sl1.prisondharmanetwork.net/goodbye-letter-for-co-workers-sample-2063022-7325
104.21.6.204301 Moved Permanently 0 B URL HTTP/1.1 sl1.prisondharmanetwork.net/goodbye-letter-for-co-workers-sample-2063022-7325
IP 104.21.6.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /goodbye-letter-for-co-workers-sample-2063022-7325 HTTP/1.1
Host: sl1.prisondharmanetwork.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 06 Nov 2022 11:05:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 06 Nov 2022 12:05:09 GMT
Location: https://sl1.prisondharmanetwork.net/goodbye-letter-for-co-workers-sample-2063022-7325
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVnpoW377NklDBJ1LnF2MaJHP4MadKhikHEY%2BMQfBOyTVf09S9pXIGHi0Z7fPnsI06%2FTkgaR17k1wSVJqhC8z4bVG%2FLMlmVco2qAZrHhsIlCywGNhPhQ%2F3bge2UJR98lYyS3ZpbmfVMgeTJV5zI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765d5a3aac50b4fd-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8286265a56e3e10efd41b41618a54071
5f10ac9a050e15f5598674dc7ee3865b325d01a8
2da2fa0b2b86ccc4029d0baa4e9c5b21a6433228b84b451b72b1d318561d4ef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2925
Expires: Sun, 06 Nov 2022 11:53:54 GMT
Date: Sun, 06 Nov 2022 11:05:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72c64df35304c35cd95e4ed6e101e795
a39287987854d644a8da295da536fb31de8b44c1
a9bf0da57e0f108b376781ede4b9762ae1b0d088910d26fb7be98c2d03e69092
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6206
Cache-Control: max-age=86961
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:09 GMT
Etag: "63662d58-1d7"
Expires: Mon, 07 Nov 2022 11:14:30 GMT
Last-Modified: Sat, 05 Nov 2022 09:31:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2678
Expires: Sun, 06 Nov 2022 11:49:47 GMT
Date: Sun, 06 Nov 2022 11:05:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XMoM48pmF4ED7wEIysWMXm7B9Cx/pSGeK2vRuJvdb0YiUmWLCt75/zCozLeOepRb9WuTJnjLaao=
x-amz-request-id: A6N9QT7N9FR1JFT6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 10:10:24 GMT
age: 3285
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 11:05:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b0f6e4bdd3d805f845919132d6f5238f
1b69ab971abb7c9cb3a326c0ee29f00e2e14c47a
3c2e93f3a78a4bcf1ff54f4e3886a3760f3908b419d716b91b4a0fa026a56500
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=126129
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:09 GMT
Etag: "6366de96-117"
Expires: Mon, 07 Nov 2022 22:07:18 GMT
Last-Modified: Sat, 05 Nov 2022 22:07:18 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b0f6e4bdd3d805f845919132d6f5238f
1b69ab971abb7c9cb3a326c0ee29f00e2e14c47a
3c2e93f3a78a4bcf1ff54f4e3886a3760f3908b419d716b91b4a0fa026a56500
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=126129
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:10 GMT
Etag: "6366de96-117"
Expires: Mon, 07 Nov 2022 22:07:19 GMT
Last-Modified: Sat, 05 Nov 2022 22:07:18 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
sl1.prisondharmanetwork.net/goodbye-letter-for-co-workers-sample-2063022-7325
172.67.135.65200 OK 11 kB URL HTTP/2 sl1.prisondharmanetwork.net/goodbye-letter-for-co-workers-sample-2063022-7325
IP 172.67.135.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1230), with CRLF, LF line terminators
Hash fce6f91cf43dac7e3d22691b828b4848
43522c3f6f8b7c6b196d6e78a2d4e5e3174c94e6
b18ce461eeabf374fa8dfb53165ad7404dd5e39c52ef7873143731b74913a817
GET /goodbye-letter-for-co-workers-sample-2063022-7325 HTTP/1.1
Host: sl1.prisondharmanetwork.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:10 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.15
cache-control: max-age=86400
expires: Mon, 07 Nov 2022 11:05:10 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BsFUmj0FXiMLR6ljjk05FtpLsLCDPUAAauzqwAgyIGicvNj5nrItnq1UvtNglTwxkuc66jhOBDIVa2YE6pOj7yUZeU2qI62ZM9zQR921kA18d7IE1hS561rWgK9E48Qq6uJx5TacAMIl5WLl%2BQk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 765d5a3ddbf7b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
151.101.85.229200 OK 1.3 kB URL HTTP/2 cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css
IP 151.101.85.229:0
File type ASCII text, with very long lines (1460)
Hash 8786cd8041431d860694eed4e4df5493
ad176b25138137c05527a1a93f9b1d2bd9819bb6
2f1ab64452cbd8b4a75b5f778aaadd7f8a9c194ef48c5e2e9132393b68d21a85
GET /npm/cookieconsent@3/build/cookieconsent.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 3.1.1
x-jsd-version-type: version
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 06 Nov 2022 11:05:10 GMT
age: 16835
x-served-by: cache-fra-eddf8230021-FRA, cache-bma1636-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1299
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash a84536c38bed463d47e9a2176c42e988
01711049e405a199d697a8c67c5228c867db2ea0
08dbf0dbb5ea14ad80ae452d4af6ed1445bc2dfd360b34d120743837b3b4fa54
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 11:05:10 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "451868BBA632E1B5010B2250A920A6A9E0C51F86"
Expires: Sun, 06 Nov 2022 21:00:00 GMT
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3373
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765d5a411f53b4f3-OSL
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 37 kB IP 142.250.74.35:0
Hash 5aec23fd5ec0ddfe541cff0eeceb719f
f5e93a636b39c1e442f99ac00ed03901226a6706
9153556d0b74a8dd4c0cb83d2d57639751deadd0a812d55834af1fd9a3c48b8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7f71f50e622e5621cc7cef219aac6305
7a8bfda7ee4842f5061bd8e962df16813892764a
42962b5d3c5ff9f7f17399a0beb3776c4d240ad6473df960d7ebc4580c800e7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42962B5D3C5FF9F7F17399A0BEB3776C4D240AD6473DF960D7EBC4580C800E7D"
Last-Modified: Fri, 04 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1393
Expires: Sun, 06 Nov 2022 11:28:23 GMT
Date: Sun, 06 Nov 2022 11:05:10 GMT
Connection: keep-alive
cmp.optad360.io/items/701e95e6-7737-482a-9dc2-06280155425a.min.js
54.230.111.106200 OK 497 B URL HTTP/2 cmp.optad360.io/items/701e95e6-7737-482a-9dc2-06280155425a.min.js
IP 54.230.111.106:0
File type ASCII text, with very long lines (496)
Hash 7acdc116a0830ba0aef5e087010246ba
44c6d5659727be623750ef5da32c2da279997694
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
GET /items/701e95e6-7737-482a-9dc2-06280155425a.min.js HTTP/1.1
Host: cmp.optad360.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 497
last-modified: Mon, 12 Apr 2021 08:54:56 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 06 Nov 2022 00:32:25 GMT
etag: "7acdc116a0830ba0aef5e087010246ba"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AkEiijH_E0tlby3KPEdp9L77wicAvTjqFdbd4Q_hMIC-0UcwiUw1hA==
age: 38341
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.218.159.206101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.159.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4vqWbyyhLXTAQhaschUGHA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: w1h6AnHXLDGTO/Cew/eSFoONgcY=
i.ytimg.com/vi/rGYH1K4cCAo/hqdefault.jpg
142.250.74.182200 OK 56 kB URL HTTP/2 i.ytimg.com/vi/rGYH1K4cCAo/hqdefault.jpg
IP 142.250.74.182:0
File type gzip compressed data, from Unix\012- data
Hash 7523e0352cfa78201a2a72452cdf7ec4
7fdbe9fbfa704df6d48ba3de40f71572c020fcb3
182f14deaeed3362a9a2a268bbaf5caf29a425ac5e8db9a88affa022c74845ba
GET /vi/rGYH1K4cCAo/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 52180
date: Sun, 06 Nov 2022 11:05:10 GMT
expires: Sun, 06 Nov 2022 13:05:10 GMT
cache-control: public, max-age=7200
etag: "1650031155"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116324 bytes)
Hash f6fb319bede777161d7376e6e24866f2
1d525cbb22943f47a8d87f61ff59ca5407e9b0af
89c9bf4649f23ed5a7488bd6b2cab6be5546f1a17143b48c900d54097958429f
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116324
date: Sun, 06 Nov 2022 11:05:10 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4581b506f0ccd486206fae4fe79eb8fd
ea8f75b339daf79e4d6db6b288f23045dd7b47e2
db3f58f8fbd1b53920f8b71348ff31ea8b886e3dfb3d6171d2c68b414b3a6e7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.zx-adnet.com/adx/smrcp_19121001.js
151.101.65.195200 OK 20 kB URL HTTP/2 cdn.zx-adnet.com/adx/smrcp_19121001.js
IP 151.101.65.195:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (64964), with CRLF line terminators
Hash 1739c216c15c4d5187580f0520ef24e8
78e7e1b10d6c5a93fb3eb28ec81d76aed453154d
06bbd0596606282feea2fc3f452008b593168bd4c2b2d0971a32909d1430462e
GET /adx/smrcp_19121001.js HTTP/1.1
Host: cdn.zx-adnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=3600,public
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "0379eb726d6206c827a3aba72b039087492e1a26387e0e0824927a4c08e54306-br"
last-modified: Thu, 27 Oct 2022 10:57:51 GMT
strict-transport-security: max-age=31556926
x-robots-tag: noindex, nofollow, noarchive
accept-ranges: bytes
date: Sun, 06 Nov 2022 11:05:10 GMT
x-served-by: cache-bma1677-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667732711.702287,VS0,VE157
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19677
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/xrj4Uk1ibQE
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/xrj4Uk1ibQE
IP 142.250.74.35:0
Hash b22514cae7568f8f6d0bd541249ba1c2
e842e32c43a0011bf514ad9a324451f3e01f0f68
1c334219cd70810da827c6dfd58ee738d0b75776d89f6569b8549d8ddc6fa4e6
POST /s/gts1d4/xrj4Uk1ibQE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 06 Nov 2022 11:05:10 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s7.addthis.com/l10n/client.sl.min.json
23.38.200.123200 OK 1.6 kB URL HTTP/2 s7.addthis.com/l10n/client.sl.min.json
IP 23.38.200.123:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3065), with no line terminators
Hash 45095ffd3f205c37eb8798b4a16591dc
4c17c15b1adfbc7ede88293060c281ef1476c776
56d294058e808a6328e4805cba8716456cbc3096c48f6e1d2e345539a4b319fe
GET /l10n/client.sl.min.json HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
etag: W/"5d77be05-c39"
cache-control: public, s-maxage=604800
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 1595
date: Sun, 06 Nov 2022 11:05:11 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aafde8aa9f72795f6ec4e0c8bfd52030
f020192c748657b75c5667d3f184304aff408708
130c179ef1a071cb32a7eb5488f9c7558576976aac1e9d69d21c75c65f0eb733
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aafde8aa9f72795f6ec4e0c8bfd52030
f020192c748657b75c5667d3f184304aff408708
130c179ef1a071cb32a7eb5488f9c7558576976aac1e9d69d21c75c65f0eb733
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/plugin.min.js
143.204.55.94200 OK 59 kB URL HTTP/2 get.optad360.io/sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/plugin.min.js
IP 143.204.55.94:0
Hash a0b9a90b5173be334b55de29935f768a
d129d7ca8312831a217a50d99fd93f8147b1ea14
1230a4ae1a80fc7acd70675ccffadc95e4ca14230d3ee59fca5cf3036d96eaf6
GET /sf/0cb56948-cae8-47f8-b292-fbe3862a81d2/plugin.min.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 31 Oct 2022 17:47:37 GMT
last-modified: Mon, 31 Oct 2022 17:45:18 GMT
etag: W/"27c2616b482ba76dccd7924dddc8c5ad"
cache-control: public, max-age=604800
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kKglxjbW6Vp1HQQZI81ENdumFLwoKec3vbjaexLu22xLLWB-SIuWvQ==
age: 494254
X-Firefox-Spdy: h2
dr5.biz/?te=g42damlemy5ha3ddf4ztonrs
185.177.94.108200 OK 482 B URL HTTP/2 dr5.biz/?te=g42damlemy5ha3ddf4ztonrs
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
Hash 8a5c4a02bce24b8c8bdc08825814d9d9
0963b477925cce243576ae54ce3ce662a9e052e1
b40b31ee35b6c2f9dbc09c1a8cc17b9d6660e30303b07e316b0626821f7111ad
Analyzer Verdict Alert quad9 Sinkholed
GET /?te=g42damlemy5ha3ddf4ztonrs HTTP/1.1
Host: dr5.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 11:05:10 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=7f0b0885-2e83-4cf3-800e-3be514bed7a7; expires=Tue, 06-Dec-2022 11:05:10 GMT; Max-Age=2592000; path=/; SameSite=None; domain=dr5.biz; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 598 B IP 142.250.74.35:0
Hash 035bc50cec4e3330da912729fb4eb11c
5d24035d727e43c22445a3f69ba298fa09786df7
c3d7beb01523d177c83c0ce639e7fdc57a7dc0a5f50efb2fd11b4a44cacda965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bigmp3db.com/1duwt.json
95.216.65.102200 OK 466 B URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 95.216.65.102:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1851), with no line terminators
Hash bc10420aee19b81ff3a8dd8c822067ab
306247b54cc1442c422611a54312f07311aeb019
c74059e18f6d2061164abbab61d1f4b1f68d5bfefe8e59590e9750e54186aed1
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 351
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: cloudflare-nginx
date: Sun, 06 Nov 2022 11:05:11 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 48dea9f70f26292574467e6e4199f9d7
71639ad4f4c098aaf97c764a68458b9d214e0294
21ca9e43bd5d879ab38e87b7276acc1c2d7a03c34149f2220d4e79f1f3ea1781
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 11:05:11 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Thu, 10 Nov 2022 06:46:32 GMT
ETag: "71639ad4f4c098aaf97c764a68458b9d214e0294"
Last-Modified: Sun, 06 Nov 2022 06:46:33 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3041
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765d5a468e54b4f3-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 977f20a3df4aa4f563e4fe8718805a0c
6ac188b4a7ae83ee3ec6dea50ad48f0b19f3c040
507b847d6cd65c7690d039eaca007173ee6a4c1e209e93a1f33360667fab41dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6047
Cache-Control: max-age=124212
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Etag: "6366bf7c-117"
Expires: Mon, 07 Nov 2022 21:35:23 GMT
Last-Modified: Sat, 05 Nov 2022 19:54:36 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
securepubads.g.doubleclick.net/tag/js/gpt.js
216.58.207.194200 OK 27 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (41598)
Hash 40d09499087c0072f43f1f42947b2c34
45235a0723de1029ae23100db6ce6c0ee0999306
680d4b910d77c460f9e36426fbc6ac88a2803eac6c4b97ed212fc7101ebab93c
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27352
date: Sun, 06 Nov 2022 11:05:11 GMT
expires: Sun, 06 Nov 2022 11:05:11 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1385 / 89 of 1000 / last-modified: 1667599556"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 977f20a3df4aa4f563e4fe8718805a0c
6ac188b4a7ae83ee3ec6dea50ad48f0b19f3c040
507b847d6cd65c7690d039eaca007173ee6a4c1e209e93a1f33360667fab41dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6047
Cache-Control: max-age=124212
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Etag: "6366bf7c-117"
Expires: Mon, 07 Nov 2022 21:35:23 GMT
Last-Modified: Sat, 05 Nov 2022 19:54:36 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
storage.googleapis.com/s2t-images/mr.js?0.38883582033065556
216.58.211.16200 OK 4.4 kB URL HTTP/2 storage.googleapis.com/s2t-images/mr.js?0.38883582033065556
IP 216.58.211.16:0
File type ASCII text, with very long lines (23729), with no line terminators
Hash 115f5664d494ea5e45aad8061e45949d
660440b1341ac6e480605287845a1361e094feb3
232aaf8b341c5f586744bfe91192bd2961699ca0fe31c48e08b535c394391d32
GET /s2t-images/mr.js?0.38883582033065556 HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtbF8_zHIfJFSJ_p-ItxU_oaQUIAhG3-GeFV1rGkmdB1oLHc4aVeKUtwKM-PsSxDUGuA4zeQWix9rNlLQStTfkwKw
date: Sun, 06 Nov 2022 11:05:11 GMT
cache-control: public, max-age=31536000
expires: Mon, 06 Nov 2023 11:05:11 GMT
last-modified: Tue, 24 May 2022 13:22:38 GMT
etag: "115f5664d494ea5e45aad8061e45949d"
x-goog-generation: 1653398558715037
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 4449
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4449
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.zx-adnet.com/consent/cookies_gdpr.js?0.116076748890793
151.101.65.195200 OK 10 kB URL HTTP/2 cdn.zx-adnet.com/consent/cookies_gdpr.js?0.116076748890793
IP 151.101.65.195:0
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (2366), with CRLF line terminators
Hash 73829f967851906ee21c6ae23c04cec0
407a1325a517a6c1d0866410892954db1272effc
1793cecd523560e7bcca5782fb3363f1fd687543f3431f4caba24693f43eb938
GET /consent/cookies_gdpr.js?0.116076748890793 HTTP/1.1
Host: cdn.zx-adnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "6d9479856d34b784a695cf827606b5512cda2503d6ed62ebe429f4ef02dd9fef-br"
last-modified: Thu, 27 Oct 2022 10:57:51 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Sun, 06 Nov 2022 11:05:10 GMT
x-served-by: cache-bma1677-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667732711.793586,VS0,VE167
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 6bb9990fc521832208f25ccf5261b719
be8acfb80dfc034d5cbd7dabb318ea8853762c10
677f03256dacdc519c12971fd422fe1afa0ecca3864f4e8f7aa0bed4eecd9c38
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73397
date: Sun, 06 Nov 2022 11:05:11 GMT
access-control-allow-origin: *
etag: "63575841-11eb5"
expires: Sun, 06 Nov 2022 12:05:11 GMT
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.bigmp3db.com/1duwt.json
95.216.65.102200 OK 4.5 kB URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 95.216.65.102:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash df66487082a1b81c5955ecd074304055
e05df887d68c917f8d4011a81bfac3c83a5af56f
495ee38e55ef7d98b5b6025cd549109cc97af35c6ec020963c842e67c3c54cf6
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 82
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: cloudflare-nginx
date: Sun, 06 Nov 2022 11:05:11 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
storage.googleapis.com/s2t-images/mr.js?0.6382574963061168
216.58.211.16200 OK 4.4 kB URL HTTP/2 storage.googleapis.com/s2t-images/mr.js?0.6382574963061168
IP 216.58.211.16:0
File type ASCII text, with very long lines (23729), with no line terminators
Hash 115f5664d494ea5e45aad8061e45949d
