sharemods.com/vmlcxededu7o/FS19_BizonRekordZ058.zip.html?fbclid=IwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8
104.26.11.194301 Moved Permanently 0 B URL HTTP/1.1 sharemods.com/vmlcxededu7o/FS19_BizonRekordZ058.zip.html?fbclid=IwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8
IP 104.26.11.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vmlcxededu7o/FS19_BizonRekordZ058.zip.html?fbclid=IwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8 HTTP/1.1
Host: sharemods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 20:24:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 30 Jan 2023 21:24:10 GMT
Location: https://sharemods.com/vmlcxededu7o/FS19_BizonRekordZ058.zip.html?fbclid=IwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKauHj%2BtZINJ2QVGFZhhL95Co9kSV8dIzWaiBjXQcx%2F3Nz7mY%2BQZkPwx%2BS4%2Fnq9LcEM22hi3lNgjnM%2FEndKroVRm8GlSE1cgI9mUGXWom4qhmCw9GwGUQreNZLMnofI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791cedfbe99eb503-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11491
Expires: Mon, 30 Jan 2023 23:35:42 GMT
Date: Mon, 30 Jan 2023 20:24:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12088
Expires: Mon, 30 Jan 2023 23:45:39 GMT
Date: Mon, 30 Jan 2023 20:24:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 19:43:13 GMT
content-type: application/json
age: 2458
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13387
Expires: Tue, 31 Jan 2023 00:07:18 GMT
Date: Mon, 30 Jan 2023 20:24:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1a24b19e9732908a18ef26afa19fc4cd
9c6629d3b2d493eee1f721f008abfdbb9cbb09a8
4671473c9462b03c8d1808efad0da582aae64c8ba525f5736c2a0800a7d645b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1610
Cache-Control: max-age=160432
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Etag: "63d7f0d1-117"
Expires: Wed, 01 Feb 2023 16:58:03 GMT
Last-Modified: Mon, 30 Jan 2023 16:31:13 GMT
Server: ECS (amb/6BA8)
X-Cache: HIT
Content-Length: 279
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hk3FKdnD3wCRJzgArwgrI23qbdbwEHpd02B1QgOhmCRv3W4kitBb27qsKtTolXsp3cqWUUsPN8g=
x-amz-request-id: NH9P17NQHMTVR1P7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 19:50:52 GMT
age: 1999
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:24:11 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1a24b19e9732908a18ef26afa19fc4cd
9c6629d3b2d493eee1f721f008abfdbb9cbb09a8
4671473c9462b03c8d1808efad0da582aae64c8ba525f5736c2a0800a7d645b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1610
Cache-Control: max-age=160432
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Etag: "63d7f0d1-117"
Expires: Wed, 01 Feb 2023 16:58:03 GMT
Last-Modified: Mon, 30 Jan 2023 16:31:13 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2648db12984a09f2dec69b7d2047f187
b52d9496452542d8f1127d4b77c27e22107c34a1
1439e26d15f854c1f1ddd1b37e37846107a83eafd38945da4d48709052f638b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3641
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Last-Modified: Mon, 30 Jan 2023 19:23:30 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2648db12984a09f2dec69b7d2047f187
b52d9496452542d8f1127d4b77c27e22107c34a1
1439e26d15f854c1f1ddd1b37e37846107a83eafd38945da4d48709052f638b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3641
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Last-Modified: Mon, 30 Jan 2023 19:23:30 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ece9390c976730e6214ce64852356866
1feeb9780dfcfff7e7c4991a995e3994e543cffc
90ca41aa1f1b5906c5dce5e3f07a6756f4fc424d0dd3a3e2fe582b224f87f27b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "90CA41AA1F1B5906C5DCE5E3F07A6756F4FC424D0DD3A3E2FE582B224F87F27B"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12374
Expires: Mon, 30 Jan 2023 23:50:25 GMT
Date: Mon, 30 Jan 2023 20:24:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2648db12984a09f2dec69b7d2047f187
b52d9496452542d8f1127d4b77c27e22107c34a1
1439e26d15f854c1f1ddd1b37e37846107a83eafd38945da4d48709052f638b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3641
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Last-Modified: Mon, 30 Jan 2023 19:23:30 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash b3cfb02067e23353a750c1d12e97f9b8
56ce41d00161a25c585fdcaf6df96930420d0171
d53fa38e4c25b66317edadb798a22baba4ec4f89c077c297ee8f0a9c89982417
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4384
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Last-Modified: Mon, 30 Jan 2023 19:11:07 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8d206904c0a2237b487d447f8d2efe52
d6c26108f8ba0e93f643e07abdd7f1fa914fbec9
d1118ba9f0f1751fe564559d8a1fd775524e78a848003c5d3cc8e48f332f7f14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4846
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Last-Modified: Mon, 30 Jan 2023 19:03:25 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8d206904c0a2237b487d447f8d2efe52
d6c26108f8ba0e93f643e07abdd7f1fa914fbec9
d1118ba9f0f1751fe564559d8a1fd775524e78a848003c5d3cc8e48f332f7f14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4846
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Last-Modified: Mon, 30 Jan 2023 19:03:25 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 788 B IP 93.184.220.29:0
Hash 4b6a642505eb4f59e1d2e5c1b66c048b
84dd45b3809e3617dd312c37f669e826d8a45881
04f3d150b5db758b8dc0f8fc22af58612633f67e593dcdbc88d53505ac2d8691
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3641
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Last-Modified: Mon, 30 Jan 2023 19:23:30 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=UA-15082559-23
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-15082559-23
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 10230ec5ab6d1df92f171854ffdf667d
802bc7499f1abd0e31d7e034b9c9cd39b130e3fc
287a333de2b89c991c2fbf1e0ef34c04c792c4875b42705a53ebacb6a0cd7c20
GET /gtag/js?id=UA-15082559-23 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 20:24:11 GMT
expires: Mon, 30 Jan 2023 20:24:11 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 18:56:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44092
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 19:41:41 GMT
age: 2550
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
104.18.10.207200 OK 3.4 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (23192)
Hash 04acbadca455f9515f9dd6094baf9505
252b1e4d8a11ccf34b174b809b519b2c8cd7fcb9
63c6042bcc30b3e728ca07a3dc421900f45d98b7e77808a1abf92d6f23526e2f
GET /bootstrap/3.3.7/css/bootstrap-theme.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 08/03/2021 14:28:52
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: e346f97b1d38a339b60e3cf96f044831
cdn-cache: HIT
cf-cache-status: HIT
age: 20553571
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791cee00e82ab4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
btloader.com/tag?o=5646025299591168&domain=sharemods.com&upapi=true
104.26.7.139200 OK 6.7 kB URL HTTP/2 btloader.com/tag?o=5646025299591168&domain=sharemods.com&upapi=true
IP 104.26.7.139:0
File type ASCII text, with very long lines (14070)
Hash 59f23c91106a5ffc6641a4e53c4a18a5
ddddbd609f3c55aea47f46ed2cfe802150acfc6d
de98ea2222bee019b9eadff6b0880a35f74c9304e7b8b3ebfd76a5f5b607700e
GET /tag?o=5646025299591168&domain=sharemods.com&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:11 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
etag: W/"701fd3c19eb45f52f41ee0ddfdd113f2"
last-modified: Mon, 30 Jan 2023 19:39:17 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 2661
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdRSK%2BOglkdvLGo51invaaRUGmSweDZytDOrlkSr8m6%2FHrrQBZlo%2BNgDfNXpVMKc%2F22JOhjb%2FG494OX5B35h1kB4CRKO%2BFQg3qtCY1DKmWz6hYPxyrxiliyVGCPzAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791cee00fb27b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9844
Expires: Mon, 30 Jan 2023 23:08:15 GMT
Date: Mon, 30 Jan 2023 20:24:11 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8d206904c0a2237b487d447f8d2efe52
d6c26108f8ba0e93f643e07abdd7f1fa914fbec9
d1118ba9f0f1751fe564559d8a1fd775524e78a848003c5d3cc8e48f332f7f14
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4846
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Last-Modified: Mon, 30 Jan 2023 19:03:25 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
video.onnetwork.tv/widget/widget_scrolllist.php?widget=808
137.74.34.12200 OK 5.3 kB URL HTTP/2 video.onnetwork.tv/widget/widget_scrolllist.php?widget=808
IP 137.74.34.12:0
File type ASCII text, with very long lines (2119)
Hash 1994b175974cdd8f6a6ef89498eee94d
87de5922c91f1a1c29ff0f438614091443329673
cc7ce544d3d9313ff9e6f0d687166ce593ca1c1edef52e4aa34d0c8baf382386
GET /widget/widget_scrolllist.php?widget=808 HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Mon, 30 Jan 2023 20:24:11 GMT
expires: Mon, 30 Jan 2023 20:24:12 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
strict-transport-security: max-age=31536000
content-length: 5260
content-type: text/html; charset=utf-8
date: Mon, 30 Jan 2023 20:24:11 GMT
server: XO.webservant
X-Firefox-Spdy: h2
biancasunlit.com/1clkn/16756
142.91.159.191200 OK 26 B URL HTTP/1.1 biancasunlit.com/1clkn/16756
IP 142.91.159.191:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
Analyzer Verdict Alert quad9 Sinkholed
GET /1clkn/16756 HTTP/1.1
Host: biancasunlit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 30 Jan 2023 20:24:11 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Tue, 31-Jan-2023 20:24:11 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Tue, 31-Jan-2023 20:24:11 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap
142.250.74.106200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap
IP 142.250.74.106:0
Hash 4c77962d730586d043988ee0c581f361
2f203d2ea32e4db27463029616a3bc8c0e7b64cc
e8c04af2813a4123b8ae0e1996524d2c4b17f421056654b7734b8b374f066b2b
GET /css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 20:24:11 GMT
date: Mon, 30 Jan 2023 20:24:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
Hash cf9dc64585154d69ecfe0b120177bbc7
262067b7d44ab42a58861555cd3db44d4ffc9ac4
416cf7d1dd7ed6714b08de88d9fa3b7af42e4f81589ab15aa661877118aa087d
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:52:41 GMT
expires: Tue, 30 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 5490
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
216.58.207.227200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Hash ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 10:03:33 GMT
expires: Wed, 24 Jan 2024 10:03:33 GMT
cache-control: public, max-age=31536000
age: 555638
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
216.58.207.227200 OK 39 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 38752, version 1.0\012- data
Hash d451decbad0d0d2feba27610481a34d8
1479b2ad870d5e2bb04d206f33460089394f6eb5
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 38752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:14:17 GMT
expires: Sat, 27 Jan 2024 10:14:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
content-type: font/woff2
age: 295794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e3821369aecde1082bdfd174aab97907
16a53ede9ab606d953f11e0b096fc8fb661886db
65bbf04c4e8a92a8bbf3b73994269f32ce9e87384d528ec436dd6385dd29384a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4798
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:12 GMT
Last-Modified: Mon, 30 Jan 2023 19:04:15 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e3821369aecde1082bdfd174aab97907
16a53ede9ab606d953f11e0b096fc8fb661886db
65bbf04c4e8a92a8bbf3b73994269f32ce9e87384d528ec436dd6385dd29384a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2567
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:12 GMT
Last-Modified: Mon, 30 Jan 2023 19:41:25 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ad-delivery.net/px.gif?ch=2
104.26.2.70200 OK 43 B URL HTTP/2 ad-delivery.net/px.gif?ch=2
IP 104.26.2.70:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdvRyQuiKR7vao0d0gZH1fD4TACxVBfdiOoBZcjsTHe5pQD9btOiEjggzyh8C86yatVzyUlYTAFym5Cc073wIsWMUTACWflM
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 26 Jan 2023 22:54:58 GMT
cache-control: public, max-age=86400
age: 339980
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6b8CRZWCpHLE97ZXmYkgkdd1pcZ2SpCno2EaA23qwKYhHUdjqTZmvRH6hrRDBW8P35ywB%2BIMYJu3KKaWewcFI46Gu3e4SAAU54NbOKIS8qBnXJ8KLCbz%2FzpkEb7ZjAFqIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791cee035d19b509-OSL
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=1&e=0.2668165411289285
104.26.2.70200 OK 43 B URL HTTP/2 ad-delivery.net/px.gif?ch=1&e=0.2668165411289285
IP 104.26.2.70:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.2668165411289285 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdvRyQuiKR7vao0d0gZH1fD4TACxVBfdiOoBZcjsTHe5pQD9btOiEjggzyh8C86yatVzyUlYTAFym5Cc073wIsWMUTACWflM
