link1s.com/st?api=428dd42bc74fb77e710445aa38282c227eec8e1c&url=https://nilknarf.xyz/100/s00.php/Q2t7s9H9839247Jy9aShwPXVMqfZ1RV02a4KswfTT4PK83923S1n839236sW43FnTgNu5LnY3aLEoNB3rzXXid5r95CYsoMuaw==
151.139.128.10301 Moved Permanently 0 B URL HTTP/1.1 link1s.com/st?api=428dd42bc74fb77e710445aa38282c227eec8e1c&url=https://nilknarf.xyz/100/s00.php/Q2t7s9H9839247Jy9aShwPXVMqfZ1RV02a4KswfTT4PK83923S1n839236sW43FnTgNu5LnY3aLEoNB3rzXXid5r95CYsoMuaw==
IP 151.139.128.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?api=428dd42bc74fb77e710445aa38282c227eec8e1c&url=https://nilknarf.xyz/100/s00.php/Q2t7s9H9839247Jy9aShwPXVMqfZ1RV02a4KswfTT4PK83923S1n839236sW43FnTgNu5LnY3aLEoNB3rzXXid5r95CYsoMuaw== HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Dec 2022 14:58:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Location: https://link1s.com/st?api=428dd42bc74fb77e710445aa38282c227eec8e1c&url=https://nilknarf.xyz/100/s00.php/Q2t7s9H9839247Jy9aShwPXVMqfZ1RV02a4KswfTT4PK83923S1n839236sW43FnTgNu5LnY3aLEoNB3rzXXid5r95CYsoMuaw==
X-HW: 1670425132.cds012.sk1.h2,1670425132.cds239.sk1.c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5516
Expires: Wed, 07 Dec 2022 16:30:48 GMT
Date: Wed, 07 Dec 2022 14:58:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aaee4cb7873d6f1effbadf269482e100
bd55730ac8414fb6861b03c2a97319b4063e2cb9
d724fd9c5704fb8948d575357cad0032e89cf275d57ddb86f013fa97e033487c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2806
Cache-Control: max-age=159549
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:52 GMT
Etag: "63906b73-1d7"
Expires: Fri, 09 Dec 2022 11:18:01 GMT
Last-Modified: Wed, 07 Dec 2022 10:31:15 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6850
Expires: Wed, 07 Dec 2022 16:53:02 GMT
Date: Wed, 07 Dec 2022 14:58:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 14:08:04 GMT
content-type: application/json
age: 3048
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aVb1qfQZq1A2bfrtxAme4c59BpExH8fic6KJgc2J0jKY6y5OT4KKPeVNxZLPTizSyqJFBdGg2eKNUoNjkIyStg==
x-amz-request-id: JGFFXD3WQJJE47MC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 14:47:32 GMT
age: 680
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
link1s.com/favicon.ico
151.139.128.10200 OK 1.2 kB IP 151.139.128.10:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 03ab1dfddb257dcdfd97fec99d8a657b
52a797db29d8c765b51ed8aea361c4d52f80346e
f00b1e46b99dc5c05a6bdb89b442da969bf90c7dc59f43e798b2f8ebc2bdbfff
GET /favicon.ico HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: SPSI=2c2cd26b81a7fbb6daed01adf84f0f4a; SPSE=mUDZjFPMFd2YRAxoFhP/WEvnKsFyk32sDERsSJZVWNGwArbZJNOAdXCa4HRDRTb3UKGXQgUzXoddLT/1FOC+TA==; AppSession=mstqucgsnlcf6a24ii9bpgnf3s; csrfToken=2fa335a478dbb5058fd82c14a3f337fd0020bd63af5ca710deb7f3fe3909ed9e9a51aef6649db71e71746603b776b6859c65df3d429a2f30e8bc4736bce5b183
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:52 GMT
cache-control: max-age=3332
content-length: 1150
content-type: image/x-icon
last-modified: Mon, 15 Jun 2020 09:56:40 GMT
accept-ranges: bytes
etag: "5ee745d8-47e"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1670425132.cds257.sk1.hn,1670425132.cds018.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/YF3oII
151.139.128.10302 Found 7.0 kB IP 151.139.128.10:0
Hash 47e794d873f548a9b97fa067ad3be194
2e0da7719f0ba33d83d94a0a7fec0636a37eee69
ee3927ef571491b4974da520edaaa37dceda71f5dc155c642d131365dff33ff0
GET /YF3oII HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: SPSI=2c2cd26b81a7fbb6daed01adf84f0f4a; SPSE=mUDZjFPMFd2YRAxoFhP/WEvnKsFyk32sDERsSJZVWNGwArbZJNOAdXCa4HRDRTb3UKGXQgUzXoddLT/1FOC+TA==; AppSession=mstqucgsnlcf6a24ii9bpgnf3s; csrfToken=2fa335a478dbb5058fd82c14a3f337fd0020bd63af5ca710deb7f3fe3909ed9e9a51aef6649db71e71746603b776b6859c65df3d429a2f30e8bc4736bce5b183
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
date: Wed, 07 Dec 2022 14:58:53 GMT
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
set-cookie: spcsrf=a57aad61ed8abc27d84b245b0be205ea; path=/; SameSite=Strict; HttpOnly; expires=Wed, 07-Dec-22 16:58:52 GMT
adOtr=obsvl; path=/; SameSite=Lax; expires=Thu, 2 Aug 2001 20:47:11 UTC
UTGv2=D-h46b58ec728125d96fa1c3d946549933b969; path=/; SameSite=Lax; expires=Mon, 05-Jun-23 14:58:52 GMT
lang=en_US; expires=Sat, 02-Dec-2023 14:58:53 GMT; Max-Age=31104000; path=/
app_visitor=Q2FrZQ%3D%3D.ZTZhMTI5NDIyYmIyNWE0M2JkNDRlMjRhZGY4MDkzMmQyNmYzZWRiZTUxMGI4YWYwNTMzM2YwYzFiYjY2YTlkN1SkuIl6DQNHjFQhnMuZJ96xqNj5HYu6s4UdmF7QhC6I3617auy609JFObhfsyBHcu9oOhke38gB9YD45e5bCrWGZVqspL5mDvMfOlMe7H5F; expires=Thu, 08-Dec-2022 14:58:53 GMT; Max-Age=86400; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: no-referrer
location: https://rodjulian.com/verifylv3/?YF3oII
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1670425132.cds257.sk1.hn,1670425132.cds212.sk1.sc,1670425133.cdn2-wafbe03-arn1.stackpath.systems.-.wx,1670425133.cds212.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2795
Cache-Control: max-age=154472
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:53 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:53:25 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3025b4c51fa49b1cfb04323171de5be1
2e90e313500f8c8614913c7adb2451f11a2e097e
4bc8b08368c851da85093a4e4c054555aa6091ad97f042e971ab106f511f033e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2562
Cache-Control: max-age=146716
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:53 GMT
Etag: "63903a48-117"
Expires: Fri, 09 Dec 2022 07:44:09 GMT
Last-Modified: Wed, 07 Dec 2022 07:01:28 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
link1s.com/logo1s.png
151.139.128.10200 OK 30 kB IP 151.139.128.10:0
File type PNG image data, 247 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash aa55ddb783a9ed3a7530dd55d848ee64
e2437805b86dc3858bea3c80567447ece8b96ec4
a1e2b0dcdc48527c85aa69b5f00854c11cb4b4554544098f2473119428c38017
GET /logo1s.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:53 GMT
content-length: 30338
content-type: image/png
last-modified: Sun, 28 Feb 2021 03:13:41 GMT
accept-ranges: bytes
etag: "603b0a65-7682"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1670425133.cds201.sk1.hn,1670425133.cds069.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.160.51.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.51.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hhcpJGEvHTQ3oM2ACaqOCQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: usSJTLgowyb/kZdstrDNwV1uKNY=
rodjulian.com/
151.139.128.10200 OK 48 kB IP 151.139.128.10:0
Hash 0589823998df72e7f0284ca5f149cd2b
26806d3a42fd86ec6a933f6ebcbc878c6241fda6
9aaa0db56b6f0d0d3e73921ca7e8b4a89c0616924d99616427b2e729e0598e68
GET / HTTP/1.1
Host: rodjulian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: SPSI=f5ad1d6950cbeba39ae2de389cb4d5b1; SPSE=u5NIk5E9dl0thLGqcj515KkZD6YrzOG9CbR32jzqMAR0uXRJbmRDcEVpHbhEuiyRAmiGM02dGclLAEEhrXtiAg==; UTGv2=D-h4428c062a8ad16a72c027fad2e47b25ff87; JSON_fetchlv3=YF3oII
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:53 GMT
cache-control: private
content-encoding: gzip
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-ua-compatible: IE=edge
link: <https://rodjulian.com/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
set-cookie: spcsrf=4cb8e61f2e371f623227dc5cbb01a010; path=/; SameSite=Strict; HttpOnly; expires=Wed, 07-Dec-22 16:58:53 GMT
UTGv2=D-h406667b6e776aa92357b51f2cde06384368; path=/; SameSite=Lax; expires=Mon, 05-Jun-23 14:58:53 GMT
sp_lit=lDfndSXpPc8RwtbYHctAIg==; path=/; SameSite=Strict; HttpOnly; expires=Wed, 07-Dec-22 15:03:53 GMT
x-hw: 1670425133.cds206.sk1.hn,1670425133.cds263.sk1.sc,1670425133.cdn2-wafbe02-arn1.stackpath.systems.-.wx,1670425133.cds263.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3025b4c51fa49b1cfb04323171de5be1
2e90e313500f8c8614913c7adb2451f11a2e097e
4bc8b08368c851da85093a4e4c054555aa6091ad97f042e971ab106f511f033e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2562
Cache-Control: max-age=146716
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:53 GMT
Etag: "63903a48-117"
Expires: Fri, 09 Dec 2022 07:44:09 GMT
Last-Modified: Wed, 07 Dec 2022 07:01:28 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtag/js?id=UA-178293638-3
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-178293638-3
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 0e502339582e4136c27b5e87cded4be6
5e7d9019251b4e2caffdcd86232638e48eaf0e04
0eeeb9c169666dc92bdc60472c4e242da925d860021289585275fad6da691298
GET /gtag/js?id=UA-178293638-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 14:58:53 GMT
expires: Wed, 07 Dec 2022 14:58:53 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.35200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rodjulian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:55 GMT
expires: Tue, 05 Dec 2023 18:52:55 GMT
cache-control: public, max-age=31536000
age: 158758
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
142.250.74.35200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 12972, version 1.0\012- data
Hash f155ae6c5a655f05edb86445bd7e8d76
23115e9e59853e36044ae725d809759b7e8fa5f2
140ef34d138412106d0dc0bf060ba49acf6eaa6610c5bab642b182ddd0d68c8a
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4uaVIGxA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rodjulian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12972
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 19:22:59 GMT
expires: Tue, 05 Dec 2023 19:22:59 GMT
cache-control: public, max-age=31536000
age: 156954
last-modified: Mon, 15 Aug 2022 18:15:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
142.250.74.35200 OK 7.1 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7136, version 1.0\012- data
Hash c01023539039aee9c88104f9dafcc26c
2035b78a91b36409ce7ac5609bbf7e962127d307
628293787399254217cbac6ee79dee0b2be51b66354fd05a3b79846a28533b46
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4vaVIGxA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rodjulian.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7136
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 20:27:24 GMT
expires: Tue, 05 Dec 2023 20:27:24 GMT
cache-control: public, max-age=31536000
age: 153089
last-modified: Mon, 15 Aug 2022 18:26:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b3cf607e8160534b175db89717285294
9204cdf819a6a4a5577ee4a2b7313a6cf67e2f17
813f54e4acd9311a896b3ee37b0c83d50a91c761ed85b91ebe6c554dde019a27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "813F54E4ACD9311A896B3EE37B0C83D50A91C761ED85B91EBE6C554DDE019A27"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12198
Expires: Wed, 07 Dec 2022 18:22:12 GMT
Date: Wed, 07 Dec 2022 14:58:54 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9792971117783742
142.250.74.34200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9792971117783742
IP 142.250.74.34:0