660440b1341ac6e480605287845a1361e094feb3
232aaf8b341c5f586744bfe91192bd2961699ca0fe31c48e08b535c394391d32
GET /s2t-images/mr.js?0.6382574963061168 HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduZTopQGJSzn_R1x49ehcr_ZFmE6xXKmtdydz5r50iYkxNP9f01NGqEQxWqc2HrelvRd9bYZlarWRs-FfMJCTH9yA
date: Sun, 06 Nov 2022 11:05:11 GMT
cache-control: public, max-age=31536000
expires: Mon, 06 Nov 2023 11:05:11 GMT
last-modified: Tue, 24 May 2022 13:22:38 GMT
etag: "115f5664d494ea5e45aad8061e45949d"
x-goog-generation: 1653398558715037
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 4449
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4449
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 75c492aa9b19778bfa00f090b4deaca7
134827aef16567e0d76c88dc7449bce207b8257a
d5b4ef3aeda21c25fec024de806013fcc3478ce7b8553995a54a0bc0d16de4c9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5761
Cache-Control: max-age=136558
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Etag: "6366f0d4-13a"
Expires: Tue, 08 Nov 2022 01:01:09 GMT
Last-Modified: Sat, 05 Nov 2022 23:25:08 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314
storage.googleapis.com/s2t-images/mr.js?0.581212760240281
216.58.211.16200 OK 4.4 kB URL HTTP/2 storage.googleapis.com/s2t-images/mr.js?0.581212760240281
IP 216.58.211.16:0
File type ASCII text, with very long lines (23729), with no line terminators
Hash 115f5664d494ea5e45aad8061e45949d
660440b1341ac6e480605287845a1361e094feb3
232aaf8b341c5f586744bfe91192bd2961699ca0fe31c48e08b535c394391d32
GET /s2t-images/mr.js?0.581212760240281 HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdv5RrmupPz3qWo8FIycj7SjoRopezEDro8OvM-DiEt7jUv3-fBy16sFvfV0UJGfp-sSGoNypCVJfEr9RsAQZoB2Cw
date: Sun, 06 Nov 2022 11:05:11 GMT
cache-control: public, max-age=31536000
expires: Mon, 06 Nov 2023 11:05:11 GMT
last-modified: Tue, 24 May 2022 13:22:38 GMT
etag: "115f5664d494ea5e45aad8061e45949d"
x-goog-generation: 1653398558715037
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 4449
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4449
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e4ed94c837fefefe08f9a7ff0a49f4d3
d5bafd299572c5f9e303af48bfe1715f2aae64fc
bd5754748c4afe030ed06a29302eaee6f54bc39747a5add921871600e1a749a5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3921
Cache-Control: max-age=171398
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Etag: "6367801c-1d7"
Expires: Tue, 08 Nov 2022 10:41:49 GMT
Last-Modified: Sun, 06 Nov 2022 09:36:28 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
storage.googleapis.com/s2t-images/mr.js?0.8268556419111076
216.58.211.16200 OK 4.4 kB URL HTTP/2 storage.googleapis.com/s2t-images/mr.js?0.8268556419111076
IP 216.58.211.16:0
File type ASCII text, with very long lines (23729), with no line terminators
Hash 115f5664d494ea5e45aad8061e45949d
660440b1341ac6e480605287845a1361e094feb3
232aaf8b341c5f586744bfe91192bd2961699ca0fe31c48e08b535c394391d32
GET /s2t-images/mr.js?0.8268556419111076 HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdutjqhOhjm5xb4MjKhjai8cpheOLmZVXWQthxkMDkKZCmBElCsf2JPReH3tIWcgpzGQ49nmVQDvswGJJPuOhSvj0Q
date: Sun, 06 Nov 2022 11:05:11 GMT
cache-control: public, max-age=31536000
expires: Mon, 06 Nov 2023 11:05:11 GMT
last-modified: Tue, 24 May 2022 13:22:38 GMT
etag: "115f5664d494ea5e45aad8061e45949d"
x-goog-generation: 1653398558715037
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 4449
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4449
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 808c74e09bb3c10767280b7dc1ed6d7e
d496dc855a5ca3e869277307042e0bd8b43ce944
eea3344ae9d92b9243107ec1bcff3f037eefee8c0f56d6ba424e0808c26fac61
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEA3344AE9D92B9243107EC1BCFF3F037EEFEE8C0F56D6BA424E0808C26FAC61"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21044
Expires: Sun, 06 Nov 2022 16:55:55 GMT
Date: Sun, 06 Nov 2022 11:05:11 GMT
Connection: keep-alive
storage.googleapis.com/s2t-images/mr.js?0.6685063499185708
216.58.211.16200 OK 4.4 kB URL HTTP/2 storage.googleapis.com/s2t-images/mr.js?0.6685063499185708
IP 216.58.211.16:0
File type ASCII text, with very long lines (23729), with no line terminators
Hash 115f5664d494ea5e45aad8061e45949d
660440b1341ac6e480605287845a1361e094feb3
232aaf8b341c5f586744bfe91192bd2961699ca0fe31c48e08b535c394391d32
GET /s2t-images/mr.js?0.6685063499185708 HTTP/1.1
Host: storage.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtOIlL5vrsC6gMzioUnRUXoDYxLAoJnwvdV3ig_nC3gcTZdyKrgudaavq1jdauVmcvfDv1Po8wz32i1D0vE7CGl_w
date: Sun, 06 Nov 2022 11:05:11 GMT
cache-control: public, max-age=31536000
expires: Mon, 06 Nov 2023 11:05:11 GMT
last-modified: Tue, 24 May 2022 13:22:38 GMT
etag: "115f5664d494ea5e45aad8061e45949d"
x-goog-generation: 1653398558715037
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 4449
content-type: application/javascript
content-encoding: gzip
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
vary: Accept-Encoding
content-length: 4449
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
onetag-sys.com/prebid-request
51.89.9.251200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.251:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1216
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1067
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sl1.prisondharmanetwork.net
cache-control: no-cache, no-store, must-revalidate
date: Sun, 06 Nov 2022 11:05:11 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de13765e39960fcd16233b190b47d386
ad6911c2a0537118a16ed2f848519a92417fe8df
b06cffc778b9d31c9c6d37c9df287a08848d774239dc6b8d92f0adb89605442b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1535
Cache-Control: max-age=138802
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Etag: "63670a1a-1d7"
Expires: Tue, 08 Nov 2022 01:38:33 GMT
Last-Modified: Sun, 06 Nov 2022 01:12:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a6de8128aedde0e223523f13d28ac759
d0bb4e22552d778862d7005a2d1b24687235b577
829ebae2d87e91cb06412370d02a76a5a8a057190ec52d84f073c72dc4e11a4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4202
Cache-Control: max-age=125612
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Etag: "6366cc29-117"
Expires: Mon, 07 Nov 2022 21:58:43 GMT
Last-Modified: Sat, 05 Nov 2022 20:48:41 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
onetag-sys.com/prebid-request
51.89.9.251200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.251:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1252
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 921
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sl1.prisondharmanetwork.net
cache-control: max-age=0, private, must-revalidate
date: Sun, 06 Nov 2022 11:05:11 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 2
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 1696138a3933172676975fb8bd330eab
a1bae88a934732f0a7baa161c78c2aa94d445613
8ae5eab989db0d22c51848c912d2e03b37c1e69e9c70db8bd86ac9249f1f6708
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 995
Cache-Control: max-age=83887
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Etag: "636635b3-13a"
Expires: Mon, 07 Nov 2022 10:23:18 GMT
Last-Modified: Sat, 05 Nov 2022 10:06:43 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash f3832eb0418d94ec98c40df1bcf3ce5b
74dd7fa6ff4f9da9324c0772d075da5f42ab5879
cc42acc8dffa6c7f0c4c3a16ffe8c88919daf4859b7524a7a0ffc6e4b169c50d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3588afae66fb092c7f70f8cfbf667c04
91fcd48033092f3796564a7c2d6a4c8cd9ef94f5
d34e2a0407de93f4588ce7a14e93e7908233854555413e94fd4206d1b54caf5e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5662
Cache-Control: max-age=119859
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Etag: "6366affc-1d7"
Expires: Mon, 07 Nov 2022 20:22:50 GMT
Last-Modified: Sat, 05 Nov 2022 18:48:28 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 731
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 06 Nov 2022 11:05:11 GMT
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3588afae66fb092c7f70f8cfbf667c04
91fcd48033092f3796564a7c2d6a4c8cd9ef94f5
d34e2a0407de93f4588ce7a14e93e7908233854555413e94fd4206d1b54caf5e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 965
Cache-Control: max-age=115162
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Etag: "6366affc-1d7"
Expires: Mon, 07 Nov 2022 19:04:33 GMT
Last-Modified: Sat, 05 Nov 2022 18:48:28 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aafde8aa9f72795f6ec4e0c8bfd52030
f020192c748657b75c5667d3f184304aff408708
130c179ef1a071cb32a7eb5488f9c7558576976aac1e9d69d21c75c65f0eb733
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 899
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sl1.prisondharmanetwork.net
cache-control: max-age=0, private, must-revalidate
date: Sun, 06 Nov 2022 11:05:11 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 3
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 713
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 06 Nov 2022 11:05:12 GMT
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1050
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sl1.prisondharmanetwork.net
cache-control: no-cache, no-store, must-revalidate
date: Sun, 06 Nov 2022 11:05:11 GMT
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=32318984302&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=32318984302&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.11.0&cb=32318984302&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 576
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 06 Nov 2022 11:05:12 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sl1.prisondharmanetwork.net
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
useast.quantumdex.io/auction/pbjs
172.67.42.201500 Internal Server Error 0 B URL HTTP/2 useast.quantumdex.io/auction/pbjs
IP 172.67.42.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auction/pbjs HTTP/1.1
Host: useast.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 834
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 500 Internal Server Error
date: Sun, 06 Nov 2022 11:05:12 GMT
content-length: 0
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
x-reason: [Inventory] site.domain not match RootDomain, prisondharmanetwork.net != vermin-club.org
set-cookie: uid=f27a6914-417c-40e5-92e1-14090ad63631; expires=Tue, 06 Dec 2022 11:05:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765d5a49bf4ffab8-OSL
X-Firefox-Spdy: h2
useast.quantumdex.io/auction/pbjs
172.67.42.201500 Internal Server Error 0 B URL HTTP/2 useast.quantumdex.io/auction/pbjs
IP 172.67.42.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /auction/pbjs HTTP/1.1
Host: useast.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 856
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 500 Internal Server Error
date: Sun, 06 Nov 2022 11:05:12 GMT
content-length: 0
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-credentials: true
access-control-allow-methods: POST, GET
x-reason: [Inventory] site.domain not match RootDomain, prisondharmanetwork.net != vermin-club.org
set-cookie: uid=2a1eb00c-2510-4caa-a112-e88b0fcf5481; expires=Tue, 06 Dec 2022 11:05:12 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765d5a49bf57fab8-OSL
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 8d5423df00873d207bd23ce8e7fc5253
f14dbf2990662d88f4a9d09e561d4700cc270740
51400749c478a1fb40b3a1e2a3c8781d717b5957b18a75118bad334949d64b47
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 11:05:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 10 Nov 2022 07:48:35 GMT
ETag: "f14dbf2990662d88f4a9d09e561d4700cc270740"
Last-Modified: Sun, 06 Nov 2022 07:48:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1296
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765d5a4a6b73b4f3-OSL
bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=44138051230&lsavail=0
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=44138051230&lsavail=0
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=7.11.0&cb=44138051230&lsavail=0 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 565
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 06 Nov 2022 11:05:12 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://sl1.prisondharmanetwork.net
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 746
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 06 Nov 2022 11:05:12 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 8d5423df00873d207bd23ce8e7fc5253
f14dbf2990662d88f4a9d09e561d4700cc270740
51400749c478a1fb40b3a1e2a3c8781d717b5957b18a75118bad334949d64b47
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 11:05:12 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 10 Nov 2022 07:48:35 GMT
ETag: "f14dbf2990662d88f4a9d09e561d4700cc270740"
Last-Modified: Sun, 06 Nov 2022 07:48:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1296
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765d5a4a9bf5b4f3-OSL
ib.adnxs.com/ut/v3/prebid
185.89.210.141200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 920
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 11:05:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sl1.prisondharmanetwork.net
AN-X-Request-Uuid: c2aa6b21-2fac-4390-a63c-b8f5d94331a2
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
185.89.210.141200 OK 137 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9f8c05e9fda59fca7324ff20dbd4a539
48c6133e03694ac94e93b5feedb0e5fef3195923
09c537785ed9a0c5ffcd4e25771612bee4687c8dbe81ebd6ee3c0ae1a9a7158a
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 869
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 11:05:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 137
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sl1.prisondharmanetwork.net
AN-X-Request-Uuid: 38076625-6b9b-491b-9ee3-6875de9655a4
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
185.89.210.141200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 948
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 11:05:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sl1.prisondharmanetwork.net
AN-X-Request-Uuid: db2650bf-4cac-435e-9c73-3db1cf85af0b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ssp.wp.pl/bidder/?bdver=5.7&pbver=7.11.0&inver=0
212.77.99.29204 No Content 0 B URL HTTP/2 ssp.wp.pl/bidder/?bdver=5.7&pbver=7.11.0&inver=0
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/?bdver=5.7&pbver=7.11.0&inver=0 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 930
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 06 Nov 2022 11:05:12 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
access-control-allow-credentials: true
access-control-allow-origin: https://sl1.prisondharmanetwork.net
uber-trace-id: 00000000000000006cd205b07f8b4e09:1632368b50d1da8d:0:0
vary: Origin
X-Firefox-Spdy: h2
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
89.207.16.210204 No Content 0 B URL HTTP/2 web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
IP 89.207.16.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cvx/client/hb/ortb/25 HTTP/1.1
Host: web.hb.ad.cpe.dotomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 793
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 06 Nov 2022 11:05:12 GMT
cache-control: no-cache
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-credentials: true
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/?bdver=5.7&pbver=7.11.0&inver=0
212.77.99.29204 No Content 0 B URL HTTP/2 ssp.wp.pl/bidder/?bdver=5.7&pbver=7.11.0&inver=0
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/?bdver=5.7&pbver=7.11.0&inver=0 HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 950
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 06 Nov 2022 11:05:12 GMT
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
accept-ch-lifetime: 604800
access-control-allow-credentials: true
access-control-allow-origin: https://sl1.prisondharmanetwork.net
uber-trace-id: 0000000000000000d690fa535203daac:aaa3bb8dd3643c06:0:0
vary: Origin
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.4.25204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.4.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 765
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 06 Nov 2022 11:05:12 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 24d3af838ce6f3b1317261daa1c38e24
03db948dd2724260c6edeab3a20562d9e987c1e4
f954443ba7108b29203a6875d26418ec08cc1d90d069ed11aada05421fdca5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F954443BA7108B29203A6875D26418EC08CC1D90D069ED11AADA05421FDCA5FE"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1737
Expires: Sun, 06 Nov 2022 11:34:09 GMT
Date: Sun, 06 Nov 2022 11:05:12 GMT
Connection: keep-alive
ib.adnxs.com/ut/v3/prebid
185.89.210.141200 OK 137 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.141:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 885cb08094f81a8ac634156f17a17c47
d04267a94d07530fe4377bd53c57b0a52bcef50d
f0c6d98934f64f513d5e525b774703e12af99150a041d3be36eb29131bf82ddc
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 896
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 11:05:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 137
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sl1.prisondharmanetwork.net
AN-X-Request-Uuid: 0010bac8-b411-4b3f-81d3-54cb74575dd8
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
89.207.16.210204 No Content 0 B URL HTTP/2 web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
IP 89.207.16.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cvx/client/hb/ortb/25 HTTP/1.1
Host: web.hb.ad.cpe.dotomi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 812