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 26 Jan 2023 22:54:58 GMT
cache-control: public, max-age=86400
age: 339980
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kx%2BSDl2%2FqqlaJ%2Bor%2Bk8nLd1is9yPJOiO%2BS0PZgdftDYhwLFk7l%2Fk%2Fyny4%2BYbSA1kGWFYPvQPl%2BJIYWCQQSQHVKsyvaFoAkgm5FqiEu0zVIZtrAFEK0KGnKfgQc46ma5%2BZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791cee036d37b509-OSL
X-Firefox-Spdy: h2
pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21696195204/sharemods.com_336x280_1_DFP&sz=336x280&t=Placement_type%3Dserving&1675110265377
142.250.74.162200 OK 14 kB URL HTTP/2 pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21696195204/sharemods.com_336x280_1_DFP&sz=336x280&t=Placement_type%3Dserving&1675110265377
IP 142.250.74.162:0
File type ASCII text, with very long lines (54564)
Hash 781c323adf3014f37c58e3936de20bdb
dfb84617c2c9f1c171f5e7863ebe5792483124b3
567f8d36f15b9cd9096e4da710bae58f90872eacba6b8c6a9887a370aa0bd270
GET /gampad/adx?iu=/147246189,21696195204/sharemods.com_336x280_1_DFP&sz=336x280&t=Placement_type%3Dserving&1675110265377 HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
google-lineitem-id: 5657257864
google-creative-id: 138344837108
google-mediationgroup-id: -2
google-mediationtag-id: -2
date: Mon, 30 Jan 2023 20:24:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 13919
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 20:39:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21696195204/sharemods.com_970x250_2_DFP&sz=300x250%7C336x280%7C970x250&t=Placement_type%3Dserving&1675110265374
142.250.74.162200 OK 14 kB URL HTTP/2 pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21696195204/sharemods.com_970x250_2_DFP&sz=300x250%7C336x280%7C970x250&t=Placement_type%3Dserving&1675110265374
IP 142.250.74.162:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (465)
Hash 438626dd83b6070ff0f93eafe7cde483
ffdc632fdb17d8ed6fa99e43c6ed7e0d7600bf42
aace60e00ac50b5f76e30439f5eda4d79f6cc9d361ca4d6784beb5a2e1cca402
GET /gampad/adx?iu=/147246189,21696195204/sharemods.com_970x250_2_DFP&sz=300x250%7C336x280%7C970x250&t=Placement_type%3Dserving&1675110265374 HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
google-lineitem-id: 5909540546
google-creative-id: 138380363290
google-mediationgroup-id: -2
google-mediationtag-id: -2
date: Mon, 30 Jan 2023 20:24:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 13203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 30-Jan-2023 20:39:12 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.187.106.193101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.106.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nHC0kUFACS6dmanUHJ1dUA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YUT1dT8ayPhBGYCD/HO821QJXb8=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
video.onnetwork.tv/embed.php?mid=NTcwODE0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA=&iid=1675110265424&cId=pid1675110265424&widget=808
137.74.34.12200 OK 1.3 kB URL HTTP/2 video.onnetwork.tv/embed.php?mid=NTcwODE0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA=&iid=1675110265424&cId=pid1675110265424&widget=808
IP 137.74.34.12:0
File type ASCII text, with very long lines (1779)
Hash 5f129160e160783f2c29eb7f8230046f
2a9a7a2a9c68c1202a10aa36a3d6e3cd971bf27c
acbe5f1088c6a94755f8d5d16f95b39fbbdd4ad212f787b988a461b05ac83e03
GET /embed.php?mid=NTcwODE0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA=&iid=1675110265424&cId=pid1675110265424&widget=808 HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Mon, 30 Jan 2023 20:24:11 GMT
expires: Mon, 30 Jan 2023 20:24:11 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
feature-policy: fullscreen *; autoplay;
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-length: 1282
content-type: text/javascript;charset=utf-8
date: Mon, 30 Jan 2023 20:24:12 GMT
server: XO.webservant
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 69ffc0a3f7ca2b025a6b99f9c38889be
1b436bda66cd246a1024f8c3d8e91e3aeef31eaa
9aaaf6c2a570c6a73a623f4fdfb0e1dfd5f16f086ae5d9c8d5b2403b0d016e4f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnt.onnetwork.tv/poster/5/7/570804_5m.jpg
217.182.102.207200 OK 11 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570804_5m.jpg
IP 217.182.102.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 2871fb03f440dedc5c98a39e3233ecca
cdab8fec4adf07e4fc0ed5f84e6b5f421242b37e
c00fd1fce75f8aaf02c223b7140caf4b537e7c5660c7bba78a63d799baaf5cbb
GET /poster/5/7/570804_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: image/jpeg
content-length: 10645
last-modified: Mon, 07 Feb 2022 09:22:50 GMT
etag: "6200e4ea-2995"
expires: Fri, 18 Aug 2023 20:24:12 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570832_1m.jpg
217.182.102.207200 OK 22 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570832_1m.jpg
IP 217.182.102.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash e89f8967d6c9e9e774ffe2d1acd0eb7b
3c31a2d1c270ea31232aea01df5044da8e63c3bc
971ee47efa3517204e4cf69c23c891f00cb2da7e88fd3381e5b6e12ccbb113b3
GET /poster/5/7/570832_1m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: image/jpeg
content-length: 21547
last-modified: Mon, 07 Feb 2022 09:41:25 GMT
etag: "6200e945-542b"
expires: Fri, 18 Aug 2023 20:24:12 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675110265837&d=9784&wsc=00&typ=embed&mobile=0&c=43
217.182.102.207200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675110265837&d=9784&wsc=00&typ=embed&mobile=0&c=43
IP 217.182.102.207:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1675110265837&d=9784&wsc=00&typ=embed&mobile=0&c=43 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Monday, 30-Jan-2023 20:24:12 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570858_5m.jpg
217.182.102.207200 OK 30 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570858_5m.jpg
IP 217.182.102.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 84a6a72d40f958ffeaf761d0883b38b2
de8e2ce426e7b03d202935b1c8b9caa0868c9731
43f7beebc22497f827ada6ee9c1f2e5b84264621a69bd47c9130709f3ce47f13
GET /poster/5/7/570858_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: image/jpeg
content-length: 29982
last-modified: Mon, 07 Feb 2022 09:58:20 GMT
etag: "6200ed3c-751e"
expires: Fri, 18 Aug 2023 20:24:12 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570840_5m.jpg
217.182.102.207200 OK 27 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570840_5m.jpg
IP 217.182.102.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 24bbfc2efae8c74b6924bf1a5592d39d
9e0fa658e3bb252c65b474a8d0f64e73e7c0896e
c3eefd5595d59072bfa4e2fe0f26df33c1013b7eeb3f1176c0b411b14c14f8df
GET /poster/5/7/570840_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: image/jpeg
content-length: 26627
last-modified: Mon, 07 Feb 2022 09:47:37 GMT
etag: "6200eab9-6803"
expires: Fri, 18 Aug 2023 20:24:12 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570814_5m.jpg
217.182.102.207200 OK 22 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570814_5m.jpg
IP 217.182.102.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 408d928fdc630ebd5ad904b0499c7388
0e7e45f316289fb28b48398170e170eb55bf6fa9
d174b44385b81158573717412867bdde8c1641dbb83e086f7794aa3789e023aa
GET /poster/5/7/570814_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: image/jpeg
content-length: 22008
last-modified: Mon, 07 Feb 2022 09:30:47 GMT
etag: "6200e6c7-55f8"
expires: Fri, 18 Aug 2023 20:24:12 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
104.110.14.155301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
IP 104.110.14.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date: Mon, 30 Jan 2023 20:24:12 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675110266104&d=9784&wsc=00&typ=embed&mobile=0&c=40
217.182.102.207200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675110266104&d=9784&wsc=00&typ=embed&mobile=0&c=40
IP 217.182.102.207:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1675110266104&d=9784&wsc=00&typ=embed&mobile=0&c=40 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Monday, 30-Jan-2023 20:24:12 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.8.169200 OK 268 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.8.169:0
File type ASCII text, with very long lines (482)
Hash 58fe1f2623397cca72ecea6ee95d76b9
ac4d33ae761cf330574597936273a9c5d82f96d0
7cb0b5944c53bbacc5983fbef96aa0c1f514ec12da81666765610eae562a9020
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:24:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1565714
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4do5zTFwX%2B79mwCUeimPJU%2BBjkF3MO3I2c%2BGtNGgb22qXNbmuJpHFDR%2Fi64HwtDBdPFJcbo7vHc7fVHQOBnqMZ1%2BRNyQ0ZgTQeLSMfj3cS1DJPoAClVAv31C8h8m1Xvq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791cee0728b20b55-OSL
Content-Encoding: br
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 32eb12bbcd7fb4f11708445179921a3d
e579038e62e8bd09fcc61282fd4084263b385c86
66efa2c6644bb8734a06dcae8a0e2352ea59107e93e706e139e11ff980946074
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 374
Cache-Control: max-age=142636
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:12 GMT
Etag: "63d7b022-139"
Expires: Wed, 01 Feb 2023 12:01:28 GMT
Last-Modified: Mon, 30 Jan 2023 11:55:14 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
script.4dex.io/localstore.js
104.26.8.169304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Mon, 30 Jan 2023 20:24:12 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1565714
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1oPwVl%2BNJeXmkh2ALas53t8xhwo7oS48P%2Fcf0Dtygoy5iB2DSNTClRbAeqJexegmCpyOn%2FtS7YZaWnwCju%2BbEbPslA%2BcIze6H%2BEzlLTzZIcmAtO27BoTd8dghMHovML0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791cee0758f20b55-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5756bc733e4179462fdc087a13f43c42
6c9b825935568255fb15a1f5c440af9a2f98570c
a5c2fa35cdc38abfad58fe7a79a39f997c00ddb2f33951d614e6a4006f47f47d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A5C2FA35CDC38ABFAD58FE7A79A39F997C00DDB2F33951D614E6A4006F47F47D"
Last-Modified: Mon, 30 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12277
Expires: Mon, 30 Jan 2023 23:48:49 GMT
Date: Mon, 30 Jan 2023 20:24:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5756bc733e4179462fdc087a13f43c42
6c9b825935568255fb15a1f5c440af9a2f98570c
a5c2fa35cdc38abfad58fe7a79a39f997c00ddb2f33951d614e6a4006f47f47d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A5C2FA35CDC38ABFAD58FE7A79A39F997C00DDB2F33951D614E6A4006F47F47D"
Last-Modified: Mon, 30 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12277
Expires: Mon, 30 Jan 2023 23:48:49 GMT
Date: Mon, 30 Jan 2023 20:24:12 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7c0c50fcbc7d92843f6b77e57a7fdf6b
18ec9d83cf0dd47c048b5b71e540f3a52dc9d743
8479db61777f843867bcebf8510a161cb18c87c5cf670d86890c409e2882540c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5128
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:12 GMT
Last-Modified: Mon, 30 Jan 2023 18:58:44 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fb826c48e28e596cf8bad7329a3f883
4cd1271de1565b1ebadc20c0e1f737cc36e76d33
ff5b0a0dce610b20a48d131fbf373779c1224359525b7e281c3760a0a8b4423b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF5B0A0DCE610B20A48D131FBF373779C1224359525B7E281C3760A0A8B4423B"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7894
Expires: Mon, 30 Jan 2023 22:35:46 GMT
Date: Mon, 30 Jan 2023 20:24:12 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 32eb12bbcd7fb4f11708445179921a3d
e579038e62e8bd09fcc61282fd4084263b385c86
66efa2c6644bb8734a06dcae8a0e2352ea59107e93e706e139e11ff980946074
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 374
Cache-Control: max-age=142636
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:12 GMT
Etag: "63d7b022-139"
Expires: Wed, 01 Feb 2023 12:01:28 GMT
Last-Modified: Mon, 30 Jan 2023 11:55:14 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 30 Jan 2023 19:46:59 GMT
expires: Mon, 30 Jan 2023 21:46:59 GMT
cache-control: public, max-age=7200
age: 2233
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 33e403367d183257be0f03f28da923d2
a586e4052008741f8f535e7bd12a94bde81b264e
82ce104749546e6a6f76a8ddf19b67795784c06256581c13f499e80e4f713131
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id5-sync.com/g/v2/481.json
162.19.138.83200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 162.19.138.83:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ce87d66425c1eaa27547d55b4f70d90d
8580ca4663ad9f7fe86f9e8fd011405d372cc673
99abe427decb7f49266f1829f6084685c364c96881b47960178487c7f4aed7ad
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 415
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Mon, 30 Jan 2023 20:24:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (39375)
