675354553191
IP 51.75.86.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1675354553191 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.129.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.129.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 02 Feb 2023 16:15:29 GMT
Age: 45179
X-Served-By: cache-lga13626-LGA, cache-bma1646-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20, 136372
X-Timer: S1675354529.436455,VS0,VE0
Vary: Accept-Encoding
contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
2.18.172.23200 OK 7.8 kB URL HTTP/2 contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
IP 2.18.172.23:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (18979)
Hash 56f51a1655c806d2d8ada626c844e1ff
6f55bc3c8d416fec41aa80123b57471109ab3b2e
b3045a1a75f1ba160b966fd8f6d54ec8f07f71516f542b6a6a0252a8c1b1e32f
GET /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sat, 04 Feb 2023 16:15:29 GMT
date: Thu, 02 Feb 2023 16:15:29 GMT
content-length: 7825
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
23.38.200.201200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=35309
expires: Fri, 03 Feb 2023 02:03:58 GMT
date: Thu, 02 Feb 2023 16:15:29 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
23.38.200.201200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=161102
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&p=161102 HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=35309
expires: Fri, 03 Feb 2023 02:03:58 GMT
date: Thu, 02 Feb 2023 16:15:29 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
51.75.86.98204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
IP 51.75.86.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c203b73bdb9d35e8db631232886a414e
c013d6933950aa55ecc7bea72d0fff247420d820
b5803fa5c0459eebb216b9c09c2c36d746e4b32a1110592be531f31817bf02cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4671
Cache-Control: max-age=133018
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:29 GMT
Etag: "63db33fc-118"
Expires: Sat, 04 Feb 2023 05:12:27 GMT
Last-Modified: Thu, 02 Feb 2023 03:54:36 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4cb1b1057933a4993e2082bc88e14723
8c18677769c9c8d1681add842bf26fca4d499669
00a57163d569b159f13d400ae360adc3656d8029f231bc3e2df928fccb9b1a6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00A57163D569B159F13D400AE360ADC3656D8029F231BC3E2DF928FCCB9B1A6D"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5547
Expires: Thu, 02 Feb 2023 17:47:56 GMT
Date: Thu, 02 Feb 2023 16:15:29 GMT
Connection: keep-alive
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
104.85.187.217301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
IP 104.85.187.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
date: Thu, 02 Feb 2023 16:15:29 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
104.18.33.19302 Found 0 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
IP 104.18.33.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:15:29 GMT
content-length: 0
location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
cf-ray: 793439d16952b51d-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y9vhoTozh0VaAVrAkQiIMAAA; Path=/; Domain=casalemedia.com; Expires=Fri, 02 Feb 2024 16:15:29 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1879; Path=/; Domain=casalemedia.com; Expires=Wed, 03 May 2023 16:15:29 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1879; Path=/; Domain=casalemedia.com; Expires=Wed, 03 May 2023 16:15:29 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uEtc68RQpLxAuo6wCePuJ52D0Eer7SC%2FuJ722doOHqmduDF5RHsNk1ykk3RknwJlphyOQY0ukGO%2FII%2B8%2Fma60aKZUO1n0BWi9982uVB%2BsmWmLFtJi9uTU%2FZc9WAlKSMcLx5Z5izYzoZBOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
147.75.85.234302 Found 0 B URL HTTP/2 prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Thu, 02 Feb 2023 16:15:29 GMT
location: https://ads.servenobid.com/sync?pid=327&uid=2b5b0742-c1c1-4cd1-9f8c-1fa8228a9e4f&gdpr=0&gdpr_consent=&us_privacy=1YN-
server: envoy
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c203b73bdb9d35e8db631232886a414e
c013d6933950aa55ecc7bea72d0fff247420d820
b5803fa5c0459eebb216b9c09c2c36d746e4b32a1110592be531f31817bf02cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4671
Cache-Control: max-age=133018
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:29 GMT
Etag: "63db33fc-118"
Expires: Sat, 04 Feb 2023 05:12:27 GMT
Last-Modified: Thu, 02 Feb 2023 03:54:36 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=duration_media&endpoint=us-east HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public.servenobid.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Feb 2023 16:15:29 GMT
Connection: keep-alive
Vary: Accept-Encoding
ads.servenobid.com/sync?pid=327&uid=2b5b0742-c1c1-4cd1-9f8c-1fa8228a9e4f&gdpr=0&gdpr_consent=&us_privacy=1YN-
54.75.212.82200 OK 0 B URL HTTP/2 ads.servenobid.com/sync?pid=327&uid=2b5b0742-c1c1-4cd1-9f8c-1fa8228a9e4f&gdpr=0&gdpr_consent=&us_privacy=1YN-
IP 54.75.212.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=327&uid=2b5b0742-c1c1-4cd1-9f8c-1fa8228a9e4f&gdpr=0&gdpr_consent=&us_privacy=1YN- HTTP/1.1
Host: ads.servenobid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public.servenobid.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:29 GMT
content-type: image/avif;charset=ISO-8859-1
content-length: 0
set-cookie: pid_327=2b5b0742-c1c1-4cd1-9f8c-1fa8228a9e4f; domain=servenobid.com; SameSite=None; Expires=Thu, 09 Feb 2023 16:15:29 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 06283d49afe4080397b833f2e7a68fb6
18d28876d7f5f06c09ac8b61f1a4b8f0d32b36cd
aa3d19caad3d2c35bc391b2d937f0c6cef0a3734397e290eaa46c2a3774a1d48
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 16:15:29 GMT
Last-Modified: Thu, 02 Feb 2023 14:31:03 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1ulbPDIXhjJNSkfWdKcbykeg2o4NlnnWPKWqMaFgTtp8Se_RQgqc1A==
Age: 6266
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3086d8d034e73524985d684fee6783f
f39b9547e1f35059098b50009cc046df58be4c2a
66576161abe2d955800d9947dcd6ac4c04fe82c1857e3e8565565968acf1b8b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2531
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:29 GMT
Last-Modified: Thu, 02 Feb 2023 15:33:18 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7b444f635e1777bea65b8efe5a06f628
0fb353800d4ea14eaf162f8dd485467619e89911
e4bbe85a350b9351967c02c38bcf9022bdad7d65bb7dadffa0991fe2b2ed4519
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6532
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:29 GMT
Last-Modified: Thu, 02 Feb 2023 14:26:37 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
54.230.111.71200 OK 0 B URL HTTP/2 cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
IP 54.230.111.71:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D HTTP/1.1
Host: cs-rtb.minutemedia-prebid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Thu, 02 Feb 2023 16:15:29 GMT
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
x-reason: could not perform CS due to GDPR policy: gdpr is not applied
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UfQCcJo8AaysB1DCU6eD4dCYDGcmEf_zttVlFFzCtzIt9NHjI9_VZA==
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.20307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 16:15:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 8690f1ac-f93d-41c7-a110-f6259fbe67bd
Set-Cookie: uuid2=6978859446130957913; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 03-May-2023 16:15:29 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (18573)
Hash 01ff987eb169fb9a5ae6f6fa66144c25
919ba34e812425d7ce0741cffeed494bfcb12a4a
2ff239dbe58cfc4fd73c17491588c8f22d4d4fda8d3c846f5296ae9c2c42c79e
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 02 Feb 2023 13:23:26 GMT
Content-Encoding: gzip
Content-Length: 10036
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=76043
Expires: Fri, 03 Feb 2023 13:22:52 GMT
Date: Thu, 02 Feb 2023 16:15:29 GMT
Connection: keep-alive
Vary: Accept-Encoding
ads.servenobid.com/sync?pid=333&uid=0
54.75.212.82200 OK 0 B URL HTTP/2 ads.servenobid.com/sync?pid=333&uid=0
IP 54.75.212.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=333&uid=0 HTTP/1.1
Host: ads.servenobid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssum-sec.casalemedia.com/
Cookie: pid_327=2b5b0742-c1c1-4cd1-9f8c-1fa8228a9e4f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:29 GMT
content-type: image/avif;charset=ISO-8859-1
content-length: 0
set-cookie: pid_333=0; domain=servenobid.com; SameSite=None; Expires=Thu, 09 Feb 2023 16:15:29 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58559/occ
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58559/occ
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58559/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:15:29 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBKHh22MCEOlKJVGJBmpJd7IiMFphJLIFEgEBAQEz3WPlYwAAAAAA_eMAAA&S=AQAAApcrSsLgYK69nQq51EarEnU; Expires=Fri, 2 Feb 2024 22:15:29 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.20200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 16:15:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 29e33586-b9bd-4567-b1e0-14d87556519e
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ups.analytics.yahoo.com/ups/58632/occ
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58632/occ
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58632/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:15:29 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBKHh22MCEO_bmrDXHY5KIoAP97fyxtwFEgEBAQEz3WPlYwAAAAAA_eMAAA&S=AQAAAlHQIaUVfvhR0ShsDtpXEgI; Expires=Fri, 2 Feb 2024 22:15:29 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58559/occ?verify=true
3.126.56.137204 No Content 867 B URL HTTP/2 ups.analytics.yahoo.com/ups/58559/occ?verify=true
IP 3.126.56.137:0
File type gzip compressed data, max compression\012- data
Hash 24851c0efa2c9b66158d70795ffc379d
1b05f46bd3d99d099590ba60bbe94531c263bbd7
148325b604c4796f351380447c89a07bd90e296b35f44e205180522ac8cf844c
GET /ups/58559/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public.servenobid.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:15:29 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBKHh22MCEDBZwoa0KLpMiAAzyUmzW04FEgEBAQEz3WPlYwAAAAAA_eMAAA&S=AQAAApbnn_YnVik8wlp6dkxS3MA; Expires=Fri, 2 Feb 2024 22:15:29 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
23.38.200.201200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent= HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=35309
expires: Fri, 03 Feb 2023 02:03:58 GMT
date: Thu, 02 Feb 2023 16:15:29 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
198.47.127.19200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 198.47.127.19:0
File type ASCII text, with no line terminators
Hash 3f7fbc343351c36239dbf4592f7fe6f4
aa65e56310246a6819e8ea04a062e572378e7ad0
1a2fad4919b886bdab08de47b40ef639631417cf4670defb385e734b7c063dea
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Wed, 3 May 2023 08:49:21 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 02 Feb 2023 16:15:29 GMT
content-length: 60
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
185.89.210.20307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 16:15:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
AN-X-Request-Uuid: b7a60a96-a0de-4f57-b74c-1e524b1f4084
Set-Cookie: uuid2=1484427388196070504; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 03-May-2023 16:15:29 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash f272271261bfe90f09569b812de6f253