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 06 Nov 2022 11:05:12 GMT
cache-control: no-cache
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-credentials: true
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20981
Expires: Sun, 06 Nov 2022 16:54:53 GMT
Date: Sun, 06 Nov 2022 11:05:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20981
Expires: Sun, 06 Nov 2022 16:54:53 GMT
Date: Sun, 06 Nov 2022 11:05:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20981
Expires: Sun, 06 Nov 2022 16:54:53 GMT
Date: Sun, 06 Nov 2022 11:05:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OR8zISm84Iz0FL3Km-aQOHSnjROX2-S_lKloAhMAThT17igEWRbxkA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 48052
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2e37c89a5a7f608a21ac42b87ee0f7fc
55132fb03671e178b7e186da48ac7e02d6e96e23
6d71b8c1578f69619e174e61fbe9c92de7df4563e4a413b7b3d1be229f464df2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D71B8C1578F69619E174E61FBE9C92DE7DF4563E4A413B7B3D1BE229F464DF2"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20981
Expires: Sun, 06 Nov 2022 16:54:53 GMT
Date: Sun, 06 Nov 2022 11:05:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3fDf4aoep5tTAusisXhIdAf0A6SbpM5fYtYaiXtNSb0-VRJo5nu8Vg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 09:11:34 GMT
age: 6818
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.bigmp3db.com/1duwt.json
95.216.65.102200 OK 8.0 kB URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 95.216.65.102:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash d3568da37041305ef244cf71f3bcef01
586322f556a7b67ee2219b92c1c74830d9cf3a61
3429e825d14c4f61166dc51d5b6657286877eb00b9a495705889bb8afe7ed992
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 248
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: cloudflare-nginx
date: Sun, 06 Nov 2022 11:05:11 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gjEERXiPH4yDHtW87u7qRDYz1A2DKKlkYXKVC3F9VshnRvhh2wSaSQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:08:57 GMT
age: 46575
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 03:24:54 GMT
age: 27618
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3420191-fa21-4db2-9043-c0adac7b0820.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3420191-fa21-4db2-9043-c0adac7b0820.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39ac4f41f6bbdba85b2afeb7b011db5f
8e7a2be19b5c7682e86aec81907f6026d14d7313
fbd813af4eb335e1aefa6fb78b672bf89f8606ef688c98d3bd38ffdb77abfba3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3420191-fa21-4db2-9043-c0adac7b0820.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8160
x-amzn-requestid: 31cf0571-0ef2-4c99-a6be-afd806b7f449
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJaroFHhoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-269b7bcc1bcb8bdc4aa51dc9;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: K34CTk465OjihLQjLdqM1DqCxBF3lOA1D0DUaHWBj38krob66WwMzA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:20 GMT
age: 48052
etag: "8e7a2be19b5c7682e86aec81907f6026d14d7313"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
video.onnetwork.tv/embed.php?ext=optad
178.33.138.136200 OK 787 B URL HTTP/2 video.onnetwork.tv/embed.php?ext=optad
IP 178.33.138.136:0
Hash c46593bc9d099ca18d8f5de7aabcf241
4631d4dfb9ec4b70a825add9ecec40d12010347a
daf9ee0a85888ede784c1a6478ff27e391f02dee4de7e35ac3c621f1b81249ca
GET /embed.php?ext=optad HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Sun, 06 Nov 2022 11:05:11 GMT
expires: Sun, 06 Nov 2022 11:05:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
feature-policy: fullscreen *; autoplay;
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-length: 787
content-type: text/javascript;charset=utf-8
date: Sun, 06 Nov 2022 11:05:12 GMT
server: XO.webservant
X-Firefox-Spdy: h2
site2text-2021.web.app/gw_251221.js?0.24968827396358828
199.36.158.100200 OK 0 B URL HTTP/2 site2text-2021.web.app/gw_251221.js?0.24968827396358828
IP 199.36.158.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gw_251221.js?0.24968827396358828 HTTP/1.1
Host: site2text-2021.web.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private
content-type: text/html
function-execution-id: zdoqj1d3mtvj
server: Google Frontend
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-cloud-trace-context: 548b658865ef5c8a9a933b61fe116e67
x-country-code: NO
x-orig-accept-language: en-US,en;q=0.5
accept-ranges: bytes
date: Sun, 06 Nov 2022 11:05:12 GMT
x-served-by: cache-bma1676-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1667732712.093782,VS0,VE255
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4int/8EklPeV1cd0
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4int/8EklPeV1cd0
IP 142.250.74.35:0
Hash 1a271f6a4c0cb63ca22cfa9a2817df0c
432ebbf0f7f3741082b12adf9fb5c6dff46950a6
90d6b22a0dfb25e90b16a10cb29f5c18bc7c29cdc6aa33eb3d41df2978cb52c7
POST /s/gts1d4int/8EklPeV1cd0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s-img.mgid.com/g/13780637/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNDg5LHlfMjkyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzEwMTkyNC84NmYzMTA1NWM2NGVkOTMwZDc5NTYxNjMzYTZjNzZhYy5qcGc.webp?v=1667732712-aTYvOl02iBJgzaNtgo10F4uOe2dA0czUlmnix6hSK-Q
104.19.136.78200 OK 33 kB URL HTTP/2 s-img.mgid.com/g/13780637/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNDg5LHlfMjkyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzEwMTkyNC84NmYzMTA1NWM2NGVkOTMwZDc5NTYxNjMzYTZjNzZhYy5qcGc.webp?v=1667732712-aTYvOl02iBJgzaNtgo10F4uOe2dA0czUlmnix6hSK-Q
IP 104.19.136.78:0
Hash e79280b5066a33bc87fd6b30593792dc
2e8bc4ca899846b2699e70ee9275a7c052ea957a
5c8f2c0767dc1f555efb9cd1ffedc0a369f51b26ddf8ef0c067660bcfa131e9f
GET /g/13780637/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNDg5LHlfMjkyL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzEwMTkyNC84NmYzMTA1NWM2NGVkOTMwZDc5NTYxNjMzYTZjNzZhYy5qcGc.webp?v=1667732712-aTYvOl02iBJgzaNtgo10F4uOe2dA0czUlmnix6hSK-Q HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: image/webp
content-length: 31020
x-mg-request-uuid: ae82aaf7-6c8a-47ee-9c0e-b80cb1d414dc
access-control-allow-origin: *
last-modified: Thu, 11 Aug 2022 08:44:43 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 996909
accept-ranges: bytes
set-cookie: __cf_bm=4CHjazvMi1T__zViRzEZW5DmIO5VYjOslJ4WJsk9U0s-1667732712-0-AdD9o1RK0TofNRe6mGhCfXd8+otwHktECk7tG9RvqryvoCTN3nvtnI0dCq5JwlHSG+2jIcfv7aNTp+3Pn1KXgLE=; path=/; expires=Sun, 06-Nov-22 11:35:12 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d5a4cc8e60b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/13780628/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8xMDE5MjQvZWNiNTBkZThmYThlNTVkY2Y3ODE1MTE4ZWRlY2EzYzUuanBn.webp?v=1667732712-3-1EwZOnNvjgMXAj0ZUCszJYheLzjXHQaRi-a5W3TYU
104.19.136.78200 OK 7.6 kB URL HTTP/2 s-img.mgid.com/g/13780628/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8xMDE5MjQvZWNiNTBkZThmYThlNTVkY2Y3ODE1MTE4ZWRlY2EzYzUuanBn.webp?v=1667732712-3-1EwZOnNvjgMXAj0ZUCszJYheLzjXHQaRi-a5W3TYU
IP 104.19.136.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f2414482e2c9f9f7b509cf0ba51f410f
48b0ef6211a998466f62a39401a708e2b0f3fdb2
d8e182c0659b2a4535f2358cee93fc3e86a6f505c4710f4392ce9c5f60fb5723
GET /g/13780628/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8xMDE5MjQvZWNiNTBkZThmYThlNTVkY2Y3ODE1MTE4ZWRlY2EzYzUuanBn.webp?v=1667732712-3-1EwZOnNvjgMXAj0ZUCszJYheLzjXHQaRi-a5W3TYU HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: image/webp
content-length: 7588
x-mg-request-uuid: 6f991118-6c90-47d6-9820-972f03195578
access-control-allow-origin: *
last-modified: Thu, 11 Aug 2022 08:50:06 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 996829
accept-ranges: bytes
set-cookie: __cf_bm=3BAUy.OdfcIgmW3C2WVKeg1_e09HSic5Qowa5oOJiEI-1667732712-0-Acl3aqo6upSFptBRfgYA8h03Mfb0tyxYm4e2Qz5tQuQUxpRxNAxGLiDh+OFULg10Bw7BeNGxZ25zCxmzcSLExAc=; path=/; expires=Sun, 06-Nov-22 11:35:12 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d5a4cd8e90b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/13780607/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNjAzLHlfNjY3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzEwMTkyNC85ZWU2YzFhYTc1OWJiMTUwNjlkYTAxY2FmZmY4YmNmZC5qcGVn.webp?v=1667732712-Vcv3vfqsn-zrnzpiADHX54GysTrcGujeKpTbateEo3k
104.19.136.78200 OK 27 kB URL HTTP/2 s-img.mgid.com/g/13780607/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNjAzLHlfNjY3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzEwMTkyNC85ZWU2YzFhYTc1OWJiMTUwNjlkYTAxY2FmZmY4YmNmZC5qcGVn.webp?v=1667732712-Vcv3vfqsn-zrnzpiADHX54GysTrcGujeKpTbateEo3k
IP 104.19.136.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 811211e9e2a2ee094d9ca11f0eab8abe
7a2b5de3d551c717b9cd0086220a7a2b0b793ea6
1aa278ff0b811f2ee5864ea130397967842352f62385df8d1a468dddf29690a6
GET /g/13780607/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNjAzLHlfNjY3L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzEwMTkyNC85ZWU2YzFhYTc1OWJiMTUwNjlkYTAxY2FmZmY4YmNmZC5qcGVn.webp?v=1667732712-Vcv3vfqsn-zrnzpiADHX54GysTrcGujeKpTbateEo3k HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: image/webp
content-length: 27198
x-mg-request-uuid: 7158f601-1292-445e-a7e4-73062f09afaa
access-control-allow-origin: *
last-modified: Thu, 11 Aug 2022 08:45:50 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 996945
accept-ranges: bytes
set-cookie: __cf_bm=MeqUSb0IVNddYLWj.gCW.Ywu1Zm.M4wGmXjAb62fEXg-1667732712-0-ATIG6LiALBhq8FdTBV04VyNZOZ6NM5zMG2fvkFontp4k6E0YV5f/bIZXQ2IpHLWUV7IM+cBXWBM0Iwz003PJKx8=; path=/; expires=Sun, 06-Nov-22 11:35:12 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d5a4cd8ea0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/12578184/492x277/0x0x1001x563/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2UyMmVmMDM4NDE3YzgyYjYzMWE1Y2E1YzY2ZmI4MDg5LmpwZWc.webp?v=1667732712-RUGYmzomlTgR3nDqSgE-j2HlSow7r5DqtlpyCmMTyxU
104.19.136.78200 OK 8.3 kB URL HTTP/2 s-img.mgid.com/g/12578184/492x277/0x0x1001x563/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2UyMmVmMDM4NDE3YzgyYjYzMWE1Y2E1YzY2ZmI4MDg5LmpwZWc.webp?v=1667732712-RUGYmzomlTgR3nDqSgE-j2HlSow7r5DqtlpyCmMTyxU
IP 104.19.136.78:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 72324abf56c04e36d9c8d354135ed393
8ef93092f44bdc1cf0bbf8b4325cd330043a9b04
d692bb8b2f36905b2a81755ff6da2507ec9a0317b5f2ecb818104caa222f1515
GET /g/12578184/492x277/0x0x1001x563/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0L2UyMmVmMDM4NDE3YzgyYjYzMWE1Y2E1YzY2ZmI4MDg5LmpwZWc.webp?v=1667732712-RUGYmzomlTgR3nDqSgE-j2HlSow7r5DqtlpyCmMTyxU HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: image/webp
content-length: 8284
x-mg-request-uuid: 18451cad-7464-474e-b420-4c471cf2dfe8
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 15:11:43 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 996933
accept-ranges: bytes
set-cookie: __cf_bm=hQWGaMkf6qHggFInI36QD_wBLscqRkP5_RI8M40reGU-1667732712-0-ASds7FYootXxupXB5a4NAf86VwYleyCKAs6q2iSb3rk4fNwwoezT6VDdZIJRuW+mjQ7El2Mzn8LN2Y9r43a1JaA=; path=/; expires=Sun, 06-Nov-22 11:35:12 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d5a4d090b0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player90/embed.min.js?s=1667551565
178.32.205.77200 OK 33 kB URL HTTP/2 cdn.onnetwork.tv/js/player90/embed.min.js?s=1667551565
IP 178.32.205.77:0
Hash eb1d3c91e260a011f127a337f6e76858
a5db14253eab4c11f91f763eb3d5128937ae13ce
d39d8f42037f559f1bfbdc7f3323c4cedf30b5bb797d4e38bad9a7130a69c8a9
GET /js/player90/embed.min.js?s=1667551565 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 08:46:05 GMT
vary: Accept-Encoding
etag: W/"6364d14d-117e3"
expires: Thu, 25 May 2023 11:05:12 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6a1722925950942296194a4dfd7579a8
46ed5442b14d8caf95065eb3db5243f63905f154
1659236d49ee02ba5e86b7a97655fcad20c448a79d545d53571b26da00ebda24
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "1659236D49EE02BA5E86B7A97655FCAD20C448A79D545D53571B26DA00EBDA24"
Last-Modified: Fri, 04 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6393
Expires: Sun, 06 Nov 2022 12:51:45 GMT
Date: Sun, 06 Nov 2022 11:05:12 GMT
Connection: keep-alive
get.optad360.io/sf/prebid7.11.1.js
143.204.55.94200 OK 280 B URL HTTP/2 get.optad360.io/sf/prebid7.11.1.js
IP 143.204.55.94:0
Hash e94d880da89e66de20b8ce11de167a17
17cc5891f2f9e968d0a17df7a8b9073f5c3074ba
6c6f98de306a564ee54c78f228b8b26fce93605f9cab15775ddc901397ed4b2b
GET /sf/prebid7.11.1.js HTTP/1.1
Host: get.optad360.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 31 Oct 2022 05:03:46 GMT
last-modified: Fri, 02 Sep 2022 05:12:45 GMT
etag: W/"7cb55d774e623c3e166bda0a818df497"
cache-control: public, max-age=360000000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JlgBq6RAhHVNdG-SPoNNpOWQfEU9fn4gG2vKc4DSK4MkpQ-2IP3jaw==
age: 540086
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/intersection-observer.min.js
178.32.205.77200 OK 3.1 kB URL HTTP/2 cdn.onnetwork.tv/js/intersection-observer.min.js
IP 178.32.205.77:0
File type ASCII text, with very long lines (10007), with no line terminators
Hash a310de3d70a4564c5c76a7bcf4d1d0f9
56591d7967886c5f734ed2ba2bb01238e003d55e
75292685eb1685a96326ca5ad76e2be49d73f5696acfd8904be106cc794f425c
GET /js/intersection-observer.min.js HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: application/javascript
last-modified: Sun, 01 Jul 2018 06:29:42 GMT
vary: Accept-Encoding
etag: W/"5b3874d6-2717"
expires: Thu, 25 May 2023 11:05:12 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
eu-1-id5-sync.com/api/1.0/id5-api.js
104.26.9.8200 OK 17 kB URL HTTP/2 eu-1-id5-sync.com/api/1.0/id5-api.js
IP 104.26.9.8:0
File type ASCII text, with very long lines (57561)
Hash a07572cc688ecb982d0432f405d15067
4a249e68515a207bb0ec4b39b4b8551e91bf90ca
b9fb7bc5aeff4d789ffc8dabf39305937162832007d6110d04dddbdb3bdc8382
GET /api/1.0/id5-api.js HTTP/1.1
Host: eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: text/javascript;charset=utf-8
cf-ray: 765d5a4d5d18b515-OSL
age: 518
cache-control: public, max-age=14400
etag: W/"68154020ef14b5881614607902c7c21b"
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-id-2: xquZ6QoBGtIgECOlulfi9qoPm7v0WWNvgdo/gHYkJool7qqKRJv1p7VLfgECP96SCtmXrsRKKZg=
x-amz-request-id: NB2A206MY26ZNA92
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6BAtcvNNWAmBYRUYro15Icl00jmv%2FKo8MGHeMXlWRClmA6crGmeIwwaygjtDGpmH21B1BPaV6teNYxi9TdtrwJfAt%2Fm8vGRz8%2Fd1wufjOSpPlnuydNj24kfVz2K82acpG87"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Sun, 06 Nov 2022 11:05:12 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 06 Nov 2022 11:05:12 GMT
access-control-allow-origin: *
etag: "63575841-2b"
expires: Sun, 06 Nov 2022 12:05:12 GMT
accept-ranges: bytes
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.bigmp3db.com/1duwt.json
95.216.65.102200 OK 128 B URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 95.216.65.102:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 9bd10aaf7a174d1d52f63b4d5d711ded
26e73087cc5fc60d083de7dcd3a9fbe8101f262d
7f46aaf323838c37fce4f788ed1f8ca5a50bf49f7f1eb06b2a8e04b621ba261a
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 324
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: cloudflare-nginx
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 55ba4a4c9b7f4a690ac25acbc809f47e
37be45326d09dabd6b5895092f09cf3637da8981
6ea053c44536cc954eea4c9faef78bae09e5d36b5b210d3a81481e1683d44476
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5035
Cache-Control: max-age=113128
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:12 GMT
Etag: "63669825-139"
Expires: Mon, 07 Nov 2022 18:30:40 GMT
Last-Modified: Sat, 05 Nov 2022 17:06:45 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1667732710750&d=9074&wsc=00&typ=embed&mobile=0&c=40
178.32.205.77200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1667732710750&d=9074&wsc=00&typ=embed&mobile=0&c=40
IP 178.32.205.77:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1667732710750&d=9074&wsc=00&typ=embed&mobile=0&c=40 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Sunday, 06-Nov-2022 11:05:12 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bigmp3db.com/1duwt.json
95.216.65.102200 OK 12 kB URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 95.216.65.102:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash f80132d4cd6f679f51d0f0b1b4974a99
16c99313961ab49bbf851977b1795e126ef74c76
dd4d93e43b7ca9485afbf4b7f9ef58a0b213cda184d1fbe5e76454437174843f
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 245
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: cloudflare-nginx
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
video.onnetwork.tv/frame86.php?id=ffONNP6d56273706b54f0b071259379bbc4e4e16677327107441&iid=1667732710745&e=1&ap=4&map=1&umum=1&naa=1&pinva=1&pinv=1&dpre=1&onnsfonn=1&vids=580084&dpb=1&onnwid=9074&wtop=https%253A%252F%252Fsl1.prisondharmanetwork.net%252Fgoodbye-letter-for-co-workers-sample-2063022-7325&apop=0&vpop=0&apopa=0&vpopa=0&cId=ndONNP6d56273706b54f0b071259379bbc4e4e1667732710741&rrpt=%7B%22CxSegments%22%3Anull%7D
178.33.138.136200 OK 5.9 kB URL HTTP/2 video.onnetwork.tv/frame86.php?id=ffONNP6d56273706b54f0b071259379bbc4e4e16677327107441&iid=1667732710745&e=1&ap=4&map=1&umum=1&naa=1&pinva=1&pinv=1&dpre=1&onnsfonn=1&vids=580084&dpb=1&onnwid=9074&wtop=https%253A%252F%252Fsl1.prisondharmanetwork.net%252Fgoodbye-letter-for-co-workers-sample-2063022-7325&apop=0&vpop=0&apopa=0&vpopa=0&cId=ndONNP6d56273706b54f0b071259379bbc4e4e1667732710741&rrpt=%7B%22CxSegments%22%3Anull%7D
IP 178.33.138.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9553)
Hash 3f81e13c55e42d18289f5d4265b01abb
3dd200157a11a885b6aca7ad267c446f040d993a
3f82badb868976bf55deb47c92447bd0f4fa605249b584271cf75ff291d22750