Hash 127050086d3b0a7a4f524c6232ff7fba
7fcc61968c972705cea726c8c93f322af15ac120
567f47c4d1a4bef7dbe5e4844865c7183ac1e589f9cca085434cc7fd2431f3ea
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27545
date: Mon, 30 Jan 2023 20:24:12 GMT
expires: Mon, 30 Jan 2023 20:24:12 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1468 / 537 of 1000 / last-modified: 1675093417"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 809
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: max-age=0, private, must-revalidate
date: Mon, 30 Jan 2023 20:24:12 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3b3fe69d5d7f89b969bf2d0c82d57db8
92bf709e439e0f8385ea4e9a19ee5a75b89abed7
196c7ac5a59901f728114b765a519f9cd4e3cb4cf47818dab9e01583fb427dcf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4639
Cache-Control: max-age=111971
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:12 GMT
Etag: "63d727b0-1d7"
Expires: Wed, 01 Feb 2023 03:30:23 GMT
Last-Modified: Mon, 30 Jan 2023 02:13:04 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3b3fe69d5d7f89b969bf2d0c82d57db8
92bf709e439e0f8385ea4e9a19ee5a75b89abed7
196c7ac5a59901f728114b765a519f9cd4e3cb4cf47818dab9e01583fb427dcf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1890
Cache-Control: max-age=109222
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:12 GMT
Etag: "63d727b0-1d7"
Expires: Wed, 01 Feb 2023 02:44:34 GMT
Last-Modified: Mon, 30 Jan 2023 02:13:04 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
id5-sync.com/g/v2/481.json
162.19.138.83200 215 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 162.19.138.83:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1ac3d82ef6b4bfe0c354c74450f635e9
a662036a6ef4c7bb8078d0fd54ababa5f064bd35
02fb9857048ec763c0462cb70d6dadebaef9849f08ecd9f73839817531fe75ec
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 415
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Mon, 30 Jan 2023 20:24:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ib.adnxs.com/ut/v3/prebid
185.89.211.84200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1161
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 20:24:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: bf371989-4903-4672-8066-aaef0162f481
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
185.89.211.84200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1162
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 20:24:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 924d178d-afa9-4a62-9b70-c24110fa4de0
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
www.google-analytics.com/j/collect?v=1&_v=j99&a=256477042&t=pageview&_s=1&dl=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&ul=en-us&de=UTF-8&dt=Download%20FS19%20Bizon%20RekordZ058%20zip&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=97201894&gjid=794641827&cid=11460623.1675110266&tid=UA-15082559-23&_gid=113793721.1675110266&_r=1&_slc=1>m=2ou1p0&z=1196030368
142.250.74.110200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=256477042&t=pageview&_s=1&dl=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&ul=en-us&de=UTF-8&dt=Download%20FS19%20Bizon%20RekordZ058%20zip&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=97201894&gjid=794641827&cid=11460623.1675110266&tid=UA-15082559-23&_gid=113793721.1675110266&_r=1&_slc=1>m=2ou1p0&z=1196030368
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=256477042&t=pageview&_s=1&dl=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&ul=en-us&de=UTF-8&dt=Download%20FS19%20Bizon%20RekordZ058%20zip&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=97201894&gjid=794641827&cid=11460623.1675110266&tid=UA-15082559-23&_gid=113793721.1675110266&_r=1&_slc=1>m=2ou1p0&z=1196030368 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://sharemods.com
date: Mon, 30 Jan 2023 20:24:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
142.250.74.134200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 142.250.74.134:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 21:51:23 GMT
expires: Mon, 30 Jan 2023 21:51:23 GMT
cache-control: public, max-age=86400
age: 81169
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 807
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: max-age=0, private, must-revalidate
date: Mon, 30 Jan 2023 20:24:12 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 2
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb443b9bfa0561d232977c3efc56c18b
356bc89d228a0db33272118105f1290fd2563af7
984f8cb4f169b1f32c2d06abf86d77e985f0d27ef6eaa57be681574b97d3bbe4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4774
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:12 GMT
Last-Modified: Mon, 30 Jan 2023 19:04:38 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=93624021141
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=93624021141
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=32&wv=4.21.0-pre&cb=93624021141 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 404
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:12 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://sharemods.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb443b9bfa0561d232977c3efc56c18b
356bc89d228a0db33272118105f1290fd2563af7
984f8cb4f169b1f32c2d06abf86d77e985f0d27ef6eaa57be681574b97d3bbe4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4159
Cache-Control: max-age=138095
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:12 GMT
Etag: "63d78f9c-1d7"
Expires: Wed, 01 Feb 2023 10:45:47 GMT
Last-Modified: Mon, 30 Jan 2023 09:36:28 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/ut/v3/prebid
185.89.211.84200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1159
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 20:24:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 2f4f8c85-50dc-457b-940c-903281e93986
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=pbs-setupad&endpoint=eu HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 30 Jan 2023 20:24:12 GMT
Connection: keep-alive
Vary: Accept-Encoding
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 646
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 20:24:12 GMT
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=pbs-setupad&endpoint=eu HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 30 Jan 2023 20:24:12 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 96a33deab130be6400b843499f9ec40f
7ca27a4c57fb2acea8b60ca9e6f142b37faa4c45
6741b8771c1d273a17f2bb33499fb8832e5fb91a5ef9f2f954d1b18ed3bb6169
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6027
Cache-Control: max-age=163383
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:12 GMT
Etag: "63d7eb18-1d7"
Expires: Wed, 01 Feb 2023 17:47:15 GMT
Last-Modified: Mon, 30 Jan 2023 16:06:48 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 96a33deab130be6400b843499f9ec40f
7ca27a4c57fb2acea8b60ca9e6f142b37faa4c45
6741b8771c1d273a17f2bb33499fb8832e5fb91a5ef9f2f954d1b18ed3bb6169
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5812
Cache-Control: max-age=163168
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:12 GMT
Etag: "63d7eb18-1d7"
Expires: Wed, 01 Feb 2023 17:43:40 GMT
Last-Modified: Mon, 30 Jan 2023 16:06:48 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
script.4dex.io/adagio.js
104.26.8.169200 OK 23 kB IP 104.26.8.169:0
File type ASCII text, with very long lines (65354)
Hash 532a99fc0eb7b2c50a6bb0e5238b8dbb
d84157eb7e55c39d52ba5dde6e5bd4666f596e71
e6fa5d38f82f6bebf5dba12f2e84db1383827936fe077374593c6285f94e784c
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:24:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: 4tOz+34hpDpk86MvU1P78KPKm7a7VIS+MWt8xLldR2VdIdE8oWlfd7P/leRkBx6ZuEdqqsffCFU=
x-amz-request-id: CAW143MYKR71BRQX
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 642646
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnv4G77YClLNj91CVEUiu1jpvv4pXk5z0moCn6IfWzo1xn532OLTHS9%2B%2FiEswyOe%2FIDo82uVR%2FcpEeQFWrpoie8F%2BuW2DK%2BRB%2BUzD0zX4t9zTGqiHkQ%2BQ00XLmgUZWjX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791cee092e4cb505-OSL
Content-Encoding: br
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e3cd729a1a6f39ffc45c14fc1f586f96
e3dbf39e7eeda40a88655bcd40c8a8ac3f7bc000
ad028b19715d61b4a7310e24ae379e37679aa6e82b04c5bc880d19a9b4331f79
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:24:12 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 12:31:16 GMT
Expires: Fri, 03 Feb 2023 12:31:15 GMT
Etag: "e3dbf39e7eeda40a88655bcd40c8a8ac3f7bc000"
Cache-Control: max-age=316622,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791cee08e96fb511-OSL
cookieinfoscript.com/js/cookieinfo.min.js
172.67.153.46200 OK 3.0 kB URL HTTP/2 cookieinfoscript.com/js/cookieinfo.min.js
IP 172.67.153.46:0
File type ASCII text, with very long lines (7650)
Hash 442af8cb8ad18d4cc37b0af6d9844ec3
4c4984be83d3571399ce79e282e5edf76fefee61
0875cc60e13b600de2ba499be8554182b1a2cb53dac8a7456b290d0fbcb011c6
GET /js/cookieinfo.min.js HTTP/1.1
Host: cookieinfoscript.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:11 GMT
content-type: application/x-javascript
x-amz-id-2: scD+jI49bgDpkSsayoO8NMGEeMAg8uyEzYmd2TDwWaa5DpJZchpugmE1fcRG0gu3wK+jmB/jBww=
x-amz-request-id: 51SSPQYQZSA5RPMV
x-amz-meta-cb-modifiedtime: Wed, 07 Apr 2021 11:38:58 GMT
last-modified: Wed, 07 Apr 2021 11:39:17 GMT
etag: W/"d15d93068c1121f63008407d339bd819"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 5326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oiv%2BtXR120xavot98RkWlaR8xOM7PclSYlNV9mKOY6LYtoUQpf1gsukyO5qq2%2BpfLXg38qtpjDMiCRauVUUSg%2Fu7Fo3Kgp0WLDet9QN1Vu9FWHzXZ7DJh0UpFFvANvUYTIsg799Esw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791cee00bb470b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.211.84200 OK 138 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.84:0
File type JSON data\012- , ASCII text, with no line terminators
Hash beeac966a4d50c7cce928c79b646bc01
d4bb3afb9787c94b08804b29bd7cdf0cbd8da518
bd5c1067a7774f88c09a245f8173111c29e1a7eb39292e6e4a7b7110deab22f7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1159
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 20:24:12 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 138
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: b6429d45-0f4e-45c6-b8ab-e16a4a7ef590
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (18573)
Hash b4537fd95a572fde70ee129592434415
90d54f5284b7b6fece7c91d65cfebf70de8a6520
918a490575da060dd0b7c758dfb8cb8544d499995a8e2a6c943e25410c42847b
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Mon, 30 Jan 2023 19:42:29 GMT
Content-Encoding: gzip
Content-Length: 10037
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=83884
Expires: Tue, 31 Jan 2023 19:42:17 GMT
Date: Mon, 30 Jan 2023 20:24:13 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash ae107a2f8c152c876bd2501bf98cd85e
fe92963c9a05df9341d2a66f260a83c2655e28da
5a1c926c57dfa5ce6f0b892ffff19c9bdca0bc5348fc567a676273705ff924d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4256
Cache-Control: max-age=123088
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:13 GMT
Etag: "63d7549d-13a"
Expires: Wed, 01 Feb 2023 06:35:41 GMT
Last-Modified: Mon, 30 Jan 2023 05:24:45 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 314
script.4dex.io/adagio.js
104.26.8.169304 Not Modified 0 B IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Mon, 30 Jan 2023 20:24:13 GMT
Connection: keep-alive
x-amz-id-2: 4tOz+34hpDpk86MvU1P78KPKm7a7VIS+MWt8xLldR2VdIdE8oWlfd7P/leRkBx6ZuEdqqsffCFU=
x-amz-request-id: CAW143MYKR71BRQX
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: "c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 642647
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xomeZHEid%2BLvO9crw6xFeT3cqBkPprMd%2BizH%2Bs1hi6KlrsZTzHjIQ%2FNuxVpK8Bl6%2F45%2Blwa1HLTguBr7%2BKTJWHWsPMNlKy%2FnyR68u5%2FI%2BNwEj8%2BSuvRb%2Fo6qdAmwhoIX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791cee096ebfb505-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 33e403367d183257be0f03f28da923d2
a586e4052008741f8f535e7bd12a94bde81b264e
82ce104749546e6a6f76a8ddf19b67795784c06256581c13f499e80e4f713131
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rtb.adxpremium.services/openrtb2/auction
185.106.140.18400 Bad Request 69 B URL HTTP/1.1 rtb.adxpremium.services/openrtb2/auction
IP 185.106.140.18:0
Hash 44cb4c4df8fff2ff6db15392639f1260
3d5e4e46c840169413eaa9052ec516a8f4120f1c
432d55e02a9db801a90caab4a06dd441d8d02fb2428e453c20f0331cfc8d136f
POST /openrtb2/auction HTTP/1.1
Host: rtb.adxpremium.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 870
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx
Date: Mon, 30 Jan 2023 20:24:13 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 69
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Vary: Origin
X-Prebid: pbs-go/unknown