ab40bca0c92c8a5884e2f6cd23df14d63229c0df
42f7dddb0c624fd74d51388bfafcca0c5a2b1ff330709b7a111703ec77b0d5a8
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 02 Feb 2023 16:15:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 15022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 Feb 2023 21:39:34 GMT
Expires: Thu, 02 Feb 2023 21:39:34 GMT
ETag: "ab40bca0c92c8a5884e2f6cd23df14d63229c0df"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ads.servenobid.com/sync?pid=309&uid=e_416dda38-6b48-4110-bcc7-b9c85eae6677
54.75.212.82200 OK 0 B URL HTTP/2 ads.servenobid.com/sync?pid=309&uid=e_416dda38-6b48-4110-bcc7-b9c85eae6677
IP 54.75.212.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=309&uid=e_416dda38-6b48-4110-bcc7-b9c85eae6677 HTTP/1.1
Host: ads.servenobid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Cookie: pid_327=2b5b0742-c1c1-4cd1-9f8c-1fa8228a9e4f; pid_333=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:29 GMT
content-type: image/avif;charset=ISO-8859-1
content-length: 0
set-cookie: pid_309=e_416dda38-6b48-4110-bcc7-b9c85eae6677; domain=servenobid.com; SameSite=None; Expires=Thu, 09 Feb 2023 16:15:29 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
104.85.187.217301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
IP 104.85.187.217:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=gumgum HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=gumgum
date: Thu, 02 Feb 2023 16:15:29 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58632/occ?verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58632/occ?verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58632/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public.servenobid.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Thu, 02 Feb 2023 16:15:29 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBKHh22MCEIvqKYuDjO6q18VxMZKAHuQFEgEBAQEz3WPlYwAAAAAA_eMAAA&S=AQAAArBrSjPKHrBHsUo73BPK8w4; Expires=Fri, 2 Feb 2024 22:15:29 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash c950978b4936b4cf9e55f8d096659397
f29ed621b2af55b13a09df5e24988a54b89f8dbf
79e5bb5dee2b9cd2f03022df4419472e3b78be32b7dfb5c7cc7c147f5fe1994e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:29 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 01:55:55 GMT
Expires: Wed, 08 Feb 2023 01:55:54 GMT
Etag: "f29ed621b2af55b13a09df5e24988a54b89f8dbf"
Cache-Control: max-age=466224,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793439d23a9db4fd-OSL
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 23692097ca31908592060984aae6cc6e
3e06e4c092a9d9dd647d76ee58291528934df221
d7c4a696b9dd736862a5065352d3c9b37ae045a08452e40df7edf46c249983b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4243
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:29 GMT
Last-Modified: Thu, 02 Feb 2023 15:04:47 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 313
ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
216.52.2.48302 Found 0 B URL HTTP/1.1 ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
IP 216.52.2.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 02 Feb 2023 16:15:29 GMT
Set-Cookie: ljt_reader=GFxPtRZHmh9nRZIkTRKxxvBd; Path=/; Domain=.lijit.com; Expires=Fri, 02-Feb-2024 16:15:29 GMT; Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Content-Length: 0
X-Sovrn-Pod: ad_ap5ams1
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash cf81ccba67ce65059a906b29b79b12c5
138a922ca1b5958384fd35cc978c3f98497d79fe
d2699bb88e39ca773ead5cde32ccfc50f1913e84df63a608b8df2d8b0eaa55c1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 16:15:29 GMT
Last-Modified: Thu, 02 Feb 2023 14:41:50 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SvXnZUZi7nltq9q1rZnV6jXkvnYBhxmT3Sk0hbM8OaDGXyJWhMpvDQ==
Age: 5619
ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
185.86.139.103200 OK 814 B URL HTTP/2 ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
IP 185.86.139.103:0
ASN #201081 SmartAdServer SAS
File type HTML document text\012- HTML document, ASCII text
Hash fb18da568ddcd9fa66aad580cda2b147
3f9390a2a8a790c474a784d2b27ca9744ed334a2
0d3b0fe7b2a6481b8d148ef6ef3690b7451135bafdb3b608eb05f76682df9807
GET /api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID HTTP/1.1
Host: ssbsync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 814
content-type: text/html
date: Thu, 02 Feb 2023 16:15:29 GMT
set-cookie: pid=2917089694200942384; expires=Mon, 04 Mar 2024 16:14:29 GMT; domain=smartadserver.com; path=/; secure; samesite=none
X-Firefox-Spdy: h2
ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
216.52.2.48204 No Content 0 B URL HTTP/1.1 ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
IP 216.52.2.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public.servenobid.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 02 Feb 2023 16:15:29 GMT
Set-Cookie: ljt_reader=GFxPtRZHNobibjtqSimVMklK; Path=/; Domain=.lijit.com; Expires=Fri, 02-Feb-2024 16:15:29 GMT; Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap5ams1
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 2b4796631a4c1175a47cfb21363a5004
cdd50a3f0abc6e41b98cef8ca0805fe90d4c395e
662c2d5b6ce4858d54e0fa29d8894127e352868ab2aefea7c3baec5adec12210
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 02 Feb 2023 16:15:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 15022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 Feb 2023 21:17:22 GMT
Expires: Thu, 02 Feb 2023 21:17:22 GMT
ETag: "cdd50a3f0abc6e41b98cef8ca0805fe90d4c395e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
185.86.139.103302 Found 0 B URL HTTP/2 ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
IP 185.86.139.103:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP/1.1
Host: ssbsync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-length: 0
date: Thu, 02 Feb 2023 16:15:29 GMT
location: https://usersync.gumgum.com/usersync?b=sad&i=8411434789521641299
set-cookie: pid=8411434789521641299; expires=Mon, 04 Mar 2024 16:14:29 GMT; domain=smartadserver.com; path=/; secure; samesite=none
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f4f3ba9454559b5ccacf79c29c7cd75d
adc76c93b61785ec964b6a75b4b8d327f5d395f7
a41cff22da0c9fa6e2d3ee16d3c787dc754ae5a3577c7ee0ea7fe9c80564b9af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5847
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:29 GMT
Last-Modified: Thu, 02 Feb 2023 14:38:02 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ads.servenobid.com/sync?pid=321&uid=OPTOUT
54.75.212.82200 OK 0 B URL HTTP/2 ads.servenobid.com/sync?pid=321&uid=OPTOUT
IP 54.75.212.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=321&uid=OPTOUT HTTP/1.1
Host: ads.servenobid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public.servenobid.com/
Connection: keep-alive
Cookie: pid_327=2b5b0742-c1c1-4cd1-9f8c-1fa8228a9e4f; pid_333=0; pid_309=e_416dda38-6b48-4110-bcc7-b9c85eae6677
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:29 GMT
content-type: image/avif;charset=ISO-8859-1
content-length: 0
set-cookie: pid_321=OPTOUT; domain=servenobid.com; SameSite=None; Expires=Thu, 09 Feb 2023 16:15:29 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1675354529861
213.19.147.44302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1675354529861
IP 213.19.147.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1675354529861 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public.servenobid.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:15:29 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ad70a6f450827dd5acc92719f20df8c5
d094c2828d19e11ffac158ffb1321787a64dc65d
74caf4fc02d200a1b3037cad1015f58aa53534797b3dd3d5ff44647a7514cad3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5381
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:30 GMT
Last-Modified: Thu, 02 Feb 2023 14:45:49 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
151.101.66.49302 Found 0 B URL HTTP/2 sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
IP 151.101.66.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
set-cookie: everest_g_v2=g_surferid~Y9vhoQAD8BWwvwAb; Path=/; Domain=.everesttech.net; Expires=Fri, 02-Feb-2024 16:15:29 GMT; Max-Age=31536000
location: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y9vhoQAD8BWwvwAb
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Thu, 02 Feb 2023 16:15:30 GMT
via: 1.1 varnish
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675354530.948192,VS0,VE91
cache-control: no-cache
pragma: no-cache
content-length: 0
X-Firefox-Spdy: h2
creativecdn.com/cm-notify?pi=gumgum
185.184.8.90302 Found 0 B URL HTTP/2 creativecdn.com/cm-notify?pi=gumgum
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm-notify?pi=gumgum HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:15:30 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=YsrX4vLSxMu10FdUu0QB;Path=/;Domain=.creativecdn.com;Expires=Fri, 02-Feb-2024 16:15:30 GMT;Max-Age=31536000;Secure;SameSite=None
ts=1675354530;Path=/;Domain=.creativecdn.com;Expires=Fri, 02-Feb-2024 16:15:30 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
content-length: 0
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
185.89.210.90307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
AN-X-Request-Uuid: e781fd9d-5411-4d38-8a91-087be9c165c0
Set-Cookie: uuid2=6030569377856695378; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 03-May-2023 16:15:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
69.166.1.10302 Found 0 B URL HTTP/1.1 sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
IP 69.166.1.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP/1.1
Host: sync.go.sonobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 02 Feb 2023 16:15:29 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-31
X-Xss-Protection: 0
Location: https://ads.servenobid.com/sync?pid=332&uid=69a03b31-3b5a-4872-9c56-96011134f44e
Server: sonobi-go
Set-Cookie: __uis=69a03b31-3b5a-4872-9c56-96011134f44e; expires=Sat, 04 Mar 2023 16:15:29 GMT; domain=.go.sonobi.com; path=/; secure; SameSite=None
HAPLB8S=s8531|Y9vhp; path=/; domain=.go.sonobi.com; SameSite=None; secure
sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y9vhoQAD8BWwvwAb
151.101.66.49200 OK 85 B URL HTTP/2 sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y9vhoQAD8BWwvwAb
IP 151.101.66.49:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 5bec6606b8392065f9da9898ca6f7b14
73ac5b01b5e3293fb792179626e7f8369cdb944d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
GET /ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y9vhoQAD8BWwvwAb HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
server: Jetty(9.4.35.v20201120)
accept-ranges: bytes
date: Thu, 02 Feb 2023 16:15:30 GMT
via: 1.1 varnish
age: 685
x-served-by: cache-bma1655-BMA
x-cache: HIT
x-cache-hits: 1574
x-timer: S1675354530.072222,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 85
X-Firefox-Spdy: h2
creativecdn.com/cm-notify?pi=gumgum&tc=1
185.184.8.90200 OK 42 B URL HTTP/2 creativecdn.com/cm-notify?pi=gumgum&tc=1
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm-notify?pi=gumgum&tc=1 HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:30 GMT
content-type: image/gif
content-length: 42
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
185.89.210.20302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public.servenobid.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ads.servenobid.com/sync?pid=312&uid=0
AN-X-Request-Uuid: 76e88599-a596-4a68-b998-b53954a76f89
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