File type ASCII text, with very long lines (4885)
Hash 3470ad608168707545588c1339593f29
400889aba40c8e49e874a4a639e05fd6495bd67f
50778ff5fc90267d6fef3f05950fb246859b951c4a6fb0d1d0cca341ccaa6ed0
GET /pagead/js/adsbygoogle.js?client=ca-pub-9792971117783742 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rodjulian.com
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 07 Dec 2022 14:58:54 GMT
expires: Wed, 07 Dec 2022 14:58:54 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 671233722365738
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
142.250.74.162200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221129/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Wed, 07 Dec 2022 05:05:36 GMT
expires: Wed, 21 Dec 2022 05:05:36 GMT
cache-control: public, max-age=1209600
age: 35598
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rodjulian.com/favicon.ico
151.139.128.10404 Not Found 610 B URL HTTP/2 rodjulian.com/favicon.ico
IP 151.139.128.10:0
Hash d015ea5697618a14382b1405a2c3f2f1
14cf3c4d20f98e3e2c3694982426f3f8a14e3084
352b1d0e514aadb1f3d8e3d8433dc8c41097e822c66e9ffb3bb2dbaabc332a39
GET /favicon.ico HTTP/1.1
Host: rodjulian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Cookie: SPSI=f5ad1d6950cbeba39ae2de389cb4d5b1; SPSE=u5NIk5E9dl0thLGqcj515KkZD6YrzOG9CbR32jzqMAR0uXRJbmRDcEVpHbhEuiyRAmiGM02dGclLAEEhrXtiAg==; spcsrf=4cb8e61f2e371f623227dc5cbb01a010; UTGv2=h406667b6e776aa92357b51f2cde06384368; JSON_fetchlv3=YF3oII; sp_lit=lDfndSXpPc8RwtbYHctAIg==; PRLST=kW; adOtr=1d5df9a56c0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Wed, 07 Dec 2022 14:58:54 GMT
cache-control: private
content-encoding: gzip
content-type: text/html; charset=utf-8
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1670425134.cds206.sk1.hn,1670425134.cds017.sk1.sc,1670425134.cdn2-wafbe04-arn1.stackpath.systems.-.wx,1670425134.cds017.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/st?api=428dd42bc74fb77e710445aa38282c227eec8e1c&url=https://nilknarf.xyz/100/s00.php/Q2t7s9H9839247Jy9aShwPXVMqfZ1RV02a4KswfTT4PK83923S1n839236sW43FnTgNu5LnY3aLEoNB3rzXXid5r95CYsoMuaw==
151.139.128.10200 OK 1.4 kB URL HTTP/2 link1s.com/st?api=428dd42bc74fb77e710445aa38282c227eec8e1c&url=https://nilknarf.xyz/100/s00.php/Q2t7s9H9839247Jy9aShwPXVMqfZ1RV02a4KswfTT4PK83923S1n839236sW43FnTgNu5LnY3aLEoNB3rzXXid5r95CYsoMuaw==
IP 151.139.128.10:0
Hash e90516ead796c669587fcf0d361dd153
aa05a5be9718e071129e0bcd76f046277b6e0557
ef88bc5d01fa1dc2047376305722fbd0d843ef7779a84599423f0455041a26da
GET /st?api=428dd42bc74fb77e710445aa38282c227eec8e1c&url=https://nilknarf.xyz/100/s00.php/Q2t7s9H9839247Jy9aShwPXVMqfZ1RV02a4KswfTT4PK83923S1n839236sW43FnTgNu5LnY3aLEoNB3rzXXid5r95CYsoMuaw== HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:52 GMT
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
set-cookie: SPSI=2c2cd26b81a7fbb6daed01adf84f0f4a; path=/; HttpOnly; SameSite=Lax;
SPSE=mUDZjFPMFd2YRAxoFhP/WEvnKsFyk32sDERsSJZVWNGwArbZJNOAdXCa4HRDRTb3UKGXQgUzXoddLT/1FOC+TA==; path=/; HttpOnly; SameSite=Lax;
AppSession=mstqucgsnlcf6a24ii9bpgnf3s; path=/; HttpOnly
csrfToken=2fa335a478dbb5058fd82c14a3f337fd0020bd63af5ca710deb7f3fe3909ed9e9a51aef6649db71e71746603b776b6859c65df3d429a2f30e8bc4736bce5b183; path=/; HttpOnly
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1670425132.cds257.sk1.hn,1670425132.cds239.sk1.sc,1670425132.cdn2-wafbe04-arn1.stackpath.systems.-.wx,1670425132.cds239.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 705bc4c39ab6710f732bce4da5b71ef0
a93d04b1ae2ace9ae527769d5571ba9fee2922b8
56d11fed60474bb8107d4e0257979d1080576bf32a739c2954e113190cb973f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56D11FED60474BB8107D4E0257979D1080576BF32A739C2954E113190CB973F5"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7917
Expires: Wed, 07 Dec 2022 17:10:51 GMT
Date: Wed, 07 Dec 2022 14:58:54 GMT
Connection: keep-alive
upskittyan.com/zone?pub=0&zone_id=5118379&is_mobile=false&domain=rodjulian.com&var=&ymid=&var_3=
139.45.197.251200 OK 687 B URL HTTP/2 upskittyan.com/zone?pub=0&zone_id=5118379&is_mobile=false&domain=rodjulian.com&var=&ymid=&var_3=
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (686)
Hash 9b70797dc8c27544b0740cd3def09fb8
27bd2701265e9fe91126ab3932f8dfbe19f27e69
de68d329a3882f88165b811f5a1b4ba40de1cc717262a6c85ad9ff8a0bb5d42f
Analyzer Verdict Alert quad9 Sinkholed
GET /zone?pub=0&zone_id=5118379&is_mobile=false&domain=rodjulian.com&var=&ymid=&var_3= HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rodjulian.com/
Origin: https://rodjulian.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:54 GMT
content-type: application/json; charset=utf-8
content-length: 687
x-trace-id: 021aab175b1e662fd5b74b904f0a52a3
access-control-allow-origin: https://rodjulian.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 14:46:55 GMT
expires: Wed, 07 Dec 2022 16:46:55 GMT
cache-control: public, max-age=7200
age: 719
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b22490b02628e79842aa551994331a2e
238870b8a3e6ef3b6a761154e3abee386643597c
ef2e0268a5ed0ca7d64dfc1baa3d56d55f4062e4d84972bc9423fe56df585673
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF2E0268A5ED0CA7D64DFC1BAA3D56D55F4062E4D84972BC9423FE56DF585673"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14573
Expires: Wed, 07 Dec 2022 19:01:47 GMT
Date: Wed, 07 Dec 2022 14:58:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4186
Expires: Wed, 07 Dec 2022 16:08:40 GMT
Date: Wed, 07 Dec 2022 14:58:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4186
Expires: Wed, 07 Dec 2022 16:08:40 GMT
Date: Wed, 07 Dec 2022 14:58:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4186
Expires: Wed, 07 Dec 2022 16:08:40 GMT
Date: Wed, 07 Dec 2022 14:58:54 GMT
Connection: keep-alive
ugroocuw.net/5/5112622
139.45.197.239200 OK 35 kB IP 139.45.197.239:0
Hash b12f099caeea07ef7bc6d51c780234dd
268f3afef83373df43adca76d5d7609b77aaf3d0
88db0b559d122c819fee366debfe0ed75e818b606fe9fd17303792f28d79b9fd
GET /5/5112622 HTTP/1.1
Host: ugroocuw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:54 GMT
content-type: application/javascript
x-trace-id: 894340c104e907bf16042e7c5b2cd272
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=99900ae1b9c140918e5b4853bfe9a53b; expires=Thu, 07 Dec 2023 14:58:54 GMT; path=/; secure; SameSite=None
oaidts=1670425134; expires=Thu, 07 Dec 2023 14:58:54 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 604a4132da78a0c013b5818644adb121
ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 61021
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 23163
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17c7b7e3a4e6f3ad9ccf7f42c400749c
76432db96e8280e24da56670fba8f8f80a95ab31
f67d401ebc225c2a9dac5b4f98dc969e22f927455c2537df353ac86f046cc4c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4905
x-amzn-requestid: 251c6fba-4018-4674-9ed2-1fe580ff63bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cuuFMHMjIAMFW1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638f5d54-5a4bb6a773286249356763a3;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 15:18:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HWrufMiBYEvPInofSrv3jAoTRazjXPKyoSNPuSq1gI09f_-7rAtpeg==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:29:48 GMT
age: 59346
etag: "76432db96e8280e24da56670fba8f8f80a95ab31"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:53:40 GMT
age: 61514
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=99900ae1b9c140918e5b4853bfe9a53b
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=99900ae1b9c140918e5b4853bfe9a53b
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash a25b575190263dbb9b2a29143ea32629
5e0e585e1f5c5bf622a4293aa67798bf097a49bd
f54be0927bff77b38c7783f8a04fafed4009848bb70ef700960ee3a81d7934cc
GET /gid.js?userId=99900ae1b9c140918e5b4853bfe9a53b HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rodjulian.com
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:54 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://rodjulian.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=99900ae1b9c140918e5b4853bfe9a53b; expires=Thu, 07 Dec 2023 14:58:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 65360
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a4b7e1ea94e67e9bd690341ab265c807
97e2effb1cbea518ed0998daf0ac6611b26ce89b
037d2883f7a25a1e84a8cc4775f50aa2e01aefd4bd4b0ac52bd3a50c57ecd8e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "037D2883F7A25A1E84A8CC4775F50AA2E01AEFD4BD4B0AC52BD3A50C57ECD8E4"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10938
Expires: Wed, 07 Dec 2022 18:01:12 GMT
Date: Wed, 07 Dec 2022 14:58:54 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
upskittyan.com/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://rodjulian.com/
Origin: https://rodjulian.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:55 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://rodjulian.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=rodjulian.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=rodjulian.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=rodjulian.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Dec 2022 14:58:55 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=rodjulian.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=rodjulian.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=rodjulian.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Dec 2022 14:58:55 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
upskittyan.com/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rodjulian.com/
Content-Type: application/json
Origin: https://rodjulian.com
Content-Length: 363
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:55 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 9c734c727b6e5d37510a59d130d117be
access-control-allow-origin: https://rodjulian.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f93fe0c44e63867b7f8553c1ca73460e
e664d98cd9803e5f179af596d8a2f50d79fc92b0
dbb9ed743e3bf5d61dd66e676c81d5e2a43c8287d61ef34d90b6c7790ca6106e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 14:58:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 01:33:16 GMT
Expires: Tue, 13 Dec 2022 01:33:15 GMT
Etag: "e664d98cd9803e5f179af596d8a2f50d79fc92b0"
Cache-Control: max-age=469459,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775e1f45b9f0b509-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 12 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 885
Origin: https://rodjulian.com
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 07 Dec 2022 14:58:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://rodjulian.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