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1102
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
date: Mon, 30 Jan 2023 20:24:13 GMT
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1106
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
date: Mon, 30 Jan 2023 20:24:13 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash 4e316e200ed2e86777100f75769eb3b9
150393b9b4db97b18a785b55c0926b63a89532f8
c0f454cbf583566f50537b3e07871fc89f663e6537833567901ced5fb6cbcfe8
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.2.146200 OK 882 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.2.146:0
Hash 3bc93fe9fee97c7dbfe36f100e20adde
5301fffeda30ef233e2447651025771393d81722
e37ac2ab103bdf73e7af6e4629f8f1df5a9f84bcebc656289e0599a94c819539
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 1269580
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
bid.contextweb.com/header/ortb?src=prebid
198.148.27.134204 No Content 0 B URL HTTP/2 bid.contextweb.com/header/ortb?src=prebid
IP 198.148.27.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /header/ortb?src=prebid HTTP/1.1
Host: bid.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 781
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-no-bid-reason: Passback by decision
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-expose-headers: Access-Control-Allow-Origin
x-envoy-upstream-service-time: 1
date: Mon, 30 Jan 2023 20:24:13 GMT
server: envoy
X-Firefox-Spdy: h2
bid.contextweb.com/header/ortb?src=prebid
198.148.27.134204 No Content 0 B URL HTTP/2 bid.contextweb.com/header/ortb?src=prebid
IP 198.148.27.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /header/ortb?src=prebid HTTP/1.1
Host: bid.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 777
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-no-bid-reason: Passback by decision
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-expose-headers: Access-Control-Allow-Origin
x-envoy-upstream-service-time: 3
date: Mon, 30 Jan 2023 20:24:13 GMT
server: envoy
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=83510953235
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=83510953235
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=32&wv=4.21.0-pre&cb=83510953235 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 403
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:12 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://sharemods.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 673b3376c8d09e8b7b6559f118c9c8a9
7c9bbb4dd4a5b36424e357a64734c27698898e63
c8185d7be91fd2aec27ef692ad62581187d99f8d80249f48c096171e4fa0f2f5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:24:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 14:03:28 GMT
Expires: Sat, 04 Feb 2023 14:03:27 GMT
Etag: "7c9bbb4dd4a5b36424e357a64734c27698898e63"
Cache-Control: max-age=408553,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791cee090a76b517-OSL
prg.smartadserver.com/prebid/v1
185.86.139.58200 OK 581 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.58:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1099), with no line terminators
Hash 3f8e0ca6d7feb6d66367b18ce561d764
7eee493857814d087755c6e78c470e4a5c35362f
71856ec0b85a04e65ea390bfe7e558428481f283f3525b01cd4bcd1816e4ad27
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 628
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Mon, 30 Jan 2023 20:24:12 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Tue, 30 Jan 2024 20:24:13 GMT; domain=.smartadserver.com; path=/
vs=327264=5301864; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Tue, 30 Jan 2024 20:24:13 GMT; domain=.smartadserver.com; path=/
pid=204854847919155307; expires=Tue, 30 Jan 2024 20:24:13 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638107070530851005&o=1; expires=Tue, 31 Jan 2023 20:24:13 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Tue, 31 Jan 2023 20:24:13 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
api.btloader.com/country
130.211.23.194200 OK 16 B IP 130.211.23.194:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 452880c1a375b8fba8c9499f0930d05f
ffe5484a23512c2a574d837fe2d3267b134e48c8
8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d
GET /country HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Mon, 30 Jan 2023 20:24:13 GMT
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=2303787506227452.5&tz=0&fl=0&rr=direct&s=2544233&bidid=188cfed099d94c1&transactionid=8cebf45f-dc0a-4d1c-82a3-4bc7b817de34&auctionid=01940cc8-9c30-4d6f-870b-f01defca59d0&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8
188.42.34.65302 Found 0 B URL HTTP/2 ads.betweendigital.com/adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=2303787506227452.5&tz=0&fl=0&rr=direct&s=2544233&bidid=188cfed099d94c1&transactionid=8cebf45f-dc0a-4d1c-82a3-4bc7b817de34&auctionid=01940cc8-9c30-4d6f-870b-f01defca59d0&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8
IP 188.42.34.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=2303787506227452.5&tz=0&fl=0&rr=direct&s=2544233&bidid=188cfed099d94c1&transactionid=8cebf45f-dc0a-4d1c-82a3-4bc7b817de34&auctionid=01940cc8-9c30-4d6f-870b-f01defca59d0&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=2303787506227452.5&tz=0&fl=0&rr=direct&s=2544233&bidid=188cfed099d94c1&transactionid=8cebf45f-dc0a-4d1c-82a3-4bc7b817de34&auctionid=01940cc8-9c30-4d6f-870b-f01defca59d0&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Tue, 30 Jan 2024 20:24:13 GMT; Path=/; Domain=.betweendigital.com
tuuid=e58f247f-49b2-521e-9933-2723faeb004e; Max-Age=31536000; Expires=Tue, 30 Jan 2024 20:24:13 GMT; Path=/; Domain=.betweendigital.com
ut=Y9gnbQADZxgTLBpmqufWJPF62Xy5tTA02WDwzA==; Max-Age=31536000; Expires=Tue, 30 Jan 2024 20:24:13 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-15082559-23&cid=11460623.1675110266&jid=97201894&gjid=794641827&_gid=113793721.1675110266&_u=YEBAAUAAAAAAACAAI~&z=405404560
173.194.221.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-15082559-23&cid=11460623.1675110266&jid=97201894&gjid=794641827&_gid=113793721.1675110266&_u=YEBAAUAAAAAAACAAI~&z=405404560
IP 173.194.221.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-15082559-23&cid=11460623.1675110266&jid=97201894&gjid=794641827&_gid=113793721.1675110266&_u=YEBAAUAAAAAAACAAI~&z=405404560 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://sharemods.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 20:24:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagservices.com/tag/js/gpt.js
172.217.21.162200 OK 28 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 172.217.21.162:0
File type ASCII text, with very long lines (39375)
Hash 5896e01d5c00682ab6b3f2eda03624b2
5b7e8c8c057c1c7e9732813fd3524a64f8ad2eda
fce86fcd77ad074fbce10eadab49b53661eec1cc0d8ce5d081151cad5eea5272
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27547
date: Mon, 30 Jan 2023 20:24:13 GMT
expires: Mon, 30 Jan 2023 20:24:13 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1468 / 295 of 1000 / last-modified: 1675093509"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.btloader.com/pv?tid=fRM5FOP5O&w=5737349457641472&o=5646025299591168&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&sid=7T2Cp5fnvd&upapi=true
130.211.23.194204 No Content 0 B URL HTTP/2 api.btloader.com/pv?tid=fRM5FOP5O&w=5737349457641472&o=5646025299591168&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&sid=7T2Cp5fnvd&upapi=true
IP 130.211.23.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?tid=fRM5FOP5O&w=5737349457641472&o=5646025299591168&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&sid=7T2Cp5fnvd&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Mon, 30 Jan 2023 20:24:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.2.146200 OK 875 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.2.146:0
Hash 9f4240d4e3b44e96737d01c8b24d0790
c3b9e0c8105b1697d49e105902fba1b50863e565
e8b4862490157b980f22ee01bb4a2d248a4dbc34a7fe9f59af3244b394e75449
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 844892
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.8.169304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Mon, 30 Jan 2023 20:24:13 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1565715
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75KEV5EaNY%2Fd7r%2F3j4DtkRWUcW4fZjfSxp1Hn%2BEi8NgLhV8cvmTGV9reVeNUmzNxEl261ttngizA%2FvDdYqx8c1jGvVJMJ0rjqBP2tYoHfM7%2FbdkGVjPBy2C1N3kVdaMr"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791cee0b9ea40b55-OSL
rtb.adxpremium.services/openrtb2/auction
185.106.140.18400 Bad Request 138 B URL HTTP/1.1 rtb.adxpremium.services/openrtb2/auction
IP 185.106.140.18:0
Hash 5f78c751d01f494ae8e01aadcc631379
b2dda869fe1ef0bf1ffde8b9e0baffb9bb7d6f05
4435a89c97521b357804146d7d466c6dce236fb8438804918cf2a7758f912f94
POST /openrtb2/auction HTTP/1.1
Host: rtb.adxpremium.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1497
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx
Date: Mon, 30 Jan 2023 20:24:13 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 138
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Vary: Origin
X-Prebid: pbs-go/unknown
ib.adnxs.com/ut/v3/prebid
185.89.211.84200 OK 1.1 kB URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.211.84:0
Hash d50f1ab9b10067f5d7c1b628220917f1
4252cc4955fcc7b353ac42dd6d13c79c4d67f50d
83772584dd6f7c38cd17268633edc976bd7e8667959066f130fd0432f8a9acf7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2054
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 20:24:13 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 471
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: d7ab68f2-2a95-4f4d-8ae1-98fa30187219
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1180
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Mon, 30 Jan 2023 20:24:13 GMT
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1647
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: max-age=0, private, must-revalidate
date: Mon, 30 Jan 2023 20:24:13 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=2805420670
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=2805420670
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=32&wv=4.21.0-pre&cb=2805420670 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 989
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:13 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://sharemods.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=2303787506227452.5&tz=0&fl=0&rr=direct&s=2544233&bidid=188cfed099d94c1&transactionid=8cebf45f-dc0a-4d1c-82a3-4bc7b817de34&auctionid=01940cc8-9c30-4d6f-870b-f01defca59d0&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&crf=1
188.42.34.65200 OK 78 B URL HTTP/2 ads.betweendigital.com/adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=2303787506227452.5&tz=0&fl=0&rr=direct&s=2544233&bidid=188cfed099d94c1&transactionid=8cebf45f-dc0a-4d1c-82a3-4bc7b817de34&auctionid=01940cc8-9c30-4d6f-870b-f01defca59d0&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&crf=1
IP 188.42.34.65:0
Hash 72a69b71bbae406e48bc5fbabb9f4aa9
4fead998f21846f66c89be5fff51535e896ef70b
c6c2fdb2048785b0833cfab3ae1be0cd498ed6f8e6ac65136bbef87d9eea1240
GET /adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=2303787506227452.5&tz=0&fl=0&rr=direct&s=2544233&bidid=188cfed099d94c1&transactionid=8cebf45f-dc0a-4d1c-82a3-4bc7b817de34&auctionid=01940cc8-9c30-4d6f-870b-f01defca59d0&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Content-Type: text/plain
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Tue, 30 Jan 2024 20:24:13 GMT; Path=/; Domain=.betweendigital.com
tuuid=2c15f784-9635-521e-b04f-4e6bd3976906; Max-Age=31536000; Expires=Tue, 30 Jan 2024 20:24:13 GMT; Path=/; Domain=.betweendigital.com
ut=Y9gnbQAEFuBugqZ6LGO2IU612CzRg4MMW6ft_A==; Max-Age=31536000; Expires=Tue, 30 Jan 2024 20:24:13 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
bid.contextweb.com/header/ortb?src=prebid
198.148.27.134204 No Content 0 B URL HTTP/2 bid.contextweb.com/header/ortb?src=prebid
IP 198.148.27.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /header/ortb?src=prebid HTTP/1.1
Host: bid.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1633
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
x-no-bid-reason: Passback by decision
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-expose-headers: Access-Control-Allow-Origin
x-envoy-upstream-service-time: 2
date: Mon, 30 Jan 2023 20:24:13 GMT
server: envoy
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
104.26.8.169304 Not Modified 0 B IP 104.26.8.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Mon, 30 Jan 2023 20:24:13 GMT
Connection: keep-alive
x-amz-id-2: 4tOz+34hpDpk86MvU1P78KPKm7a7VIS+MWt8xLldR2VdIdE8oWlfd7P/leRkBx6ZuEdqqsffCFU=
x-amz-request-id: CAW143MYKR71BRQX
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: "c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 642647