eus.rubiconproject.com/usync.html?p=gumgum
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=gumgum
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=gumgum HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Feb 2023 16:15:30 GMT
Connection: keep-alive
Vary: Accept-Encoding
ads.servenobid.com/sync?pid=332&uid=69a03b31-3b5a-4872-9c56-96011134f44e
54.75.212.82200 OK 0 B URL HTTP/2 ads.servenobid.com/sync?pid=332&uid=69a03b31-3b5a-4872-9c56-96011134f44e
IP 54.75.212.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=332&uid=69a03b31-3b5a-4872-9c56-96011134f44e HTTP/1.1
Host: ads.servenobid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public.servenobid.com/
Connection: keep-alive
Cookie: pid_327=2b5b0742-c1c1-4cd1-9f8c-1fa8228a9e4f; pid_333=0; pid_309=e_416dda38-6b48-4110-bcc7-b9c85eae6677; pid_321=OPTOUT; pid_317=2917089694200942384
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:30 GMT
content-type: image/avif;charset=ISO-8859-1
content-length: 0
set-cookie: pid_332=69a03b31-3b5a-4872-9c56-96011134f44e; domain=servenobid.com; SameSite=None; Expires=Thu, 09 Feb 2023 16:15:30 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DDA6DDF59-0112-4E1D-A28C-67D4AC9828CA%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
23.38.200.201200 OK 953 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DDA6DDF59-0112-4E1D-A28C-67D4AC9828CA%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Hash 499546dec064c08e4c7c354bab138f7f
f155d071d071e4e7c1d45e22943915df9d9f2b75
1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4
GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DDA6DDF59-0112-4E1D-A28C-67D4AC9828CA%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
content-type: text/html; charset=UTF-8
cache-control: max-age=156350
expires: Sat, 04 Feb 2023 11:41:20 GMT
date: Thu, 02 Feb 2023 16:15:30 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DDA6DDF59-0112-4E1D-A28C-67D4AC9828CA%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
23.38.200.201200 OK 953 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DDA6DDF59-0112-4E1D-A28C-67D4AC9828CA%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Hash 499546dec064c08e4c7c354bab138f7f
f155d071d071e4e7c1d45e22943915df9d9f2b75
1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4
GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3DDA6DDF59-0112-4E1D-A28C-67D4AC9828CA%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
content-type: text/html; charset=UTF-8
cache-control: max-age=156350
expires: Sat, 04 Feb 2023 11:41:20 GMT
date: Thu, 02 Feb 2023 16:15:30 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.servenobid.com/sync?pid=312&uid=0
54.75.212.82200 OK 0 B URL HTTP/2 ads.servenobid.com/sync?pid=312&uid=0
IP 54.75.212.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=312&uid=0 HTTP/1.1
Host: ads.servenobid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public.servenobid.com/
Connection: keep-alive
Cookie: pid_327=2b5b0742-c1c1-4cd1-9f8c-1fa8228a9e4f; pid_333=0; pid_309=e_416dda38-6b48-4110-bcc7-b9c85eae6677; pid_321=OPTOUT; pid_317=2917089694200942384; pid_332=69a03b31-3b5a-4872-9c56-96011134f44e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:30 GMT
content-type: image/avif;charset=ISO-8859-1
content-length: 0
set-cookie: pid_312=0; domain=servenobid.com; SameSite=None; Expires=Thu, 09 Feb 2023 16:15:30 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ads.servenobid.com/sync?pid=316&uid=DA6DDF59-0112-4E1D-A28C-67D4AC9828CA
54.75.212.82200 OK 0 B URL HTTP/2 ads.servenobid.com/sync?pid=316&uid=DA6DDF59-0112-4E1D-A28C-67D4AC9828CA
IP 54.75.212.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=316&uid=DA6DDF59-0112-4E1D-A28C-67D4AC9828CA HTTP/1.1
Host: ads.servenobid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Cookie: pid_327=2b5b0742-c1c1-4cd1-9f8c-1fa8228a9e4f; pid_333=0; pid_309=e_416dda38-6b48-4110-bcc7-b9c85eae6677; pid_321=OPTOUT; pid_317=2917089694200942384; pid_332=69a03b31-3b5a-4872-9c56-96011134f44e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:30 GMT
content-type: text/html;charset=ISO-8859-1
content-length: 0
set-cookie: pid_316=DA6DDF59-0112-4E1D-A28C-67D4AC9828CA; domain=servenobid.com; SameSite=None; Expires=Thu, 09 Feb 2023 16:15:30 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 321b92f3a8474ce67d692acbd9b67ed1
4b450ee70ea852f0892e6b2369c9a440184f13fd
a9d068e3c626d4c8870ab6e11e06e6e5f9b52500314df3ed16f9149b68400cc6
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Mon, 06 Feb 2023 12:39:30 GMT
ETag: "4b450ee70ea852f0892e6b2369c9a440184f13fd"
Last-Modified: Thu, 02 Feb 2023 12:39:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3389
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793439d5d97b1c16-OSL
ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
104.18.33.19200 OK 108 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
IP 104.18.33.19:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash baa6844bcd3d0b454699cd5867e18938
8e29f4b25b1d46a4ccaec83f72aa1280be58b0da
3a03a74fb845673cb708ebd2f7768a51c4b4af7b47545db24f83369662843be7
GET /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public.servenobid.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:29 GMT
content-type: text/html
cf-ray: 793439d1c9c6b51d-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjnGxdLZrYOa8G3VjZZUaFyFWYXoSgngiYSFM3X%2FzxkcvcYunbj%2F2OYkWeBZkosJ%2B%2Blyf1%2FzIq%2B%2BCSTy1U%2BWDtM2bShLqZknmOFbasyAdT5gGrhl8UjbfmSluxSvsCLuFibIvzSfR%2F%2BQzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
54.225.109.232302 Found 0 B URL HTTP/2 ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
IP 54.225.109.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:15:30 GMT
content-length: 0
location: https://ce.lijit.com/merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEyAgwbOAE=
cache-control: no-store
pragma: no-cache
expires: 0
set-cookie: zeta-ssp-user-id=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a; Max-Age=31536000; Expires=Fri, 02 Feb 2024 16:15:29 GMT; Path=/; Domain=disqus.com; Secure; SameSite=None
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e35a92e1bb882de50b5b13ba45a97608
a4974aec326fc29b95fff08a006ce6e2757b511e
a82037d6020b7ab89af017b0eabbac9b431a6a97a9633af30b27f6f480800692
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1722
Cache-Control: max-age=169681
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:30 GMT
Etag: "63dbceb9-1d7"
Expires: Sat, 04 Feb 2023 15:23:31 GMT
Last-Modified: Thu, 02 Feb 2023 14:54:49 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
15.197.193.217200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
IP 15.197.193.217:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:30 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 005622e59568cb632684a1cd2880c97e
31333726c45ed676daec90ecde21654791c06a9d
02b0023deb129dda05ec64f305ddd4f0aba5a3d0e7bf91a099f6acc1de7b15a3
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 15022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 Feb 2023 21:29:42 GMT
Expires: Thu, 02 Feb 2023 21:29:42 GMT
ETag: "31333726c45ed676daec90ecde21654791c06a9d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
185.89.210.90307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssbsync.smartadserver.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frtb-csync.smartadserver.com%252Fredir%252F%253Fissi%253D1%2526partnerid%253D86%2526partneruserid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D
AN-X-Request-Uuid: fd058083-f811-4eba-9ca9-db699b9ca93e
Set-Cookie: uuid2=6493259144821957862; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 03-May-2023 16:15:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
35.244.159.8302 Found 0 B URL HTTP/2 us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
IP 35.244.159.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP/1.1
Host: us-u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
set-cookie: i=d0a581c9-f7f9-45f3-8cd6-ed69c735a0f0|1675354530; Version=1; Expires=Fri, 02-Feb-2024 16:15:30 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/0.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
date: Thu, 02 Feb 2023 16:15:30 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1a4771991c33cea8013538248a9e7b8b
5ed62977c063cd0de0b129311cb2c76d4dcea16b
8617fbcb341afc0800ace5544bff0996a1c624c812f24d7e8e85381ccea3a19d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5352
Cache-Control: max-age=149170
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:30 GMT
Etag: "63db706c-1d7"
Expires: Sat, 04 Feb 2023 09:41:40 GMT
Last-Modified: Thu, 02 Feb 2023 08:12:28 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
18.158.8.202302 Found 0 B URL HTTP/2 cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
IP 18.158.8.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP/1.1
Host: cs.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html
date: Thu, 02 Feb 2023 16:15:29 GMT
location: https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA==
set-cookie: euid=51571675354530316077f1; Max-Age=2592000; Expires=Sat, 04 Mar 2023 16:15:29 GMT; Domain=.emxdgt.com; Path=/; HttpOnly
content-length: 0
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash f5d494c0ec9cc2d2d535a6013c685d76
92569b5c4525bf55690e9534d1533d77c1e0ec0c
6d3d91765c3acb35c81f09b4a49abb516ed53922ad68fb9a0cf75cf057343368
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 15022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 Feb 2023 20:17:37 GMT
Expires: Thu, 02 Feb 2023 20:17:37 GMT
ETag: "92569b5c4525bf55690e9534d1533d77c1e0ec0c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
35.244.159.8302 Found 0 B URL HTTP/2 us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
IP 35.244.159.8:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP/1.1
Host: us-u.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
vary: Accept, Accept-Encoding
set-cookie: i=387250da-0ab2-4e1d-b19a-9f02b3c98cfb|1675354530; Version=1; Expires=Fri, 02-Feb-2024 16:15:30 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/0.0.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usersync.gumgum.com/usersync?b=opx&i=1ce3cbf3-8b20-49bc-8c37-47071fbebe40
date: Thu, 02 Feb 2023 16:15:30 GMT
content-type: text/html
content-length: 0
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
54.195.230.184200 OK 43 B URL HTTP/2 pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
IP 54.195.230.184:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 13e1c7a2184e36d7ae519e99b1aa226f
355ccad4eac39838e1cc76fd0b670fd2ea1e5aa3
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
GET /sync/gumgum?gdpr=0&gdpr_consent= HTTP/1.1
Host: pr-bh.ybp.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:30 GMT
content-type: image/gif
content-length: 43
age: 0
strict-transport-security: max-age=31536000
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8b9dd3912f899ed3bc417a5919622d3e
9237b97acc38e99095f783fb262adc673719303a
18c611b941bd45dfca619d6db05f8de40765f3b5d3ac2535f1f2050e1c299fcf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2822
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:30 GMT
Last-Modified: Thu, 02 Feb 2023 15:28:28 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 73f7f16d6403843c8d3401d0935566d5
2f6cafb825d1cbb5209e142d98ae467289d76213
edae5b4589150f00b730d52c90d827ce7add2edb81d6f1b19ad117f73a925f7c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147776
Date: Thu, 02 Feb 2023 16:15:30 GMT
Etag: "63db6acb-1d7"
Expires: Sat, 04 Feb 2023 09:18:26 GMT