GET /frame86.php?id=ffONNP6d56273706b54f0b071259379bbc4e4e16677327107441&iid=1667732710745&e=1&ap=4&map=1&umum=1&naa=1&pinva=1&pinv=1&dpre=1&onnsfonn=1&vids=580084&dpb=1&onnwid=9074&wtop=https%253A%252F%252Fsl1.prisondharmanetwork.net%252Fgoodbye-letter-for-co-workers-sample-2063022-7325&apop=0&vpop=0&apopa=0&vpopa=0&cId=ndONNP6d56273706b54f0b071259379bbc4e4e1667732710741&rrpt=%7B%22CxSegments%22%3Anull%7D HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Sun, 06 Nov 2022 11:05:12 GMT
expires: Sun, 06 Nov 2022 11:05:13 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
feature-policy: fullscreen *; autoplay;
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-length: 5871
content-type: text/html; charset=utf-8
date: Sun, 06 Nov 2022 11:05:12 GMT
server: XO.webservant
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fea92db4ed037903b1e51d822a9ebf82
d73da3effdf356d11bed9045ed02c15191c616f5
f878d44351ce459a63d7f9d534479c18dd67d0e59b6cfbe39de44bb26fb977b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F878D44351CE459A63D7F9D534479C18DD67D0E59B6CFBE39DE44BB26FB977B7"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9325
Expires: Sun, 06 Nov 2022 13:40:37 GMT
Date: Sun, 06 Nov 2022 11:05:12 GMT
Connection: keep-alive
static.criteo.net/js/ld/publishertag.prebid.123.js
178.250.2.130200 OK 29 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.123.js
IP 178.250.2.130:0
Hash 9c3068ef3f598e1256aa3f3cbcac5551
c55e233dec19930df1c7f9aeb81f645255821631
6bd2ac62265103f7302b91445e11067ee3270ca25c9113743fba711ad8c23e7a
GET /js/ld/publishertag.prebid.123.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: text/javascript
last-modified: Tue, 03 May 2022 11:21:03 GMT
etag: W/"6271101f-15b58"
expires: Mon, 07 Nov 2022 11:05:12 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
lb.eu-1-id5-sync.com/lb/v1
141.95.98.65200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.98.65:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e1f198fa239c6b69764fd5f29f60af92
29ce2388ae0cb5944e0193d3788302d6502decb0
cd248c262a0e8199b45f0812c34e4ad561dfb96cd0a18ca6949006c28e5efd6e
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sl1.prisondharmanetwork.net
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 06 Nov 2022 11:05:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
104.19.133.78200 OK 917 B URL HTTP/2 jsc.mgid.com/w/a/warbletoncouncil.org.1102315.js
IP 104.19.133.78:0
File type ASCII text, with very long lines (2384), with no line terminators
Hash 28fa0ad779426f6d1387c45abcce8152
3ba0bf8da1ab05f1045ca46b54e9bc92902490ae
2805f347323e838baaa6d18f2847106de5e7d1a33aebcc7bf350d3c2ff9c5999
GET /w/a/warbletoncouncil.org.1102315.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:11 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=2385
etag: W/"622c6d20125daac2916e94ddfb03c968"
last-modified: Thu, 03 Nov 2022 11:38:07 GMT
x-amz-id-2: /P4EF/IyftZ6GVvrMhan2j7KvwsIZesaL/oFYKqskCAw/ucXwp+bI7Mnm1eJRT64q1qWpwyh+uM=
x-amz-request-id: 72J1VX5CEF1H6RVA
x-amz-version-id: 1RVizhX81UJvMf5ZCQ49wzkf6Sr9_3EX
cf-cache-status: HIT
age: 369
expires: Sun, 06 Nov 2022 14:05:11 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=sy9wGlsUWe5Nys3LjxpbUQ2sWByW13cCb4Uv2lswTRw-1667732711-0-AXRoya1CVL7qyM4tyH1G70uEKGSN8GabzXfOjSZN7mm3x/ZIfC6Q7mvd8TwosWU9hzP2EWnNg3uQHvUv05V3qJA=; path=/; expires=Sun, 06-Nov-22 11:35:11 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 765d5a46ad10b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lb.eu-1-id5-sync.com/lb/v1
141.95.98.65200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.98.65:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a412b64bc060ecdb74a15eb19751aced
c7d934aecf13c87e4a1cdd139b490b794bebc6fa
81b92db19d96b513900d9d8cd7f99e7b9d407e753b9362f1f9842121c889c61f
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sl1.prisondharmanetwork.net
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 06 Nov 2022 11:05:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
lbs.eu-1-id5-sync.com/lbs/v1
141.95.98.64200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP 141.95.98.64:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8b2645e8bcce498ae291df1be2e0dc62
6d8f50a3cfacad89f7074646c9a3ccb62f291503
ff4b939f9e8bf04b479f05f5b148229e0df22ce94aba40db72d3a6276442915d
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 6 Nov 2022 11:05:12 GMT
access-control-allow-origin: https://sl1.prisondharmanetwork.net
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
lb.eu-1-id5-sync.com/lb/v1
141.95.98.65200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.98.65:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 86b881564987d2da087fb343bf65f919
792e225fe65add783b4aaee804777fe8f85ce052
14688ee4844249bffbbfbd2ff5689eaedc179fccddd234774c3d69cb70dcc620
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sl1.prisondharmanetwork.net
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 06 Nov 2022 11:05:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
lbs.eu-1-id5-sync.com/lbs/v1
141.95.98.64200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP 141.95.98.64:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b9ecdd7f9b8da277cb38ee7046554a5a
df42970aeec0edf014df13accda24f7a371746d6
f2914cd39290590d1894ebaa5a42693a856dd7a0a7241560f82e354995c211d2
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 6 Nov 2022 11:05:12 GMT
access-control-allow-origin: https://sl1.prisondharmanetwork.net
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
lb.eu-1-id5-sync.com/lb/v1
141.95.98.65200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 141.95.98.65:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0d0d82d3502d589dea3d694cba62ce6a
7b887518d2b735dfa115111fb8b1fcbfd2cb255d
eca13947f97fd37f1a3926e65a20ee0419768e59cf0bd4feb594254b412fc6a1
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sl1.prisondharmanetwork.net
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 06 Nov 2022 11:05:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
lbs.eu-1-id5-sync.com/lbs/v1
141.95.98.64200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP 141.95.98.64:0
File type JSON data\012- , ASCII text, with no line terminators
Hash db56ea5a1f2906221f41cfbf934823a5
c1533cb3824063247e81dbf5bf7f74b15e7bf822
523fa4618a5963aaad1065297c7c24eed15c39db27511bc6a1a977e2d632df18
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 6 Nov 2022 11:05:12 GMT
access-control-allow-origin: https://sl1.prisondharmanetwork.net
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
mc.yandex.ru/watch/68669074?wmode=7&page-url=https%3A%2F%2Fsl1.prisondharmanetwork.net%2Fgoodbye-letter-for-co-workers-sample-2063022-7325&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1139%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A16247871547%3Ahid%3A998683831%3Az%3A0%3Ai%3A20221106110510%3Aet%3A1667732710%3Ac%3A1%3Arn%3A384277035%3Arqn%3A1%3Au%3A1667732710652885234%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C293%2C260%2C0%2C281%2C0%2C%2C284%2C3%2C1300%2C1300%2C10%2C1135%3Ans%3A1667732707541%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667732710%3At%3AOglejte%20si%20to%20vzor%C4%8Dno%20e-po%C5%A1tno%20sporo%C4%8Dilo%20za%20slovo%20od%20sodelavcev%20-%20Izobra%C5%BEevanje%20-%202022&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 1.6 kB URL HTTP/2 mc.yandex.ru/watch/68669074?wmode=7&page-url=https%3A%2F%2Fsl1.prisondharmanetwork.net%2Fgoodbye-letter-for-co-workers-sample-2063022-7325&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1139%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A16247871547%3Ahid%3A998683831%3Az%3A0%3Ai%3A20221106110510%3Aet%3A1667732710%3Ac%3A1%3Arn%3A384277035%3Arqn%3A1%3Au%3A1667732710652885234%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C293%2C260%2C0%2C281%2C0%2C%2C284%2C3%2C1300%2C1300%2C10%2C1135%3Ans%3A1667732707541%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667732710%3At%3AOglejte%20si%20to%20vzor%C4%8Dno%20e-po%C5%A1tno%20sporo%C4%8Dilo%20za%20slovo%20od%20sodelavcev%20-%20Izobra%C5%BEevanje%20-%202022&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
Hash b5f42087e88b2892c61ffb8103e91368
efb9339cb178e48e8797ae9458a9b2aad8387232
31ae8bd91ccb45125548236da8c7767d35b1cadb6f2387c5b10eb13bebb9d2fd
GET /watch/68669074?wmode=7&page-url=https%3A%2F%2Fsl1.prisondharmanetwork.net%2Fgoodbye-letter-for-co-workers-sample-2063022-7325&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1139%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A16247871547%3Ahid%3A998683831%3Az%3A0%3Ai%3A20221106110510%3Aet%3A1667732710%3Ac%3A1%3Arn%3A384277035%3Arqn%3A1%3Au%3A1667732710652885234%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C293%2C260%2C0%2C281%2C0%2C%2C284%2C3%2C1300%2C1300%2C10%2C1135%3Ans%3A1667732707541%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667732710%3At%3AOglejte%20si%20to%20vzor%C4%8Dno%20e-po%C5%A1tno%20sporo%C4%8Dilo%20za%20slovo%20od%20sodelavcev%20-%20Izobra%C5%BEevanje%20-%202022&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/68669074/1?wmode=7&page-url=https%3A%2F%2Fsl1.prisondharmanetwork.net%2Fgoodbye-letter-for-co-workers-sample-2063022-7325&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1139%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A16247871547%3Ahid%3A998683831%3Az%3A0%3Ai%3A20221106110510%3Aet%3A1667732710%3Ac%3A1%3Arn%3A384277035%3Arqn%3A1%3Au%3A1667732710652885234%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C293%2C260%2C0%2C281%2C0%2C%2C284%2C3%2C1300%2C1300%2C10%2C1135%3Ans%3A1667732707541%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667732710%3At%3AOglejte%20si%20to%20vzor%C4%8Dno%20e-po%C5%A1tno%20sporo%C4%8Dilo%20za%20slovo%20od%20sodelavcev%20-%20Izobra%C5%BEevanje%20-%202022&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Sun, 06 Nov 2022 11:05:12 GMT
access-control-allow-origin: https://sl1.prisondharmanetwork.net
set-cookie: yandexuid=1272854281667732712; Expires=Mon, 06-Nov-2023 11:05:12 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1272854281667732712; Expires=Mon, 06-Nov-2023 11:05:12 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2459868441667732712; Path=/; SameSite=None; Secure
i=1DAlIOynGx8P/CE+FpUPUi3OAU9C0PzdlppSvZewS/im90vvZNgszdkRQrTl4g/7PUG0AxHtJj21gP2d2BmPfIU6hWU=; Expires=Wed, 03-Nov-2032 11:05:06 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1699268712.yrts.1667732712#1699268712.yrtsi.1667732712; Expires=Mon, 06-Nov-2023 11:05:12 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 06-Nov-2022 11:05:12 GMT
last-modified: Sun, 06-Nov-2022 11:05:12 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b463b96297265e42b60ef23b3f8525f5
22a713a82a82bfcdc455ac24398e346d2d922fcc
4b0639f883a422e394ce3570e655d512dc0e529d663c42b4993057aa963972b0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B0639F883A422E394CE3570E655D512DC0E529D663C42B4993057AA963972B0"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10463
Expires: Sun, 06 Nov 2022 13:59:35 GMT
Date: Sun, 06 Nov 2022 11:05:12 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=sl1.prisondharmanetwork.net
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=sl1.prisondharmanetwork.net
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sl1.prisondharmanetwork.net HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 06 Nov 2022 11:05:12 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id5-sync.com/g/v2/231.json
162.19.138.120200 216 B URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 162.19.138.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 607359ec2390da85b4fd499d262c0db8
7ad789f8f8e9d57217152f1522d878e2c77f1a49
1d87c5668055f47306b4b28e4ab7db2123e5758fa2955b1dc36adfb5f9db7f12
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 486
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 06 Nov 2022 11:05:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
adservice.google.no/adsid/integrator.js?domain=sl1.prisondharmanetwork.net
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=sl1.prisondharmanetwork.net
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sl1.prisondharmanetwork.net HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 06 Nov 2022 11:05:12 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
142.250.74.138200 OK 31 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (3450)
Hash fe0045866ed40c6bdbaf26b09d712a93
89f2b3e17d7885507d1fc0c3c7d6d45598b7b098
5a4cb09c8dd6a2ff939d81151b18aedf4b8b549551a108f0ac0a132031230343
GET /js/sdkloader/gpt_proxy.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 31082
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Nov 2022 10:54:17 GMT
expires: Sun, 06 Nov 2022 11:09:17 GMT
cache-control: public, max-age=900
age: 655
last-modified: Mon, 31 Oct 2022 12:19:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
id5-sync.com/g/v2/231.json
162.19.138.120200 216 B URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 162.19.138.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 14905e2d7277fbe1fd158340dc1c6f4d
290e32054b5c08944cd35da5c2c4be50ba5507db
cd5a2dc9151702e5576d4e85af2b7450d14a84d0b400d7057940c43c7f959d8d
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 486
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 06 Nov 2022 11:05:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/g/v2/231.json
162.19.138.120200 216 B URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 162.19.138.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3116c8708381568b4c4a1b6c85b115f4
49d166d5e2c17f691e438e976f6642dda0789817
32082773f2a4895dba985c0af60c15623831b13dd1f4b6eb873c02feb33d6f51
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 486
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 06 Nov 2022 11:05:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/g/v2/231.json
162.19.138.120200 216 B URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP 162.19.138.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7dc5a28a8ce54782610383a31085f956
acfc76c995ba85130e9a894d63552eab9795c09e
b88465d26296b9722a70f851aeb8839886e6228d9a299a417ba206d3885ee82c
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 486
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 06 Nov 2022 11:05:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
imasdk.googleapis.com/js/sdkloader/ima3.js
142.250.74.138200 OK 127 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (2831)
Size 127 kB (126790 bytes)
Hash 7d6a2d6be5fba669197c4859fd259d0e
7ba450888a7885a17299dee5d08ba9e83157a7ff
c6f56d44b5716b1d80eb236f855713b8f71b10649ddb2ad596e8636b947da662
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126790
date: Sun, 06 Nov 2022 11:05:13 GMT
expires: Sun, 06 Nov 2022 11:05:13 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d2b4c49a0fb79e3d3bc40d2a28b27120
3f53633851cf851451354ccfd2931f2ec7a9e40f
a8a4ca2c09bae5cc3375077e531b357e2c1724693433a085ad038e3e6adfd96b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f522cfb1dc454906f23b71b17ca1afce
65200811b6dead00db7008996571497260968d81
461906f6bfa7f492a4e61faa6d0ba37e7d343a4ef2a1b824ceb35acc89357cf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 3ebbd65a2bdd5c6f3dea5a6b99b25f0d
484be27b25b736a7e7e2b1d5ef9760aecdcec01b
5616e6c097b0b7680eeee193b58950faa38c9792e8793c16c315e2554a34cdd1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/watch/68669074/1?wmode=7&page-url=https%3A%2F%2Fsl1.prisondharmanetwork.net%2Fgoodbye-letter-for-co-workers-sample-2063022-7325&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1139%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A16247871547%3Ahid%3A998683831%3Az%3A0%3Ai%3A20221106110510%3Aet%3A1667732710%3Ac%3A1%3Arn%3A384277035%3Arqn%3A1%3Au%3A1667732710652885234%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C293%2C260%2C0%2C281%2C0%2C%2C284%2C3%2C1300%2C1300%2C10%2C1135%3Ans%3A1667732707541%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667732710%3At%3AOglejte%20si%20to%20vzor%C4%8Dno%20e-po%C5%A1tno%20sporo%C4%8Dilo%20za%20slovo%20od%20sodelavcev%20-%20Izobra%C5%BEevanje%20-%202022&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
93.158.134.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/68669074/1?wmode=7&page-url=https%3A%2F%2Fsl1.prisondharmanetwork.net%2Fgoodbye-letter-for-co-workers-sample-2063022-7325&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1139%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A16247871547%3Ahid%3A998683831%3Az%3A0%3Ai%3A20221106110510%3Aet%3A1667732710%3Ac%3A1%3Arn%3A384277035%3Arqn%3A1%3Au%3A1667732710652885234%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C293%2C260%2C0%2C281%2C0%2C%2C284%2C3%2C1300%2C1300%2C10%2C1135%3Ans%3A1667732707541%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667732710%3At%3AOglejte%20si%20to%20vzor%C4%8Dno%20e-po%C5%A1tno%20sporo%C4%8Dilo%20za%20slovo%20od%20sodelavcev%20-%20Izobra%C5%BEevanje%20-%202022&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 3c1a3db82aa358d80a852f3c4836d255
ddfb374405a7effe874064b9e2ec7cbfa7239789
a9974b8a50a8a4f25f8ed4de4f4ee3f70961bcb3035cc32c8b795770ecc4927b
GET /watch/68669074/1?wmode=7&page-url=https%3A%2F%2Fsl1.prisondharmanetwork.net%2Fgoodbye-letter-for-co-workers-sample-2063022-7325&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A1139%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A16247871547%3Ahid%3A998683831%3Az%3A0%3Ai%3A20221106110510%3Aet%3A1667732710%3Ac%3A1%3Arn%3A384277035%3Arqn%3A1%3Au%3A1667732710652885234%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C293%2C260%2C0%2C281%2C0%2C%2C284%2C3%2C1300%2C1300%2C10%2C1135%3Ans%3A1667732707541%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1667732710%3At%3AOglejte%20si%20to%20vzor%C4%8Dno%20e-po%C5%A1tno%20sporo%C4%8Dilo%20za%20slovo%20od%20sodelavcev%20-%20Izobra%C5%BEevanje%20-%202022&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sl1.prisondharmanetwork.net