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=me0UBDqwG017RPboNohNWxGJ%2BfFMC%2Fm8wzgJamkeeW3lDPz4nB6oJBVisJ8tHw35oHlFUZmn94jbQNyLmE3yVy07QX7U4NXW1BFc9tjnCFEmVg%2FJo4k9dhk%2BIr08vdJK"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791cee0c6b88b505-OSL
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2098
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
date: Mon, 30 Jan 2023 20:24:11 GMT
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsharemods.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
54.230.111.210200 OK 1.3 kB URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsharemods.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
IP 54.230.111.210:0
File type JSON data\012- , ASCII text, with very long lines (1326), with no line terminators
Hash a86f964d95b83df6b8761dec3895fb28
b465f383b2efebd9306004bb7be1a915034378cb
f641e0e13e7d72f53b3406ad9a493a013eca8c7efff120e60153c978a13bea2b
GET /cdn/prod/config?src=600&u=https%3A%2F%2Fsharemods.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
content-length: 1326
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Mon, 30 Jan 2023 17:33:19 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UhQK0-3gTHmsVpShqVunokAD_q8AOQhdxhyrhL31CO_1HA-kN3uvlQ==
age: 10254
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675110267220&d=9784&wsc=00&typ=embed&mobile=0&c=44
217.182.102.207200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675110267220&d=9784&wsc=00&typ=embed&mobile=0&c=44
IP 217.182.102.207:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1675110267220&d=9784&wsc=00&typ=embed&mobile=0&c=44 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:13 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Monday, 30-Jan-2023 20:24:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bd8dbd119b14df41e624c0620bb3d100
39d9c39b7009337d3b5acb7b07df3e1f23936ec5
607b6a8c95f0e5c20fb7e8b1158fa02561a0241d24f9413f7104b97aa19c9e83
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1908
Cache-Control: max-age=146677
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:13 GMT
Etag: "63d7b9ee-117"
Expires: Wed, 01 Feb 2023 13:08:50 GMT
Last-Modified: Mon, 30 Jan 2023 12:37:02 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
adservice.google.com/adsid/integrator.js?domain=sharemods.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=sharemods.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharemods.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 30 Jan 2023 20:24:13 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 57 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 57116, version 1.0\012- data
Hash 0df839703cae7648ea76e7525842ec83
1220ca1a9f7fb2f27f0249fdcc31e29636e48e9b
1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2
GET /s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://cdn.onnetwork.tv/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 57116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 18:34:26 GMT
expires: Sat, 27 Jan 2024 18:34:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 21 Sep 2021 23:13:54 GMT
content-type: font/woff2
age: 265787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=ujo2W18wJTJCZlF0SXNmRTJ5RlRtckxrbXRsNWJTck5LSkx4anlKViUyQkxaNzV2VVVrYmFUNmIwMnluajhUYXVmVmclMkZKT2Q1JTJCdUlwVU1WWSUyQjFYeWlYSURkU29Bb1pMUm5yTlk0R3ZJJTJCSFA2RmFjb1hmeCUyQkFCR2tGaHRiVG9uUVdOV1o4V3klMkI&cw=1&lsw=1
178.250.2.146200 OK 122 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=ujo2W18wJTJCZlF0SXNmRTJ5RlRtckxrbXRsNWJTck5LSkx4anlKViUyQkxaNzV2VVVrYmFUNmIwMnluajhUYXVmVmclMkZKT2Q1JTJCdUlwVU1WWSUyQjFYeWlYSURkU29Bb1pMUm5yTlk0R3ZJJTJCSFA2RmFjb1hmeCUyQkFCR2tGaHRiVG9uUVdOV1o4V3klMkI&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e62b862cedd58fe473d37c8b49a9ec8e
33296b78726866276a79899f3d1e607565b6306e
ff4d8bcbdae14765a6c41638e6f2de0173f2e7dc7a0b81e1359483d8bf93582b
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=ujo2W18wJTJCZlF0SXNmRTJ5RlRtckxrbXRsNWJTck5LSkx4anlKViUyQkxaNzV2VVVrYmFUNmIwMnluajhUYXVmVmclMkZKT2Q1JTJCdUlwVU1WWSUyQjFYeWlYSURkU29Bb1pMUm5yTlk0R3ZJJTJCSFA2RmFjb1hmeCUyQkFCR2tGaHRiVG9uUVdOV1o4V3klMkI&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 387970
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
23.46.116.133200 OK 17 kB URL HTTP/2 secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
IP 23.46.116.133:0
File type Unicode text, UTF-8 text, with very long lines (36525), with NEL line terminators
Hash 65875d9adc4599663a61e744c57d3e08
da7689e79bd92cd1c676badf0fb897f045d48653
830050c7e3b735c29efa65defb4de8dc42969a8cbb12e520479f9d067a90f4bf
GET /js/pubcid/latest/pubcid.min.js HTTP/1.1
Host: secure.cdn.fastclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Thu, 13 Oct 2022 18:14:48 GMT
etag: "d4ed-5eaee7c12df48-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 17131
content-type: application/javascript
cache-control: max-age=900
expires: Mon, 30 Jan 2023 20:39:13 GMT
date: Mon, 30 Jan 2023 20:24:13 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=sharemods.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=sharemods.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharemods.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 30 Jan 2023 20:24:13 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=sharemods.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=sharemods.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharemods.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 30 Jan 2023 20:24:13 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=sharemods.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=sharemods.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharemods.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 30 Jan 2023 20:24:13 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=sharemods.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=sharemods.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharemods.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 30 Jan 2023 20:24:13 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 73d6f94eec5f7bf78dc11951011af215
2d7941713a82a83c174bf782b618a6f86a8ab2d7
9de1920abadb3501bcf9f787608807f13a266efea69f12fc811bc7cac14a3552
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&pid=pCiA828gq8gBg&cb=0&ws=336x150&v=23.123.1617&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1675110265815-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22300x300%22%2C%22336x280%22%2C%22320x320%22%5D%2C%22sn%22%3A%22%2F147246189%2C21696195204%2Fsharemods.com_336x280_1%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
54.230.241.131200 OK 193 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&pid=pCiA828gq8gBg&cb=0&ws=336x150&v=23.123.1617&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1675110265815-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22300x300%22%2C%22336x280%22%2C%22320x320%22%5D%2C%22sn%22%3A%22%2F147246189%2C21696195204%2Fsharemods.com_336x280_1%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash b248a666cc8937132a2fe02d5b38050d
055a4e059e1513c175eb66fa46edfadef523cc9e
ad812d846e127baf14db46ce2d3cf0b0bd64c3ecdeb17e0ca4c956d40582492d
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&pid=pCiA828gq8gBg&cb=0&ws=336x150&v=23.123.1617&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1675110265815-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22300x300%22%2C%22336x280%22%2C%22320x320%22%5D%2C%22sn%22%3A%22%2F147246189%2C21696195204%2Fsharemods.com_336x280_1%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 193
server: Server
date: Mon, 30 Jan 2023 20:24:13 GMT
x-amz-rid: 96XZSB3KVDWW5PH521TR
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O0OOHsSlGAbwTYMb3S9FsSdFLOZzzdYvlH4p0geeUrdp3CyVq636og==
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player90/embed.min.js?s=1675025833
217.182.102.207200 OK 117 kB URL HTTP/2 cdn.onnetwork.tv/js/player90/embed.min.js?s=1675025833
IP 217.182.102.207:0
File type Unicode text, UTF-8 text, with very long lines (65496), with no line terminators
Size 117 kB (116750 bytes)
Hash 2c68ec15ee9cbbcdae1046a93f716acd
0424b5d4a727efb8c30795d2d24da15b6678b5c5
1cabada2b626ca8109d192998ff8e66cf8811c61eab1543c8368012c08c05e04
GET /js/player90/embed.min.js?s=1675025833 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: application/javascript
last-modified: Sun, 29 Jan 2023 20:57:13 GMT
vary: Accept-Encoding
etag: W/"63d6dda9-11b05"
expires: Fri, 18 Aug 2023 20:24:12 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7311
Expires: Mon, 30 Jan 2023 22:26:04 GMT
Date: Mon, 30 Jan 2023 20:24:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7311
Expires: Mon, 30 Jan 2023 22:26:04 GMT
Date: Mon, 30 Jan 2023 20:24:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7310
Expires: Mon, 30 Jan 2023 22:26:04 GMT
Date: Mon, 30 Jan 2023 20:24:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7310
Expires: Mon, 30 Jan 2023 22:26:04 GMT
Date: Mon, 30 Jan 2023 20:24:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 81066
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7310
Expires: Mon, 30 Jan 2023 22:26:04 GMT
Date: Mon, 30 Jan 2023 20:24:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 81125
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:56:46 GMT
age: 80848
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16576/sync.min.js
54.230.111.122200 OK 19 kB URL HTTP/2 tags.crwdcntrl.net/lt/c/16576/sync.min.js
IP 54.230.111.122:0
Hash b13c81bc9ea2f2acafb41ec38719271b
2ac03fbfbdfa45572d4e463269a3df5c9017d511
f5a4eeafcb24711cc8ed1cdf50b8cd9c3ca752a90756ed9cf4d3d6b59d0ad064
GET /lt/c/16576/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
date: Mon, 30 Jan 2023 17:40:14 GMT
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
etag: W/"322a4a4dadec5839e9040f77edf9282d"
x-amz-server-side-encryption: AES256
cache-control: max-age: 86400
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 344DiwJw1o4WOpAC5hCnZCwFU1gpAObI50ZGwG1j-91oJh1hXBL-Lg==
age: 9840
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player86/player_utils.js?s=1675099712
217.182.102.207200 OK 11 kB URL HTTP/2 cdn.onnetwork.tv/js/player86/player_utils.js?s=1675099712
IP 217.182.102.207:0
Hash 93257520fb425933a9851b0f6447efce
0468761d1c96202c6a73e4f35f70418fb0534202
efb677fd5b23570194e97e933e53508976fc9663c4923d0da36e28c5677126d4
GET /js/player86/player_utils.js?s=1675099712 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:13 GMT
content-type: application/javascript
last-modified: Mon, 30 Jan 2023 17:28:32 GMT
vary: Accept-Encoding
etag: W/"63d7fe40-2cde"
expires: Fri, 18 Aug 2023 20:24:13 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 80933
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.21.226:0
Hash 3577666c455f968cf6314ec568ae7de1
08360f90c7c8b91fa676456db799bd684747576d
37c718db8b4bf7769e30c0be0c30889b017be503b2ab3a70c7a767c1a70fafca
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 20:24:14 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "39FAE5D3574CF158EAD4EBA25DD8415CB3AD468E"
Expires: Tue, 31 Jan 2023 07:00:00 GMT
Last-Modified: Mon, 30 Jan 2023 19:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2046
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791cee10ba50b505-OSL
ebc6ecb7346f3a5ab80841aaa718fdb9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
142.250.74.97200 OK 2.7 kB URL HTTP/2 ebc6ecb7346f3a5ab80841aaa718fdb9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html?n=2 HTTP/1.1
Host: ebc6ecb7346f3a5ab80841aaa718fdb9.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Mon, 30 Jan 2023 20:24:14 GMT
expires: Tue, 30 Jan 2024 20:24:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
142.250.74.74200 OK 30 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (3448)
Hash c07b9ad75840734471c894f19ec1a5d4
e7961cbda33facd68e559950952d6672163cece6
ccb3ed445806bad2a91194b8e19ab83ff19e616dec62685741e214125987f690
GET /js/sdkloader/gpt_proxy.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 29703
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 20:11:07 GMT
expires: Mon, 30 Jan 2023 20:26:07 GMT
cache-control: public, max-age=900
age: 787
last-modified: Thu, 26 Jan 2023 19:32:55 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
7016dee7e6712af39722707763f50cbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
142.250.74.97200 OK 2.7 kB URL HTTP/2 7016dee7e6712af39722707763f50cbc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html?n=2 HTTP/1.1
Host: 7016dee7e6712af39722707763f50cbc.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Mon, 30 Jan 2023 20:24:14 GMT
expires: Tue, 30 Jan 2024 20:24:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
142.250.74.74200 OK 126 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (2846)
Size 126 kB (126544 bytes)
Hash 08170b094847c66f3b89d5a577c739ea