Last-Modified: Thu, 02 Feb 2023 07:48:27 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mfYAM1J18LQ-wziVPRkNH2CwfBSOtAu_ncw3_1wCfGnvWMRI5uBQwg==
Age: 5399
ce.lijit.com/merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEyAgwbOAE=
216.52.2.48204 No Content 0 B URL HTTP/1.1 ce.lijit.com/merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEyAgwbOAE=
IP 216.52.2.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEyAgwbOAE= HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public.servenobid.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 02 Feb 2023 16:15:30 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap5ams1
ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA==
185.89.210.20307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA==
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fusersync.gumgum.com%252Fusersync%253Fb%253Demx%2526i%253D%2524EMXUID%26b64_redirect%3DaHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA%3D%3D
AN-X-Request-Uuid: 131fc831-ff9e-4145-b2c8-faf0ad977804
Set-Cookie: uuid2=6606380660283523130; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 03-May-2023 16:15:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
34.247.128.14200 OK 1.5 kB URL HTTP/2 g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
IP 34.247.128.14:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 463f34ca46190834d8df59b63e6f7394
0cf6a493853c8815e3173e1ab61215a475dbc238
028a095fc5b606bd5a6b8ddf2d17f5fe3d6f1a2558fcc9c4574367db02cd386a
GET /usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D HTTP/1.1
Host: g2.gumgum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:29 GMT
content-type: text/html;charset=UTF-8
server: nginx
set-cookie: vst=e_416dda38-6b48-4110-bcc7-b9c85eae6677; Domain=.gumgum.com; Expires=Fri, 02 Feb 2024 16:15:29 GMT; Path=/; Secure; SameSite=None
etag: W/"0ca8d7ce060102dc32d32275ef5d0afe8"
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
185.89.210.90302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dapn%26i%3D%24UID HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://usersync.gumgum.com/usersync?b=apn&i=0
AN-X-Request-Uuid: 49841b7b-bd09-46aa-947f-006e80c43d59
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fusersync.gumgum.com%252Fusersync%253Fb%253Demx%2526i%253D%2524EMXUID%26b64_redirect%3DaHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA%3D%3D
185.89.210.20302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fusersync.gumgum.com%252Fusersync%253Fb%253Demx%2526i%253D%2524EMXUID%26b64_redirect%3DaHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA%3D%3D
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcs.emxdgt.com%2Fumcheck%3Fapnxid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fusersync.gumgum.com%252Fusersync%253Fb%253Demx%2526i%253D%2524EMXUID%26b64_redirect%3DaHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA%3D%3D HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://cs.emxdgt.com/umcheck?apnxid=0&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA==
AN-X-Request-Uuid: 296ebf92-c632-4ece-a5b8-1aaebcc2757b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frtb-csync.smartadserver.com%252Fredir%252F%253Fissi%253D1%2526partnerid%253D86%2526partneruserid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D
185.89.210.90302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frtb-csync.smartadserver.com%252Fredir%252F%253Fissi%253D1%2526partnerid%253D86%2526partneruserid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Frtb-csync.smartadserver.com%252Fredir%252F%253Fissi%253D1%2526partnerid%253D86%2526partneruserid%253D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ssbsync.smartadserver.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=0&gdpr=0&gdpr_consent=
AN-X-Request-Uuid: b47772fd-d2f5-4ae6-8aa0-d4ffcbac9581
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 81945998cc863146cdaa812efd0766d8
16c338ad84a8ebe39b79ef85ba2a138f34c3455f
3c9c6fc83329799ff0fbfd3744e93849c32bba4414fef5ee40ea0073e8a1263a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3483
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:30 GMT
Last-Modified: Thu, 02 Feb 2023 15:17:27 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
34.247.205.196200 35 B URL HTTP/1.1 usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
IP 34.247.205.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /usersync?b=rhy&i=OPTOUT HTTP/1.1
Host: usersync.gumgum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash ab79e9aeacb3e7923abaa9b1892e3b9b
3934de2897bddba30442b161f38f191d140e65fa
f19772e63b4c09cd41d6f5f7b013a94cd219e251bd41f3862a6fde0e56b1ebdb
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 16:15:30 GMT
Last-Modified: Thu, 02 Feb 2023 15:55:06 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xsjWKiQlAKH92Ukr_yl15cAa2RAqPxEK8oY3QL4zMENPW16x0hUbpQ==
Age: 1224
cs.emxdgt.com/umcheck?apnxid=0&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA==
18.158.8.202200 OK 43 B URL HTTP/2 cs.emxdgt.com/umcheck?apnxid=0&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA==
IP 18.158.8.202:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /umcheck?apnxid=0&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP/1.1
Host: cs.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
date: Thu, 02 Feb 2023 16:15:29 GMT
x-nosync: na;
content-length: 43
X-Firefox-Spdy: h2
pixel.rubiconproject.com/exchange/sync.php?p=a9us
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=a9us
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=a9us HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 54ab5e55007c9747024b4f039df5ce6b
Content-Type: image/gif
usersync.gumgum.com/usersync?b=apn&i=0
34.247.205.196200 35 B URL HTTP/1.1 usersync.gumgum.com/usersync?b=apn&i=0
IP 34.247.205.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /usersync?b=apn&i=0 HTTP/1.1
Host: usersync.gumgum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
token.rubiconproject.com/token?pid=2974&pt=n&a=1
213.19.162.80204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=2974&pt=n&a=1
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=2974&pt=n&a=1 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 7c5d24517ee193cc868994bc18883d1d
sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid]
185.86.139.57302 Found 0 B URL HTTP/1.1 sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid]
IP 185.86.139.57:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?gdpr=0&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D32128%26nid%3D2915%26put%3D[sas_uid] HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
content-length: 0
date: Thu, 02 Feb 2023 16:15:29 GMT
cache-control: no-cache,no-store
location: https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
pragma: no-cache
set-cookie: TestIfCookie=ok; expires=Mon, 01 Jan 0001 00:00:00 GMT; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Fri, 02 Feb 2024 16:15:30 GMT; domain=.smartadserver.com; path=/
pbw=%24b%3d12999%3b%24o%3d11100; expires=Fri, 02 Feb 2024 16:15:30 GMT; domain=.smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
token.rubiconproject.com/token?pid=2046&pt=n&a=1
213.19.162.80302 Found 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=2046&pt=n&a=1
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=2046&pt=n&a=1 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 7c5d24517ee193cc868994bc18883d1d
Location: https://rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=_CYuZMX78BMBRZX-OYbKWoXsnMZhMiGdLdsvN9R-tmQ
content-length: 0
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 05a3526b6f2eb8cec35f02075b255817
4563626ad9cc06ab3a3d3e0b0327c67eb3ac8a6f
33598c05fbc5da20f356fc48c7d6cd91d41306bbdf17ff9a1fce72bde0b62c67
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120103
Date: Thu, 02 Feb 2023 16:15:30 GMT
Etag: "63db05b8-1d7"
Expires: Sat, 04 Feb 2023 01:37:13 GMT
Last-Modified: Thu, 02 Feb 2023 00:37:12 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: l8tMyeqcgaZrvtahwTwGbpUwOHjloQyMrxKsiwTCOiaqmFVtm3Ka3w==
Age: 3601
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.20307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 1a361a7b-ef31-470d-9a77-387970c406bc
Set-Cookie: uuid2=6662793010133805837; SameSite=None; Path=/; Max-Age=7776000; Expires=Wed, 03-May-2023 16:15:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
52.95.126.160302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
IP 52.95.126.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: 6D45C0C49M7SDSJ5HY78
Set-Cookie: ad-id=Az2ZkTRauEIfseDADJgnOg4|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 16:15:30 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
sync.smartadserver.com/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
185.86.139.57200 OK 0 B URL HTTP/1.1 sync.smartadserver.com/getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1
IP 185.86.139.57:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?gdpr=0&url=https://pixel.rubiconproject.com/tap.php?v=32128&nid=2915&put=[sas_uid]&cklb=1 HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
date: Thu, 02 Feb 2023 16:15:29 GMT
usersync.gumgum.com/usersync?b=pln&i=bDJwmsTH14ra&ev=1&pid=558355
34.247.205.196200 35 B URL HTTP/1.1 usersync.gumgum.com/usersync?b=pln&i=bDJwmsTH14ra&ev=1&pid=558355
IP 34.247.205.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /usersync?b=pln&i=bDJwmsTH14ra&ev=1&pid=558355 HTTP/1.1
Host: usersync.gumgum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
18.195.73.173302 Found 0 B URL HTTP/2 ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
IP 18.195.73.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:15:30 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=afc74b66-a0bc-4359-ba08-d5cf891f8214; Expires=Wed, 03 May 2023 16:15:30 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1675354530; Expires=Wed, 03 May 2023 16:15:30 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
70.42.32.31302 Found 0 B URL HTTP/1.1 sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
IP 70.42.32.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Length: 0
Connection: close
set-cookie: obuid=9035034c-14e3-423b-a7c9-167b3d1c9bff; Max-Age=7776000; Expires=Wed, 03 May 2023 16:15:30 GMT; Path=/; Domain=.outbrain.com
Location: https://usersync.gumgum.com/usersync?b=obn&i=ENC%28IMk5E9jH2c964xFV2F7gIS-j-cPNmxFkidqqiahuHxleXCwCfPr5779EljT9kErW%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28IMk5E9jH2c964xFV2F7gIS-j-cPNmxFkidqqiahuHxleXCwCfPr5779EljT9kErW%29
X-TraceId: 7c42612f236030b015f1361292013af4
b1sync.zemanta.com/usersync/gumgum/?puid=e_416dda38-6b48-4110-bcc7-b9c85eae6677&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
70.42.32.31302 Found 366 B URL HTTP/1.1 b1sync.zemanta.com/usersync/gumgum/?puid=e_416dda38-6b48-4110-bcc7-b9c85eae6677&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
IP 70.42.32.31:0
File type HTML document, ASCII text, with very long lines (364)
Hash 3341d4288e8ff0fd66621903245b055f
d4dbe223225ba9ea29d490c7e768c67e54809aa6
09bf4d4fc5a792a63fba36faead811cb4248b69bf9bc867c0d4b8f8b544dee0e
GET /usersync/gumgum/?puid=e_416dda38-6b48-4110-bcc7-b9c85eae6677&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP/1.1
Host: b1sync.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Content-Length: 366
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://stags.bluekai.com/site/23178?id=7ozTggsneVdahE1lIm7V&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N3PPJKGOZ3TNZSVMZDBNBCTC3CJNU3VMJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
P3p: CP="We do not support P3P header."