Referer: https://sl1.prisondharmanetwork.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Sun, 06 Nov 2022 11:05:13 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 06-Nov-2022 11:05:13 GMT
last-modified: Sun, 06-Nov-2022 11:05:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player86/player.min.js?s=1667209903
178.32.205.77200 OK 174 kB URL HTTP/2 cdn.onnetwork.tv/js/player86/player.min.js?s=1667209903
IP 178.32.205.77:0
Size 174 kB (173489 bytes)
Hash 05763c302f1fc5ae28e72819773e422f
4c5a8c64ececa2924bebb6583c7cf0c35dc19723
667ba5476d4f92ade4e8f6f94d87f17ed62f0b9454d1b9adfd53cc37ac946450
GET /js/player86/player.min.js?s=1667209903 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 09:51:43 GMT
vary: Accept-Encoding
etag: W/"635f9aaf-4ef73"
expires: Thu, 25 May 2023 11:05:12 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
3f5a1d46dd5b3882a62b51112c419bae.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
142.250.74.65200 OK 3.0 kB URL HTTP/2 3f5a1d46dd5b3882a62b51112c419bae.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash 0193525c83a04aba8fa3caf53d9aac05
ec27db82404e05017dd9b66206d03c2f623ca8d6
1f57111c09ecc489613040fb1f8ec3e9458f6d58bdacfd3669a10ba338a4c9d0
GET /safeframe/1-0-39/html/container.html HTTP/1.1
Host: 3f5a1d46dd5b3882a62b51112c419bae.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2988
date: Sun, 06 Nov 2022 11:05:13 GMT
expires: Mon, 06 Nov 2023 11:05:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 38fc4862052e168e0c1ae67eeb1ac280
725354e1375318e4528703224b81bfa51b0d4167
6bb8388db39898395cffa818df622bfb198f4b0fc2020b34b69816fab850275a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4e3435d6d488db0b1eb5c2d12336c0ba
97135089d3dcef4067d5169083cb78b4c1b132e2
2bad865dd9272ac94ad40a0a4214a524323c55f7df32febdcd8327045c46e124
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6579
Cache-Control: max-age=113258
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Etag: "636692a0-139"
Expires: Mon, 07 Nov 2022 18:32:51 GMT
Last-Modified: Sat, 05 Nov 2022 16:43:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 06 Nov 2022 11:05:13 GMT
expires: Sun, 06 Nov 2022 11:05:13 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:13 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=JBPlbF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hDcFJEV2JPWkZoVk5GcU01cVh2azhMYWdxbWlPZiUyRjglMkJ5QnZxS0NZbDVi; expires=Fri, 01 Dec 2023 11:05:13 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 302767
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1667732711318&event=plimpression&d=9074&vs=0&aps=4&playerVisible=0&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
178.32.205.77200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1667732711318&event=plimpression&d=9074&vs=0&aps=4&playerVisible=0&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 178.32.205.77:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1667732711318&event=plimpression&d=9074&vs=0&aps=4&playerVisible=0&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:13 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Sunday, 06-Nov-2022 11:05:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntm.png?ts=1667732711319&i=580084&d=9074&wsc=ab&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40
178.32.205.77200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntm.png?ts=1667732711319&i=580084&d=9074&wsc=ab&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40
IP 178.32.205.77:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntm.png?ts=1667732711319&i=580084&d=9074&wsc=ab&plist=0&widget=0&initap=4&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=4&vs=40 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:13 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Sunday, 06-Nov-2022 11:05:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntd.png?ts=1667732711320&mobile=0&plc=1&time=14&website=9074
178.32.205.77200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntd.png?ts=1667732711320&mobile=0&plc=1&time=14&website=9074
IP 178.32.205.77:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntd.png?ts=1667732711320&mobile=0&plc=1&time=14&website=9074 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:13 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Sunday, 06-Nov-2022 11:05:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/img/black.mp4
178.32.205.77206 Partial Content 2.7 kB URL HTTP/2 cdn.onnetwork.tv/img/black.mp4
IP 178.32.205.77:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 623ba46941cf827bff173d0679197d6a
fdb571b537510f2682876a3b45606f338bddb8a0
33e364012a7b1d72169cfaa7f2b3cda202b016e6e926577739b8bd9b3b61680c
GET /img/black.mp4 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:13 GMT
content-type: video/mp4
content-length: 2739
last-modified: Mon, 19 Mar 2018 19:13:39 GMT
etag: "5ab00be3-ab3"
expires: Thu, 25 May 2023 11:05:13 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-range: bytes 0-2738/2739
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/8/580084_1m.jpg
178.32.205.77200 OK 25 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/8/580084_1m.jpg
IP 178.32.205.77:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 426x240, components 3\012- data
Hash 691e872801d9d716db7ecc157f0eb566
fca96163822a31a7ff2a853b42abb3dab9526579
f8816e8e5dd490622a612a4e8325e9f6d91f3efbdcf5a97d985d8ba3a3121184
GET /poster/5/8/580084_1m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:13 GMT
content-type: image/jpeg
content-length: 25109
last-modified: Tue, 15 Feb 2022 13:34:41 GMT
etag: "620babf1-6215"
expires: Thu, 25 May 2023 11:05:13 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 290d47bbaad098b02771bb2da20794f8
74c429c52c45aa9027c940604c08f6f4b4362a3b
5dba2fc1094eaf495f286e518206140e09d41c503ab074f53b9efcaef2be8af0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2698
Cache-Control: max-age=171643
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Etag: "636785da-139"
Expires: Tue, 08 Nov 2022 10:45:56 GMT
Last-Modified: Sun, 06 Nov 2022 10:00:58 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 290d47bbaad098b02771bb2da20794f8
74c429c52c45aa9027c940604c08f6f4b4362a3b
5dba2fc1094eaf495f286e518206140e09d41c503ab074f53b9efcaef2be8af0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2718
Cache-Control: max-age=171663
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Etag: "636785da-139"
Expires: Tue, 08 Nov 2022 10:46:16 GMT
Last-Modified: Sun, 06 Nov 2022 10:00:58 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 6b72bfaacba486284aa2ecb4bcd8ebba
89fa4ef09e60380fc432c73b7919a29f26117088
fed14b27362ffe0dfbe0b1696e8dab5f6bba3e08b76bec620e75f0f3f213f69b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 94f8df4230202e6985f332b76f980d87
1955d3525faf395fcbca14ba8312abab0cefdc1c
8fcc2d33891eea0c14d841f64d8669c772cbdb3cd2374e4ef04d8285de00131a
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 06 Nov 2022 11:05:13 GMT
date: Sun, 06 Nov 2022 11:05:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-xY2V8JtrMIR6KjUHJLYqdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e20220595764996da3b132db809444b2
7b5e25e40df30de11e8bd6088f59b7131a2702db
b2f5ca6be41e0113663f5f75edc856f49297cd40700043080f3e27c1cce3a185
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dnacdn.net/dna
178.250.2.146200 OK 600 B IP 178.250.2.146:0
Hash 09e104af5874ab8e8cef5ff4192b181e
443c6fc474c773306a8dde4c10e655ec7fdbbf6f
e065cf7739ac691daed2a48b5b90c69b35b3ef56533c391b02bb9f39a9c580ab
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=JBPlbF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hDcFJEV2JPWkZoVk5GcU01cVh2azhMYWdxbWlPZiUyRjglMkJ5QnZxS0NZbDVi
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=PYc_Rl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hDcFJEV2JPWkZoVk5GcU01cVh2ayUyQjRyTkI3VmlxUmQ1bUlpNFFIYnlWZw; expires=Fri, 01 Dec 2023 11:05:13 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 285594
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e13e65ad7f6f12300b12d6cd6936d621
575faf606b5c5e39e0fbbef59998bcd3625aa141
10787f99c02b63d52b9b74fcec9497108d67c56c4a9436e0e3c9a7129d727dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.onnetwork.tv/css/player86.css?s=1665422390
178.32.205.77200 OK 31 kB URL HTTP/2 cdn.onnetwork.tv/css/player86.css?s=1665422390
IP 178.32.205.77:0
File type Unicode text, UTF-8 text, with very long lines (1325)
Hash a981c1b3eb4d59a93b03cc073fe962ba
e8cdfce1a7dd1bd8621182ff88f2d08ab270afe1
1bdb283d72852693e8c3330f1a149ab6d090e475c3353fc5301612c965a1adcc
GET /css/player86.css?s=1665422390 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:13 GMT
content-type: text/css
last-modified: Mon, 10 Oct 2022 17:19:50 GMT
vary: Accept-Encoding
etag: W/"63445436-b05f"
expires: Thu, 25 May 2023 11:05:13 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
s0.2mdn.net/instream/video/client.js
142.250.74.70200 OK 17 kB URL HTTP/2 s0.2mdn.net/instream/video/client.js
IP 142.250.74.70:0
File type ASCII text, with very long lines (2156)
Hash 49295de6ccd23cf80b6418a2d209868f
42a955b4560bb22cb9b5b39577f7a691ea345018
d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
GET /instream/video/client.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 16746
date: Sun, 06 Nov 2022 11:05:13 GMT
expires: Sun, 06 Nov 2022 11:05:13 GMT
cache-control: private, max-age=900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player86/player_utils.min.js?s=1667209903
178.32.205.77200 OK 3.7 kB URL HTTP/2 cdn.onnetwork.tv/js/player86/player_utils.min.js?s=1667209903
IP 178.32.205.77:0
Hash b3eff95713295584526f54a9091a861a
d6ff5fa5f8d5f0c02803a31136a017ec12b80f5c
0055e8071738019130fdc85647c151381b7babbc7e97ba199b982f5b96e762f7
GET /js/player86/player_utils.min.js?s=1667209903 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: application/javascript
last-modified: Mon, 31 Oct 2022 09:51:43 GMT
vary: Accept-Encoding
etag: W/"635f9aaf-2c2c"
expires: Thu, 25 May 2023 11:05:12 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
cdnx.onnetwork.tv/sd/5/8/580084.mp4?sev=vxGccnctZZDu5UIghYyP3A&e=1667743512&u=9074
147.135.247.123206 Partial Content 66 kB URL HTTP/2 cdnx.onnetwork.tv/sd/5/8/580084.mp4?sev=vxGccnctZZDu5UIghYyP3A&e=1667743512&u=9074
IP 147.135.247.123:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash df0ef0853265ee60c6db1550b93f33bf
efba5abb64514efc31fc37c6e308bb19b985ec66
a2abed1f8c2df034fa8ff5c34f5ff7faf2edc173c546fafe351ab5e37734907d
GET /sd/5/8/580084.mp4?sev=vxGccnctZZDu5UIghYyP3A&e=1667743512&u=9074 HTTP/1.1
Host: cdnx.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:13 GMT
content-type: video/mp4
content-length: 6217876
last-modified: Tue, 15 Feb 2022 13:35:37 GMT
etag: "620bac29-5ee094"
strict-transport-security: max-age=31536000
access-control-allow-origin: *
content-range: bytes 0-6217875/6217876
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 486b4e1e66779945a7624394e6cafc65
ba22e75c620010bc3f243b46cdf114590b511792
9871f49c7a7a15619009b802ca90cb376c63b41d862ad809691b5919300d153a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 486b4e1e66779945a7624394e6cafc65
ba22e75c620010bc3f243b46cdf114590b511792
9871f49c7a7a15619009b802ca90cb376c63b41d862ad809691b5919300d153a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 486b4e1e66779945a7624394e6cafc65
ba22e75c620010bc3f243b46cdf114590b511792
9871f49c7a7a15619009b802ca90cb376c63b41d862ad809691b5919300d153a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 486b4e1e66779945a7624394e6cafc65
ba22e75c620010bc3f243b46cdf114590b511792
9871f49c7a7a15619009b802ca90cb376c63b41d862ad809691b5919300d153a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 486b4e1e66779945a7624394e6cafc65
ba22e75c620010bc3f243b46cdf114590b511792
9871f49c7a7a15619009b802ca90cb376c63b41d862ad809691b5919300d153a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
216.58.211.1200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012210191347000/amp4ads-v0.mjs
IP 216.58.211.1:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash d01f5a561493f905a9759ac4c1184aeb
32dcac96844d6281fb26c7a82b0895022715e627
1ccf343c33b08696d06b1cca968616c8b8b9ff4bc061b3a2002bd90219f3a27b
GET /rtv/012210191347000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61564
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:48:03 GMT
expires: Fri, 03 Nov 2023 21:48:03 GMT
cache-control: public, max-age=31536000
etag: "84cdcac007f64412"
content-type: text/javascript; charset=UTF-8
age: 220630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
216.58.211.1200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012210191347000/v0/amp-ad-exit-0.1.mjs
IP 216.58.211.1:0
File type ASCII text, with very long lines (14697)
Hash 233278265fc033322558501e669c19f1
016edda223adfafd1cb756d6fe04e159ee89681f
41c3ce2e1ddc232842586f94b5d384714560885a50c9d8370f4e2bed1382f7e1
GET /rtv/012210191347000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sl1.prisondharmanetwork.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5198
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 22:01:45 GMT
expires: Fri, 03 Nov 2023 22:01:45 GMT
cache-control: public, max-age=31536000
etag: "aeb1502543fb438c"
content-type: text/javascript; charset=UTF-8
age: 219808
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
216.58.211.1200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012210191347000/v0/amp-analytics-0.1.mjs
IP 216.58.211.1:0
File type ASCII text, with very long lines (65534)
Hash b7e7237dda6bb30ca41984a7ec955c6e
9aaafaccc0450ef2e85cc793eef6f8658905960a
58696c719d75279e39fd7e60d79bcdadb2f17eb76fcb3732b7a6f4d7fbd24c7a
GET /rtv/012210191347000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sl1.prisondharmanetwork.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28845
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:48:22 GMT
expires: Fri, 03 Nov 2023 21:48:22 GMT
cache-control: public, max-age=31536000
etag: "fdb7364f8f067758"
content-type: text/javascript; charset=UTF-8
age: 220611
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.2.130200 OK 32 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.2.130:0
Hash 255789eb60ced26b1d64017d7ed24e49
5617673bccae8f6a2dfae9bd624a65c003e143f1
191e8ae2cca54faafd1cd08a072af39d15eadcfad20208f2148fffbd85549cfe
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 11:05:13 GMT
content-type: text/javascript
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
etag: W/"6356752f-16294"
expires: Mon, 07 Nov 2022 11:05:13 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-135184183-1&cid=1270609188.1667732712&jid=1829098487&gjid=608278262&_gid=1276064608.1667732712&_u=IGhAAEAAAAAAACAAsD~&z=870467930
64.233.162.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-135184183-1&cid=1270609188.1667732712&jid=1829098487&gjid=608278262&_gid=1276064608.1667732712&_u=IGhAAEAAAAAAACAAsD~&z=870467930
IP 64.233.162.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-135184183-1&cid=1270609188.1667732712&jid=1829098487&gjid=608278262&_gid=1276064608.1667732712&_u=IGhAAEAAAAAAACAAsD~&z=870467930 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://sl1.prisondharmanetwork.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 11:05:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
216.58.211.1200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012210191347000/v0/amp-form-0.1.mjs
IP 216.58.211.1:0
File type Unicode text, UTF-8 text, with very long lines (41068)
Hash 55dd55349450dbebf4e652fd7b7efc8f
e0595ceb4e1de54c959635de15e90cb7de894f9d
594c9c43a59fa419f7a9f6d669540064b9b44d07fcedd1c52607b826b7b04432
GET /rtv/012210191347000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sl1.prisondharmanetwork.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12946
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 21:27:06 GMT
expires: Fri, 03 Nov 2023 21:27:06 GMT
cache-control: public, max-age=31536000
etag: "2923b90bb7365105"
content-type: text/javascript; charset=UTF-8
age: 221887
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 486b4e1e66779945a7624394e6cafc65
ba22e75c620010bc3f243b46cdf114590b511792
9871f49c7a7a15619009b802ca90cb376c63b41d862ad809691b5919300d153a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:21 GMT
expires: Thu, 02 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 315053
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 315066
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 19:34:08 GMT
expires: Thu, 02 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 315066
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 62a8ce6a2338913103618edb2f4a9dbe
0e0850b1aef6ed524d119a41145112b84c257687
51d11b07f58551b5864fb55d4560d8a2237c2351036de0af7e25c81816763b31
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.195200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 15:21:36 GMT
expires: Thu, 02 Nov 2023 15:21:36 GMT
cache-control: public, max-age=31536000
age: 330218
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1667732712344&d=9074&wsc=ab&typ=embed&mobile=0&c=24
178.32.205.77200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1667732712344&d=9074&wsc=ab&typ=embed&mobile=0&c=24
IP 178.32.205.77:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1667732712344&d=9074&wsc=ab&typ=embed&mobile=0&c=24 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:14 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Sunday, 06-Nov-2022 11:05:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
onetag-sys.com/usync/?cb=1667732710253&gdpr=0
51.89.9.251204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?cb=1667732710253&gdpr=0