offfurreton.com/500/5112623?excludes=&oaid=99900ae1b9c140918e5b4853bfe9a53b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Frodjulian.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 offfurreton.com/500/5112623?excludes=&oaid=99900ae1b9c140918e5b4853bfe9a53b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Frodjulian.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5112623?excludes=&oaid=99900ae1b9c140918e5b4853bfe9a53b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Frodjulian.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: offfurreton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://rodjulian.com/
Origin: https://rodjulian.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:55 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://rodjulian.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 01601c0febb2ea3914f0ef8f061e84c8
6b0cb08db146a067a7fcd3f615f534ac3f7eb037
7a0697cb0cff3c57ea85bfb3d5c53a5eacf08025069011942b138ed5a57c3485
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A0697CB0CFF3C57EA85BFB3D5C53A5EACF08025069011942B138ED5A57C3485"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14809
Expires: Wed, 07 Dec 2022 19:05:44 GMT
Date: Wed, 07 Dec 2022 14:58:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8bbd1cb72bc92d27ab1c3155ecfc7e3d
0aff60de45cd9932f6ae0fc5e57571b818bf637c
978523dc29efb75cf77086765ad56b8f4ba70d698f881624a7b764effb6525eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4083
Cache-Control: max-age=126965
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:55 GMT
Etag: "638fe731-116"
Expires: Fri, 09 Dec 2022 02:15:00 GMT
Last-Modified: Wed, 07 Dec 2022 01:06:57 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash aa0e64420f718aa4713e3f080b8d4099
927435ff8af66fa63c34aa0670ae80a997d59cd9
f8e0ab18de96e3d7aa4ed6a819740957b38c0c5d9571c8ccc23ba2dd4530fd42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
offerimage.com/www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg
172.67.22.216200 OK 12 kB URL HTTP/2 offerimage.com/www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg
IP 172.67.22.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 59d005e99dabed8d7a753617b9dfe4d6
5b4b05e20f8496be4f1f8d9e93adc1e1ccfbe383
d09719c31f8376e40f2a23e1e9833214527ec837e61e2e715752d58a1154bd31
GET /www/images/59d005e99dabed8d7a753617b9dfe4d6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:55 GMT
content-type: image/jpeg
content-length: 11455
cache-control: max-age=86400
cf-bgj: h2pri
etag: "631844d9-2cbf"
expires: Thu, 08 Dec 2022 10:52:53 GMT
last-modified: Wed, 07 Sep 2022 07:14:33 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 14762
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 775e1f496f9db515-OSL
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=rodjulian.com&callback=_gfp_s_&client=ca-pub-9792971117783742&gpid_exp=1
216.58.207.194200 OK 253 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=rodjulian.com&callback=_gfp_s_&client=ca-pub-9792971117783742&gpid_exp=1
IP 216.58.207.194:0
File type ASCII text, with very long lines (393), with no line terminators
Hash ae371a4428747930405d2b7c96381a01
13adf5b5d2f3b4ab65bdf55df67012f925fb613d
b217c3c607a1e02606127bf1a583b0428e0d25683384628b8d43714c191059e1
GET /gampad/cookie.js?domain=rodjulian.com&callback=_gfp_s_&client=ca-pub-9792971117783742&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Dec 2022 14:58:55 GMT
server: cafe
cache-control: private
content-length: 253
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.unibots.in/block?client=Rodjulian&page=rodjulian.com/
45.79.126.27200 OK 45 B URL HTTP/1.1 api.unibots.in/block?client=Rodjulian&page=rodjulian.com/
IP 45.79.126.27:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c9a2957230df4f72c2c5acb66f8f25d
bbb4390b019a6b539bb476889122bd023857ca15
7079c4a270a27cec5738869ff1c650bcb431e7427aa282e507005fbdd4102b4e
GET /block?client=Rodjulian&page=rodjulian.com/ HTTP/1.1
Host: api.unibots.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rodjulian.com/
Origin: https://rodjulian.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Content-Length: 45
ETag: W/"2d-u7Q5CwGaa1ObtHaIkSK9AjhXyhU"
Date: Wed, 07 Dec 2022 14:58:48 GMT
Keep-Alive: timeout=5
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash aa0e64420f718aa4713e3f080b8d4099
927435ff8af66fa63c34aa0670ae80a997d59cd9
f8e0ab18de96e3d7aa4ed6a819740957b38c0c5d9571c8ccc23ba2dd4530fd42
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/6548e2693f53f59daa3961d0dd1d6f1f.js?tag=client_fast_engine_2019
142.250.74.99200 OK 4.2 kB URL HTTP/2 www.gstatic.com/mysidia/6548e2693f53f59daa3961d0dd1d6f1f.js?tag=client_fast_engine_2019
IP 142.250.74.99:0
File type ASCII text, with very long lines (2317)
Hash 672af10ab698efba2355841bfd81329b
9645421a0c97b3ef7807935fc347d89f1787d28f
0e4e6eeffa4bd3b79591b67255e83d1c6952fb98f269d7024609ae491f26fc1b
GET /mysidia/6548e2693f53f59daa3961d0dd1d6f1f.js?tag=client_fast_engine_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4197
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 00:24:57 GMT
expires: Mon, 06 Mar 2023 00:24:57 GMT
cache-control: public, max-age=7776000
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
content-type: text/javascript
age: 138838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/f0156226f42e7531bee21bb5db76ddd9.js?tag=text/vanilla_highlight
142.250.74.99200 OK 4.4 kB URL HTTP/2 www.gstatic.com/mysidia/f0156226f42e7531bee21bb5db76ddd9.js?tag=text/vanilla_highlight
IP 142.250.74.99:0
File type C++ source, ASCII text, with very long lines (2142)
Hash e2402cb27eeff3eb94562b779be6981d
2a8026162704aec0acd172166289b26952c6414a
bea707375b29d82024229938d8b265adda92209da765f464de78b739cd330326
GET /mysidia/f0156226f42e7531bee21bb5db76ddd9.js?tag=text/vanilla_highlight HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 4446
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 01:51:03 GMT
expires: Mon, 06 Mar 2023 01:51:03 GMT
cache-control: public, max-age=7776000
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
content-type: text/javascript
age: 133672
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/7ec7d27b9d1669284d393fcb5523b2dd.js?tag=pingback
142.250.74.99200 OK 7.6 kB URL HTTP/2 www.gstatic.com/mysidia/7ec7d27b9d1669284d393fcb5523b2dd.js?tag=pingback
IP 142.250.74.99:0
File type ASCII text, with very long lines (1750)
Hash 78a911443a369b63cd4f6d75da6a6762
d85858ad04ba1ecab632095e15841fed47bf7190
e588d17bf1f5979677ae6e8099f2deac8d2875ed04bf38431f31676f3a1f969d
GET /mysidia/7ec7d27b9d1669284d393fcb5523b2dd.js?tag=pingback HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 7596
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 00:24:57 GMT
expires: Mon, 06 Mar 2023 00:24:57 GMT
cache-control: public, max-age=7776000
last-modified: Thu, 01 Dec 2022 21:52:49 GMT
content-type: text/javascript
age: 138838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019
142.250.74.99200 OK 2.0 kB URL HTTP/2 www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019
IP 142.250.74.99:0
File type ASCII text, with very long lines (979)
Hash a783464f74b8135ea9c9ca85f9a0a70b
c85558378c32e6980b374d5b9050f7f5b3e4d4d7
1d5bfdd6ae42d4d81efc8f6405de61502283510b53d7a43dfe24278adfc9be11
GET /mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 2003
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 12:32:48 GMT
expires: Mon, 06 Mar 2023 12:32:48 GMT
cache-control: public, max-age=7776000
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
content-type: text/javascript
age: 95167
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0264363384921479eaf9c1b2194f34b0
424816559e81431859ca5a26b5fec8bed54a1420
e49fdca9ba404b0a8467c2d26872c89a98b6d24f7710ad38f85c5752a4f4f181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0264363384921479eaf9c1b2194f34b0
424816559e81431859ca5a26b5fec8bed54a1420
e49fdca9ba404b0a8467c2d26872c89a98b6d24f7710ad38f85c5752a4f4f181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0264363384921479eaf9c1b2194f34b0
424816559e81431859ca5a26b5fec8bed54a1420
e49fdca9ba404b0a8467c2d26872c89a98b6d24f7710ad38f85c5752a4f4f181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
216.58.211.1200 OK 7.4 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1532)
Hash 8b96e824b8c6b3b385a1876ef7973762
0ff92f9095d3945911b72a8259512a97967783a7
e707746d4baf394759dc9adb8839a736ae7fb901a8e9198c84277b0436f4eb4b
GET /pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7443
x-xss-protection: 0
date: Wed, 07 Dec 2022 02:29:00 GMT
expires: Wed, 21 Dec 2022 02:29:00 GMT
cache-control: public, max-age=1209600
age: 44995
etag: 629801499763588852
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
216.58.211.1200 OK 9.4 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (1592)
Hash 90d8bfd67760db2362fc13acc1551b85
5f23e41f24df57be71f4098f3e1fd3b04ec9fd23
89adebda9c0596da8cf3f26318eec8631653047ad6f016554f4c047d10e52ecd
GET /pagead/js/r20221129/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9421
x-xss-protection: 0
date: Wed, 07 Dec 2022 03:08:21 GMT
expires: Wed, 21 Dec 2022 03:08:21 GMT
cache-control: public, max-age=1209600
age: 42634
etag: 8437175705735068947
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.130200 OK 48 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.130:0
File type ASCII text, with very long lines (3501)
Hash ef1c9435be063c9ab3d647cf9b724750
103489edc626e6284455cb8b90d2de205856e258
a9855ba62028cd8fad2000099280c6f494e443df6d4a728d4b9719437ffb32dd
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 47692
date: Wed, 07 Dec 2022 14:58:55 GMT
expires: Wed, 07 Dec 2022 14:58:55 GMT
cache-control: private, max-age=3000
etag: "1670243872199174"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/drt/ui
216.58.207.228302 Found 0 B URL HTTP/2 www.google.com/pagead/drt/ui
IP 216.58.207.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 14:58:56 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/drt/ui
216.58.207.228302 Found 0 B URL HTTP/2 www.google.com/pagead/drt/ui
IP 216.58.207.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 14:58:56 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
upskittyan.com/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rodjulian.com/
Content-Type: application/json
Origin: https://rodjulian.com
Content-Length: 727
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:56 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: a85faeeb336dd5b507387a4f59fa3143
access-control-allow-origin: https://rodjulian.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=rodjulian.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=rodjulian.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=rodjulian.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Dec 2022 14:58:56 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.unibotscdn.com/clientdata/css/rodjulian.css
185.59.220.199200 OK 4.7 kB URL HTTP/2 cdn.unibotscdn.com/clientdata/css/rodjulian.css