Pragma: no-cache
Set-Cookie: zuid=7ozTggsneVdahE1lIm7V; Path=/; Domain=zemanta.com; Expires=Fri, 02 Feb 2024 16:15:30 GMT; Max-Age=31536000; Secure; SameSite=None
Date: Thu, 02 Feb 2023 16:15:30 GMT
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.20200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 13e3f3d9-22b8-46f1-8309-aeb54f015135
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
54.146.129.158302 Found 126 B URL HTTP/1.1 sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
IP 54.146.129.158:0
File type HTML document, ASCII text
Hash 47409df658f861fe0e40505bdaa8e5c3
a7eaea140f98297f17ea65ac48496eddc13ae250
0b7bc5e9a84ee311e46bba2dc91aa66ba9e5996e68ede192e1658f3a34d5c0c7
GET /sync?nid=1&gdpr=0&gdpr_consent= HTTP/1.1
Host: sync.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Feb 2023 16:15:30 GMT
Location: https://usersync.gumgum.com/usersync?b=sta&i=0-c10fbe29-d4f7-45a4-4db9-126aa2306fde$ip$91.90.42.154
Set-Cookie: sa-user-id=s%3A0-c10fbe29-d4f7-45a4-4db9-126aa2306fde.slFD7VNZz0V81CsVYXF7SCxnz9pHJoaFf7Zrg1s0750; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3AwQ--KdT3RaRNuRJqojBv3ltaKpo.FQgmfvBTOD5AxtJgCYBoza9as%2F441JT%2B%2BGXA9gKycOU; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 126
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 02a756d6235bbfeb7103f1e03d1c5963
d1525eaa45460afdc49f6efafa4b296b84e876f5
f2a8cca2f9c3c526ab837127330805f57870b2590cdeb4b62515152a7d88d6c3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 16:15:30 GMT
Last-Modified: Thu, 02 Feb 2023 16:02:46 GMT
Server: ECS (nyb/1D11)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UK4F8WlqNd_Tuiw1Co6uz3K1pRRTJs9FDVozbm_tnIxubnoufNofiw==
Age: 764
simage4.pubmatic.com/AdServer/SPug?o=1&p=162412&sc=1&pr=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID&umc=PM_UID&u=DA6DDF59-0112-4E1D-A28C-67D4AC9828CA&rs=3&gdpr=0&gdpr_consent=&us_privacy=1YN-
198.47.127.20200 OK 2.2 kB URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=162412&sc=1&pr=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID&umc=PM_UID&u=DA6DDF59-0112-4E1D-A28C-67D4AC9828CA&rs=3&gdpr=0&gdpr_consent=&us_privacy=1YN-
IP 198.47.127.20:0
Hash 234c3149eac1465ae439e46f713f1536
c4f0ce7e1449c865eb150e2f1d83dc2b35778b0e
e297b157c0ae81eeb2205d3595b07c41f81cc4c04f83f02dd76421d34ee12550
GET /AdServer/SPug?o=1&p=162412&sc=1&pr=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID&umc=PM_UID&u=DA6DDF59-0112-4E1D-A28C-67D4AC9828CA&rs=3&gdpr=0&gdpr_consent=&us_privacy=1YN- HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:28 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash b8d97f753e14c9022c36e1d774a6835a
c155e767aecd98f93ce58ef12a6cfd60bfc963f3
c27aff00106a12833354c77c020da51c57886f6cabadd12ee0b0ebb6ce8a6c90
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 02 Feb 2023 16:15:30 GMT
Last-Modified: Thu, 02 Feb 2023 14:59:19 GMT
Server: ECS (nyb/1D2D)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: IF88WPffKeRh11Zx9SqkA6u8doUsue6Vsjs9QRjmZcgzLEhsz7Cm1A==
Age: 4571
aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
52.95.126.160200 OK 43 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
IP 52.95.126.160:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: N28HVQAJ0A9T4S853M9N
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
18.195.73.173200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
IP 18.195.73.173:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:30 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
usersync.gumgum.com/usersync?b=obn&i=ENC%28IMk5E9jH2c964xFV2F7gIS-j-cPNmxFkidqqiahuHxleXCwCfPr5779EljT9kErW%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28IMk5E9jH2c964xFV2F7gIS-j-cPNmxFkidqqiahuHxleXCwCfPr5779EljT9kErW%29
34.247.205.196200 35 B URL HTTP/1.1 usersync.gumgum.com/usersync?b=obn&i=ENC%28IMk5E9jH2c964xFV2F7gIS-j-cPNmxFkidqqiahuHxleXCwCfPr5779EljT9kErW%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28IMk5E9jH2c964xFV2F7gIS-j-cPNmxFkidqqiahuHxleXCwCfPr5779EljT9kErW%29
IP 34.247.205.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /usersync?b=obn&i=ENC%28IMk5E9jH2c964xFV2F7gIS-j-cPNmxFkidqqiahuHxleXCwCfPr5779EljT9kErW%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28IMk5E9jH2c964xFV2F7gIS-j-cPNmxFkidqqiahuHxleXCwCfPr5779EljT9kErW%29 HTTP/1.1
Host: usersync.gumgum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
20.127.253.7302 Found 332 B URL HTTP/2 sync.inmobi.com/oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
IP 20.127.253.7:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document, ASCII text, with very long lines (332), with no line terminators
Hash 9b0879cc5d9cfcc64039207d554789f1
e8b69271be0206e9f7d6fdd438d3e2cb13fc6684
272e9cc0135ac34b40fc5db87e52026ff9ae90f611108490268cc1c9ab6fb4fd
GET /oRTB?gdpr_consent=&gdpr=0&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP/1.1
Host: sync.inmobi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:15:30 GMT
content-type: text/html; charset=utf-8
content-length: 332
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
location: https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
vary: Accept
X-Firefox-Spdy: h2
usersync.gumgum.com/usersync?b=iex&i=0
34.247.205.196200 35 B URL HTTP/1.1 usersync.gumgum.com/usersync?b=iex&i=0
IP 34.247.205.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /usersync?b=iex&i=0 HTTP/1.1
Host: usersync.gumgum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
54.171.54.65303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
IP 54.171.54.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/rp?bee_sync_partners=rp HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Thu, 02 Feb 2023 16:15:30 GMT
location: https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Thu, 02 Feb 2023 16:25:30 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
usersync.gumgum.com/usersync?b=sta&i=0-c10fbe29-d4f7-45a4-4db9-126aa2306fde$ip$91.90.42.154
34.247.205.196200 35 B URL HTTP/1.1 usersync.gumgum.com/usersync?b=sta&i=0-c10fbe29-d4f7-45a4-4db9-126aa2306fde$ip$91.90.42.154
IP 34.247.205.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /usersync?b=sta&i=0-c10fbe29-d4f7-45a4-4db9-126aa2306fde$ip$91.90.42.154 HTTP/1.1
Host: usersync.gumgum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
150.136.26.45204 No Content 0 B URL HTTP/2 sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
IP 150.136.26.45:0
ASN #31898 ORACLE-BMC-31898
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP/1.1
Host: sync.technoratimedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 16:15:30 GMT
set-cookie: tads_uid=GDPR; Max-Age=157680000; Expires=Tue, 01 Feb 2028 16:15:30 GMT; Path=/; Domain=.technoratimedia.com; Secure; SameSite=None
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 601561207
age: 0
via: 1.1 varnish
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c82cba3066dfd5140095331fb953eff
5d7e89f215ed8c3b456bc35175919665ae87dedf
f6ba0d0485ca343f4b24684ea9df6de4e63da70dd5a7bb48c5dc7981377445bc
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5417
Cache-Control: max-age=86972
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:30 GMT
Etag: "63da7d35-1d7"
Expires: Fri, 03 Feb 2023 16:25:02 GMT
Last-Modified: Wed, 01 Feb 2023 14:54:45 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1675354529861
213.19.147.44302 Found 35 B URL HTTP/2 sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1675354529861
IP 213.19.147.44:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1675354529861 HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:15:29 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
location: https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
etag: OPTOUT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b4c7f61557aabbbc5a9905ee5ef984f2
eb474300858289d87afc27ee73e9de6e2f4ec13d
a329312a49a60656374192aafea83e8cf7849883af61e50a2dc3f0fe9718ac34
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 02:15:48 GMT
Expires: Wed, 08 Feb 2023 02:15:47 GMT
Etag: "eb474300858289d87afc27ee73e9de6e2f4ec13d"
Cache-Control: max-age=467416,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793439d8ad6fb50c-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3e4ef294e427dbd856853cbc0d4c663
062b9217afb6a661a4e71598d919d0baadc41143
ba5e7d77b810caf885ae1ebdc1d464e397e08445e1cbac0a8b6665d5624e291b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5104
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:30 GMT
Last-Modified: Thu, 02 Feb 2023 14:50:26 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
34.200.120.154302 Found 108 B URL HTTP/1.1 sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
IP 34.200.120.154:0
File type HTML document, ASCII text
Hash 112edfd3819b1b4b4a147234ae015f57
d000ff477053a307ca82694f91ac1f9220d8ce1c
d2a875c683732f526a4c742d17c3a71227fd86c61d53a596397cc6241386bc1c
GET /d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP/1.1
Host: sync.ipredictive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Feb 2023 16:15:30 GMT
Location: https://usersync.gumgum.com/usersync?b=vnt&i=105818eb-24d6-45f9-b026-a520c92d9d73
Set-Cookie: cu=105818eb-24d6-45f9-b026-a520c92d9d73|1675354530668; Path=/; Domain=ipredictive.com; Expires=Fri, 02 Feb 2024 16:15:30 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: 17e13aef-cc84-4f0e-90dc-a2e918c72573