ea3f55dae751aaa5fb5b0fd0d74354c26d76dccd
598ef4c4803f256ff79120afe545bc162d0d84bc1224acff09a1dcd2f0bd9b35
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 126544
date: Mon, 30 Jan 2023 20:24:14 GMT
expires: Mon, 30 Jan 2023 20:24:14 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 723de41863b7d3a6898b5306d240e329
924514514d5ecaa7da5dc2587d811dbb0f0339d3
d63168b3e1576ca354de7b05b0862d0770f0f4d0c45ea566965e4bea48611aaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D63168B3E1576CA354DE7B05B0862D0770F0F4D0C45EA566965E4BEA48611AAF"
Last-Modified: Mon, 30 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12513
Expires: Mon, 30 Jan 2023 23:52:47 GMT
Date: Mon, 30 Jan 2023 20:24:14 GMT
Connection: keep-alive
a14812466b188e3e6236641efde9a15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 2.7 kB URL HTTP/2 a14812466b188e3e6236641efde9a15c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: a14812466b188e3e6236641efde9a15c.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Mon, 30 Jan 2023 20:24:14 GMT
expires: Tue, 30 Jan 2024 20:24:14 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 3025fb112231fed65dd6afa7586ea320
7055cfa6528fac0e753e6d5c816ed4c833860b15
8bf2cd4d60db22be0de2f303c50bb070b2c0d4d89376d638e39d03c9d9666da1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1358
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:14 GMT
Last-Modified: Mon, 30 Jan 2023 20:01:36 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
cdn.id5-sync.com/api/1.0/id5-api.js
104.22.53.86200 OK 28 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 104.22.53.86:0
Hash 77f7cb83fb891c2939570b9fc19bebbd
daf7b787bed508b75f3e1d70166b2da7ff0e53a1
4f6f152b499727a1f69c95cadf9c3246ba09a970cb89a354380a60894e4ef76a
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:13 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: CO+cPK9MlXQ+Pp7rzr8UBe9jXf3QVRyCEIXUUj0WHfDV3zQVrjcz3bOmEOU9iBqkaS9ucJx5v/0=
x-amz-request-id: H722FXZ7MH4EZWKX
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 815
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 791cee0e4d3ab527-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
lbs.eu-1-id5-sync.com/lbs/v1
141.95.33.111200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP 141.95.33.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a534a3d36accc680f6a4f73f8692f49d
d8c8b9b6fa765177e3f09eded31b532bd306e649
9e2fc49e19539176eed0e857304f610bde6cc4469181c426b53c6212b34355ff
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Mon, 30 Jan 2023 20:24:14 GMT
access-control-allow-origin: https://sharemods.com
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
lb.eu-1-id5-sync.com/lb/v1
162.19.138.119200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 162.19.138.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 384c2106954a5fada32ddb7eaf547815
a01b07e6a4e9783f8fb66113dddfe92f27626e26
a42fc8debc62680f4dc0c231a7cbff1d8b3fe97d67bcfb846fe72586e8fc2e7a
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Mon, 30 Jan 2023 20:24:13 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
142.250.74.66200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
IP 142.250.74.66:0
File type JSON data\012- , ASCII text, with very long lines (14821), with no line terminators
Hash d08bd0b6e07e119d2a15b44d9084c592
b4d8a091c46564dacd25efbcbf90a62c263d9057
99d5c00354d6562fa378631dbcb769530a89abf331aada3103042113f7fd7bba
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Mon, 30 Jan 2023 20:24:14 GMT
server: cafe
content-length: 11187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bcp.crwdcntrl.net/6/map
52.210.29.207200 OK 60 B IP 52.210.29.207:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a2121ded12bc864a90eb55dfc29aa6d0
b1bff6c421fc25b29c1c5c9abefb770aa3df33b5
e64c80a5d4a11810c7d818dcd3a36d209a57830115f1dda96fba62d31f4cb4c0
POST /6/map HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 50
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:14 GMT
content-type: application/json;charset=utf-8
content-length: 60
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.29.102
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=sharemods.com&doc=complete&pg_h=150&pg_w=980&pg_hs=150&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
142.250.74.66204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=sharemods.com&doc=complete&pg_h=150&pg_w=980&pg_hs=150&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=ama_stats&su=sharemods.com&doc=complete&pg_h=150&pg_w=980&pg_hs=150&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 20:24:14 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain
67.220.224.150302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain
IP 67.220.224.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Mon, 30 Jan 2023 20:24:14 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: J7VFEE0MHCZCTQTYYE45
Set-Cookie: ad-id=A4RuIdH9OUUMkMfD0N1vdxM|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 20:24:14 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
142.250.74.66200 OK 13 kB URL HTTP/2 pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (1493)
Hash 0dece4b354fc41d0430994be26247a47
1063c9471665bb53cc9a4e89c4cf0f1e9f695f8d
71a1c1d814cc6c713b3513212be779f944e9b4002e1fb89ac36e438a1a04e4a0
GET /omsdk/releases/live/omweb-v1.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-length: 13109
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 20:14:00 GMT
expires: Mon, 30 Jan 2023 21:14:00 GMT
cache-control: public, max-age=3600
age: 614
last-modified: Mon, 31 Oct 2022 17:24:37 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570814_5.jpg
217.182.102.207200 OK 96 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570814_5.jpg
IP 217.182.102.207:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 1280x720, components 3\012- data
Hash 8af4b14ab8641600bd4e0e14529131c1
36a0c66ceda1499e96e75c5d7fc4f28d33a218f5
18b20f40b1c2b85fd542c41541bc0fc8537c2395031ce89f0ba30fa149f1ffe7
GET /poster/5/7/570814_5.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:14 GMT
content-type: image/jpeg
content-length: 95852
last-modified: Mon, 07 Feb 2022 09:30:47 GMT
etag: "6200e6c7-1766c"
expires: Fri, 18 Aug 2023 20:24:14 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
id5-sync.com/g/v2/481.json
162.19.138.83200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 162.19.138.83:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d4fdaf918b50673588b9ed656a84d20b
4732acb525640005fa2a7588638b83e82f41f8c5
6ff1239c14bd5c3ed49301fe180043863aa582c4483266c99a0e3924b885ed7a
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 596
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Mon, 30 Jan 2023 20:24:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675110268040&event=plimpression&d=9784&vs=0&aps=3&playerVisible=0&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
217.182.102.207200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675110268040&event=plimpression&d=9784&vs=0&aps=3&playerVisible=0&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 217.182.102.207:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1675110268040&event=plimpression&d=9784&vs=0&aps=3&playerVisible=0&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:14 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Monday, 30-Jan-2023 20:24:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675110268041&d=9784&wsc=ar&typ=embed&mobile=0&c=45
217.182.102.207200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675110268041&d=9784&wsc=ar&typ=embed&mobile=0&c=45
IP 217.182.102.207:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1675110268041&d=9784&wsc=ar&typ=embed&mobile=0&c=45 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:14 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Monday, 30-Jan-2023 20:24:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntm.png?ts=1675110268061&i=570814&d=9784&wsc=ar&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=3&vs=30
217.182.102.207200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntm.png?ts=1675110268061&i=570814&d=9784&wsc=ar&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=3&vs=30
IP 217.182.102.207:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntm.png?ts=1675110268061&i=570814&d=9784&wsc=ar&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=3&vs=30 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:14 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Monday, 30-Jan-2023 20:24:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/img/black2.mp4
217.182.102.207206 Partial Content 2.2 kB URL HTTP/2 cdn.onnetwork.tv/img/black2.mp4
IP 217.182.102.207:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 5cb95b4168423a49376882e1b2ba6171
8f6cc8c3da7687921eb12ef0d20769b988626f88
6212a4c6fd9be62d0795e3957471693cb344af6f21c2bbe0e957f3ed82520f1b
GET /img/black2.mp4 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:14 GMT
content-type: video/mp4
content-length: 2238
last-modified: Tue, 15 Nov 2022 12:58:10 GMT
etag: "63738ce2-8be"
expires: Fri, 18 Aug 2023 20:24:14 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-range: bytes 0-2237/2238
X-Firefox-Spdy: h2
aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain&dcc=t
67.220.224.150200 OK 64 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain&dcc=t
IP 67.220.224.150:0
File type HTML document, ASCII text
Hash be99f9f8ced5e5eb1f9721d861712f89
4291ee98f7ce20471796ec89961abb1acb2af1d8
f17fe415b91a13ea86b93344389e18c996384323ca3c2f4267b18c96b8314a12
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Mon, 30 Jan 2023 20:24:14 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 64
Connection: keep-alive
x-amz-rid: M9P3K84Q3PQY1FDJED3W
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 087182d3a6a359284853764004bfb9b4
0297b9b2cb72a979d6a1267f587bab0fb79b7b40
aa00ff2ec55972ad493cedf34c369da582f052df3a1f660610b8cbbcb78ce5ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6790797b1383d154dd96b9c7d96431d0
c10a4246e678333b636a3e7f8db4ddc4a9ad0efe
41d0d96842fc087c2f14bafc019b489a4ae9b6a05b2d626dcc12304f929978c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Mon, 30 Jan 2023 20:24:14 GMT
expires: Mon, 30 Jan 2023 20:24:14 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s0.2mdn.net/instream/video/client.js
172.217.21.166200 OK 17 kB URL HTTP/2 s0.2mdn.net/instream/video/client.js
IP 172.217.21.166:0
File type ASCII text, with very long lines (2156)
Hash 49295de6ccd23cf80b6418a2d209868f
42a955b4560bb22cb9b5b39577f7a691ea345018
d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
GET /instream/video/client.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 16746
date: Mon, 30 Jan 2023 20:24:14 GMT
expires: Mon, 30 Jan 2023 20:24:14 GMT
cache-control: private, max-age=900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
IP 142.250.74.131:0
Hash 8caf1fe664885dd5adc81670c934484f
54ef10948d9fece5b4a7493986d4c90e9eefb814
ecdf2a901c4c4cc5ed14631b8e8afbabf59f6eb7158c2cd7403913e7e89eed9f
POST /s/gts1d4/0-8iGxjpB1Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:14 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.prod.uidapi.com/uid2SecureSignal.js
54.230.82.163200 OK 1.9 kB URL HTTP/1.1 cdn.prod.uidapi.com/uid2SecureSignal.js
IP 54.230.82.163:0
File type ASCII text, with very long lines (1859), with no line terminators
Hash aded621b17723f487b3c9d0e43cf2f94
90fbec381aa4a6ae2a2bb37eb082291432a1ab18
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
GET /uid2SecureSignal.js HTTP/1.1
Host: cdn.prod.uidapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1859
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 30 Jan 2023 04:07:51 GMT
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: POTRP1SQoSSZKCqZEDUplaNZ4IXMV3f03NsIhC5RX_bZuzK_cf9Hug==
Age: 58583
oa.openxcdn.net/esp.js
34.102.146.192200 OK 7.9 kB IP 34.102.146.192:0
File type ASCII text, with very long lines (24615), with no line terminators
Hash df5542b88bc0e368c6999754a5b9e2ba
54f17142faeb7c882fee3bf67d537733e75e43ae
b82da9703a35c5436f9e47711f5b95d5357f02d590cb39dba99355b9b073561f
GET /esp.js HTTP/1.1
Host: oa.openxcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduHl6u8JxpNEVdXEvZZTLdWuAUkboHIwYGMUr80BITdcHVtAYBnyTRFUssV-3Yidk2maNk1R-3HZQ4wmL-LnQEK_w
x-goog-generation: 1622140251693895
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7927
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7927
server: UploadServer
date: Mon, 30 Jan 2023 11:54:31 GMT
expires: Tue, 30 Jan 2024 11:54:31 GMT
cache-control: no-transform
age: 30583
last-modified: Thu, 27 May 2021 18:30:51 GMT
etag: "df5542b88bc0e368c6999754a5b9e2ba"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 196441b9ab491e04729c460aa7c63959
867ae480338a7fb9b5b58822291e27da45e624e7
b9189c93052f01d911133670a93abb3fa63a2e45ca729c9d64c5e9a0096b3427