IP 185.59.220.199:0
ASN #60068 Datacamp Limited
File type ASCII text, with CRLF line terminators
Hash da22756bb3f9d6f2adec337907b353dd
bb87dc7c83c020a973221ee7df1aa7dbf18d9813
143f82956d97dc7966b901c92de48b233bec16584ffab0abca4344f1da496118
GET /clientdata/css/rodjulian.css HTTP/1.1
Host: cdn.unibotscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:56 GMT
content-type: text/css
server: BunnyCDN-DE1-722
cdn-pullzone: 873945
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
etag: W/"6374d6c8-565"
last-modified: Wed, 16 Nov 2022 12:25:44 GMT
cdn-storageserver: DE-198
cdn-fileserver: 498
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2022 21:08:11
cdn-edgestorageid: 1048
cdn-status: 200
cdn-requestid: ddb1a5fe4e0ef14fd95d47e12080f00d
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=rodjulian.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=rodjulian.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=rodjulian.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 07 Dec 2022 14:58:56 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.unibotscdn.com/ubplayer/css/ub-player.css
185.59.220.199200 OK 5.5 kB URL HTTP/2 cdn.unibotscdn.com/ubplayer/css/ub-player.css
IP 185.59.220.199:0
ASN #60068 Datacamp Limited
File type ASCII text, with CRLF line terminators
Hash 2f1522b4966c5008a0c952a4eac8f1eb
d7349a612d5cf3f657d9b0a38eeec8c349e68c49
2c782e36ef2208715b102ccb3dd569f9aaafda0e09ba30af03f4abf0613ad806
GET /ubplayer/css/ub-player.css HTTP/1.1
Host: cdn.unibotscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:56 GMT
content-type: text/css
server: BunnyCDN-DE1-722
cdn-pullzone: 873945
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
etag: W/"6385d52d-e05"
last-modified: Tue, 29 Nov 2022 09:47:25 GMT
cdn-storageserver: DE-199
cdn-fileserver: 305
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/29/2022 09:47:35
cdn-edgestorageid: 1054
cdn-status: 200
cdn-requestid: 7d4a16d0261da0961dd40d04beadf9fb
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/videojs-contrib-ads@6.8.0/dist/videojs.ads.css
151.101.193.229200 OK 321 B URL HTTP/2 cdn.jsdelivr.net/npm/videojs-contrib-ads@6.8.0/dist/videojs.ads.css
IP 151.101.193.229:0
File type ASCII text, with very long lines (974)
Hash 8c2034dcb7ab4465844e3bb7c53c60a2
f8347c4bb1728ebd5c39317c15ad3c68d934d556
d989e9f2023f7495f870d023fb788dbc6d43d5c9a03d77a77e319e0d7c6f482c
GET /npm/videojs-contrib-ads@6.8.0/dist/videojs.ads.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 6.8.0
x-jsd-version-type: version
etag: W/"3cf-QkYNpQ1t+HGGuQzDGS8mZdpVWDg"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 14:58:58 GMT
age: 3138758
x-served-by: cache-fra-eddf8230096-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 321
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/video.js@7.11.8/dist/video-js.min.css
151.101.193.229200 OK 10 kB URL HTTP/2 cdn.jsdelivr.net/npm/video.js@7.11.8/dist/video-js.min.css
IP 151.101.193.229:0
File type Unicode text, UTF-8 text, with very long lines (40155), with no line terminators
Hash 5ec4d4be4272d61996aff168e51c5f3a
1e7bca39e05a9d0aab393b727d7eca7e2bd4a9cd
95c29c52b8fae3f8d0a6d7398c30287c34999c500fcf1205dd250f8237310bfa
GET /npm/video.js@7.11.8/dist/video-js.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 7.11.8
x-jsd-version-type: version
etag: W/"9cdf-hOphjOeyfUewXdwzXYtoioxwLLQ"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 14:58:58 GMT
age: 2530490
x-served-by: cache-fra-eddf8230041-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 10312
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/videojs-ima@1.11.0/dist/videojs.ima.css
151.101.193.229200 OK 1.3 kB URL HTTP/2 cdn.jsdelivr.net/npm/videojs-ima@1.11.0/dist/videojs.ima.css
IP 151.101.193.229:0
Hash b08d8877b3920375e3e24a342b16c214
0f409cd56bfb7cd1c5d339ef1395113536620f28
91f8974cc4cd560443f7a42aea387b0703b6d6eca35a93bff8e1a42d8b6c263e
GET /npm/videojs-ima@1.11.0/dist/videojs.ima.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.11.0
x-jsd-version-type: version
etag: W/"eda-rFTc9uQpHYoG97d1hpF7y+maJdM"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 14:58:58 GMT
age: 4091615
x-served-by: cache-fra-eddf8230113-FRA, cache-bma1680-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1300
X-Firefox-Spdy: h2
cdn.unibotscdn.com/clientdata/rodjulian.json
185.59.220.199200 OK 3.1 kB URL HTTP/2 cdn.unibotscdn.com/clientdata/rodjulian.json
IP 185.59.220.199:0
ASN #60068 Datacamp Limited
Hash 53d40806f55bf7be364807fc9050d3eb
d5b8115b3dda000a91c40bef0c793a92860cdfc2
6623d9a502c70b5151ee4b0fdf943e2da0dc1e3b59d783c27468b61d6d7f7eca
GET /clientdata/rodjulian.json HTTP/1.1
Host: cdn.unibotscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rodjulian.com/
Origin: https://rodjulian.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:54 GMT
content-type: application/json
vary: Accept-Encoding
server: BunnyCDN-DE1-722
cdn-pullzone: 873945
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
last-modified: Wed, 16 Nov 2022 12:26:35 GMT
cdn-storageserver: DE-164
cdn-fileserver: 361
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 12/03/2022 21:08:00
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: 121ba59340e2bbc247809e2932df7f8f
cdn-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
216.58.211.10200 OK 127 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (2791)
Size 127 kB (126815 bytes)
Hash e6ce6730b0e7cfe4cc995926ca00e5b9
78a31d1c17bce48b0fc1ffe4580166fc9d21de25
263312f99ed53981d3f885c3af5e34d0b579f55718f8e8352f9431bc437fb225
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126815
date: Wed, 07 Dec 2022 14:58:58 GMT
expires: Wed, 07 Dec 2022 14:58:58 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vjs.zencdn.net/7.11.4/video.min.js
151.101.130.217200 OK 148 kB URL HTTP/2 vjs.zencdn.net/7.11.4/video.min.js
IP 151.101.130.217:0
File type Unicode text, UTF-8 text, with very long lines (47506)
Size 148 kB (148475 bytes)
Hash 4810056dd4ed387ae05ff7b1972c883a
05772a43df200f0bcdef48c8d5c667783183bfad
f9a492d34dee113da7844a64eaacf8a56723849666b5b5714921d156c5f71154
GET /7.11.4/video.min.js HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 16:37:54 GMT
etag: "dca7de69f28da40d65353c2e9323442b"
cache-control: public, max-age=31536000
content-type: application/javascript; charset=utf-8
content-encoding: gzip
date: Wed, 07 Dec 2022 14:58:58 GMT
x-served-by: cache-bma1640-BMA
x-cache: HIT
x-cache-hits: 2
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 148475
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2c775ceae5ed5d9f108a45e6882050e6
864d1fbe638284316f1c6525e9e9047f2434c6ab
e92b7a834888c577ccf70a2d8e1cc3a21053e4991d38cbaff5dbd789270f1e85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1784
Cache-Control: max-age=87947
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:58 GMT
Etag: "638f57c5-118"
Expires: Thu, 08 Dec 2022 15:24:45 GMT
Last-Modified: Tue, 06 Dec 2022 14:55:01 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
cdn.unibotscdn.com/ubplayer/logo/ub.svg
185.59.220.199200 OK 14 kB URL HTTP/2 cdn.unibotscdn.com/ubplayer/logo/ub.svg
IP 185.59.220.199:0
ASN #60068 Datacamp Limited
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1493)
Hash 0ef9293abc0aefc95c9a878b9389cc27
78a1524e79e43e5f3fcb8cd5fa742a99c9aa6483
40a87c3f0a5e2b65aacddc1acd1c7d6cf36aa694e9b4d1ab388160e4b521ddb2
GET /ubplayer/logo/ub.svg HTTP/1.1
Host: cdn.unibotscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:59 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: BunnyCDN-DE1-722
cdn-pullzone: 873945
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Thu, 30 Jun 2022 06:20:30 GMT
cdn-storageserver: DE-200
cdn-fileserver: 377
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 11/12/2022 05:25:03
cdn-edgestorageid: 1049
cdn-status: 200
cdn-requestid: 6425a113583a2c1323f15956cab193e1
cdn-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 90900818a0c29acbe7adb5f9e393de4e
53183b0266eb87b3a5ab212c95fcad4568e34429
e334a7fdf7a4947e6cabf06e2fae467a722dc26d97c5faa7cafd4a4f94db626a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E334A7FDF7A4947E6CABF06E2FAE467A722DC26D97C5FAA7CAFD4A4F94DB626A"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4124
Expires: Wed, 07 Dec 2022 16:07:43 GMT
Date: Wed, 07 Dec 2022 14:58:59 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 38d1c089860ce360f5266ae101ab05ca
31705702b50e1c818c052b6d2a23f22583aa07d1
097ac1bb8edd3ef2e02fa551d824a0104c6995e130f9cdc4bcfa65583a9785d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/instream/video/client.js
216.58.211.6200 OK 17 kB URL HTTP/2 s0.2mdn.net/instream/video/client.js
IP 216.58.211.6:0
File type ASCII text, with very long lines (2156)
Hash 49295de6ccd23cf80b6418a2d209868f
42a955b4560bb22cb9b5b39577f7a691ea345018
d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
GET /instream/video/client.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 16746
date: Wed, 07 Dec 2022 14:58:59 GMT
expires: Wed, 07 Dec 2022 14:58:59 GMT
cache-control: private, max-age=900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stream.unibotscdn.com/7965fb7f-7867-49d3-8ff9-4ce0340d38a8/640x360/video.m3u8
138.199.36.11200 OK 977 B URL HTTP/2 stream.unibotscdn.com/7965fb7f-7867-49d3-8ff9-4ce0340d38a8/640x360/video.m3u8
IP 138.199.36.11:0
ASN #60068 Datacamp Limited
Hash f2adf4797905bc8aed8fe1615d7be65e
a575e27439621c3d920fc6975fe79909a5a7a35c
50213335d7f7417e14875be18ed127a6458a099f716b14aa5870a18aa1f1380d
GET /7965fb7f-7867-49d3-8ff9-4ce0340d38a8/640x360/video.m3u8 HTTP/1.1
Host: stream.unibotscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rodjulian.com
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:59 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
server: BunnyCDN-DE1-1054
cdn-pullzone: 829957
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
last-modified: Mon, 10 Oct 2022 11:28:18 GMT
cdn-storageserver: DE-197
cdn-fileserver: 461
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 12/07/2022 07:37:01
cdn-edgestorageid: 1053
cdn-status: 200
cdn-requestid: d8106bb96ab5b542847134608082b787
cdn-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
stream.unibotscdn.com/7965fb7f-7867-49d3-8ff9-4ce0340d38a8/640x360/video0.ts
138.199.36.11200 OK 191 kB URL HTTP/2 stream.unibotscdn.com/7965fb7f-7867-49d3-8ff9-4ce0340d38a8/640x360/video0.ts
IP 138.199.36.11:0
ASN #60068 Datacamp Limited
Size 191 kB (191196 bytes)
Hash d46a69d0179e30461ba8f7a5c90cae07
0c54d91a5d247c9a62b03560e1ede2bc63f30bfe
388b099d8ba6c5745677da40e9b1db9449ddc2883e96894a625496ec3f0fef1e
GET /7965fb7f-7867-49d3-8ff9-4ce0340d38a8/640x360/video0.ts HTTP/1.1
Host: stream.unibotscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rodjulian.com
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:59 GMT
content-type: video/mp2t
content-length: 191196