IP 51.89.9.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1667732710253&gdpr=0 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent= HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=18282
expires: Sun, 06 Nov 2022 16:09:57 GMT
date: Sun, 06 Nov 2022 11:05:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
onetag-sys.com/usync/?cb=1667732710261&gdpr=0
51.89.9.251204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?cb=1667732710261&gdpr=0
IP 51.89.9.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1667732710261&gdpr=0 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent=
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?kdntuid=1&p=160120&gdpr=0&gdpr_consent= HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=18282
expires: Sun, 06 Nov 2022 16:09:57 GMT
date: Sun, 06 Nov 2022 11:05:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ssp.wp.pl/bidder/usersync?tcf=2&pvid=52178404430421250000&sn=mc_adapter
212.77.99.29200 OK 281 B URL HTTP/2 ssp.wp.pl/bidder/usersync?tcf=2&pvid=52178404430421250000&sn=mc_adapter
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477), with no line terminators
Hash 3cc5bd08b7a270b10e3937d69295cce8
342d412c14becbf1fecd3091e0be6355791762fa
ed13833f42b1b6b979d0e7ac1e570dddf6ed8c1ec002c4f13e421e67d3af42ef
GET /bidder/usersync?tcf=2&pvid=52178404430421250000&sn=mc_adapter HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 11:05:15 GMT
content-type: text/html; charset=utf-8
content-length: 281
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 07:39:06 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 9998d049e78bfa7471346b21c557f0e3
7a65d24dd2ac5c9dec17913b99b4a86d9c384331
ae96f734e4a76ad07c770625971cf8f4740fe5498ec3ceeea1d74d16da21c639
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 11:05:15 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Thu, 10 Nov 2022 08:27:38 GMT
ETag: "7a65d24dd2ac5c9dec17913b99b4a86d9c384331"
Last-Modified: Sun, 06 Nov 2022 08:27:39 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 698
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 765d5a5f29b8b4f3-OSL
ssp.wp.pl/bidder/usersync?tcf=2&pvid=52178404430421250000&sn=mc_adapter
212.77.99.29200 OK 281 B URL HTTP/2 ssp.wp.pl/bidder/usersync?tcf=2&pvid=52178404430421250000&sn=mc_adapter
IP 212.77.99.29:0
ASN #12827 Wirtualna Polska Media S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (477), with no line terminators
Hash 3cc5bd08b7a270b10e3937d69295cce8
342d412c14becbf1fecd3091e0be6355791762fa
ed13833f42b1b6b979d0e7ac1e570dddf6ed8c1ec002c4f13e421e67d3af42ef
GET /bidder/usersync?tcf=2&pvid=52178404430421250000&sn=mc_adapter HTTP/1.1
Host: ssp.wp.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 11:05:15 GMT
content-type: text/html; charset=utf-8
content-length: 281
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 07:39:06 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.85.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.85.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 06 Nov 2022 11:05:15 GMT
Age: 22992
X-Served-By: cache-lga13626-LGA, cache-bma1626-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 25, 69408
X-Timer: S1667732715.437801,VS0,VE0
Vary: Accept-Encoding
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsl1.prisondharmanetwork.net%2F&domain=sl1.prisondharmanetwork.net&cw=1&pbt=1&lsw=1
178.250.2.146200 OK 465 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsl1.prisondharmanetwork.net%2F&domain=sl1.prisondharmanetwork.net&cw=1&pbt=1&lsw=1
IP 178.250.2.146:0
Hash 45d32db73a38c87d4d70c320f4e2e06a
17f22a7293f83cdd9b640afbce09947541adf97c
92f59514ece1e748b7a7f55a5ceb911f3e3014a0f3160a7f8e640a4a126c4775
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsl1.prisondharmanetwork.net%2F&domain=sl1.prisondharmanetwork.net&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:14 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sl1.prisondharmanetwork.net
server-processing-duration-in-ticks: 1495417
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.85.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.85.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Fri, 04 Nov 2022 04:41:58 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 06 Nov 2022 11:05:15 GMT
Age: 22992
X-Served-By: cache-lga13626-LGA, cache-bma1671-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 25, 69074
X-Timer: S1667732715.452835,VS0,VE0
Vary: Accept-Encoding
match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
3.33.220.150200 OK 63 B URL HTTP/2 match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
IP 3.33.220.150:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 2d70ece2bd307b14ebd8eeeb16ff8c29
87a75bf48005522198799360360b00dd13dd7380
4dae292120dc921beeba0aa0f3db30ef5c536b4a882e8d01c8691280833d4126
GET /track/rid?ttd_pid=prebid&fmt=json HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:15 GMT
content-type: application/json; charset=utf-8
content-length: 63
cache-control: private
expires: Tue, 06 Dec 2022 11:05:15 GMT
vary: Origin
access-control-allow-origin: https://sl1.prisondharmanetwork.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
x-aspnet-version: 4.0.30319
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
23.38.200.201200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=18282
expires: Sun, 06 Nov 2022 16:09:57 GMT
date: Sun, 06 Nov 2022 11:05:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=2bb78272a859ca6
51.89.9.251204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2bb78272a859ca6
IP 51.89.9.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2bb78272a859ca6 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
185.64.189.115200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 185.64.189.115:0
File type ASCII text, with no line terminators
Hash 88cc3a369b610af2699b97f7329b0eed
08c14ec5856d0894cd1da10aa59e56643fb9c87d
b11d5696f52de98409c6d084e47ab6df16cd570c3eafcc02d2fa7ecf4242bc6e
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Sat, 4 Feb 2023 02:11:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sun, 06 Nov 2022 11:05:14 GMT
content-length: 60
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.141307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 11:05:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 23a814f9-0db0-45d1-8237-a4b639a0485f
Set-Cookie: uuid2=4983535808183139124; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Feb-2023 11:05:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
2.21.206.244301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
IP 2.21.206.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
date: Sun, 06 Nov 2022 11:05:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
143.204.55.76302 Found 0 B URL HTTP/2 s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
IP 143.204.55.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP/1.1
Host: s.ad.smaato.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: CloudFront
date: Sun, 06 Nov 2022 11:05:15 GMT
content-length: 0
cache-control: no-cache, must-revalidate
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.quantumdex.io/setuid?bidder=smaato&uid=74956d01
set-cookie: SCM=74956d01; Expires=Sun, 27 Nov 2022 11:05:15 GMT; Domain=.smaato.net; SameSite=None; Path=/; Secure
SCMp=74956d01; Expires=Wed, 16 Nov 2022 23:05:15 GMT; Domain=.smaato.net; Path=/; SameSite=None; Secure
x-cache: FunctionGeneratedResponse from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Jpe62H76jrKAUJ4CXq6nYr5gPkusiduXkcq-w4uRnFSK1ZZeOULbCw==
X-Firefox-Spdy: h2
sync.quantumdex.io/usersync/pbjs
172.67.42.201200 OK 914 B URL HTTP/2 sync.quantumdex.io/usersync/pbjs
IP 172.67.42.201:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (3653), with no line terminators
Hash ca4ebdc6409a93360d3de6964ecac249
d98e145a5d21624c164efaf6d71b63cd3f5bd343
c4f09148987e4c2d099d4cb45bd574ac5efef5053ced1aeb6000e45469be6d1d
GET /usersync/pbjs HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Cookie: uid=2a1eb00c-2510-4caa-a112-e88b0fcf5481
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:15 GMT
content-type: text/html
set-cookie: uid=2a1eb00c-2510-4caa-a112-e88b0fcf5481; expires=Wed, 16 Nov 2022 11:05:15 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765d5a5ece5cfab8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.141307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 11:05:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: cf7ced86-f855-458a-9605-8e69027ddfd6
Set-Cookie: uuid2=3263122710996727996; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Feb-2023 11:05:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=pbs-valueimpression&endpoint=us-east HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 06 Nov 2022 11:05:15 GMT
Connection: keep-alive
Vary: Accept-Encoding
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.141200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 11:05:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 95a898d3-2b86-4425-93c7-e68ea8a7b4e5
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=pbs-valueimpression&endpoint=us-east HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 06 Nov 2022 11:05:15 GMT
Connection: keep-alive
Vary: Accept-Encoding
onetag-sys.com/usync/?pubId=2bb78272a859ca6
51.89.9.251204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2bb78272a859ca6
IP 51.89.9.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2bb78272a859ca6 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.141200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 11:05:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 80bacd01-acaa-48d2-b9fa-69ff42c76ebf
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 9.9 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (18075)
Hash 5b2bfbb149c5818116277e5e409506f7
b4a0265f732c6812379425342af7d3b7930b7160
46eb38294f7c6700989901225b8635da3c6de15d4cdc7f1f42dccb3522afb196
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Sat, 05 Nov 2022 15:33:00 GMT
Content-Encoding: gzip
Content-Length: 9885
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=16059
Expires: Sun, 06 Nov 2022 15:32:54 GMT
Date: Sun, 06 Nov 2022 11:05:15 GMT
Connection: keep-alive
Vary: Accept-Encoding
sync.quantumdex.io/setuid?bidder=smaato&uid=74956d01
172.67.42.201200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=smaato&uid=74956d01
IP 172.67.42.201:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=smaato&uid=74956d01 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=2a1eb00c-2510-4caa-a112-e88b0fcf5481
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:15 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765d5a607f9dfab8-OSL
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
185.89.210.141307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
IP 185.89.210.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 11:05:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
AN-X-Request-Uuid: 54246149-38cb-4d73-809c-ce3cd70d0c14
Set-Cookie: uuid2=1689984813546846860; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Feb-2023 11:05:15 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
162.19.138.120200 43 B URL HTTP/1.1 id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
IP 162.19.138.120:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sun, 06-Nov-2022 11:10:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sun, 06-Nov-2022 11:10:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sun, 06-Nov-2022 11:10:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sun, 06-Nov-2022 11:10:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sun, 06-Nov-2022 11:10:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sun, 06-Nov-2022 11:10:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sun, 06 Nov 2022 11:05:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 991c0be140391faf84c97a4b85bdfdc6
e0053d7f494a2f7c8f2363aeed324a32f3933184
a883c2fb644508b119b0e182a0ed365ec71be8321d8cc8dfcd79f01e54a0fa06
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 11:05:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 23:23:23 GMT
Expires: Thu, 10 Nov 2022 23:23:22 GMT
Etag: "e0053d7f494a2f7c8f2363aeed324a32f3933184"
Cache-Control: max-age=389286,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765d5a611b06b523-OSL
hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E
23.38.200.22302 Found 154 B URL HTTP/2 hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E
IP 23.38.200.22:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 52558d05355ee6e9d14ff3cf8a5a3ef0
52cfd7dd3859dc0578849a7b1c91bb8f91ad84c2
bac5546ea0f819f461c9023592ec2398a45a6c3aab78e55fed8b7c908dce6060
GET /cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP/1.1
Host: hbx.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: Apache
content-length: 154
content-type: text/html
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
set-cookie: data-pbs=setstatuscode~~1;Expires=Mon, 06 Nov 2023 11:05:15 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=86400 ; includeSubDomains
x-mnet-hl2: E
expires: Sun, 06 Nov 2022 11:05:15 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 06 Nov 2022 11:05:15 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
185.89.210.141302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID
IP 185.89.210.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.quantumdex.io%252Fsetuid%253Fbidder%253Dappnexus%2526uid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 11:05:15 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=0
AN-X-Request-Uuid: 7e11610b-5364-49cf-876a-73c16a792e8d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
104.18.18.126200 OK 150 B URL HTTP/2 ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1
IP 104.18.18.126:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 104f874caae18b825ba40a935ffc638c
57eeae2c2fc5f6f6467eaaa3b8edfb3187ee0edb
2b55f7127106c7481863927aa30e04373897b5f04c2c55b419753def90af3efc
GET /usermatch?cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D&s=192922&C=1 HTTP/1.1
Host: ssum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:15 GMT
content-type: text/html
cf-ray: 765d5a606b6fb4f3-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwN3NO6KjAXTghw1ahEg3bUdUMn2AmJIt%2BgmBX1aFCq73IO8nG%2FBa54fijCC0%2F%2FODI3kaMS9KlSznQAMYycng7PK1T8hVUH6V9Szu9%2BK%2Bhgg%2BS%2FPy902jrNRFeRGTHEpSXd1Iv884d4lCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D4E8607F6-65EF-4FE9-B563-609500D05CDE%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
23.38.200.201200 OK 953 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D4E8607F6-65EF-4FE9-B563-609500D05CDE%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Hash 499546dec064c08e4c7c354bab138f7f
f155d071d071e4e7c1d45e22943915df9d9f2b75
1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4
GET /AdServer/js/cl_partner.html?pid=2&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D4E8607F6-65EF-4FE9-B563-609500D05CDE%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
content-type: text/html; charset=UTF-8
cache-control: max-age=118754
expires: Mon, 07 Nov 2022 20:04:29 GMT
date: Sun, 06 Nov 2022 11:05:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D4E8607F6-65EF-4FE9-B563-609500D05CDE%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
23.38.200.201200 OK 953 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D4E8607F6-65EF-4FE9-B563-609500D05CDE%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Hash 499546dec064c08e4c7c354bab138f7f
f155d071d071e4e7c1d45e22943915df9d9f2b75
1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4
GET /AdServer/js/cl_partner.html?pid=2&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D4E8607F6-65EF-4FE9-B563-609500D05CDE%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
content-type: text/html; charset=UTF-8
cache-control: max-age=118754
expires: Mon, 07 Nov 2022 20:04:29 GMT
date: Sun, 06 Nov 2022 11:05:15 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 991c0be140391faf84c97a4b85bdfdc6
e0053d7f494a2f7c8f2363aeed324a32f3933184
a883c2fb644508b119b0e182a0ed365ec71be8321d8cc8dfcd79f01e54a0fa06
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 11:05:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 03 Nov 2022 23:23:23 GMT
Expires: Thu, 10 Nov 2022 23:23:22 GMT
Etag: "e0053d7f494a2f7c8f2363aeed324a32f3933184"
Cache-Control: max-age=389286,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765d5a60baddb503-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 6017cd32317984639fc0d9e39d976b32
70a1a195622ab38ecf1791516680ef16c621193f
b043d59a294e145ceff6fdcdc7e1c74569a76781c72058eea5eca91ef2f2b8bd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152432
Date: Sun, 06 Nov 2022 11:05:15 GMT
Etag: "6367316a-1d7"
Expires: Tue, 08 Nov 2022 05:25:47 GMT
Last-Modified: Sun, 06 Nov 2022 04:00:42 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wxY3YBZgekmA_yItUWGpeL-YuZe0ojWZAiV-XgbYNVhhlMRgrSNUmg==
Age: 5105
simage4.pubmatic.com/AdServer/SPug?o=1&p=160120&sc=1&u=4E8607F6-65EF-4FE9-B563-609500D05CDE&rs=3&gdpr=0&gdpr_consent=&us_privacy=
185.64.190.81200 OK 378 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=160120&sc=1&u=4E8607F6-65EF-4FE9-B563-609500D05CDE&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 185.64.190.81:0
Hash fce7659be310a885b8e3660e61b4e9a5
7fab87ab784c861f1e35afd4fc4b932e3521c316
23b6fa750e07311b67136dabe46148b88e494af887bb3fc4db9703936516164b
GET /AdServer/SPug?o=1&p=160120&sc=1&u=4E8607F6-65EF-4FE9-B563-609500D05CDE&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 11:05:15 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
213.19.147.45204 No Content 0 B URL HTTP/2 usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