Content-Length: 108
Connection: keep-alive
match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
169.197.150.7200 OK 0 B URL HTTP/2 match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
IP 169.197.150.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP/1.1
Host: match.deepintent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Thu, 02 Feb 2023 16:15:30 GMT
server: a
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 6b522c2286d636187d95477dc9e136c8
79140d520db3eb4ec1ab6425466589d3a9ac190b
4c4fc39dcc072207355cf1b155fca27b6bd50f755e1d6a1a3d578d0e99b8c1f5
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 13:02:13 GMT
ETag: "79140d520db3eb4ec1ab6425466589d3a9ac190b"
Last-Modified: Thu, 02 Feb 2023 13:02:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3496
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793439d90c921c16-OSL
match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
54.171.54.65303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
IP 54.171.54.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Thu, 02 Feb 2023 16:15:30 GMT
location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=&expires=30
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1b9077cf2cc199a8a31b7cc507daa44f
fa4d10b21004e319466804624df75e2d7ea8d946
f0467aeba1f4d1acf04e4ebf1732ddb76e23349c19c6a72ac0f1850e4f1d5342
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3664
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:30 GMT
Last-Modified: Thu, 02 Feb 2023 15:14:26 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
216.52.2.48204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
IP 216.52.2.48:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Thu, 02 Feb 2023 16:15:30 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap5ams1
p.rfihub.com/cm?pub=44007&in=1
193.0.160.129302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=44007&in=1
IP 193.0.160.129:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=44007&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Thu, 02 Feb 2023 16:15:30 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAA_-MSNjU0MTCwMLE0Mja1tDC3tLQ0sRTiM9Q1Lq9yS0xxqygpCXMEAF3k_KolAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 27 Feb 2024 16:15:30 GMT; Secure; SameSite=None
eud=H4sIAAAAAAAA_zslzmtoZm5qbGpiamxgbmwAAPuQVJsQAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 27 Feb 2024 16:15:30 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0MTCwMLE0Mja1tDC3tLQ0sRTiM9Q1Lq9yS0xxqygpCXMEAF3k_KolAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://ads.servenobid.com/sync?pid=324&uid=5140084923598799949
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
91.228.74.200302 Found 0 B URL HTTP/2 cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
IP 91.228.74.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP/1.1
Host: cms.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssbsync.smartadserver.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:15:30 GMT
content-length: 0
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=WkY0WwlEMQtBF2MKVUF9AQhBYF9BR2EBCk0RKq9k
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: d=EF4BDQGZKIir0QA; expires=Wed, 03-May-2023 16:15:30 GMT; path=/; domain=.quantserve.com
mc=63dbe1a2-b3394-8d40f-218f8; expires=Mon, 04-Mar-2024 16:15:30 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1b9077cf2cc199a8a31b7cc507daa44f
fa4d10b21004e319466804624df75e2d7ea8d946
f0467aeba1f4d1acf04e4ebf1732ddb76e23349c19c6a72ac0f1850e4f1d5342
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4591
Cache-Control: max-age=111004
Content-Type: application/ocsp-response
Date: Thu, 02 Feb 2023 16:15:30 GMT
Etag: "63dade4f-1d7"
Expires: Fri, 03 Feb 2023 23:05:34 GMT
Last-Modified: Wed, 01 Feb 2023 21:49:03 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
185.29.134.244302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
IP 185.29.134.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 421 8749e8d master cdg-pixel-x28 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=afee63db-e1a2-4b00-9685-7ec6c6bfe10d; domain=.mathtag.com; path=/; expires=Fri, 01-Mar-2024 16:15:30 GMT; SameSite=None; Secure
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=afee63db-e1a2-4b00-9685-7ec6c6bfe10d
Expires: Thu, 02 Feb 2023 16:15:29 GMT
usersync.gumgum.com/usersync?b=opx&i=1ce3cbf3-8b20-49bc-8c37-47071fbebe40
34.247.205.196200 35 B URL HTTP/1.1 usersync.gumgum.com/usersync?b=opx&i=1ce3cbf3-8b20-49bc-8c37-47071fbebe40
IP 34.247.205.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /usersync?b=opx&i=1ce3cbf3-8b20-49bc-8c37-47071fbebe40 HTTP/1.1
Host: usersync.gumgum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
185.86.139.89302 Found 0 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
IP 185.86.139.89:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssbsync.smartadserver.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
content-length: 0
date: Thu, 02 Feb 2023 16:15:29 GMT
cache-control: no-cache,no-store
location: https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6011356134794645318&gdpr=0&gdpr_consent=
pragma: no-cache
set-cookie: pid=6011356134794645318; expires=Sat, 02 Mar 2024 16:15:30 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 02 Mar 2024 16:15:30 GMT; domain=smartadserver.com; path=/
csync=135:TAM_OK; expires=Fri, 02 Feb 2024 16:15:30 GMT; domain=smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ads.servenobid.com/sync?pid=324&uid=5140084923598799949
54.75.212.82200 OK 0 B URL HTTP/2 ads.servenobid.com/sync?pid=324&uid=5140084923598799949
IP 54.75.212.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?pid=324&uid=5140084923598799949 HTTP/1.1
Host: ads.servenobid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://public.servenobid.com/
Connection: keep-alive
Cookie: pid_327=2b5b0742-c1c1-4cd1-9f8c-1fa8228a9e4f; pid_333=0; pid_309=e_416dda38-6b48-4110-bcc7-b9c85eae6677; pid_321=OPTOUT; pid_317=2917089694200942384; pid_332=69a03b31-3b5a-4872-9c56-96011134f44e; pid_312=0; pid_316=DA6DDF59-0112-4E1D-A28C-67D4AC9828CA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:30 GMT
content-type: image/avif;charset=ISO-8859-1
content-length: 0
set-cookie: pid_324=5140084923598799949; domain=servenobid.com; SameSite=None; Expires=Thu, 09 Feb 2023 16:15:30 GMT; secure
access-control-allow-origin: *
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
X-Firefox-Spdy: h2
usersync.gumgum.com/usersync?b=vnt&i=105818eb-24d6-45f9-b026-a520c92d9d73
34.247.205.196200 35 B URL HTTP/1.1 usersync.gumgum.com/usersync?b=vnt&i=105818eb-24d6-45f9-b026-a520c92d9d73
IP 34.247.205.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /usersync?b=vnt&i=105818eb-24d6-45f9-b026-a520c92d9d73 HTTP/1.1
Host: usersync.gumgum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 37c26fb09f8a09fdc910d20b97d6f079
5d7848dc1152b81bf53c10fee9e26e20a01b0f02
740e3d2348357db713554ff75471d18ad9d2a2e810f71b3bab61984b026295fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "740E3D2348357DB713554FF75471D18AD9D2A2E810F71B3BAB61984B026295FD"
Last-Modified: Thu, 02 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5880
Expires: Thu, 02 Feb 2023 17:53:30 GMT
Date: Thu, 02 Feb 2023 16:15:30 GMT
Connection: keep-alive
pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=&expires=30
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=&expires=30
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=183462&nid=4114&put=&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 54ab5e55007c9747024b4f039df5ce6b
Content-Type: image/gif
sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
185.29.134.244302 Moved Temporarily 0 B URL HTTP/1.1 sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
IP 185.29.134.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP/1.1
Host: sync.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 421 8749e8d master cdg-pixel-x32 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: uuid=600263db-e1a2-4100-97d0-4dcfbaf1d2b4; domain=.mathtag.com; path=/; expires=Fri, 01-Mar-2024 16:15:30 GMT; SameSite=None; Secure
location: https://usersync.gumgum.com/usersync?b=mmh&i=600263db-e1a2-4100-97d0-4dcfbaf1d2b4&gdpr=0&gdpr_consent=
Expires: Thu, 02 Feb 2023 16:15:29 GMT
rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=0&gdpr=0&gdpr_consent=
185.86.139.89200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=0&gdpr=0&gdpr_consent=
IP 185.86.139.89:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?issi=1&partnerid=86&partneruserid=0&gdpr=0&gdpr_consent= HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ssbsync.smartadserver.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Thu, 02 Feb 2023 16:15:30 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=4489728408133881808; expires=Sat, 02 Mar 2024 16:15:30 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 02 Mar 2024 16:15:30 GMT; domain=smartadserver.com; path=/
csync=86:0; expires=Fri, 02 Feb 2024 16:15:30 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=WkY0WwlEMQtBF2MKVUF9AQhBYF9BR2EBCk0RKq9k
185.86.139.89200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=WkY0WwlEMQtBF2MKVUF9AQhBYF9BR2EBCk0RKq9k