server: BunnyCDN-DE1-1054
cdn-pullzone: 829957
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
last-modified: Mon, 10 Oct 2022 11:28:07 GMT
cdn-storageserver: DE-167
cdn-fileserver: 433
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 10/26/2022 05:34:03
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 8066ffbcbce4aafa2ce4c2cd09fe7548
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-S80N4S08PY>m=2oebu0&_p=1672221370&cid=1487715637.1670425134&ul=en-us&sr=1280x1024&_s=1&sid=1670425138&sct=1&seg=0&dl=https%3A%2F%2Frodjulian.com%2F&dt=Rodjulian.com%20-%20Travel%20and%20cuisine%20around%20the%20world&en=page_view&_fv=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-S80N4S08PY>m=2oebu0&_p=1672221370&cid=1487715637.1670425134&ul=en-us&sr=1280x1024&_s=1&sid=1670425138&sct=1&seg=0&dl=https%3A%2F%2Frodjulian.com%2F&dt=Rodjulian.com%20-%20Travel%20and%20cuisine%20around%20the%20world&en=page_view&_fv=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-S80N4S08PY>m=2oebu0&_p=1672221370&cid=1487715637.1670425134&ul=en-us&sr=1280x1024&_s=1&sid=1670425138&sct=1&seg=0&dl=https%3A%2F%2Frodjulian.com%2F&dt=Rodjulian.com%20-%20Travel%20and%20cuisine%20around%20the%20world&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rodjulian.com
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://rodjulian.com
date: Wed, 07 Dec 2022 14:58:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1e181f9ed09fb72bf80535f26ad7b91a
df966a15abb5b870e71527d73592f7d977011eb2
741e73d12b0fa5e76d9b4a78e8e70dbe307e059a0018aca245da0db44c5a5958
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:58:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-D4fUf9jHEDkXxL6A00FQYkkYYqBH1cnV13P2zrcfCwC8oZ4tIDPFWeDUS_Nzc0BszsRQ81Iv5gttJJKFa_IxMRIL-Mdg&dbm_d=AKAmf-BJz68LI04URmyayfsNaGoimx_VYlPotKIBzhVbHjC1mW4hWYbWVnxljdAAE6ZncSF6EwTkmiNZpNhCC9Gf_Z60Fk9epQEQeEyJmKLOChOf6bBFZnv3X3AcijlbXULDZlOCnpVbHgPRojwNMFAZPVLu44NGbb2fMkjAmjeefpImlI0DNcDJK2PkC80bEx10I5uc3DjqSC9_e70jmjA1vDCXELfrsrQZhQqHWcRta5qqodq79Y3OZnNkh_Jxcpryd6-KM_PkbEb5tiY0W8CQ2gSbYVVupU7ygJf0Ejg_HpJKeaPcarJZXBXgvGChAEE1CPWtaMTTimhwsEnQY8b7jhqzvvcXB8f5hFIQNHs7W5Drp5_8zp1xhcr9GiWTgCBcqTUumt_MxMiGSYxp2Xad9bdi_B3l2kE0OtefGn6LDGSPFDrRRwR_xPD5_PImIOlGP3jQmKVqdoYLiZw6Cf6CcyFow-duwsyboF--BIXNmAcEpBJ1L1SdXU13Toayj4hWzNnurZjb0L3HzKQVf8r3yqDRUd0LeTmlSSZkcjnCtOXp9r29WrpDi87eWB3Rmg0avCRcXC0b7UmDwMYNpjryLawXIqfilm6cduMpcjWZiTKgRajlGHps1DC16_Vwid5yZUkX9bpZcvpBCOgtVO1xcWziQ_gUcF7o5VR4lDMKLXNrh-DUFIoncPJVStvDY5NpzJNxM6L9KbsaNZHCEqpNJo21jkiqBhGGa9rIBGLqv9b1hlqvTz4ofpDVGf0PWBYN2foNUGY9YoewaegFH-tpnfZ-DpwFvss52EtzOCjGgtQ-4OL1D1MhW3xJjH2QxsEpAAvkxIjiOgJKmGz42Qv0xocDOKEc6_cSZKfSUcRovWVZII8z_NdF6TdjDNk9BbnlqSOcPte0xPU0WSyNWC5HJO-kTS21hNBHf_3DDPZnbAK5K9mEE_EDgZ5GJLuVD1zuHplC4FpJ5KUIc33qcQiVqnyWePRCa-x2ahFKBKBnRfTl1ilLojKSLyN3mnzxI2zn3X6ggDkMscTm3AY33xoBDJyVlcc7bc_M91OwGnaj4JL-V0odKHeQb0JajxZS5_gD5XS8vpM0IcITxP89cxb0xqt2fChc4UdVgmB4JJHvXMpXd4XlPVH87yND6ZDBpjiOEsW16dNwl4QjHiNrPiX5IG3wc_DYe_aP92-Ebyid01rZ3kH3FoJzfCOy4GZPvfD2IIBnGe0e2Iv9WCzCt_K1iHwl20pcGn-0uOjGH0a_J48m1YV7_qDXPAxRH1s1JRN-0meT_68V8YnepqZa-7uCB18FEZYef7AkHc84y78GwcJbrZYLC7bJbtPy-nPHc4e26qbZQyxK2Q9jEOul87bzO-ZYC4VPLOcvDp77ziSHkXiDq6frhXknfk-RmeY2QN5AFx3BSvboeVkD4NaRnk0QHUlracYNyJA_VULB_aAH38CclRGytaEjFUVEukDrbKNgYO1X6AjpFyStxhyemQUatqU6t7mhlMRvXDAVhw-epI9rf8Fmdj7-0QLdalFFBhClGvfwArD5yAiDPVj5ZYo4rnWXH2ARIo3yzlUzigVUnEj5A8WABkaWWbeSBWHS8lDCqGYUbG1wOvOecpO1sh_2yhIqkyPIgd79FBJF49f5hXz1eacy7o28j_Ug-0qlf_X6WQ20Ulaq_ziBDdNzV8oJ0FVYGf_85Ldt9jLBWCbZIdRh1Z0COPsoDHAlrCS4SMpWxDjqhtsHZwJZjm5uyOYeVijiuhL3MmBY4fQBx0Ba9k4hU6Liya5BJ_u0ImWfXNrrEzjuA9a1Tczh-kbNB3h5vX8zkcBAY7LW3992iVYQIvBDBPs_aW5I1Hu6sy-IJNQhoyajN51hdyGhvlKCLnQ8EDy_F6buDk93lgt_yRFJByEGVYLyIhm7DZ57H9uMOE9YN6Ay3WltvkaqXif_6x776U1mO1R5SyCTywKsybS8vikjLuNE0GP4NMXMOBWhRkRLCziIliCepHBRXX6rFdSe3llzkDPmBONya5kVjkivvNbprl3EqRpVlrIEzaT_b2ohYS408zjZKljM8ezDgY5PYp4lJdSN5vd8f2DWhn9bPxCTKRC8vTOQd3N3mbrckoHLOERICa0bMt39U8byMGx9j4n_Jj0iyVMSrCYgyJN_HQiCiupO_QKrDpAfCaqkwGc3nfbMScFzvQlxUtatQ4SFvLppvBlJxOgrRTXJAAJysS1PHeqDGvM7Sd_-Rd_Dh4D7cGnMD5ks_oP5IYFfnPhM7mGIVcoYmAYNywp3G-It86nc_MlTpKtzdp9tPqWT5ljSdpiJvjgR3qgSVrHtQsRWL9Hnoh8bXJZzRzhtwe72cKccdyDNlUodY27bFX7ENXDJcv-GgzGlBC-NPPhXrxsdaXhv7fwppPlJh4--b32mDr3H5hRX2TsA6QQf7xWPN2JCzUQkTyHWDbr1Kr-c_jt_7MlSSkCDEW4tqEuyb9pUDcBT2R5HrMag52jl0doGo55A9jto3wcC2j6Vcpj0AbcL7ughZ8Nwzf59YEI_WrKttVLM2gTkkCNKzwyAB3YDpJM6NrX06suxsInp2Ih6LCJa1nFksJ5wa5VBwshLY0LHBXCC71aj2pUdzcMEu_4n2c2SoRiQZ_WBX-ujaktPctanpTHLKZfp5ABJ5vsdeN0ftwn-0eRpsULJ21vlXlx2T6R7DlpoeNDq_ieWzK61XP5bkrL_O6IexV9a1vUxifyl_Ju-NCNkzJGCNd8Fn5CIrdkPHTzeaHqbDLrm96w7ljBtIqaIDQ4bsxlAI7nfuo4UqoktWqI14UgZZhF6LqV62diKIGF9_FWxhsA0H-dEDUcFS3sF6KGV1OWaUvbi7y3ApZs7A7XUZYhYQUf8EFz9GzDKRU7ZuP75WJlQq7Z7xXEPXrIn_zDpRJufmf47khBCbLBLcqDu4uZB3yptb4eE7z-WO2EYToqzC2NfBQ2UR0PlE3AG3FiHQhdfNz72dY0A9F_We6LHwZtWy-maysFpwewnQZSvCis5w1w5HNj93n0cyKbg69S9myE1IkTEHVAHi4BmqwyN5eoCSP-V9QvPNxNb2ie_Fc0afcZfIfjVmt2sNmQPTH27EDLy0m778JngOiYNTiXGfUuN7Vcm48pFBVScPaLLTEnfP-X5Q9IQxQrNr1erFAzwlghq_4Rn4PyoWIjMH0ZfcqsyVOzUR-m4Iy9PfcjbxBbrB8NALztNFvcHWSZCEO1WD1_9A0R3XppLNB7Fow5rPh1tv3f4dYzB_bPz1ODpw_x7Y8Ub9lKGHFdd8dukWB9E4A&cid=CAQSGwDq26N9sfF9W6nvg4MFVZ05VGxhv5SYwoiL3RgBIBM&vpa=click&vpmute=0&sdkv=h.3.548.0&osd=2&frm=1&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=4195960670&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.548.0&media_url=blob%3Ahttps%253a%2F%2Frodjulian.com%2Fb8b960e6-bc65-4596-b201-dd31a1eeca55&sid=635D1A59-F3B4-43F9-8CC1-1FF90E5D29C0&nel=0&eid=44748969%2C44750824%2C44752711%2C44765701%2C44777649&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&url=https%3A%2F%2Frodjulian.com%2F&dt=1670425139540&ged=ve4_td3_tt1_pd3_la3000_er78.314.78.314_vi0.0.14708.1268_vp0_ts1_eb16619
173.194.73.155200 OK 16 kB URL HTTP/2 bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-D4fUf9jHEDkXxL6A00FQYkkYYqBH1cnV13P2zrcfCwC8oZ4tIDPFWeDUS_Nzc0BszsRQ81Iv5gttJJKFa_IxMRIL-Mdg&dbm_d=AKAmf-BJz68LI04URmyayfsNaGoimx_VYlPotKIBzhVbHjC1mW4hWYbWVnxljdAAE6ZncSF6EwTkmiNZpNhCC9Gf_Z60Fk9epQEQeEyJmKLOChOf6bBFZnv3X3AcijlbXULDZlOCnpVbHgPRojwNMFAZPVLu44NGbb2fMkjAmjeefpImlI0DNcDJK2PkC80bEx10I5uc3DjqSC9_e70jmjA1vDCXELfrsrQZhQqHWcRta5qqodq79Y3OZnNkh_Jxcpryd6-KM_PkbEb5tiY0W8CQ2gSbYVVupU7ygJf0Ejg_HpJKeaPcarJZXBXgvGChAEE1CPWtaMTTimhwsEnQY8b7jhqzvvcXB8f5hFIQNHs7W5Drp5_8zp1xhcr9GiWTgCBcqTUumt_MxMiGSYxp2Xad9bdi_B3l2kE0OtefGn6LDGSPFDrRRwR_xPD5_PImIOlGP3jQmKVqdoYLiZw6Cf6CcyFow-duwsyboF--BIXNmAcEpBJ1L1SdXU13Toayj4hWzNnurZjb0L3HzKQVf8r3yqDRUd0LeTmlSSZkcjnCtOXp9r29WrpDi87eWB3Rmg0avCRcXC0b7UmDwMYNpjryLawXIqfilm6cduMpcjWZiTKgRajlGHps1DC16_Vwid5yZUkX9bpZcvpBCOgtVO1xcWziQ_gUcF7o5VR4lDMKLXNrh-DUFIoncPJVStvDY5NpzJNxM6L9KbsaNZHCEqpNJo21jkiqBhGGa9rIBGLqv9b1hlqvTz4ofpDVGf0PWBYN2foNUGY9YoewaegFH-tpnfZ-DpwFvss52EtzOCjGgtQ-4OL1D1MhW3xJjH2QxsEpAAvkxIjiOgJKmGz42Qv0xocDOKEc6_cSZKfSUcRovWVZII8z_NdF6TdjDNk9BbnlqSOcPte0xPU0WSyNWC5HJO-kTS21hNBHf_3DDPZnbAK5K9mEE_EDgZ5GJLuVD1zuHplC4FpJ5KUIc33qcQiVqnyWePRCa-x2ahFKBKBnRfTl1ilLojKSLyN3mnzxI2zn3X6ggDkMscTm3AY33xoBDJyVlcc7bc_M91OwGnaj4JL-V0odKHeQb0JajxZS5_gD5XS8vpM0IcITxP89cxb0xqt2fChc4UdVgmB4JJHvXMpXd4XlPVH87yND6ZDBpjiOEsW16dNwl4QjHiNrPiX5IG3wc_DYe_aP92-Ebyid01rZ3kH3FoJzfCOy4GZPvfD2IIBnGe0e2Iv9WCzCt_K1iHwl20pcGn-0uOjGH0a_J48m1YV7_qDXPAxRH1s1JRN-0meT_68V8YnepqZa-7uCB18FEZYef7AkHc84y78GwcJbrZYLC7bJbtPy-nPHc4e26qbZQyxK2Q9jEOul87bzO-ZYC4VPLOcvDp77ziSHkXiDq6frhXknfk-RmeY2QN5AFx3BSvboeVkD4NaRnk0QHUlracYNyJA_VULB_aAH38CclRGytaEjFUVEukDrbKNgYO1X6AjpFyStxhyemQUatqU6t7mhlMRvXDAVhw-epI9rf8Fmdj7-0QLdalFFBhClGvfwArD5yAiDPVj5ZYo4rnWXH2ARIo3yzlUzigVUnEj5A8WABkaWWbeSBWHS8lDCqGYUbG1wOvOecpO1sh_2yhIqkyPIgd79FBJF49f5hXz1eacy7o28j_Ug-0qlf_X6WQ20Ulaq_ziBDdNzV8oJ0FVYGf_85Ldt9jLBWCbZIdRh1Z0COPsoDHAlrCS4SMpWxDjqhtsHZwJZjm5uyOYeVijiuhL3MmBY4fQBx0Ba9k4hU6Liya5BJ_u0ImWfXNrrEzjuA9a1Tczh-kbNB3h5vX8zkcBAY7LW3992iVYQIvBDBPs_aW5I1Hu6sy-IJNQhoyajN51hdyGhvlKCLnQ8EDy_F6buDk93lgt_yRFJByEGVYLyIhm7DZ57H9uMOE9YN6Ay3WltvkaqXif_6x776U1mO1R5SyCTywKsybS8vikjLuNE0GP4NMXMOBWhRkRLCziIliCepHBRXX6rFdSe3llzkDPmBONya5kVjkivvNbprl3EqRpVlrIEzaT_b2ohYS408zjZKljM8ezDgY5PYp4lJdSN5vd8f2DWhn9bPxCTKRC8vTOQd3N3mbrckoHLOERICa0bMt39U8byMGx9j4n_Jj0iyVMSrCYgyJN_HQiCiupO_QKrDpAfCaqkwGc3nfbMScFzvQlxUtatQ4SFvLppvBlJxOgrRTXJAAJysS1PHeqDGvM7Sd_-Rd_Dh4D7cGnMD5ks_oP5IYFfnPhM7mGIVcoYmAYNywp3G-It86nc_MlTpKtzdp9tPqWT5ljSdpiJvjgR3qgSVrHtQsRWL9Hnoh8bXJZzRzhtwe72cKccdyDNlUodY27bFX7ENXDJcv-GgzGlBC-NPPhXrxsdaXhv7fwppPlJh4--b32mDr3H5hRX2TsA6QQf7xWPN2JCzUQkTyHWDbr1Kr-c_jt_7MlSSkCDEW4tqEuyb9pUDcBT2R5HrMag52jl0doGo55A9jto3wcC2j6Vcpj0AbcL7ughZ8Nwzf59YEI_WrKttVLM2gTkkCNKzwyAB3YDpJM6NrX06suxsInp2Ih6LCJa1nFksJ5wa5VBwshLY0LHBXCC71aj2pUdzcMEu_4n2c2SoRiQZ_WBX-ujaktPctanpTHLKZfp5ABJ5vsdeN0ftwn-0eRpsULJ21vlXlx2T6R7DlpoeNDq_ieWzK61XP5bkrL_O6IexV9a1vUxifyl_Ju-NCNkzJGCNd8Fn5CIrdkPHTzeaHqbDLrm96w7ljBtIqaIDQ4bsxlAI7nfuo4UqoktWqI14UgZZhF6LqV62diKIGF9_FWxhsA0H-dEDUcFS3sF6KGV1OWaUvbi7y3ApZs7A7XUZYhYQUf8EFz9GzDKRU7ZuP75WJlQq7Z7xXEPXrIn_zDpRJufmf47khBCbLBLcqDu4uZB3yptb4eE7z-WO2EYToqzC2NfBQ2UR0PlE3AG3FiHQhdfNz72dY0A9F_We6LHwZtWy-maysFpwewnQZSvCis5w1w5HNj93n0cyKbg69S9myE1IkTEHVAHi4BmqwyN5eoCSP-V9QvPNxNb2ie_Fc0afcZfIfjVmt2sNmQPTH27EDLy0m778JngOiYNTiXGfUuN7Vcm48pFBVScPaLLTEnfP-X5Q9IQxQrNr1erFAzwlghq_4Rn4PyoWIjMH0ZfcqsyVOzUR-m4Iy9PfcjbxBbrB8NALztNFvcHWSZCEO1WD1_9A0R3XppLNB7Fow5rPh1tv3f4dYzB_bPz1ODpw_x7Y8Ub9lKGHFdd8dukWB9E4A&cid=CAQSGwDq26N9sfF9W6nvg4MFVZ05VGxhv5SYwoiL3RgBIBM&vpa=click&vpmute=0&sdkv=h.3.548.0&osd=2&frm=1&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=4195960670&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.548.0&media_url=blob%3Ahttps%253a%2F%2Frodjulian.com%2Fb8b960e6-bc65-4596-b201-dd31a1eeca55&sid=635D1A59-F3B4-43F9-8CC1-1FF90E5D29C0&nel=0&eid=44748969%2C44750824%2C44752711%2C44765701%2C44777649&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&url=https%3A%2F%2Frodjulian.com%2F&dt=1670425139540&ged=ve4_td3_tt1_pd3_la3000_er78.314.78.314_vi0.0.14708.1268_vp0_ts1_eb16619
IP 173.194.73.155:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (15846)
Hash 1b2615de0dbc553de0dae47438b9e196
d8bf8887e6eb82688e9d5d86231b52b1c32c0424
10d1144f643163b06047d8fed9813125170d613ae992fefcc4690fb0f24809ee