IP 213.19.147.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID HTTP/1.1
Host: usermatch.targeting.unrulymedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 06 Nov 2022 11:05:15 GMT
X-Firefox-Spdy: h2
sync.quantumdex.io/setuid?bidder=appnexus&uid=0
172.67.42.201200 OK 43 B URL HTTP/2 sync.quantumdex.io/setuid?bidder=appnexus&uid=0
IP 172.67.42.201:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 57f187c7a868faeac558007a8eb6cb2e
11ab10ab109fdb53d91d444ac781101f5a6360c6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
GET /setuid?bidder=appnexus&uid=0 HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Cookie: uid=2a1eb00c-2510-4caa-a112-e88b0fcf5481
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:15 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765d5a61c865fab8-OSL
X-Firefox-Spdy: h2
id5-sync.com/i/175/9.gif
162.19.138.120200 43 B IP 162.19.138.120:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/175/9.gif HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sun, 06-Nov-2022 11:10:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sun, 06-Nov-2022 11:10:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sun, 06-Nov-2022 11:10:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sun, 06-Nov-2022 11:10:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sun, 06-Nov-2022 11:10:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sun, 06-Nov-2022 11:10:15 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sun, 06 Nov 2022 11:05:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
match.adsrvr.org/track/cmf/rubicon
3.33.220.150200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/rubicon
IP 3.33.220.150:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/rubicon HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:15 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 0e918633c2337a3bd9011633bd96f27b
55a5eb05c660fa4d125742559f1707068d361a11
2585edf21abf29db280f3cdef8dd6c466026cf33fde7a34d1b1c9da8c49b8a20
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 06 Nov 2022 11:05:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 05 Nov 2022 20:41:30 GMT
Expires: Sun, 06 Nov 2022 20:41:30 GMT
ETag: "55a5eb05c660fa4d125742559f1707068d361a11"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
213.19.147.45204 No Content 0 B URL HTTP/2 usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
IP 213.19.147.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID HTTP/1.1
Host: usermatch.targeting.unrulymedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 06 Nov 2022 11:05:15 GMT
X-Firefox-Spdy: h2
match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
3.127.94.98204 No Content 0 B URL HTTP/2 match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
IP 3.127.94.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 06 Nov 2022 11:05:15 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b64fb49ae6710601c002a7f5ba0a00d7
7c9adc3e773625e12b77bb95501fac2da42800fe
11587cf224fd2d7d6307eff9955fe7b2e3e41b51fe2f47233c942c606589edb1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5307
Cache-Control: max-age=138605
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:15 GMT
Etag: "6366fa9d-1d7"
Expires: Tue, 08 Nov 2022 01:35:20 GMT
Last-Modified: Sun, 06 Nov 2022 00:06:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b64fb49ae6710601c002a7f5ba0a00d7
7c9adc3e773625e12b77bb95501fac2da42800fe
11587cf224fd2d7d6307eff9955fe7b2e3e41b51fe2f47233c942c606589edb1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1880
Cache-Control: max-age=135178
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:15 GMT
Etag: "6366fa9d-1d7"
Expires: Tue, 08 Nov 2022 00:38:13 GMT
Last-Modified: Sun, 06 Nov 2022 00:06:53 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b64fb49ae6710601c002a7f5ba0a00d7
7c9adc3e773625e12b77bb95501fac2da42800fe
11587cf224fd2d7d6307eff9955fe7b2e3e41b51fe2f47233c942c606589edb1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5308
Cache-Control: max-age=138605
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:16 GMT
Etag: "6366fa9d-1d7"
Expires: Tue, 08 Nov 2022 01:35:21 GMT
Last-Modified: Sun, 06 Nov 2022 00:06:53 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b64fb49ae6710601c002a7f5ba0a00d7
7c9adc3e773625e12b77bb95501fac2da42800fe
11587cf224fd2d7d6307eff9955fe7b2e3e41b51fe2f47233c942c606589edb1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1881
Cache-Control: max-age=135178
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:16 GMT
Etag: "6366fa9d-1d7"
Expires: Tue, 08 Nov 2022 00:38:14 GMT
Last-Modified: Sun, 06 Nov 2022 00:06:53 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
72.251.249.9204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
IP 72.251.249.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sun, 06 Nov 2022 11:05:15 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap3ams1
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 6172ca12478909a0ec205ef506367007
a54d989677acd5bb810fb5a66576761ab299b3bf
4459030154c7949fd42aa49675aecfff996cb13c84e9a66a222287d1889d479f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=127099
Date: Sun, 06 Nov 2022 11:05:15 GMT
Etag: "6366cab2-1d7"
Expires: Mon, 07 Nov 2022 22:23:34 GMT
Last-Modified: Sat, 05 Nov 2022 20:42:26 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 90WmiPtlTFDIeKLDet-J-fTw2mK3FQc3XoVKHtzdhxCLCVOnzPpNAA==
Age: 6068
token.rubiconproject.com/token?pid=25470
213.19.162.80204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=25470
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=25470 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d0cea2fb47f5ddedaddf61763f0aedb4
pixel.rubiconproject.com/exchange/sync.php?p=a9us
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=a9us
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=a9us HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 19600bc21eacf9565125744d917cac10
Content-Type: image/gif
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 386ab1abf63e2d84590ac4811af42f4a
f4be9c54ab943ec73bbcdaee8cf4b6e996f77d2c
cb09e3ff1edca73ba28e7346debdc45ea7c6a82a0a7cfb06f003c565ecc3472b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6185
Cache-Control: max-age=103815
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:16 GMT
Etag: "63666f4a-1d7"
Expires: Mon, 07 Nov 2022 15:55:31 GMT
Last-Modified: Sat, 05 Nov 2022 14:12:26 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
token.rubiconproject.com/token?pid=36584
213.19.162.80204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=36584
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=36584 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 19600bc21eacf9565125744d917cac10
token.rubiconproject.com/token?pid=2974&pt=n&a=1
213.19.162.80204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=2974&pt=n&a=1
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=2974&pt=n&a=1 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d0cea2fb47f5ddedaddf61763f0aedb4
cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
142.250.74.66302 Found 295 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d351a54e6fea94972b95c8719be0dbb3
6424de15817cddfb627c824dc22cab864126f4de
3b0b2e461988f20a8cf9708bb322f65030782172eadf9ddf3237da1f036839a1
GET /pixel?google_nid=rubicon&google_cm&google_sc HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
date: Sun, 06 Nov 2022 11:05:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 295
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 06-Nov-2022 11:20:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
token.rubiconproject.com/token?pid=27&a=1
213.19.162.80204 No Content 0 B URL HTTP/1.1 token.rubiconproject.com/token?pid=27&a=1
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /token?pid=27&a=1 HTTP/1.1
Host: token.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: d0cea2fb47f5ddedaddf61763f0aedb4
ups.analytics.yahoo.com/ups/58424/occ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58424/occ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58424/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 06 Nov 2022 11:05:16 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBOyUZ2MCEMkDkN9VzUGV6HgXJ8rNBxwFEgEBAQHmaGNxYwAAAAAA_eMAAA&S=AQAAAmmkeakBnG4ABcMxPiEbXKI; Expires=Mon, 6 Nov 2023 17:05:16 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
142.250.74.66200 OK 170 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
IP 142.250.74.66:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e7673c60af825466f83d46da72ca1635
fc0fcbee0835709ba2d28798a612bfd687903fb5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
GET /pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Sun, 06 Nov 2022 11:05:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
server: HTTP server (unknown)
content-length: 170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
52.95.118.179302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
IP 52.95.118.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Sun, 06 Nov 2022 11:05:16 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: A1SEKDSE8FX144RVECWD
Set-Cookie: ad-id=A81yko-Pq0sIpImXkAAJ--Q|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jul-2023 11:05:16 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
um.simpli.fi/rb_match
35.204.74.118302 Found 142 B IP 35.204.74.118:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET /rb_match HTTP/1.1
Host: um.simpli.fi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Sun, 06 Nov 2022 11:05:16 GMT
content-type: text/html
content-length: 142
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=6AA1EF6B394941A18CD5A643226EF3AE&expires=365
set-cookie: suid=6AA1EF6B394941A18CD5A643226EF3AE; Path=/; domain=simpli.fi; Expires=Tue, 07-Nov-23 11:05:16 GMT; SameSite=none; Secure;
suid_legacy=6AA1EF6B394941A18CD5A643226EF3AE; Path=/; domain=simpli.fi; Expires=Tue, 07-Nov-23 11:05:16 GMT; Secure;
expires: Sat, 05 Nov 2022 11:05:16 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 76070e55ec0864ed2fb7ccce750daf3c
b7d77a7731098bc1f4e04c8aa258c54b10dba9d6
ff11218f5203264f3d5eb1393016df3fa427d6e6d846b29a3e22d01b935192ea
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=85244
Date: Sun, 06 Nov 2022 11:05:16 GMT
Etag: "63662ebd-1d7"
Expires: Mon, 07 Nov 2022 10:46:00 GMT
Last-Modified: Sat, 05 Nov 2022 09:37:01 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _s9IY5IwfLAkHAdBisPOETwRR5AKrENkpqz7P-jb2stq_szKRJulCw==
Age: 4139
ups.analytics.yahoo.com/ups/58424/occ?verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58424/occ?verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58424/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 06 Nov 2022 11:05:16 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBOyUZ2MCENleXejayoxoncb2sC1-VLcFEgEBAQHmaGNxYwAAAAAA_eMAAA&S=AQAAAmUcz2F7upMgr-ZBvbba1Jk; Expires=Mon, 6 Nov 2023 17:05:16 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=6AA1EF6B394941A18CD5A643226EF3AE&expires=365
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=6AA1EF6B394941A18CD5A643226EF3AE&expires=365
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6286&nid=2132&put=6AA1EF6B394941A18CD5A643226EF3AE&expires=365 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 19600bc21eacf9565125744d917cac10
Content-Type: image/gif
pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression
8.43.72.97204 No Content 0 B URL HTTP/1.1 pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression
IP 8.43.72.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-valueimpression HTTP/1.1
Host: pixel-us-east.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 10af108baa8103fb427a2cc0433d74a0
Content-Type: image/gif
i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
3.120.90.28302 0 B URL HTTP/1.1 i.w55c.net/ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
IP 3.120.90.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ping_match.gif?ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30 HTTP/1.1
Host: i.w55c.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Cache-Control: no-cache, must-revalidate
Date: Sun, 06 Nov 2022 11:05:15 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
Pragma: no-cache
Server: PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0eed724e77eae7a40@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie: wfivefivec=pVB0FG8J1ORDsM5; Domain=.w55c.net; Expires=Wed, 06-Dec-2023 21:05:16 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
52.95.118.179200 OK 43 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
IP 52.95.118.179:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Sun, 06 Nov 2022 11:05:16 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: 8JE6PMYCEFCDZ2GZVSNJ
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5cd9f513659ee393b301b4851c3dcc17
a9d03975bdbc776e8b7a3838c8f120124d458402
55a0dbc3fe75fbaf2d455808e7f6f19612b68cd8ce8f5e9f84d7c96e736c4be8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3359
Cache-Control: max-age=141001
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 11:05:16 GMT
Etag: "63670b96-1d7"
Expires: Tue, 08 Nov 2022 02:15:17 GMT
Last-Modified: Sun, 06 Nov 2022 01:19:18 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 002b17b1156c85f4dc3fbeb77a3cc23f
a66208c727c86ea310ee17d2c9f71b5ae5c3d3a9
f7a66202bf1654d72d978fd80f1e9918d70a99fbb4c940c723fcb640e4d25429
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=85678
Date: Sun, 06 Nov 2022 11:05:16 GMT
Etag: "636627c9-1d7"
Expires: Mon, 07 Nov 2022 10:53:14 GMT
Last-Modified: Sat, 05 Nov 2022 09:07:21 GMT
Server: ECS (nyb/1D04)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bkf2nu_z4HZqxXrI1hTT-zJMiQjIHjtfwri7ItZe_Uap7kMU_WlemA==
Age: 6353
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 8b80428e51ec2da248e9f2a4277e1934
765298a22ddc8b42fce92badd8015a970e59ba04
0a6cfe9dcab898be302d880673ea2e64292515e70e3109c721881e04be86afc4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 11:05:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 06 Nov 2022 01:42:55 GMT
Expires: Sun, 13 Nov 2022 01:42:54 GMT
Etag: "765298a22ddc8b42fce92badd8015a970e59ba04"
Cache-Control: max-age=570457,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765d5a635dd5b523-OSL
id.rlcdn.com/709414.gif
35.244.174.68451 Unavailable For Legal Reasons 44 B IP 35.244.174.68:0
Hash 1d4156a8bc0243e4c1e8363710764e8d
3b7dab0958df1213a5043f9e9a263006c0925a8a
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
GET /709414.gif HTTP/1.1
Host: id.rlcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 451 Unavailable For Legal Reasons
content-type: text/plain; charset=utf-8
x-content-type-options: nosniff
date: Sun, 06 Nov 2022 11:05:16 GMT
content-length: 44
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
3.120.24.110204 0 B URL HTTP/1.1 pm.w55c.net/ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30
IP 3.120.24.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ping_match.gif?scc=1&ei=RUBICON&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4210%26nid%3D1523%26put%3D_wfivefivec_%26expires%3D30 HTTP/1.1
Host: pm.w55c.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
Cache-Control: no-cache, must-revalidate
Date: Sun, 06 Nov 2022 11:05:15 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Pragma: no-cache
Server: PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-0365872a60f729e92@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Connection: keep-alive
sync.extend.tv/r.gif?exchange=rubicon
35.169.163.246302 Found 130 B URL HTTP/1.1 sync.extend.tv/r.gif?exchange=rubicon
IP 35.169.163.246:0
File type HTML document, ASCII text
Hash babb1de4381bd0e8ac603f498309ec86
cac5520df21c58b1a4e2aa27128aa7440612ba54
f86bc8bfe74176843905c75a3ea8c03f02b100dedce835d5ad74b09836688722
GET /r.gif?exchange=rubicon HTTP/1.1
Host: sync.extend.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Date: Sun, 06 Nov 2022 11:05:16 GMT
Expires: Tue, 29 May 1984 15:00:00 GMT
Location: https://pixel.rubiconproject.com/tap.php?v=114806&nid=3840&put=9c1964d7-995f-4de8-9468-e60be27f0967
Pragma: no-cache
Set-Cookie: extendtv_user_id=9c1964d7-995f-4de8-9468-e60be27f0967; Path=/; Domain=extend.tv; Expires=Tue, 05 Nov 2024 11:05:16 GMT
Content-Length: 130
Connection: keep-alive
s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
52.46.130.91302 Found 0 B URL HTTP/1.1 s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
IP 52.46.130.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Sun, 06 Nov 2022 11:05:16 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: 86HTKMK2D1YBG7M0BT6Q
Set-Cookie: ad-id=AxBdb3BfSUc6kclBfuKdfsg|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jul-2023 11:05:16 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash b686922e37fbc3f8b75216094c8dc5e7
b7c8a0e7beaec448f3f77d140b4d3704c92a44bf
07b9a94991cc9182ff987c30295a1bd4454089a661d30e89167485670d53acb5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=107680
Date: Sun, 06 Nov 2022 11:05:16 GMT
Etag: "63668fc4-1d7"
Expires: Mon, 07 Nov 2022 16:59:56 GMT
Last-Modified: Sat, 05 Nov 2022 16:31:00 GMT
Server: ECS (bsa/EB17)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nWeg9GeXVF03yNJVTUDI4jp-MUe-XfgSFucX-OLEplKdPJKGh0wYgQ==
Age: 1736
pixel.rubiconproject.com/tap.php?v=114806&nid=3840&put=9c1964d7-995f-4de8-9468-e60be27f0967
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=114806&nid=3840&put=9c1964d7-995f-4de8-9468-e60be27f0967
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=114806&nid=3840&put=9c1964d7-995f-4de8-9468-e60be27f0967 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 19600bc21eacf9565125744d917cac10
Content-Type: image/gif
ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
3.225.128.227302 Found 0 B URL HTTP/2 ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