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fbc6e141a7c7ec3aee1dfa4e309da411
7dbb86266e59273ddbbc5a7238f4d2329fd3d0a7
23a330037372c846907904fc7f920828f617237779c80b779c9000fb4e5594d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fbc6e141a7c7ec3aee1dfa4e309da411
7dbb86266e59273ddbbc5a7238f4d2329fd3d0a7
23a330037372c846907904fc7f920828f617237779c80b779c9000fb4e5594d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fbc6e141a7c7ec3aee1dfa4e309da411
7dbb86266e59273ddbbc5a7238f4d2329fd3d0a7
23a330037372c846907904fc7f920828f617237779c80b779c9000fb4e5594d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fbc6e141a7c7ec3aee1dfa4e309da411
7dbb86266e59273ddbbc5a7238f4d2329fd3d0a7
23a330037372c846907904fc7f920828f617237779c80b779c9000fb4e5594d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.2.146200 OK 137 kB URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.2.146:0
Size 137 kB (136959 bytes)
Hash 6492a207a00f40900df1af64e5228fa8
bb9c544b231d9df9876261a4bea3c82bf34b170f
7c6890c09d73c0130d328eaf8dcdbc2684639e83a021fa8d7c04acc0bf2e2680
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 466952
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs
216.58.207.193200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (41057)
Hash d002971e2ddb3b4efd4dc02db13ee630
da135f871d06963e22f3dc6ec251cfbaed9740ad
a464154b965a79018453f4b97ffa8412a5059b0b521472bfc0e84df5c74d8fac
GET /rtv/012301181928000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12960
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "f74ebce85e2cb18a"
content-type: text/javascript; charset=UTF-8
age: 8378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs
216.58.207.193200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (14751)
Hash 73e00d54af81c3fab604b50e24c8e9c3
69acac1ec53fcbcf886bb240adabd050520197f9
3347e49ea6e174315c1bee3660a9988e4c7fe184a7a1176cf2aceb307c73125a
GET /rtv/012301181928000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5218
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "47662644ea8653a3"
content-type: text/javascript; charset=UTF-8
age: 8378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs
216.58.207.193200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (5021)
Hash 15dbec6a43680f6683938949e1b50562
fd479e89a3460ca0e48b5001aad0a2836df31dab
d08eefabc738f11545330db83c2d3e9a855add08db6b9d9217a15dd783c4f5c8
GET /rtv/012301181928000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1914
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "f13d3e1d36b26a3d"
content-type: text/javascript; charset=UTF-8
age: 8378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs
216.58.207.193200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (65534)
Hash 71f3ba24b0a01ade500d97ad0b8f3617
508b7affbf3e3c2b8bf4f46ebcb69ea29855bf9a
34c90f195073264a8f3e51bb9582b73665f65d7b053a031400c48bf627ca9d69
GET /rtv/012301181928000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28817
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "6eb387830c268337"
content-type: text/javascript; charset=UTF-8
age: 8378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/vFK9qEKFQSs
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/vFK9qEKFQSs
IP 142.250.74.131:0
Hash f1cec74946dbb27dcd669ba58add0fde
43aac03a118390eefad7a123d946c7f99ba2bbdf
bfcb52227da4f6a65df017f21c56d3d874f7438823b992c1d05de11867e1c061
POST /s/gts1d4/vFK9qEKFQSs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
IP 142.250.74.131:0
Hash 8caf1fe664885dd5adc81670c934484f
54ef10948d9fece5b4a7493986d4c90e9eefb814
ecdf2a901c4c4cc5ed14631b8e8afbabf59f6eb7158c2cd7403913e7e89eed9f
POST /s/gts1d4/0-8iGxjpB1Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bcp.crwdcntrl.net/6/map
52.210.29.207200 OK 60 B IP 52.210.29.207:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 63bd41682e874dad47fa07eb957e98b1
d3498235e002145c1b925e29a02bb1b912d8506d
3c381d03b118a4e4141f2e5df3d6c2a135473c18dbdb01ea9867e4d0c984f84e
POST /6/map HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 50
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:15 GMT
content-type: application/json;charset=utf-8
content-length: 60
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.11.55
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 2ac1bcdceabf1fc4e07017906aa8a815
ba00b737325fc50b35af8d851ced0fe13d1cba22
c6c54f5dbbfc40b454b9c67a7972827f500d83b10a1594f7cb56c69158278c08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
34.96.70.87200 OK 1.3 kB URL HTTP/2 invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
IP 34.96.70.87:0
File type ASCII text, with very long lines (1178)
Hash f5bc066f146e3dbb049aa6c86c7012e6
efa97d857c263b3b3672e2ffa630af6e2625d84b
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
GET /encrypted-signals/encrypted-tag-g.js HTTP/1.1
Host: invstatic101.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvqFV5vgVbu4ERIMNTftxGl0Tb3jXS1-DEPLIEeckB-2z-FrHGGoVxfPk9n7yW-RHRCs4chyxr5s0D0ZcxqTKufE5aOVAze
vary: X-Goog-Allowed-Resources
x-goog-generation: 1659113709880056
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1258
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1258
server: UploadServer
via: 1.1 google
date: Mon, 30 Jan 2023 19:56:03 GMT
expires: Mon, 30 Jan 2023 20:56:03 GMT
cache-control: public, max-age=3600
age: 1692
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fbc6e141a7c7ec3aee1dfa4e309da411
7dbb86266e59273ddbbc5a7238f4d2329fd3d0a7
23a330037372c846907904fc7f920828f617237779c80b779c9000fb4e5594d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.132200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 713700fa9a2482ba9c9e20c0a6587370
54ed4118a52aab494c2216245f7547d2aef1dea8
e2490f0bcfb183fe7a8c657ccfae485275b04a92961b180ad13356bfe79df880
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 30 Jan 2023 20:24:15 GMT
date: Mon, 30 Jan 2023 20:24:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-sIRkcTtwtmTmPF9G76O_2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 369b6c75025aa9b1338cf2d004c654be
47c416c47902454a7003f8fcf88d7c405e235a55
1a43cee532d632a72d4ce548f68e47b115dcb0d8c1de480d0caf4b02204e3996
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1672
Cache-Control: max-age=154712
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Etag: "63d7da3f-1d7"
Expires: Wed, 01 Feb 2023 15:22:47 GMT
Last-Modified: Mon, 30 Jan 2023 14:54:55 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.google.com/recaptcha/api2/aframe
142.250.74.132200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 7ffc36497bdd899da2c87887c23f0670
803b042cb487a568b7a9ec32a933f4a7e8650009
f6fcba2a6ad02fe9e23d1f1b24c1a4bb25e75094335272766c7ae1fe48ee7bcb
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 30 Jan 2023 20:24:15 GMT
date: Mon, 30 Jan 2023 20:24:15 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-P7nAyXcfyZ6pD8gwe6Fm5Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 94da194bbf70aa41a65827c4882ea756
6db97bd2d9b0d4406523d4a6984f62a21d76c6a8
eaf9c0e5fef6d174295c7abb4b3b61620cfdb84067e86b3544ebdb37f9d916a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5337
Cache-Control: max-age=153670
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Etag: "63d7c7dc-13a"
Expires: Wed, 01 Feb 2023 15:05:25 GMT
Last-Modified: Mon, 30 Jan 2023 13:36:28 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 64aab243abc75ee3a98fe22060a8ef6a
52c51e76a76ef24f57fce419abb2a08838e1226a
187d2be07e3fcedc61afd1b789d44ba91d221446f0dee8d5f2d2bb3358f4a230
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5347
Cache-Control: max-age=120615
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Etag: "63d746b3-139"
Expires: Wed, 01 Feb 2023 05:54:30 GMT
Last-Modified: Mon, 30 Jan 2023 04:25:23 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 64aab243abc75ee3a98fe22060a8ef6a
52c51e76a76ef24f57fce419abb2a08838e1226a
187d2be07e3fcedc61afd1b789d44ba91d221446f0dee8d5f2d2bb3358f4a230
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5383
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Etag: "63d746b3-139"
Last-Modified: Mon, 30 Jan 2023 18:54:32 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/s/gts1d4/vFK9qEKFQSs
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/vFK9qEKFQSs
IP 142.250.74.131:0
Hash f1cec74946dbb27dcd669ba58add0fde
43aac03a118390eefad7a123d946c7f99ba2bbdf
bfcb52227da4f6a65df017f21c56d3d874f7438823b992c1d05de11867e1c061
POST /s/gts1d4/vFK9qEKFQSs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id5-sync.com/api/esp/increment?counter=no-config
162.19.138.83204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 162.19.138.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
date: Mon, 30 Jan 2023 20:24:14 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:14 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=P7HaLF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2UW5wbFVURWJGTHVFaktEVXgyb2tVaw; expires=Sat, 24 Feb 2024 20:24:15 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 320636
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
IP 142.250.74.131:0
Hash 98c9b4ed7831c26b8db9e7910723d2b4
1502cc41cd4446e7eb1ce1712957c18a4c2eab04
6e858a445e13bcf280e014994fd82b5f286cd5a739a0e92394223a80449cc475
POST /s/gts1d4/xn041pq5aCQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
IP 142.250.74.131:0
Hash 98c9b4ed7831c26b8db9e7910723d2b4
1502cc41cd4446e7eb1ce1712957c18a4c2eab04
6e858a445e13bcf280e014994fd82b5f286cd5a739a0e92394223a80449cc475
POST /s/gts1d4/xn041pq5aCQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oajs.openx.net/esp?url=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&rid=esp
34.120.135.53200 OK 2 B URL HTTP/2 oajs.openx.net/esp?url=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&rid=esp
IP 34.120.135.53:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /esp?url=https%3A%2F%2Fsharemods.com%2Fvmlcxededu7o%2FFS19_BizonRekordZ058.zip.html%3Ffbclid%3DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&rid=esp HTTP/1.1
Host: oajs.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: https://sharemods.com
vary: Origin
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 2
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
date: Mon, 30 Jan 2023 20:24:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
esp.rtbhouse.com/encrypt
35.190.39.111200 OK 2 B IP 35.190.39.111:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /encrypt HTTP/1.1
Host: esp.rtbhouse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Origin
access-control-allow-methods: POST, GET
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
access-control-allow-headers: content-type
content-type: text/plain; charset=utf-8
x-cloud-trace-context: d63337a6265ee6a6a2ba0bec22145e51
date: Mon, 30 Jan 2023 20:24:15 GMT
server: Google Frontend
content-length: 2
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 369b6c75025aa9b1338cf2d004c654be
47c416c47902454a7003f8fcf88d7c405e235a55
1a43cee532d632a72d4ce548f68e47b115dcb0d8c1de480d0caf4b02204e3996
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6547
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Last-Modified: Mon, 30 Jan 2023 18:35:08 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cb03afd95810d92bdec015ba126294c9
b3babf4a480ef276a57382fcb0442fc73073f426
1a8fb49c962765171539f3a8296b66ce14d72400c91c9fe639beeb15089b50e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A8FB49C962765171539F3A8296B66CE14D72400C91C9FE639BEEB15089B50E4"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15362
Expires: Tue, 31 Jan 2023 00:40:17 GMT
Date: Mon, 30 Jan 2023 20:24:15 GMT
Connection: keep-alive
esp.rtbhouse.com/encrypt
35.190.39.111200 OK 349 B IP 35.190.39.111:0
File type JSON data\012- , ASCII text, with very long lines (349), with no line terminators
Hash 171db4d28ef380b78973f93905ea44df
66bc14e803c8c24ddfde3231510860a93d7578a5
37d70b5da2dad11b74aef7ce5e1b4454690d3b6e90524a156f1fcf4edc307348
POST /encrypt HTTP/1.1
Host: esp.rtbhouse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Content-Type: application/json
Origin: https://sharemods.com
Content-Length: 251
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-cloud-trace-context: e902ccc1e45684f235f26bf9405f77ae
date: Mon, 30 Jan 2023 20:24:15 GMT
server: Google Frontend
content-length: 349
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cb03afd95810d92bdec015ba126294c9
b3babf4a480ef276a57382fcb0442fc73073f426
1a8fb49c962765171539f3a8296b66ce14d72400c91c9fe639beeb15089b50e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A8FB49C962765171539F3A8296B66CE14D72400C91C9FE639BEEB15089B50E4"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15362
Expires: Tue, 31 Jan 2023 00:40:17 GMT
Date: Mon, 30 Jan 2023 20:24:15 GMT
Connection: keep-alive
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675110269079&d=9784&wsc=ar&typ=embed&mobile=0&c=23
217.182.102.207200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675110269079&d=9784&wsc=ar&typ=embed&mobile=0&c=23