GET /dbm/vast?dbm_c=AKAmf-D4fUf9jHEDkXxL6A00FQYkkYYqBH1cnV13P2zrcfCwC8oZ4tIDPFWeDUS_Nzc0BszsRQ81Iv5gttJJKFa_IxMRIL-Mdg&dbm_d=AKAmf-BJz68LI04URmyayfsNaGoimx_VYlPotKIBzhVbHjC1mW4hWYbWVnxljdAAE6ZncSF6EwTkmiNZpNhCC9Gf_Z60Fk9epQEQeEyJmKLOChOf6bBFZnv3X3AcijlbXULDZlOCnpVbHgPRojwNMFAZPVLu44NGbb2fMkjAmjeefpImlI0DNcDJK2PkC80bEx10I5uc3DjqSC9_e70jmjA1vDCXELfrsrQZhQqHWcRta5qqodq79Y3OZnNkh_Jxcpryd6-KM_PkbEb5tiY0W8CQ2gSbYVVupU7ygJf0Ejg_HpJKeaPcarJZXBXgvGChAEE1CPWtaMTTimhwsEnQY8b7jhqzvvcXB8f5hFIQNHs7W5Drp5_8zp1xhcr9GiWTgCBcqTUumt_MxMiGSYxp2Xad9bdi_B3l2kE0OtefGn6LDGSPFDrRRwR_xPD5_PImIOlGP3jQmKVqdoYLiZw6Cf6CcyFow-duwsyboF--BIXNmAcEpBJ1L1SdXU13Toayj4hWzNnurZjb0L3HzKQVf8r3yqDRUd0LeTmlSSZkcjnCtOXp9r29WrpDi87eWB3Rmg0avCRcXC0b7UmDwMYNpjryLawXIqfilm6cduMpcjWZiTKgRajlGHps1DC16_Vwid5yZUkX9bpZcvpBCOgtVO1xcWziQ_gUcF7o5VR4lDMKLXNrh-DUFIoncPJVStvDY5NpzJNxM6L9KbsaNZHCEqpNJo21jkiqBhGGa9rIBGLqv9b1hlqvTz4ofpDVGf0PWBYN2foNUGY9YoewaegFH-tpnfZ-DpwFvss52EtzOCjGgtQ-4OL1D1MhW3xJjH2QxsEpAAvkxIjiOgJKmGz42Qv0xocDOKEc6_cSZKfSUcRovWVZII8z_NdF6TdjDNk9BbnlqSOcPte0xPU0WSyNWC5HJO-kTS21hNBHf_3DDPZnbAK5K9mEE_EDgZ5GJLuVD1zuHplC4FpJ5KUIc33qcQiVqnyWePRCa-x2ahFKBKBnRfTl1ilLojKSLyN3mnzxI2zn3X6ggDkMscTm3AY33xoBDJyVlcc7bc_M91OwGnaj4JL-V0odKHeQb0JajxZS5_gD5XS8vpM0IcITxP89cxb0xqt2fChc4UdVgmB4JJHvXMpXd4XlPVH87yND6ZDBpjiOEsW16dNwl4QjHiNrPiX5IG3wc_DYe_aP92-Ebyid01rZ3kH3FoJzfCOy4GZPvfD2IIBnGe0e2Iv9WCzCt_K1iHwl20pcGn-0uOjGH0a_J48m1YV7_qDXPAxRH1s1JRN-0meT_68V8YnepqZa-7uCB18FEZYef7AkHc84y78GwcJbrZYLC7bJbtPy-nPHc4e26qbZQyxK2Q9jEOul87bzO-ZYC4VPLOcvDp77ziSHkXiDq6frhXknfk-RmeY2QN5AFx3BSvboeVkD4NaRnk0QHUlracYNyJA_VULB_aAH38CclRGytaEjFUVEukDrbKNgYO1X6AjpFyStxhyemQUatqU6t7mhlMRvXDAVhw-epI9rf8Fmdj7-0QLdalFFBhClGvfwArD5yAiDPVj5ZYo4rnWXH2ARIo3yzlUzigVUnEj5A8WABkaWWbeSBWHS8lDCqGYUbG1wOvOecpO1sh_2yhIqkyPIgd79FBJF49f5hXz1eacy7o28j_Ug-0qlf_X6WQ20Ulaq_ziBDdNzV8oJ0FVYGf_85Ldt9jLBWCbZIdRh1Z0COPsoDHAlrCS4SMpWxDjqhtsHZwJZjm5uyOYeVijiuhL3MmBY4fQBx0Ba9k4hU6Liya5BJ_u0ImWfXNrrEzjuA9a1Tczh-kbNB3h5vX8zkcBAY7LW3992iVYQIvBDBPs_aW5I1Hu6sy-IJNQhoyajN51hdyGhvlKCLnQ8EDy_F6buDk93lgt_yRFJByEGVYLyIhm7DZ57H9uMOE9YN6Ay3WltvkaqXif_6x776U1mO1R5SyCTywKsybS8vikjLuNE0GP4NMXMOBWhRkRLCziIliCepHBRXX6rFdSe3llzkDPmBONya5kVjkivvNbprl3EqRpVlrIEzaT_b2ohYS408zjZKljM8ezDgY5PYp4lJdSN5vd8f2DWhn9bPxCTKRC8vTOQd3N3mbrckoHLOERICa0bMt39U8byMGx9j4n_Jj0iyVMSrCYgyJN_HQiCiupO_QKrDpAfCaqkwGc3nfbMScFzvQlxUtatQ4SFvLppvBlJxOgrRTXJAAJysS1PHeqDGvM7Sd_-Rd_Dh4D7cGnMD5ks_oP5IYFfnPhM7mGIVcoYmAYNywp3G-It86nc_MlTpKtzdp9tPqWT5ljSdpiJvjgR3qgSVrHtQsRWL9Hnoh8bXJZzRzhtwe72cKccdyDNlUodY27bFX7ENXDJcv-GgzGlBC-NPPhXrxsdaXhv7fwppPlJh4--b32mDr3H5hRX2TsA6QQf7xWPN2JCzUQkTyHWDbr1Kr-c_jt_7MlSSkCDEW4tqEuyb9pUDcBT2R5HrMag52jl0doGo55A9jto3wcC2j6Vcpj0AbcL7ughZ8Nwzf59YEI_WrKttVLM2gTkkCNKzwyAB3YDpJM6NrX06suxsInp2Ih6LCJa1nFksJ5wa5VBwshLY0LHBXCC71aj2pUdzcMEu_4n2c2SoRiQZ_WBX-ujaktPctanpTHLKZfp5ABJ5vsdeN0ftwn-0eRpsULJ21vlXlx2T6R7DlpoeNDq_ieWzK61XP5bkrL_O6IexV9a1vUxifyl_Ju-NCNkzJGCNd8Fn5CIrdkPHTzeaHqbDLrm96w7ljBtIqaIDQ4bsxlAI7nfuo4UqoktWqI14UgZZhF6LqV62diKIGF9_FWxhsA0H-dEDUcFS3sF6KGV1OWaUvbi7y3ApZs7A7XUZYhYQUf8EFz9GzDKRU7ZuP75WJlQq7Z7xXEPXrIn_zDpRJufmf47khBCbLBLcqDu4uZB3yptb4eE7z-WO2EYToqzC2NfBQ2UR0PlE3AG3FiHQhdfNz72dY0A9F_We6LHwZtWy-maysFpwewnQZSvCis5w1w5HNj93n0cyKbg69S9myE1IkTEHVAHi4BmqwyN5eoCSP-V9QvPNxNb2ie_Fc0afcZfIfjVmt2sNmQPTH27EDLy0m778JngOiYNTiXGfUuN7Vcm48pFBVScPaLLTEnfP-X5Q9IQxQrNr1erFAzwlghq_4Rn4PyoWIjMH0ZfcqsyVOzUR-m4Iy9PfcjbxBbrB8NALztNFvcHWSZCEO1WD1_9A0R3XppLNB7Fow5rPh1tv3f4dYzB_bPz1ODpw_x7Y8Ub9lKGHFdd8dukWB9E4A&cid=CAQSGwDq26N9sfF9W6nvg4MFVZ05VGxhv5SYwoiL3RgBIBM&vpa=click&vpmute=0&sdkv=h.3.548.0&osd=2&frm=1&vis=1&sdr=1&unviewed_position_start=1&is_amp=0&hl=en&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=4195960670&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.548.0&media_url=blob%3Ahttps%253a%2F%2Frodjulian.com%2Fb8b960e6-bc65-4596-b201-dd31a1eeca55&sid=635D1A59-F3B4-43F9-8CC1-1FF90E5D29C0&nel=0&eid=44748969%2C44750824%2C44752711%2C44765701%2C44777649&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&url=https%3A%2F%2Frodjulian.com%2F&dt=1670425139540&ged=ve4_td3_tt1_pd3_la3000_er78.314.78.314_vi0.0.14708.1268_vp0_ts1_eb16619 HTTP/1.1
Host: bid.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 14:59:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
content-type: text/xml; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 15774
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 15:14:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 1e181f9ed09fb72bf80535f26ad7b91a
df966a15abb5b870e71527d73592f7d977011eb2
741e73d12b0fa5e76d9b4a78e8e70dbe307e059a0018aca245da0db44c5a5958
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 14:59:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 6cc530a8177cbff6e62fd4878716f092
0ed510c8d8a184e75e66f19385a18f42da13cbd3
0bccc9fdfe01ed388ac24ae57757782af4a2f633041f2141a37f9a4c48795bc4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161787
Date: Wed, 07 Dec 2022 14:59:00 GMT
Etag: "639065c9-1d7"
Expires: Fri, 09 Dec 2022 11:55:27 GMT
Last-Modified: Wed, 07 Dec 2022 10:07:05 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dvVeaYIh8J9SzbDy__3QfkwfiLSehr2nDlH9NkzZ2SP2MrDTWUuxQg==
Age: 6502
vast.adsafeprotected.com/vast/fwjsvid/st/1237149/66766199/skeleton.js?includeFlash=false&bundleId=&ias_dspId=3&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~&originalVast=https://ad.doubleclick.net/ddm/pfadx/N926626.3342798GSKDBMSENSODYNENO/B28786258.350686279%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.548.0%3Bdc_osd%3D2%3Bdc_frm%3D1%3Bdc_adk%3D4195960670%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://rodjulian.com/%3Bdc_vast%3D4%3Bmpt%3Dvideojs-ima%3Bmpv%3D1.11.0%3Bnel%3D0%3Fves%3DdGltZXN0YW1wOiAxNjcwNDI1MTQwMDQzCmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdmZWQzRoNG9OeTVkdDhzanNnWWZob0JaVWI5NGZ3ZHVaY0pkOWNjVFI3YmVxTy14TmRhZWhfVDBESVY0SGRWVlVhTmtLWmFhSlJ2YzJ0dzhYaVA2Zl9IbTdKbXpvOEI5OHZidVhkdXVrZHlxbTBPMV9hbUp3Ylc5VTFyV3JCaks0Q28tNnpBUmVwOUVvaHNKNjFaUmh3V1pPMGQwcE1VMXF5SE4xQzJiczl6RW1EUllPTnQzY1ZaTlF3b0FXZ3o3MXdxWVE0eG44bWFTNGJlLXlwbWgyczAxeEdSLVZyT2NTRFU0d1NURVY1NGFCVzFnaGl6YVZYSEI4MW9CLTRad2dIU3ZYSGdGWi1rLW4xeDE1U05IZkFOTmNYcjdYY1ZGdEhaTmpZemRudFdlVWVwaUhBdzJ5RzB5My0xQjlJQ2RaQ0k3Rko2V0IwYzJaWlozMTFtVkJacXBQd0N1TXZyLTdTQ1lRXzhUTG9haTN3dV9xTFVrQ2NuNUJuVnRjYXBGRGE1dU9ZNDhiNGt2Rmg4NGNjeGtMc2FEVHhZZEk2UHh6SUZwTGN2MDdGc2F3a2NRbDFLeGhTLWJacTlibncyWXBLd3BCVXlKdS15UUZTX1ZUalF1M1BCcGJ5cEJ3MFQ2QWN6Vno2aThxd3FqOVc2WlBFWHhXdnFNX3J4bzdpcHgxMEN3VlZ0RW1BM1RxNjlWNlphYUdRRUlBaWsxQlZxRWJFLTFFdkI5SXJSZ2dfa1Fzajk3TU9OTHBpRk94dUVuNTJBTkkxTVRhU1U0ZHktdFctVWVQQXc5c1ZlcDZvR2JKbkU5cF80M2xJQTNqUUlKM1pOQ2FHNkNiY2RvOElZVzFnMHF5dlJpSXJWeTRnMHoyTngtWEQzRFpGLVlJaTVBNHJFYmM3M3BZdFNLOG1MSlF6V3RidmRBMzA3cFhERGtSZk5zYS0xTjNBWC1kZ3hya24xamxLTnNFZ2tBSzVkR1JxeDc2S2hzaEFCbTB3WF8teGNmeWhMRkREa3NJUU0wOFBuZUswZ2xuM0d0bDlkU3dQWUpuWXAtTmI4djU1bnVQbF9RUkdKWmJLWnBsanFTbjh5MWR1UkxhekZCUEstX2o4N2dxVFlQUlZLZmYxMDFwa1QxdHdjMU9pNW4zWno5V1Y2SXBBOGVRMVIxOHczZ2Jfd2lMU3dNM0ViaTJ6el9yTkJVS2xkb1A0MDRaazNaaHhncnRUWGRlbnQ4ampONk1BVWFwdmtveHB1dzRPLVJCd3JMc1I1ZnM1LVJyZzEwdmM0T2xUcnB4YTFUamFSMFljSllEbEo0aWpCN2hTSWs1TWJIVGViS2VEZ1ZnVy12Mm9Za3FiSmoxXzQzdFQ3VkdWcm9rT1o0a21zRTk2NUQ3c21GOUJlQmViUzE4YUR1TWVYYzZQMlRrR1dnbUhOc1prR3dEV0tPZXFjSGRNOWZqbjNlNmt5djM5NWIxUkd2MGJXOFNpSWxXazJNUWlGbmtTV000X2Jveko0MEhneWNOYnpJd2pzbnViaTQteEs3bmtrU2hGRkx4RUM4b3k5NzVaNmIxcXZ4ek1xQmZJQ255SVRQcW9IZU5KOXFJS2VZNUtrbjU1Sm1iT3Z2dDVXRUp6NGRWMDdoYVpJdWs3SU1fWHhiUzdGRnRaUW1WMTFkRWMtbUIwaGswVk1CMEJSZi1uR0RsUzQxbm0mc2FpPUFNZmwtWVRaTVYzZ3E3bmI0WHd3c05WUW50NU82RjloYUk0Z2wwV0dONTZvZFVEVzRCT1F3RVJLTktyNmdBZ1ZXYmRHNnlFRzlIelRlOVdyM09qMWdUU041T2FVUWNVUmVqUXV2UjNvS1ppdElNTW9MWVVHNFYwcmM3allXM0ltdE1ZdXBqVTlIOU85cGRXNlVLWFNwVkFCcTVucWpGUXoxeGRPYk44SWNWVDMxclYwRWtBRTlRJnNpZz1DZzBBcktKU3pIQllrTFU4TzB6RUVBRSZjcnk9MSZmYnNfYWVpZD1bZ3dfZmJzYWVpZF0mdXJsZml4PTEmYWR1cmw9aHR0cHM6Ly93d3cuc2Vuc29keW5lLm5vLyUzRmRjbGlkJTNEJTI1ZWRjbGlkISIK%26dc_cid%3D180980885%26dc_adid%3D541786290
34.255.148.223200 OK 4.3 kB URL HTTP/1.1 vast.adsafeprotected.com/vast/fwjsvid/st/1237149/66766199/skeleton.js?includeFlash=false&bundleId=&ias_dspId=3&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~&originalVast=https://ad.doubleclick.net/ddm/pfadx/N926626.3342798GSKDBMSENSODYNENO/B28786258.350686279%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.548.0%3Bdc_osd%3D2%3Bdc_frm%3D1%3Bdc_adk%3D4195960670%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://rodjulian.com/%3Bdc_vast%3D4%3Bmpt%3Dvideojs-ima%3Bmpv%3D1.11.0%3Bnel%3D0%3Fves%3DdGltZXN0YW1wOiAxNjcwNDI1MTQwMDQzCmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdmZWQzRoNG9OeTVkdDhzanNnWWZob0JaVWI5NGZ3ZHVaY0pkOWNjVFI3YmVxTy14TmRhZWhfVDBESVY0SGRWVlVhTmtLWmFhSlJ2YzJ0dzhYaVA2Zl9IbTdKbXpvOEI5OHZidVhkdXVrZHlxbTBPMV9hbUp3Ylc5VTFyV3JCaks0Q28tNnpBUmVwOUVvaHNKNjFaUmh3V1pPMGQwcE1VMXF5SE4xQzJiczl6RW1EUllPTnQzY1ZaTlF3b0FXZ3o3MXdxWVE0eG44bWFTNGJlLXlwbWgyczAxeEdSLVZyT2NTRFU0d1NURVY1NGFCVzFnaGl6YVZYSEI4MW9CLTRad2dIU3ZYSGdGWi1rLW4xeDE1U05IZkFOTmNYcjdYY1ZGdEhaTmpZemRudFdlVWVwaUhBdzJ5RzB5My0xQjlJQ2RaQ0k3Rko2V0IwYzJaWlozMTFtVkJacXBQd0N1TXZyLTdTQ1lRXzhUTG9haTN3dV9xTFVrQ2NuNUJuVnRjYXBGRGE1dU9ZNDhiNGt2Rmg4NGNjeGtMc2FEVHhZZEk2UHh6SUZwTGN2MDdGc2F3a2NRbDFLeGhTLWJacTlibncyWXBLd3BCVXlKdS15UUZTX1ZUalF1M1BCcGJ5cEJ3MFQ2QWN6Vno2aThxd3FqOVc2WlBFWHhXdnFNX3J4bzdpcHgxMEN3VlZ0RW1BM1RxNjlWNlphYUdRRUlBaWsxQlZxRWJFLTFFdkI5SXJSZ2dfa1Fzajk3TU9OTHBpRk94dUVuNTJBTkkxTVRhU1U0ZHktdFctVWVQQXc5c1ZlcDZvR2JKbkU5cF80M2xJQTNqUUlKM1pOQ2FHNkNiY2RvOElZVzFnMHF5dlJpSXJWeTRnMHoyTngtWEQzRFpGLVlJaTVBNHJFYmM3M3BZdFNLOG1MSlF6V3RidmRBMzA3cFhERGtSZk5zYS0xTjNBWC1kZ3hya24xamxLTnNFZ2tBSzVkR1JxeDc2S2hzaEFCbTB3WF8teGNmeWhMRkREa3NJUU0wOFBuZUswZ2xuM0d0bDlkU3dQWUpuWXAtTmI4djU1bnVQbF9RUkdKWmJLWnBsanFTbjh5MWR1UkxhekZCUEstX2o4N2dxVFlQUlZLZmYxMDFwa1QxdHdjMU9pNW4zWno5V1Y2SXBBOGVRMVIxOHczZ2Jfd2lMU3dNM0ViaTJ6el9yTkJVS2xkb1A0MDRaazNaaHhncnRUWGRlbnQ4ampONk1BVWFwdmtveHB1dzRPLVJCd3JMc1I1ZnM1LVJyZzEwdmM0T2xUcnB4YTFUamFSMFljSllEbEo0aWpCN2hTSWs1TWJIVGViS2VEZ1ZnVy12Mm9Za3FiSmoxXzQzdFQ3VkdWcm9rT1o0a21zRTk2NUQ3c21GOUJlQmViUzE4YUR1TWVYYzZQMlRrR1dnbUhOc1prR3dEV0tPZXFjSGRNOWZqbjNlNmt5djM5NWIxUkd2MGJXOFNpSWxXazJNUWlGbmtTV000X2Jveko0MEhneWNOYnpJd2pzbnViaTQteEs3bmtrU2hGRkx4RUM4b3k5NzVaNmIxcXZ4ek1xQmZJQ255SVRQcW9IZU5KOXFJS2VZNUtrbjU1Sm1iT3Z2dDVXRUp6NGRWMDdoYVpJdWs3SU1fWHhiUzdGRnRaUW1WMTFkRWMtbUIwaGswVk1CMEJSZi1uR0RsUzQxbm0mc2FpPUFNZmwtWVRaTVYzZ3E3bmI0WHd3c05WUW50NU82RjloYUk0Z2wwV0dONTZvZFVEVzRCT1F3RVJLTktyNmdBZ1ZXYmRHNnlFRzlIelRlOVdyM09qMWdUU041T2FVUWNVUmVqUXV2UjNvS1ppdElNTW9MWVVHNFYwcmM3allXM0ltdE1ZdXBqVTlIOU85cGRXNlVLWFNwVkFCcTVucWpGUXoxeGRPYk44SWNWVDMxclYwRWtBRTlRJnNpZz1DZzBBcktKU3pIQllrTFU4TzB6RUVBRSZjcnk9MSZmYnNfYWVpZD1bZ3dfZmJzYWVpZF0mdXJsZml4PTEmYWR1cmw9aHR0cHM6Ly93d3cuc2Vuc29keW5lLm5vLyUzRmRjbGlkJTNEJTI1ZWRjbGlkISIK%26dc_cid%3D180980885%26dc_adid%3D541786290
IP 34.255.148.223:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (7716)
Hash f4e96218929e1b3f971366c01c91953e
e74eb55546b3b3f8ed38f3b7b97f3ae776b8128c
a26df7f2ee33a8e26065bccd100d83698b2574fc265b0e4bbca786b01d0dd1aa