IP 185.86.139.89:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=80&&partneruserid=WkY0WwlEMQtBF2MKVUF9AQhBYF9BR2EBCk0RKq9k HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ssbsync.smartadserver.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Thu, 02 Feb 2023 16:15:29 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=8347726233950015361; expires=Sat, 02 Mar 2024 16:15:30 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 02 Mar 2024 16:15:30 GMT; domain=smartadserver.com; path=/
csync=80:WkY0WwlEMQtBF2MKVUF9AQhBYF9BR2EBCk0RKq9k; expires=Fri, 02 Feb 2024 16:15:30 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
141.95.98.65200 43 B URL HTTP/1.1 id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D
IP 141.95.98.65:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dinm%26i%3D%7BID5UID%7D HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Thu, 02-Feb-2023 16:20:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Thu, 02-Feb-2023 16:20:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Thu, 02-Feb-2023 16:20:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Thu, 02-Feb-2023 16:20:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Thu, 02-Feb-2023 16:20:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Thu, 02-Feb-2023 16:20:30 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Thu, 02 Feb 2023 16:15:30 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 73b67c4e0cea2709e51d79c0b15c0df6
9d605e4e41b3cf31852e73f36a977d3549f966d9
cb94a3719e87a33e5d0ab7b873901d322ba1770fe08f50b89d6ba73c997c2d17
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 06 Feb 2023 15:11:05 GMT
ETag: "9d605e4e41b3cf31852e73f36a977d3549f966d9"
Last-Modified: Thu, 02 Feb 2023 15:11:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1988
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793439d9bd761c16-OSL
usersync.gumgum.com/usersync?b=mmh&i=600263db-e1a2-4100-97d0-4dcfbaf1d2b4&gdpr=0&gdpr_consent=
34.247.205.196200 35 B URL HTTP/1.1 usersync.gumgum.com/usersync?b=mmh&i=600263db-e1a2-4100-97d0-4dcfbaf1d2b4&gdpr=0&gdpr_consent=
IP 34.247.205.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /usersync?b=mmh&i=600263db-e1a2-4100-97d0-4dcfbaf1d2b4&gdpr=0&gdpr_consent= HTTP/1.1
Host: usersync.gumgum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=afee63db-e1a2-4b00-9685-7ec6c6bfe10d
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=afee63db-e1a2-4b00-9685-7ec6c6bfe10d
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=4222&nid=1512&put=afee63db-e1a2-4b00-9685-7ec6c6bfe10d HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 54ab5e55007c9747024b4f039df5ce6b
Content-Type: image/gif
stags.bluekai.com/site/23178?id=7ozTggsneVdahE1lIm7V&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N3PPJKGOZ3TNZSVMZDBNBCTC3CJNU3VMJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
184.24.45.23302 Found 0 B URL HTTP/2 stags.bluekai.com/site/23178?id=7ozTggsneVdahE1lIm7V&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N3PPJKGOZ3TNZSVMZDBNBCTC3CJNU3VMJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
IP 184.24.45.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /site/23178?id=7ozTggsneVdahE1lIm7V&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N3PPJKGOZ3TNZSVMZDBNBCTC3CJNU3VMJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP/1.1
Host: stags.bluekai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N3PPJKGOZ3TNZSVMZDBNBCTC3CJNU3VMJTVONPXA4TJOZQWG6J5GEWS2LI
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 02 Feb 2023 16:15:30 GMT
set-cookie: bku=ikG99vnCttwrkxWR; Path=/; Domain=.bluekai.com; Expires=Wed, 02 Aug 2023 16:15:30 GMT; Secure; SameSite=None
bkpa=KJhz06NFLM999mO4Dtd3u0FyULii4c5+yPaSfVVo6YQH6POzQg2ItVVc7jXXS2+BjQtHTd2db2g9FfdTIVyc/No2ij6IFdki1j3tsTwnBe6LxaL9WyYEAtw7GPZ2pW6wANTN2hr905mS6z8e9tO0bodZ3ML9A6qldDAlN8IcACSQimNQkZXi7rVc071Jo6Jk3DzvuQ2oTHJsUuQCTHap8HdljPyuu/VL3YJc0rG6He0M+u5dcIRjdECZzR7lLSG8jvQLXU+Sv1uj3QHP6Rf+xCbiWn1SYR38vaC8tsTTn+HKoC8t6NCVAmunzdLRQlInodNXMBtUqrq9VubUly19lgjKEy==; Path=/; Domain=.bluekai.com; Expires=Wed, 02 Aug 2023 16:15:30 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=_CYuZMX78BMBRZX-OYbKWoXsnMZhMiGdLdsvN9R-tmQ
63.215.202.140204 No Content 0 B URL HTTP/2 rubicon-match.dotomi.com/match/bounce/current?networkId=12783&version=1&nuid=_CYuZMX78BMBRZX-OYbKWoXsnMZhMiGdLdsvN9R-tmQ
IP 63.215.202.140:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match/bounce/current?networkId=12783&version=1&nuid=_CYuZMX78BMBRZX-OYbKWoXsnMZhMiGdLdsvN9R-tmQ HTTP/1.1
Host: rubicon-match.dotomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Thu, 02 Feb 2023 16:15:30 GMT
cache-control: no-cache, private, max-age=0, no-store
expires: 0
pragma: no-cache
X-Firefox-Spdy: h2
tg.socdm.com/aux/idsync?proto=gumgum
124.146.215.51302 Found 0 B URL HTTP/1.1 tg.socdm.com/aux/idsync?proto=gumgum
IP 124.146.215.51:0
ASN #2514 NTT PC Communications, Inc.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aux/idsync?proto=gumgum HTTP/1.1
Host: tg.socdm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 02 Feb 2023 16:15:30 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: private
Location: https://usersync.gumgum.com/usersync?b=sus&i=Y9vhosCo8YUAAFY1F4wAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time: 3
X-SO-HostName: m-ad298.dc4p.scaleout.jp
X-SO-LB-Hostname: m-tgng33.dc4p.scaleout.jp
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"Y9vhosCo8YUAAFY1F4wAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad298"}
X-SO-Key: Y9vhosCo8YUAAFY1F4wAAAAA
X-SO-IP: 91.90.42.154
X-SO-Cluster-ID: 0
X-SO-Upstream-ID: m-ad298
x.bidswitch.net/sync?ssp=gumgum2&user_id=e_416dda38-6b48-4110-bcc7-b9c85eae6677&gdpr=0&gdpr_consent=&us_privacy=1---
3.68.131.77302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=gumgum2&user_id=e_416dda38-6b48-4110-bcc7-b9c85eae6677&gdpr=0&gdpr_consent=&us_privacy=1---
IP 3.68.131.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=gumgum2&user_id=e_416dda38-6b48-4110-bcc7-b9c85eae6677&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:15:31 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_416dda38-6b48-4110-bcc7-b9c85eae6677&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=dca515d8-2126-48fc-8a9b-5c726b07df88; path=/; expires=Fri, 02-Feb-2024 16:15:31 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675354531; path=/; expires=Fri, 02-Feb-2024 16:15:31 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675354531; path=/; expires=Fri, 02-Feb-2024 16:15:31 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675354531; path=/; expires=Fri, 02-Feb-2024 16:15:31 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N3PPJKGOZ3TNZSVMZDBNBCTC3CJNU3VMJTVONPXA4TJOZQWG6J5GEWS2LI
70.42.32.31200 OK 26 B URL HTTP/1.1 b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N3PPJKGOZ3TNZSVMZDBNBCTC3CJNU3VMJTVONPXA4TJOZQWG6J5GEWS2LI
IP 70.42.32.31:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6a43099d5c8fe991a7aa7ebaca53069d
5bce2f0d57305c58c7b05bfce29ebb39a18f5570
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
GET /usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N3PPJKGOZ3TNZSVMZDBNBCTC3CJNU3VMJTVONPXA4TJOZQWG6J5GEWS2LI HTTP/1.1
Host: b1sync.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 26
Date: Thu, 02 Feb 2023 16:15:30 GMT
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 7a37d5f14346f4c2d32067a67ed9cbf2
9364052ccda00fe675fe8cc3f2f244161f2a2f69
c0f55cbfc7ce76856115b4557edefe0c45f2b2979ed89b39fd92d185fddb8682
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 31 Jan 2023 13:56:49 GMT
Expires: Tue, 07 Feb 2023 13:56:48 GMT
Etag: "9364052ccda00fe675fe8cc3f2f244161f2a2f69"
Cache-Control: max-age=423076,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793439d49eb6b4f9-OSL
x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_416dda38-6b48-4110-bcc7-b9c85eae6677&gdpr=0&gdpr_consent=&us_privacy=1---
3.68.131.77200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_416dda38-6b48-4110-bcc7-b9c85eae6677&gdpr=0&gdpr_consent=&us_privacy=1---
IP 3.68.131.77:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=gumgum2&user_id=e_416dda38-6b48-4110-bcc7-b9c85eae6677&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:31 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
usersync.gumgum.com/usersync?b=sus&i=Y9vhosCo8YUAAFY1F4wAAAAA
34.247.205.196200 35 B URL HTTP/1.1 usersync.gumgum.com/usersync?b=sus&i=Y9vhosCo8YUAAFY1F4wAAAAA
IP 34.247.205.196:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /usersync?b=sus&i=Y9vhosCo8YUAAFY1F4wAAAAA HTTP/1.1
Host: usersync.gumgum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://g2.gumgum.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Date: Thu, 02 Feb 2023 16:15:31 GMT
Content-Type: image/gif
Content-Length: 35
Connection: keep-alive
Cache-Control: private, no-store, must-revalidate, max-age=0
Expires: 0
Pragma: no-cache
s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6011356134794645318&gdpr=0&gdpr_consent=
52.46.128.147302 Found 0 B URL HTTP/1.1 s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6011356134794645318&gdpr=0&gdpr_consent=