IP 3.225.128.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 06 Nov 2022 11:05:16 GMT
content-length: 0
location: https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4AQ==%26buyeruid%3D
vary: origin
cache-control: no-store
pragma: no-cache
expires: 0
set-cookie: zeta-ssp-user-id=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a; Max-Age=31536000; Expires=Mon, 06 Nov 2023 11:05:16 GMT; Path=/; Domain=disqus.com; Secure; SameSite=None
X-Firefox-Spdy: h2
b1sync.zemanta.com/usersync/rubicon/
70.42.32.159302 Found 109 B URL HTTP/1.1 b1sync.zemanta.com/usersync/rubicon/
IP 70.42.32.159:0
File type HTML document, ASCII text
Hash da91b0bebbbc88996f7fbc89fb2e26ed
b5d4536ac72b8ae1b84f19e04b8fc89b03b9af7d
23465be5cbf42ea06d10032446b2950d4e0993c70f5a7e7af666480d5ce65800
GET /usersync/rubicon/ HTTP/1.1
Host: b1sync.zemanta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Content-Length: 109
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Location: https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=
Pragma: no-cache
Date: Sun, 06 Nov 2022 11:05:16 GMT
prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4AQ==%26buyeruid%3D
147.75.85.234302 Found 0 B URL HTTP/2 prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4AQ==%26buyeruid%3D
IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4AQ==%26buyeruid%3D HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Sun, 06 Nov 2022 11:05:15 GMT
location: https://ssp.disqus.com/match?bidder=6&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4AQ==&buyeruid=58ddbfe8-6a36-4cfb-be54-053e0e452514&gdpr=0&gdpr_consent=&us_privacy=
server: envoy
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=144598&nid=3992&expires=30&put= HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 19600bc21eacf9565125744d917cac10
Content-Type: image/gif
s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
52.46.130.91200 OK 43 B URL HTTP/1.1 s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
IP 52.46.130.91:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Sun, 06 Nov 2022 11:05:16 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: 72X9A6WHCABZJGNJ11SF
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.141307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 11:05:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: f73f7196-b113-4ab4-a6b6-a77b3421066c
Set-Cookie: uuid2=5758392314603961223; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Feb-2023 11:05:16 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8b80428e51ec2da248e9f2a4277e1934
765298a22ddc8b42fce92badd8015a970e59ba04
0a6cfe9dcab898be302d880673ea2e64292515e70e3109c721881e04be86afc4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 11:05:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 06 Nov 2022 01:42:55 GMT
Expires: Sun, 13 Nov 2022 01:42:54 GMT
Etag: "765298a22ddc8b42fce92badd8015a970e59ba04"
Cache-Control: max-age=570457,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765d5a64f87db503-OSL
www.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f
35.160.182.162302 Found 0 B URL HTTP/1.1 www.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f
IP 35.160.182.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ccm/729e4e94-63c3-438d-8ce4-184eb34e703f HTTP/1.1
Host: www.storygize.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
cache-control: no-cache, no-store, must-revalidate
expires: 0
Location: https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
Pragma: no-cache
set-cookie: U=; Max-Age=0; Expires=Sun, 06 Nov 2022 11:05:16 GMT; Path=/; Domain=.storygize.net
Content-Length: 0
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash fd26af071b3ff5bc99c75632fdabd8ae
660532b794c4eb98d9ab6ca7b8fb6bcfa4ea55dc
81fd42ea092de1a9f7f317e9480a4551a0c0210eb2f8c21a7cec559bef5ce17d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 06 Nov 2022 11:05:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 04 Nov 2022 16:09:20 GMT
Expires: Fri, 11 Nov 2022 16:09:19 GMT
Etag: "660532b794c4eb98d9ab6ca7b8fb6bcfa4ea55dc"
Cache-Control: max-age=449642,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 765d5a657816b523-OSL
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.141307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 11:05:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: e384295d-a41c-4a72-939d-6de5e5f0d40f
Set-Cookie: uuid2=3909202049743124545; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 04-Feb-2023 11:05:16 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eus.rubiconproject.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 19600bc21eacf9565125744d917cac10
Content-Type: image/gif
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.141200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 11:05:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 5bd5cf64-5f55-4486-ab87-04e16126af73
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sync.quantumdex.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Mon, 06 Nov 2023 11:05:16 GMT; Path=/; Domain=.betweendigital.com
tuuid=11988fde-40d3-5236-aebe-be2ecdd92ac2; Max-Age=31536000; Expires=Mon, 06 Nov 2023 11:05:16 GMT; Path=/; Domain=.betweendigital.com
ut=Y2eU7AAJRwCaXF16a9BxJVzrJBQmz3TMj9eytQ==; Max-Age=31536000; Expires=Mon, 06 Nov 2023 11:05:16 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.141200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 06 Nov 2022 11:05:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 9ebc6d12-ef87-4840-b948-c2222b0c0350
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
188.42.196.115200 OK 68 B URL HTTP/2 ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
IP 188.42.196.115:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash c4a2b870062c2bb98c500bc1526c0498
528666ccdb12997358077bc8fcdbfb6b825c7788
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Mon, 06 Nov 2023 11:05:16 GMT; Path=/; Domain=.betweendigital.com
tuuid=173a1545-537c-5236-a1dc-5cbfc2bbc853; Max-Age=31536000; Expires=Mon, 06 Nov 2023 11:05:16 GMT; Path=/; Domain=.betweendigital.com
ut=Y2eU7AAJ-rB4HrJv_xVcJkScP-Rw3mk0q1IL0A==; Max-Age=31536000; Expires=Mon, 06 Nov 2023 11:05:16 GMT; Path=/; Domain=.betweendigital.com
content-length: 68
X-Firefox-Spdy: h2
ssp.disqus.com/match?bidder=6&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4AQ==&buyeruid=58ddbfe8-6a36-4cfb-be54-053e0e452514&gdpr=0&gdpr_consent=&us_privacy=
3.225.128.227302 Found 0 B URL HTTP/2 ssp.disqus.com/match?bidder=6&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4AQ==&buyeruid=58ddbfe8-6a36-4cfb-be54-053e0e452514&gdpr=0&gdpr_consent=&us_privacy=
IP 3.225.128.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?bidder=6&r=Cid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4AQ==&buyeruid=58ddbfe8-6a36-4cfb-be54-053e0e452514&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 06 Nov 2022 11:05:16 GMT
content-length: 0
location: https://ce.lijit.com/merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4Ag==
vary: origin
cache-control: no-store
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
ce.lijit.com/merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4Ag==
72.251.249.9302 Found 0 B URL HTTP/1.1 ce.lijit.com/merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4Ag==
IP 72.251.249.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4Ag== HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 06 Nov 2022 11:05:16 GMT
Set-Cookie: ljt_reader=FmwZrRZHv7JaHzcVQai5mg9Y; Path=/; Domain=.lijit.com; Expires=Mon, 06-Nov-2023 11:05:16 GMT; Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4Ag%3D%3D&dnr=1
Content-Length: 0
X-Sovrn-Pod: ad_ap3ams1
ce.lijit.com/merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4Ag%3D%3D&dnr=1
72.251.249.9204 No Content 0 B URL HTTP/1.1 ce.lijit.com/merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4Ag%3D%3D&dnr=1
IP 72.251.249.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /merge?pid=279534&3pid=ua-bd93c5a6-a48a-3062-a9eb-49db1b2d204a&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1iZDkzYzVhNi1hNDhhLTMwNjItYTllYi00OWRiMWIyZDIwNGEqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLWJkOTNjNWE2LWE0OGEtMzA2Mi1hOWViLTQ5ZGIxYjJkMjA0YTICBgw4Ag%3D%3D&dnr=1 HTTP/1.1
Host: ce.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sync.quantumdex.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sun, 06 Nov 2022 11:05:16 GMT
Set-Cookie: ljt_reader=FmwZrRZHHS4CZSZeQWKtxoVS; Path=/; Domain=.lijit.com; Expires=Mon, 06-Nov-2023 11:05:16 GMT; Max-Age=31536000;Secure;SameSite=None
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Sovrn-Pod: ad_ap3ams1
www.bigmp3db.com/1duwt.json
95.216.65.102200 OK 0 B URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 95.216.65.102:0
ASN #24940 Hetzner Online GmbH
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 245
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: cloudflare-nginx
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=prisondharmanetwork.net&sn=FirefoxSyncframe&so=0&topUrl=sl1.prisondharmanetwork.net&info=PYc_Rl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hDcFJEV2JPWkZoVk5GcU01cVh2ayUyQjRyTkI3VmlxUmQ1bUlpNFFIYnlWZw&idsd=-405907259,-221353450&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=prisondharmanetwork.net&sn=FirefoxSyncframe&so=0&topUrl=sl1.prisondharmanetwork.net&info=PYc_Rl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hDcFJEV2JPWkZoVk5GcU01cVh2ayUyQjRyTkI3VmlxUmQ1bUlpNFFIYnlWZw&idsd=-405907259,-221353450&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=publishertag&domain=prisondharmanetwork.net&sn=FirefoxSyncframe&so=0&topUrl=sl1.prisondharmanetwork.net&info=PYc_Rl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hDcFJEV2JPWkZoVk5GcU01cVh2ayUyQjRyTkI3VmlxUmQ1bUlpNFFIYnlWZw&idsd=-405907259,-221353450&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sl1.prisondharmanetwork.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1440201
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=160120&sc=1&u=4E8607F6-65EF-4FE9-B563-609500D05CDE&rs=3&gdpr=0&gdpr_consent=&us_privacy=
185.64.190.81200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=160120&sc=1&u=4E8607F6-65EF-4FE9-B563-609500D05CDE&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 185.64.190.81:0
GET /AdServer/SPug?o=1&p=160120&sc=1&u=4E8607F6-65EF-4FE9-B563-609500D05CDE&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 11:05:15 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/adblock_notify.js?s=1667732712
178.32.205.77200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/js/adblock_notify.js?s=1667732712
IP 178.32.205.77:0
GET /js/adblock_notify.js?s=1667732712 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: application/javascript
last-modified: Sat, 24 Sep 2022 20:52:18 GMT
vary: Accept-Encoding
etag: W/"632f6e02-86"
expires: Thu, 25 May 2023 11:05:12 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,f_mp4,fl_lossy,g_faces:auto,w_960/http%3A%2F%2Fimghosts.com%2Ft%2F2022-07%2F101924%2Fb9cbb5c0fbf23f33b3a47446a626f866.gif?v=1667732712-CCfSFecLLn5GdDdyCPSAQBcJkGFbZU-BHjKf5s7gEJM
104.18.20.40206 Partial Content 0 B URL HTTP/2 cl.imghosts.com/imgh/image/fetch/ar_16:9,c_fill,f_mp4,fl_lossy,g_faces:auto,w_960/http%3A%2F%2Fimghosts.com%2Ft%2F2022-07%2F101924%2Fb9cbb5c0fbf23f33b3a47446a626f866.gif?v=1667732712-CCfSFecLLn5GdDdyCPSAQBcJkGFbZU-BHjKf5s7gEJM
IP 104.18.20.40:0
GET /imgh/image/fetch/ar_16:9,c_fill,f_mp4,fl_lossy,g_faces:auto,w_960/http%3A%2F%2Fimghosts.com%2Ft%2F2022-07%2F101924%2Fb9cbb5c0fbf23f33b3a47446a626f866.gif?v=1667732712-CCfSFecLLn5GdDdyCPSAQBcJkGFbZU-BHjKf5s7gEJM HTTP/1.1
Host: cl.imghosts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: video/mp4
content-length: 1931165
etag: "fa4444fa9f8cc87757e736e9099321ec"
last-modified: Tue, 25 Oct 2022 21:55:06 GMT
cache-control: public, max-age=31536000
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: akam;dur=20999;cpu=20883;start=2022-10-25T21:54:44.824Z;desc=miss,rtt;dur=259,cloudinary;dur=35;start=2022-10-25T21:55:05.655Z
cf-cache-status: HIT
age: 997786
expires: Mon, 06 Nov 2023 11:05:12 GMT
content-range: bytes 0-1931164/1931165
server: cloudflare
cf-ray: 765d5a4d6968b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player90/embedOptAd.min.js?s=1667551565
178.32.205.77200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/js/player90/embedOptAd.min.js?s=1667551565
IP 178.32.205.77:0
GET /js/player90/embedOptAd.min.js?s=1667551565 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 08:46:05 GMT
vary: Accept-Encoding
etag: W/"6364d14d-5458"
expires: Thu, 25 May 2023 11:05:12 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
www.bigmp3db.com/1duwt.json
95.216.65.102200 OK 0 B URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 95.216.65.102:0
ASN #24940 Hetzner Online GmbH
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 400
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: cloudflare-nginx
date: Sun, 06 Nov 2022 11:05:11 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsl1.prisondharmanetwork.net%2F&domain=sl1.prisondharmanetwork.net&cw=1&pbt=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsl1.prisondharmanetwork.net%2F&domain=sl1.prisondharmanetwork.net&cw=1&pbt=1&lsw=1
IP 178.250.2.146:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsl1.prisondharmanetwork.net%2F&domain=sl1.prisondharmanetwork.net&cw=1&pbt=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sl1.prisondharmanetwork.net/
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://sl1.prisondharmanetwork.net
server-processing-duration-in-ticks: 444956
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
std.wpcdn.pl/wpjslib6/wpjslib-sync.js
212.77.98.32200 OK 0 B URL HTTP/2 std.wpcdn.pl/wpjslib6/wpjslib-sync.js
IP 212.77.98.32:0
ASN #12827 Wirtualna Polska Media S.A.
GET /wpjslib6/wpjslib-sync.js HTTP/1.1
Host: std.wpcdn.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ssp.wp.pl
Connection: keep-alive
Referer: https://ssp.wp.pl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 11:05:15 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:54:51 GMT
x-rgw-object-type: Normal
etag: W/"686345f31c2b50e1356cf887afd2752b"
cache-control: max-age=900, stale-while-revalidate=86400
content-encoding: br
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-max-age: 300
timing-allow-origin: *
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Cookie: browser_data=PYc_Rl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hDcFJEV2JPWkZoVk5GcU01cVh2ayUyQjRyTkI3VmlxUmQ1bUlpNFFIYnlWZw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:14 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=RupvFF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3hDcFJEV2JPWkZoVk5GcU01cVh2ayUyQmFoaHgyWjN5QiUyRnd4Z2x5MDJLVWlv; expires=Fri, 01 Dec 2023 11:05:15 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sl1.prisondharmanetwork.net
server-processing-duration-in-ticks: 328785
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
sync.quantumdex.io/usersync/pbjs
172.67.42.201200 OK 0 B URL HTTP/2 sync.quantumdex.io/usersync/pbjs
IP 172.67.42.201:0
GET /usersync/pbjs HTTP/1.1
Host: sync.quantumdex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Cookie: uid=2a1eb00c-2510-4caa-a112-e88b0fcf5481
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:15 GMT
content-type: text/html
set-cookie: uid=2a1eb00c-2510-4caa-a112-e88b0fcf5481; expires=Wed, 16 Nov 2022 11:05:15 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765d5a5f8ecdfab8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.73200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.73:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 90389
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.bigmp3db.com/1duwt.json
95.216.65.102200 OK 0 B URL HTTP/2 www.bigmp3db.com/1duwt.json
IP 95.216.65.102:0
ASN #24940 Hetzner Online GmbH
POST /1duwt.json HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 248
Origin: https://sl1.prisondharmanetwork.net
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: cloudflare-nginx
date: Sun, 06 Nov 2022 11:05:11 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
www.bigmp3db.com/1duwt.min.js?a179142
95.216.65.102200 OK 0 B URL HTTP/2 www.bigmp3db.com/1duwt.min.js?a179142
IP 95.216.65.102:0
ASN #24940 Hetzner Online GmbH
GET /1duwt.min.js?a179142 HTTP/1.1
Host: www.bigmp3db.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: cloudflare-nginx
date: Sun, 06 Nov 2022 11:05:10 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
cache-control: max-age=300
expires: Sun, 06-Nov-2022 13:10:10 EET
duration: 338116
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=sl1.prisondharmanetwork.net
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=sl1.prisondharmanetwork.net
IP 178.250.2.146:0
GET /syncframe?origin=publishertag&topUrl=sl1.prisondharmanetwork.net HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 06 Nov 2022 11:05:12 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=c25af470-0bf2-4f27-ade6-972b4c61894c; expires=Fri, 01 Dec 2023 11:05:12 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 806184
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.onnetwork.tv/css/websites/optad/general.css
178.32.205.77200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/css/websites/optad/general.css
IP 178.32.205.77:0
GET /css/websites/optad/general.css HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sl1.prisondharmanetwork.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 06 Nov 2022 11:05:13 GMT
content-type: text/css
last-modified: Sun, 27 Mar 2022 07:49:33 GMT
vary: Accept-Encoding
etag: W/"6240170d-268"
expires: Thu, 25 May 2023 11:05:13 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2