GET /vast/fwjsvid/st/1237149/66766199/skeleton.js?includeFlash=false&bundleId=&ias_dspId=3&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~&originalVast=https://ad.doubleclick.net/ddm/pfadx/N926626.3342798GSKDBMSENSODYNENO/B28786258.350686279%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.3.548.0%3Bdc_osd%3D2%3Bdc_frm%3D1%3Bdc_adk%3D4195960670%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://rodjulian.com/%3Bdc_vast%3D4%3Bmpt%3Dvideojs-ima%3Bmpv%3D1.11.0%3Bnel%3D0%3Fves%3DdGltZXN0YW1wOiAxNjcwNDI1MTQwMDQzCmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzdmZWQzRoNG9OeTVkdDhzanNnWWZob0JaVWI5NGZ3ZHVaY0pkOWNjVFI3YmVxTy14TmRhZWhfVDBESVY0SGRWVlVhTmtLWmFhSlJ2YzJ0dzhYaVA2Zl9IbTdKbXpvOEI5OHZidVhkdXVrZHlxbTBPMV9hbUp3Ylc5VTFyV3JCaks0Q28tNnpBUmVwOUVvaHNKNjFaUmh3V1pPMGQwcE1VMXF5SE4xQzJiczl6RW1EUllPTnQzY1ZaTlF3b0FXZ3o3MXdxWVE0eG44bWFTNGJlLXlwbWgyczAxeEdSLVZyT2NTRFU0d1NURVY1NGFCVzFnaGl6YVZYSEI4MW9CLTRad2dIU3ZYSGdGWi1rLW4xeDE1U05IZkFOTmNYcjdYY1ZGdEhaTmpZemRudFdlVWVwaUhBdzJ5RzB5My0xQjlJQ2RaQ0k3Rko2V0IwYzJaWlozMTFtVkJacXBQd0N1TXZyLTdTQ1lRXzhUTG9haTN3dV9xTFVrQ2NuNUJuVnRjYXBGRGE1dU9ZNDhiNGt2Rmg4NGNjeGtMc2FEVHhZZEk2UHh6SUZwTGN2MDdGc2F3a2NRbDFLeGhTLWJacTlibncyWXBLd3BCVXlKdS15UUZTX1ZUalF1M1BCcGJ5cEJ3MFQ2QWN6Vno2aThxd3FqOVc2WlBFWHhXdnFNX3J4bzdpcHgxMEN3VlZ0RW1BM1RxNjlWNlphYUdRRUlBaWsxQlZxRWJFLTFFdkI5SXJSZ2dfa1Fzajk3TU9OTHBpRk94dUVuNTJBTkkxTVRhU1U0ZHktdFctVWVQQXc5c1ZlcDZvR2JKbkU5cF80M2xJQTNqUUlKM1pOQ2FHNkNiY2RvOElZVzFnMHF5dlJpSXJWeTRnMHoyTngtWEQzRFpGLVlJaTVBNHJFYmM3M3BZdFNLOG1MSlF6V3RidmRBMzA3cFhERGtSZk5zYS0xTjNBWC1kZ3hya24xamxLTnNFZ2tBSzVkR1JxeDc2S2hzaEFCbTB3WF8teGNmeWhMRkREa3NJUU0wOFBuZUswZ2xuM0d0bDlkU3dQWUpuWXAtTmI4djU1bnVQbF9RUkdKWmJLWnBsanFTbjh5MWR1UkxhekZCUEstX2o4N2dxVFlQUlZLZmYxMDFwa1QxdHdjMU9pNW4zWno5V1Y2SXBBOGVRMVIxOHczZ2Jfd2lMU3dNM0ViaTJ6el9yTkJVS2xkb1A0MDRaazNaaHhncnRUWGRlbnQ4ampONk1BVWFwdmtveHB1dzRPLVJCd3JMc1I1ZnM1LVJyZzEwdmM0T2xUcnB4YTFUamFSMFljSllEbEo0aWpCN2hTSWs1TWJIVGViS2VEZ1ZnVy12Mm9Za3FiSmoxXzQzdFQ3VkdWcm9rT1o0a21zRTk2NUQ3c21GOUJlQmViUzE4YUR1TWVYYzZQMlRrR1dnbUhOc1prR3dEV0tPZXFjSGRNOWZqbjNlNmt5djM5NWIxUkd2MGJXOFNpSWxXazJNUWlGbmtTV000X2Jveko0MEhneWNOYnpJd2pzbnViaTQteEs3bmtrU2hGRkx4RUM4b3k5NzVaNmIxcXZ4ek1xQmZJQ255SVRQcW9IZU5KOXFJS2VZNUtrbjU1Sm1iT3Z2dDVXRUp6NGRWMDdoYVpJdWs3SU1fWHhiUzdGRnRaUW1WMTFkRWMtbUIwaGswVk1CMEJSZi1uR0RsUzQxbm0mc2FpPUFNZmwtWVRaTVYzZ3E3bmI0WHd3c05WUW50NU82RjloYUk0Z2wwV0dONTZvZFVEVzRCT1F3RVJLTktyNmdBZ1ZXYmRHNnlFRzlIelRlOVdyM09qMWdUU041T2FVUWNVUmVqUXV2UjNvS1ppdElNTW9MWVVHNFYwcmM3allXM0ltdE1ZdXBqVTlIOU85cGRXNlVLWFNwVkFCcTVucWpGUXoxeGRPYk44SWNWVDMxclYwRWtBRTlRJnNpZz1DZzBBcktKU3pIQllrTFU4TzB6RUVBRSZjcnk9MSZmYnNfYWVpZD1bZ3dfZmJzYWVpZF0mdXJsZml4PTEmYWR1cmw9aHR0cHM6Ly93d3cuc2Vuc29keW5lLm5vLyUzRmRjbGlkJTNEJTI1ZWRjbGlkISIK%26dc_cid%3D180980885%26dc_adid%3D541786290 HTTP/1.1
Host: vast.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Encoding: gzip
Content-Type: text/xml; charset=UTF-8
Date: Wed, 07 Dec 2022 14:59:00 GMT
Request-Id: ce8akd70adn7pvbr23jg
Vary: Origin
Content-Length: 4324
Connection: keep-alive
static.adsafeprotected.com/ias/v1/vpaid.2022.11.30-01.47-cd745c2.js
143.204.55.52200 OK 44 kB URL HTTP/2 static.adsafeprotected.com/ias/v1/vpaid.2022.11.30-01.47-cd745c2.js
IP 143.204.55.52:0
File type C source, ASCII text, with very long lines (568)
Hash 5ccdcbc2628eb84f25fcdfeecccfb6a5
1c145804ac18b3a4524c376b18db133be417c881
eaa81eb87b7c33b53de376af8ba809a8b2c146dc7caaaa0ef5aee3a6989989c2
GET /ias/v1/vpaid.2022.11.30-01.47-cd745c2.js HTTP/1.1
Host: static.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 05 Dec 2022 17:20:33 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 30 Nov 2022 21:59:47 GMT
etag: W/"b6f430030901d9710048dfdea579c2b4"
x-amz-server-side-encryption: AES256
cache-control: max-age=604800
x-amz-version-id: vO.G2U7bQwMqLqOtwevd28AE5SyLIHWC
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BsgsaNzP0-uqojtfg_4lgL-w4oWaSfGxtRjkxIJlwuQ7zqGO2RA9Kg==
age: 164308
X-Firefox-Spdy: h2
upskittyan.com/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rodjulian.com/
Content-Type: application/json
Origin: https://rodjulian.com
Content-Length: 371
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:59:01 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: b09e0ef932094c74f06b324d0d4a6a00
access-control-allow-origin: https://rodjulian.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
offfurreton.com/400/5112623
139.45.197.237200 OK 0 B URL HTTP/2 offfurreton.com/400/5112623
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5112623 HTTP/1.1
Host: offfurreton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:54 GMT
content-type: application/javascript
x-trace-id: ec4ad8a4aaffcf8c7f06cc1c35687499
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=cb42f16f73104e94b788a0f66bc5bb1c; expires=Thu, 07 Dec 2023 14:58:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
104.18.11.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
IP 104.18.11.207:0
GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:53 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 12/27/2021 07:28:05
cdn-edgestorageid: 756
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 5a4f218ff2cc791bfca3e2943b0791a7
cdn-cache: HIT
cf-cache-status: HIT
age: 15871757
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775e1f3dac23b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rodjulian.com/sbbi/?sbbpg=utMedia&vii=fh54a0d616d6679b560ec7b7e6baaa3992a3e527dbe5318f92ccbd4ed056b318r4q3s6y8
151.139.128.10200 OK 0 B URL HTTP/2 rodjulian.com/sbbi/?sbbpg=utMedia&vii=fh54a0d616d6679b560ec7b7e6baaa3992a3e527dbe5318f92ccbd4ed056b318r4q3s6y8
IP 151.139.128.10:0
GET /sbbi/?sbbpg=utMedia&vii=fh54a0d616d6679b560ec7b7e6baaa3992a3e527dbe5318f92ccbd4ed056b318r4q3s6y8 HTTP/1.1
Host: rodjulian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Cookie: SPSI=f5ad1d6950cbeba39ae2de389cb4d5b1; SPSE=u5NIk5E9dl0thLGqcj515KkZD6YrzOG9CbR32jzqMAR0uXRJbmRDcEVpHbhEuiyRAmiGM02dGclLAEEhrXtiAg==; spcsrf=4cb8e61f2e371f623227dc5cbb01a010; UTGv2=h406667b6e776aa92357b51f2cde06384368; JSON_fetchlv3=YF3oII; sp_lit=lDfndSXpPc8RwtbYHctAIg==; PRLST=kW
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:53 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-type: image/gif
server: fbs
x-accel-expires: 0
x-hw: 1670425133.cds206.sk1.hn,1670425133.cds241.sk1.sc,1670425133.cdn2-wafbe01-arn1.stackpath.systems.-.i,1670425133.cds241.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans
IP 142.250.74.106:0
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 14:58:53 GMT
date: Wed, 07 Dec 2022 14:58:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.unibotscdn.com/ubplayer/player.js
185.59.220.199200 OK 0 B URL HTTP/2 cdn.unibotscdn.com/ubplayer/player.js
IP 185.59.220.199:0
ASN #60068 Datacamp Limited
GET /ubplayer/player.js HTTP/1.1
Host: cdn.unibotscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:54 GMT
content-type: application/javascript
server: BunnyCDN-DE1-722
cdn-pullzone: 873945
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
cache-control: public, max-age=3600
etag: W/"636df581-1d0a2"
last-modified: Fri, 11 Nov 2022 07:10:57 GMT
cdn-storageserver: DE-200
cdn-fileserver: 336
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/12/2022 05:25:05
cdn-edgestorageid: 1049
cdn-status: 200
cdn-requestid: 1914911bc55d0be06451b6239752883b
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
rodjulian.com/sbbi/?sbbpg=sbbShell&gprid=kW&sbbgs=h406667b6e776aa92357b51f2cde06384368&ddl=0
151.139.128.10200 OK 0 B URL HTTP/2 rodjulian.com/sbbi/?sbbpg=sbbShell&gprid=kW&sbbgs=h406667b6e776aa92357b51f2cde06384368&ddl=0
IP 151.139.128.10:0
POST /sbbi/?sbbpg=sbbShell&gprid=kW&sbbgs=h406667b6e776aa92357b51f2cde06384368&ddl=0 HTTP/1.1
Host: rodjulian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 497
Origin: https://rodjulian.com
Connection: keep-alive
Referer: https://rodjulian.com/sbbi/?sbbpg=sbbShell&gprid=kW&sbbgs=h406667b6e776aa92357b51f2cde06384368&ddl=0
Cookie: SPSI=f5ad1d6950cbeba39ae2de389cb4d5b1; SPSE=u5NIk5E9dl0thLGqcj515KkZD6YrzOG9CbR32jzqMAR0uXRJbmRDcEVpHbhEuiyRAmiGM02dGclLAEEhrXtiAg==; spcsrf=4cb8e61f2e371f623227dc5cbb01a010; UTGv2=h406667b6e776aa92357b51f2cde06384368; JSON_fetchlv3=YF3oII; sp_lit=lDfndSXpPc8RwtbYHctAIg==; PRLST=kW; adOtr=1d5df9a56c0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:54 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
x-hw: 1670425134.cds206.sk1.hn,1670425134.cds257.sk1.sc,1670425134.cdn2-wafbe01-arn1.stackpath.systems.-.i,1670425134.cds257.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.itskiddien.club/?rb=35wzjL1gD3yaU_EMBEzqOZK-dVfGz9ZVEYe-VVPqVejxEsFHM8qMldjalJ4eozzfCDF2dPTDJkqu0B4208zQQd8-xAJ4s6FI4oL-OcI8pxVecLQ_PRLmDpZ7BkFxQbcfAjDsKXwLeAA6vyfEWP0bokGCYhySdCDgVYMm8r3GZdehv_8513wOCIuXad7x2q301WDGcdfSCoQMobd_IbwEFgOsMu8dq7ldqj2EYXlbWvZTWXux&request_ab2=96002&zoneid=5115166&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=https%3A%2F%2Frodjulian.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=3d07d824-1849-4d8c-98a7-24f6bc85ee44&userId=99900ae1b9c140918e5b4853bfe9a53b&m=link
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddien.club/?rb=35wzjL1gD3yaU_EMBEzqOZK-dVfGz9ZVEYe-VVPqVejxEsFHM8qMldjalJ4eozzfCDF2dPTDJkqu0B4208zQQd8-xAJ4s6FI4oL-OcI8pxVecLQ_PRLmDpZ7BkFxQbcfAjDsKXwLeAA6vyfEWP0bokGCYhySdCDgVYMm8r3GZdehv_8513wOCIuXad7x2q301WDGcdfSCoQMobd_IbwEFgOsMu8dq7ldqj2EYXlbWvZTWXux&request_ab2=96002&zoneid=5115166&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=https%3A%2F%2Frodjulian.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=3d07d824-1849-4d8c-98a7-24f6bc85ee44&userId=99900ae1b9c140918e5b4853bfe9a53b&m=link
IP 139.45.197.236:0
GET /?rb=35wzjL1gD3yaU_EMBEzqOZK-dVfGz9ZVEYe-VVPqVejxEsFHM8qMldjalJ4eozzfCDF2dPTDJkqu0B4208zQQd8-xAJ4s6FI4oL-OcI8pxVecLQ_PRLmDpZ7BkFxQbcfAjDsKXwLeAA6vyfEWP0bokGCYhySdCDgVYMm8r3GZdehv_8513wOCIuXad7x2q301WDGcdfSCoQMobd_IbwEFgOsMu8dq7ldqj2EYXlbWvZTWXux&request_ab2=96002&zoneid=5115166&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=https%3A%2F%2Frodjulian.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=3d07d824-1849-4d8c-98a7-24f6bc85ee44&userId=99900ae1b9c140918e5b4853bfe9a53b&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rodjulian.com/
Origin: https://rodjulian.com
Connection: keep-alive
Cookie: OAID=5ae1f3223d314d8484f2ec03821cd602; oaidts=1670425135
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:55 GMT
content-type: application/json
x-trace-id: 6da02f1ec71731422cf56565bed73ecd
access-control-allow-origin: https://rodjulian.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=99900ae1b9c140918e5b4853bfe9a53b; expires=Thu, 07 Dec 2023 14:58:55 GMT; path=/; secure; SameSite=None
oaidts=1670425135; expires=Thu, 07 Dec 2023 14:58:55 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 14 Dec 2022 14:58:55 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
rodjulian.com/verifylv3/?YF3oII
151.139.128.10307 Temporary Redirect 0 B URL HTTP/2 rodjulian.com/verifylv3/?YF3oII
IP 151.139.128.10:0
GET /verifylv3/?YF3oII HTTP/1.1
Host: rodjulian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Wed, 07 Dec 2022 14:58:53 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
set-cookie: SPSI=f5ad1d6950cbeba39ae2de389cb4d5b1; path=/; HttpOnly; SameSite=Lax;
SPSE=u5NIk5E9dl0thLGqcj515KkZD6YrzOG9CbR32jzqMAR0uXRJbmRDcEVpHbhEuiyRAmiGM02dGclLAEEhrXtiAg==; path=/; HttpOnly; SameSite=Lax;
spcsrf=a8535cb63e4392c668336a76e57dab01; path=/; SameSite=Strict; HttpOnly; expires=Wed, 07-Dec-22 16:58:53 GMT
adOtr=obsvl; path=/; SameSite=Lax; expires=Thu, 2 Aug 2001 20:47:11 UTC
UTGv2=D-h4428c062a8ad16a72c027fad2e47b25ff87; path=/; SameSite=Lax; expires=Mon, 05-Jun-23 14:58:53 GMT