IP 52.46.128.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6011356134794645318&gdpr=0&gdpr_consent= HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ssbsync.smartadserver.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Thu, 02 Feb 2023 16:15:31 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: 87M8BJ0D2AKBPK0CREY4
Set-Cookie: ad-id=A7P3_EWsYkBjjwx-4l_rrzo|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 16:15:31 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6011356134794645318&gdpr=0&gdpr_consent=&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8a41a6e5225635ecc02de9eabd9a472b
585d12a70f821899fdfad9c09cc87fc46cac9ea0
997fff4ada3bc79630777b4f847861230bb5ae6c58627220d8ef2c693bb92cbf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 13:42:56 GMT
Expires: Wed, 08 Feb 2023 13:42:55 GMT
Etag: "585d12a70f821899fdfad9c09cc87fc46cac9ea0"
Cache-Control: max-age=508643,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793439d88af4b4fd-OSL
s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6011356134794645318&gdpr=0&gdpr_consent=&dcc=t
52.46.128.147200 OK 43 B URL HTTP/1.1 s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6011356134794645318&gdpr=0&gdpr_consent=&dcc=t
IP 52.46.128.147:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=6011356134794645318&gdpr=0&gdpr_consent=&dcc=t HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ssbsync.smartadserver.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Thu, 02 Feb 2023 16:15:31 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: MJKEQX6QBYZZ7Y971TVF
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
35.244.174.68400 Bad Request 21 B URL HTTP/2 id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
IP 35.244.174.68:0
Hash b1e64b8d18e9efe2bd53b80009ab24b8
436c8b2a211e9ec7657dbba4b10627c2c2cf4d96
69b8d9afba79df6af482f598e69f8ba7edfdaf5a3091027d06ccc41eb99b3ac1
GET /711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent= HTTP/1.1
Host: id.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ssbsync.smartadserver.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Thu, 02 Feb 2023 16:15:31 GMT
content-length: 21
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8a41a6e5225635ecc02de9eabd9a472b
585d12a70f821899fdfad9c09cc87fc46cac9ea0
997fff4ada3bc79630777b4f847861230bb5ae6c58627220d8ef2c693bb92cbf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 16:15:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 13:42:56 GMT
Expires: Wed, 08 Feb 2023 13:42:55 GMT
Etag: "585d12a70f821899fdfad9c09cc87fc46cac9ea0"
Cache-Control: max-age=508643,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793439dd2b7eb4f9-OSL
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash f272271261bfe90f09569b812de6f253
ab40bca0c92c8a5884e2f6cd23df14d63229c0df
42f7dddb0c624fd74d51388bfafcca0c5a2b1ff330709b7a111703ec77b0d5a8
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Thu, 02 Feb 2023 16:15:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 15022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 01 Feb 2023 21:39:34 GMT
Expires: Thu, 02 Feb 2023 21:39:34 GMT
ETag: "ab40bca0c92c8a5884e2f6cd23df14d63229c0df"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
public.servenobid.com/sync.html
54.230.111.51200 OK 0 B URL HTTP/2 public.servenobid.com/sync.html
IP 54.230.111.51:0
GET /sync.html HTTP/1.1
Host: public.servenobid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 01 Dec 2022 19:37:41 GMT
x-amz-meta-codebuild-content-sha256: 7a0197b444a3c5a5c4f92ccd56438fcf44932f5518b7cae8f7a5ec6b1a094ad5
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5838c8c3-64c9-4519-918a-548b86a0fef3
x-amz-meta-codebuild-content-md5: 86c7b5baa8ca6b64006191aa90b9f19a
server: AmazonS3
content-encoding: br
date: Thu, 02 Feb 2023 12:59:51 GMT
cache-control: max-age=86400
etag: W/"500c31eb3dcfb8f2a7dc0893b86a487a"
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JMhZCCcOAJfFu2Es7JvQQw5vHGGWY6myYR3S_-mZ2Ax4C2vbLcnb0g==
age: 11739
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
cdn.iplogger.org/js/functions.js?1.6.3
148.251.234.83200 OK 0 B URL HTTP/2 cdn.iplogger.org/js/functions.js?1.6.3
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
GET /js/functions.js?1.6.3 HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: application/javascript
last-modified: Wed, 04 Jan 2023 15:49:32 GMT
etag: W/"63b5a00c-7dcf"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.iplogger.org/css/ui.css?1.6.3
148.251.234.83200 OK 0 B URL HTTP/2 cdn.iplogger.org/css/ui.css?1.6.3
IP 148.251.234.83:0
ASN #24940 Hetzner Online GmbH
GET /css/ui.css?1.6.3 HTTP/1.1
Host: cdn.iplogger.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://iplogger.org/
Cookie: cursor=QRXT74d2d5q4c5c3W5A7a6A1Kc9Mrst8; turnback=main%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:24 GMT
content-type: text/css
last-modified: Thu, 26 Jan 2023 12:35:29 GMT
etag: W/"63d27391-7185"
expires: Fri, 02 Feb 2024 16:15:24 GMT
pragma: public
cache-control: max-age=31536000, public
access-control-allow-origin: *
x-static: 1
content-encoding: gzip
X-Firefox-Spdy: h2
prebid.media.net/rtb/prebid?cid=8CU18831I
34.107.148.139200 OK 0 B URL HTTP/2 prebid.media.net/rtb/prebid?cid=8CU18831I
IP 34.107.148.139:0
POST /rtb/prebid?cid=8CU18831I HTTP/1.1
Host: prebid.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 7088
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
expires: Thu, 02 Feb 2023 16:15:26 GMT
access-control-allow-origin: https://iplogger.org
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.116200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.116:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:28 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 107295
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=161102&sc=1&u=DA6DDF59-0112-4E1D-A28C-67D4AC9828CA&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=161102&sc=1&u=DA6DDF59-0112-4E1D-A28C-67D4AC9828CA&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
GET /AdServer/SPug?o=1&p=161102&sc=1&u=DA6DDF59-0112-4E1D-A28C-67D4AC9828CA&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 16:15:28 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=P-Ij_V80M0RITmhlJTJCZkMwOUJGQlhaMUN2czQ0bVAlMkZ3OVBmaHJ4SW9Wa2xvdzB4Q1kyYU01SjMlMkY2VWYxUlNUT2dleW95
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:28 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=JSpfP180M0RITmhlJTJCZkMwOUJGQlhaMUN2czQ0bVAlMkZ3OVBmaHJ4SW9Wa2xvdzB4QnZ5UENFQ2Z2NGo0JTJGTXhxWGxabG9m; expires=Tue, 27 Feb 2024 16:15:28 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 436626
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
198.148.27.140302 Found 0 B URL HTTP/2 bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
IP 198.148.27.140:0
GET /bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-9l8jf
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: V=bDJwmsTH14ra;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sun, 28-Jan-2024 16:15:30 GMT;Max-Age=31104000;SameSite=None
pb_rtb_ev=3-1ipn|7bq.0.1;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Fri, 02-Feb-2024 16:15:30 GMT;Max-Age=31536000;SameSite=None
INGRESSCOOKIE=24bec9b86c92142e; path=/; HttpOnly; Secure; SameSite=None
location: https://usersync.gumgum.com/usersync?b=pln&i=bDJwmsTH14ra&ev=1&pid=558355
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
ads.servenobid.com/adreq?cb=463
54.75.212.82200 OK 0 B URL HTTP/2 ads.servenobid.com/adreq?cb=463
IP 54.75.212.82:0
POST /adreq?cb=463 HTTP/1.1
Host: ads.servenobid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 977
Origin: https://iplogger.org
Connection: keep-alive
Referer: https://iplogger.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 02 Feb 2023 16:15:26 GMT
content-type: application/json
access-control-allow-origin: https://iplogger.org
amp-access-control-allow-source-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
vary: accept-encoding
content-encoding: gzip
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
213.19.147.44302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
IP 213.19.147.44:0
GET /usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://public.servenobid.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:15:29 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-f3ca8295-bcf8-4b01-b40e-a6dff3c30b32-003%22%2C%22zdxidn%22%3A%222069.26%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D%22%7D; path=/; expires=Fri, 02 Feb 2024 16:15:29 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1675354529861
etag: RXf3ca8295bcf84b01b40ea6dff3c30b32003
X-Firefox-Spdy: h2
sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
213.19.147.44302 Found 0 B URL HTTP/2 sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
IP 213.19.147.44:0
GET /usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP/1.1
Host: sync.1rx.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://g2.gumgum.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Thu, 02 Feb 2023 16:15:29 GMT
content-type: text/html
cache-control: no-store, no-cache, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-a6b89ce5-4360-49bb-8f5b-0ab540de1749-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D; path=/; expires=Fri, 02 Feb 2024 16:15:29 GMT; domain=.1rx.io; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1675354529861
etag: RXa6b89ce5436049bb8f5b0ab540de1749003
X-Firefox-Spdy: h2