JSON_fetchlv3=YF3oII; expires=Wed, 07-Dec-2022 15:02:13 GMT; Max-Age=200; path=/
JSON_fetch=1670424933
JSON_fetch1sh=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchnet=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv0=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv3s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv4=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv4s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv5=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv5s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
referrer-policy: no-referrer
location: https://rodjulian.com
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1670425133.cds206.sk1.hn,1670425133.cds250.sk1.sc,1670425133.cdn2-redis02-arn1.stackpath.systems.-.wx,1670425133.cds250.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
ssp.web1s.com/ser.php?t=AADIV56&f=56&psc=
151.139.128.10200 OK 0 B URL HTTP/2 ssp.web1s.com/ser.php?t=AADIV56&f=56&psc=
IP 151.139.128.10:0
GET /ser.php?t=AADIV56&f=56&psc= HTTP/1.1
Host: ssp.web1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:54 GMT
accept-ranges: bytes
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
x-hw: 1670425134.cds068.sk1.hn,1670425134.cds228.sk1.sc,1670425134.cds228.sk1.p
server: nginx
cache-control: no-cache, must-revalidate
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
X-Firefox-Spdy: h2
upskittyan.com/pfe/current/tag.min.js?z=5118379
139.45.197.251200 OK 0 B URL HTTP/2 upskittyan.com/pfe/current/tag.min.js?z=5118379
IP 139.45.197.251:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/tag.min.js?z=5118379 HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:54 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
upskittyan.com/pfe/current/universal.min.js?v=3.1.409
139.45.197.251200 OK 0 B URL HTTP/2 upskittyan.com/pfe/current/universal.min.js?v=3.1.409
IP 139.45.197.251:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.409 HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rodjulian.com/
Origin: https://rodjulian.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:54 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 15:42:46 GMT
etag: W/"6388cb76-18c6c"
access-control-allow-origin: https://rodjulian.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddien.club/apu.php?zoneid=5115166
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=5115166
IP 139.45.197.236:0
GET /apu.php?zoneid=5115166 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:55 GMT
content-type: application/javascript
x-trace-id: 776797a6b1fab6e8751095df323504da
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=5ae1f3223d314d8484f2ec03821cd602; expires=Thu, 07 Dec 2023 14:58:55 GMT; path=/; secure; SameSite=None
oaidts=1670425135; expires=Thu, 07 Dec 2023 14:58:55 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ugroocuw.net/?rb=K3pSSyQq2cFL00gHsbO7iiBdbDpM_9ZMZ0mxSZNE987TQDQFkQy772LjSjy3FZk6zxZ4fhhwgl8St9numrWQSkpV1nabfNWEOHVXvNthN5rjxvxme8RM77VGiAVgvKnR9gv6_IXHTNV0X0YIZlCzHeidFr9vL01gy8bmy8uUFUEQ9XzPHlor7SFga0JW2tX1hrB3qWWEg06Hch3e3d3P4FlZjpkm6XBZmAFXD18brB_Vmyrj&request_ab2=96003&zoneid=5112622&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Frodjulian.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=dcabdba4-3267-4e21-9d48-a9f394ee8d7e&userId=99900ae1b9c140918e5b4853bfe9a53b&m=link
139.45.197.239200 OK 0 B URL HTTP/2 ugroocuw.net/?rb=K3pSSyQq2cFL00gHsbO7iiBdbDpM_9ZMZ0mxSZNE987TQDQFkQy772LjSjy3FZk6zxZ4fhhwgl8St9numrWQSkpV1nabfNWEOHVXvNthN5rjxvxme8RM77VGiAVgvKnR9gv6_IXHTNV0X0YIZlCzHeidFr9vL01gy8bmy8uUFUEQ9XzPHlor7SFga0JW2tX1hrB3qWWEg06Hch3e3d3P4FlZjpkm6XBZmAFXD18brB_Vmyrj&request_ab2=96003&zoneid=5112622&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Frodjulian.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=dcabdba4-3267-4e21-9d48-a9f394ee8d7e&userId=99900ae1b9c140918e5b4853bfe9a53b&m=link
IP 139.45.197.239:0
GET /?rb=K3pSSyQq2cFL00gHsbO7iiBdbDpM_9ZMZ0mxSZNE987TQDQFkQy772LjSjy3FZk6zxZ4fhhwgl8St9numrWQSkpV1nabfNWEOHVXvNthN5rjxvxme8RM77VGiAVgvKnR9gv6_IXHTNV0X0YIZlCzHeidFr9vL01gy8bmy8uUFUEQ9XzPHlor7SFga0JW2tX1hrB3qWWEg06Hch3e3d3P4FlZjpkm6XBZmAFXD18brB_Vmyrj&request_ab2=96003&zoneid=5112622&js_build=iclick-v1.458.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Frodjulian.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.458.0&bs=dcabdba4-3267-4e21-9d48-a9f394ee8d7e&userId=99900ae1b9c140918e5b4853bfe9a53b&m=link HTTP/1.1
Host: ugroocuw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rodjulian.com/
Origin: https://rodjulian.com
Connection: keep-alive
Cookie: OAID=99900ae1b9c140918e5b4853bfe9a53b; oaidts=1670425134
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:55 GMT
content-type: application/json
x-trace-id: ad4d23b295c45e6804f6524184e2e7a6
access-control-allow-origin: https://rodjulian.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=99900ae1b9c140918e5b4853bfe9a53b; expires=Thu, 07 Dec 2023 14:58:55 GMT; path=/; secure; SameSite=None
oaidts=1670425135; expires=Thu, 07 Dec 2023 14:58:55 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 14 Dec 2022 14:58:55 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
link1s.com/st?api=428dd42bc74fb77e710445aa38282c227eec8e1c&url=https://nilknarf.xyz/100/s00.php/Q2t7s9H9839247Jy9aShwPXVMqfZ1RV02a4KswfTT4PK83923S1n839236sW43FnTgNu5LnY3aLEoNB3rzXXid5r95CYsoMuaw==
151.139.128.10301 Moved Permanently 0 B URL HTTP/2 link1s.com/st?api=428dd42bc74fb77e710445aa38282c227eec8e1c&url=https://nilknarf.xyz/100/s00.php/Q2t7s9H9839247Jy9aShwPXVMqfZ1RV02a4KswfTT4PK83923S1n839236sW43FnTgNu5LnY3aLEoNB3rzXXid5r95CYsoMuaw==
IP 151.139.128.10:0
POST /st?api=428dd42bc74fb77e710445aa38282c227eec8e1c&url=https://nilknarf.xyz/100/s00.php/Q2t7s9H9839247Jy9aShwPXVMqfZ1RV02a4KswfTT4PK83923S1n839236sW43FnTgNu5LnY3aLEoNB3rzXXid5r95CYsoMuaw== HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 538
Origin: null
Connection: keep-alive
Cookie: SPSI=2c2cd26b81a7fbb6daed01adf84f0f4a; SPSE=mUDZjFPMFd2YRAxoFhP/WEvnKsFyk32sDERsSJZVWNGwArbZJNOAdXCa4HRDRTb3UKGXQgUzXoddLT/1FOC+TA==; AppSession=mstqucgsnlcf6a24ii9bpgnf3s; csrfToken=2fa335a478dbb5058fd82c14a3f337fd0020bd63af5ca710deb7f3fe3909ed9e9a51aef6649db71e71746603b776b6859c65df3d429a2f30e8bc4736bce5b183
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 07 Dec 2022 14:58:52 GMT
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-robots-tag: noindex, nofollow
location: https://link1s.com/YF3oII
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1670425132.cds257.sk1.hn,1670425132.cds251.sk1.sc,1670425132.cdn2-wafbe02-arn1.stackpath.systems.-.wx,1670425132.cds251.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
offfurreton.com/500/5112623?excludes=&oaid=99900ae1b9c140918e5b4853bfe9a53b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Frodjulian.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 offfurreton.com/500/5112623?excludes=&oaid=99900ae1b9c140918e5b4853bfe9a53b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Frodjulian.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5112623?excludes=&oaid=99900ae1b9c140918e5b4853bfe9a53b&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Frodjulian.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: offfurreton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://rodjulian.com
Connection: keep-alive
Referer: https://rodjulian.com/
Cookie: OAID=cb42f16f73104e94b788a0f66bc5bb1c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 14:58:55 GMT
content-type: application/javascript
x-trace-id: 3352673a468d7750479f8cdedbcde5b6
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://rodjulian.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=99900ae1b9c140918e5b4853bfe9a53b; expires=Thu, 07 Dec 2023 14:58:55 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
104.21.84.149200 OK 0 B IP 104.21.84.149:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:54 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1856
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OVBqzNuM%2FNdjIzjx2o07bj4tS0L%2FTDq4vWV2Gq0TjvWIgTZmQBAGJi0xE61utlgWciXS6tzPcwbAbd%2Bl6ui5BKdo0tTtd33FsUdGrGZMAbjN0vW%2Fbg%2F0z3FxD6ifBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775e1f447a530b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/@videojs/http-streaming@2.14.2/dist/videojs-http-streaming.min.js
104.16.126.175200 OK 0 B URL HTTP/2 unpkg.com/@videojs/http-streaming@2.14.2/dist/videojs-http-streaming.min.js
IP 104.16.126.175:0
GET /@videojs/http-streaming@2.14.2/dist/videojs-http-streaming.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:58 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"4e381-sWncTYk99Vh6MbFTmww1DxncjVE"
via: 1.1 fly.io
fly-request-id: 01G6E1E66RQ34YCWHZMKNEKVYY-ams
cf-cache-status: HIT
age: 14243969
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 775e1f5cfd08fab4-OSL
content-encoding: br
X-Firefox-Spdy: h2
stream.unibotscdn.com/7965fb7f-7867-49d3-8ff9-4ce0340d38a8/playlist.m3u8
138.199.36.11200 OK 0 B URL HTTP/2 stream.unibotscdn.com/7965fb7f-7867-49d3-8ff9-4ce0340d38a8/playlist.m3u8
IP 138.199.36.11:0
ASN #60068 Datacamp Limited
GET /7965fb7f-7867-49d3-8ff9-4ce0340d38a8/playlist.m3u8 HTTP/1.1
Host: stream.unibotscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rodjulian.com
Connection: keep-alive
Referer: https://rodjulian.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:59 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
server: BunnyCDN-DE1-1054
cdn-pullzone: 829957
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
last-modified: Mon, 10 Oct 2022 11:29:07 GMT
cdn-storageserver: DE-165
cdn-fileserver: 461
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 11/24/2022 15:14:54
cdn-edgestorageid: 752
cdn-status: 200
cdn-requestid: 7531a614cd8b1bb121ef01af8aa75104
cdn-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
rodjulian.com/sbbi/?sbbpg=sbbShell&gprid=kW&sbbgs=h406667b6e776aa92357b51f2cde06384368&ddl=0
151.139.128.10200 OK 0 B URL HTTP/2 rodjulian.com/sbbi/?sbbpg=sbbShell&gprid=kW&sbbgs=h406667b6e776aa92357b51f2cde06384368&ddl=0
IP 151.139.128.10:0
GET /sbbi/?sbbpg=sbbShell&gprid=kW&sbbgs=h406667b6e776aa92357b51f2cde06384368&ddl=0 HTTP/1.1
Host: rodjulian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rodjulian.com/
Cookie: SPSI=f5ad1d6950cbeba39ae2de389cb4d5b1; SPSE=u5NIk5E9dl0thLGqcj515KkZD6YrzOG9CbR32jzqMAR0uXRJbmRDcEVpHbhEuiyRAmiGM02dGclLAEEhrXtiAg==; spcsrf=4cb8e61f2e371f623227dc5cbb01a010; UTGv2=h406667b6e776aa92357b51f2cde06384368; JSON_fetchlv3=YF3oII; sp_lit=lDfndSXpPc8RwtbYHctAIg==; PRLST=kW
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 14:58:53 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
x-hw: 1670425133.cds206.sk1.hn,1670425133.cds219.sk1.sc,1670425133.cdn2-redis02-arn1.stackpath.systems.-.i,1670425133.cds219.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2