IP 217.182.102.207:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1675110269079&d=9784&wsc=ar&typ=embed&mobile=0&c=23 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:15 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Monday, 30-Jan-2023 20:24:15 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
142.250.74.66200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
IP 142.250.74.66:0
File type JSON data\012- , ASCII text, with very long lines (14683), with no line terminators
Hash f335f47782c12f6b9241905f089e58b7
ddb01b18e9b4e8041c3fac4b884ed495307cee86
b45fb336dfa982d0d84e6e6acd62ffc691f8fe204f320f8a4a9897547f409584
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Mon, 30 Jan 2023 20:24:15 GMT
server: cafe
content-length: 11081
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
IP 142.250.74.131:0
Hash 98c9b4ed7831c26b8db9e7910723d2b4
1502cc41cd4446e7eb1ce1712957c18a4c2eab04
6e858a445e13bcf280e014994fd82b5f286cd5a739a0e92394223a80449cc475
POST /s/gts1d4/xn041pq5aCQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 20:24:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tags.crwdcntrl.net/lt/c/16589/sync.min.js
54.230.111.122200 OK 10 kB URL HTTP/2 tags.crwdcntrl.net/lt/c/16589/sync.min.js
IP 54.230.111.122:0
Hash a15facb56325b5f870112eb118b26c42
62bc43ef44c5dedb8e8406ce428b9568e5f80b03
7e57eadd5db724ad73a69d53f0a082c98ada575fccb420af8f53f7b90e2ae2e7
GET /lt/c/16589/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
date: Mon, 30 Jan 2023 17:40:14 GMT
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
x-amz-server-side-encryption: AES256
cache-control: max-age: 86400
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -zURGX2cj7IzzFdF7VYrmIkA5sD0l3iv7eIozxqM2Vm-ob1N2-DQBw==
age: 9842
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
142.250.74.35200 OK 604 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 7bd42e5a35b5fb3ff852d6ea9191ca83
8a141eb392a05a2dea3dcd83b97940ef70a81ebc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
GET /images/icons/material/system/2x/settings_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a14812466b188e3e6236641efde9a15c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 13:30:57 GMT
expires: Thu, 25 Jan 2024 13:30:57 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 456798
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 20 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 552
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 30 Jan 2023 20:24:15 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
178.250.2.146200 OK 19 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
IP 178.250.2.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 6ee7c547f36a2d540da68340cc28347e
544f9dddafc6c13eb2ed78eeb976fa9111940e57
7354cd003747b7fb4390d0649f16b93484dc13d9c5329bac80859530e9ae477b
GET /syncframe?origin=publishertag&topUrl=sharemods.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:14 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=77f5fe7e-174f-499e-a307-fdd8a7c9063a; expires=Sat, 24 Feb 2024 20:24:14 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 821856
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
google-bidout-d.openx.net/w/1.0/pd?plm=5
35.244.159.8200 OK 20 B URL HTTP/2 google-bidout-d.openx.net/w/1.0/pd?plm=5
IP 35.244.159.8:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /w/1.0/pd?plm=5 HTTP/1.1
Host: google-bidout-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
date: Mon, 30 Jan 2023 20:24:15 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.59200 OK 381 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.59:0
File type JSON data\012- , ASCII text, with very long lines (418), with no line terminators
Hash e25e32fec6f4bc68358084c1aa0c7388
92e7be09ffbeb42c5836ad7fff4a40043896a703
a9452b831f1869f0ba0061081094760943dfd1e132b08683aa4624506f61dbe5
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 111106
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.91200 OK 358 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.91:0
File type JSON data\012- , ASCII text, with very long lines (404), with no line terminators
Hash 5f482aa1503c7f17a8eb1bd0477836e1
e39fa041c870d656a2a2595fe1a05e9a163da4cd
c2c97346b155ccb80c08c689445217d0b55478ca4811f0c935c5c620d64bf7b1
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 88392
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.1.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.1.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 30 Jan 2023 20:24:16 GMT
Age: 49151
X-Served-By: cache-lga13626-LGA, cache-bma1657-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20, 175717
X-Timer: S1675110257.669907,VS0,VE0
Vary: Accept-Encoding
ads.betweendigital.com/sspmatch-iframe
188.42.34.65302 Found 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe
IP 188.42.34.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Tue, 30 Jan 2024 20:24:16 GMT; Path=/; Domain=.betweendigital.com
tuuid=e435514c-a602-521e-ba2e-daf8d9f6fd88; Max-Age=31536000; Expires=Tue, 30 Jan 2024 20:24:16 GMT; Path=/; Domain=.betweendigital.com
ut=Y9gncAAKc8jg_purfAII2CuTwVr5TcT0ELXemg==; Max-Age=31536000; Expires=Tue, 30 Jan 2024 20:24:16 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/showad.js
23.38.200.201200 OK 14 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/showad.js
IP 23.38.200.201:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (38560)
Hash 0bfae9b18579b7ea0de0abd7c0ffc58f
c2f662ef4cccd27c27ef82686c9ee92b742bc9eb
3fa4e70bb63923f8dd778b7c310e48ec07bbd13ec13ad144d902f8502247f714
GET /AdServer/js/showad.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13968
content-type: text/html
cache-control: max-age=146610
expires: Wed, 01 Feb 2023 13:07:46 GMT
date: Mon, 30 Jan 2023 20:24:16 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=uZuMA18wJTJCZlF0SXNmRTJ5RlRtckxrbXRsNVJnU1dVa0tTME1laU9MbHRUQiUyRkkxRHNNbDhBNW11MktoT2piZVh2ZGxTUVBGa0VJZ2E5MzdpRkJwaFpUSFV3WlJBV1FFMUZOWkZJZ3o4NGJ3cDZDNzNKUmN1cmFRYUlMWEglMkIxSG9OdHNTTw&info=fc7OnV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2VHQlMkIzZGg0eTR5VWZLY29KQlBvd0Y3&idsd=-1473198482,-523350592&cw=1&lsw=1
178.250.2.146200 OK 17 kB URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=uZuMA18wJTJCZlF0SXNmRTJ5RlRtckxrbXRsNVJnU1dVa0tTME1laU9MbHRUQiUyRkkxRHNNbDhBNW11MktoT2piZVh2ZGxTUVBGa0VJZ2E5MzdpRkJwaFpUSFV3WlJBV1FFMUZOWkZJZ3o4NGJ3cDZDNzNKUmN1cmFRYUlMWEglMkIxSG9OdHNTTw&info=fc7OnV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2VHQlMkIzZGg0eTR5VWZLY29KQlBvd0Y3&idsd=-1473198482,-523350592&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 2eec61c6530d407acb53109893e3d0ed
73abfe4a4b2e63108808c34b86153940ddc30c19
434ed0887cdf25325b1218e24ab6c9ac95d1b465c74e440a8ee087b1d9cb7a67
GET /sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=uZuMA18wJTJCZlF0SXNmRTJ5RlRtckxrbXRsNVJnU1dVa0tTME1laU9MbHRUQiUyRkkxRHNNbDhBNW11MktoT2piZVh2ZGxTUVBGa0VJZ2E5MzdpRkJwaFpUSFV3WlJBV1FFMUZOWkZJZ3o4NGJ3cDZDNzNKUmN1cmFRYUlMWEglMkIxSG9OdHNTTw&info=fc7OnV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2VHQlMkIzZGg0eTR5VWZLY29KQlBvd0Y3&idsd=-1473198482,-523350592&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1330978
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/showad.js
23.38.200.201200 OK 14 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/showad.js
IP 23.38.200.201:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (38560)
Hash 0bfae9b18579b7ea0de0abd7c0ffc58f
c2f662ef4cccd27c27ef82686c9ee92b742bc9eb
3fa4e70bb63923f8dd778b7c310e48ec07bbd13ec13ad144d902f8502247f714
GET /AdServer/js/showad.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13968
content-type: text/html
cache-control: max-age=146610
expires: Wed, 01 Feb 2023 13:07:46 GMT
date: Mon, 30 Jan 2023 20:24:16 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.91200 OK 14 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.91:0
File type JSON data\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (38560)
Hash b3541b3723fb39c329f488889c456b65
5b4ae8e69292fb38e61a306b9a571d34429d53dd
b4c12024cd4f3e8594fc95a6f1fe2ae296d3dcb85c381ab4869f5794a23deeb6
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 130292
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 17 kB IP 178.250.0.157:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 1172ec1a586303a0b92dd73a1817021d
88eb8ddacf25cfacac57487964ecc30ffe730304
ea8a561ac2f375296112e4cd30e1197ed96acb8b58be7aacc38929d26e552acc
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=tRxsXl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2U3hqJTJGYVhxWjRKWWd1bk5OY0hKUnpJ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=zZ3H-F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2U0VSUFB5UGxIY09YY3lGVklGd1lkbQ; expires=Sat, 24 Feb 2024 20:24:16 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 358349
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.districtm.io/ids/index.html
54.230.111.22200 OK 116 B URL HTTP/2 cdn.districtm.io/ids/index.html
IP 54.230.111.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 517f2062d883c0ee35479a2da0c50b8c
73aed992d9fe72d54e3e638e51784db91bf345eb
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
GET /ids/index.html HTTP/1.1
Host: cdn.districtm.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 116
last-modified: Thu, 20 May 2021 02:18:27 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 07:11:06 GMT
etag: "517f2062d883c0ee35479a2da0c50b8c"
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SHUNOiG2JknS8cmQhDlA3iL4ymAS8RQwZ-uKQSZ9LQg5h612THU-ug==
age: 47596
X-Firefox-Spdy: h2
ads.betweendigital.com/sspmatch-iframe?crf=1
188.42.34.65200 OK 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe?crf=1
IP 188.42.34.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe?crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Tue, 30 Jan 2024 20:24:16 GMT; Path=/; Domain=.betweendigital.com
tuuid=7c0f0aae-d069-521e-ba38-e11cd9e0c66c; Max-Age=31536000; Expires=Tue, 30 Jan 2024 20:24:16 GMT; Path=/; Domain=.betweendigital.com
ut=Y9gncAALu-i5eypjzvaaaJLKEkT6El_5KxqcZg==; Max-Age=31536000; Expires=Tue, 30 Jan 2024 20:24:16 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
cdn.districtm.io/ids/idsync.d5cb6b96.js
54.230.111.22200 OK 3.3 kB URL HTTP/2 cdn.districtm.io/ids/idsync.d5cb6b96.js
IP 54.230.111.22:0
File type ASCII text, with very long lines (2048)
Hash 74ede07ef946dc2316f86b2661cf2dd3
dee3ae6938bd288ab9519a38eac3c39495a85f0f
196b425485c119046eada45bc1a473e6c35f7f8c5a94824873535de823af517f
GET /ids/idsync.d5cb6b96.js HTTP/1.1
Host: cdn.districtm.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.districtm.io/ids/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3302
last-modified: Thu, 20 May 2021 02:18:27 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 04:05:35 GMT
etag: "74ede07ef946dc2316f86b2661cf2dd3"
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ohdi3Y05tB3ji6-DbF5EzFNrAOul4M_QgMT_Zk5jJDtTdBe6So3VRQ==
age: 58734
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.211.84307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 20:24:16 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 7de6f47c-6510-46b3-9ec3-fd0b6c82fcdc
Set-Cookie: uuid2=7607861042061159714; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 30-Apr-2023 20:24:16 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
dnacdn.net/dna
178.250.0.157200 OK 170 B IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 967136f518ecf76233f0e44a75b83215
7945e97760efd0f35dd37fd5dc550ccc6ac292b9
b94d8bc797a6d016ef9ea4df9f6e73e8c1527e04d0b315d8a944ead156311911
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=tRxsXl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2U3hqJTJGYVhxWjRKWWd1bk5OY0hKUnpJ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=fc7OnV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2VHQlMkIzZGg0eTR5VWZLY29KQlBvd0Y3; expires=Sat, 24 Feb 2024 20:24:16 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 364973
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.211.84307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 20:24:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: d3e7a84a-6934-4919-ac9f-fb54e940a73d
Set-Cookie: uuid2=8743848190822518824; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 30-Apr-2023 20:24:17 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
node.setupad.com/node/node.php
159.89.25.223200 OK 20 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 731
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 30 Jan 2023 20:24:15 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
bh.contextweb.com/visitormatch?reat=1
198.148.27.139200 OK 27 B URL HTTP/2 bh.contextweb.com/visitormatch?reat=1
IP 198.148.27.139:0
File type HTML document, ASCII text
Hash 806d8942eb70ed2d827b12ed2bf44533
b1149d9764ff4a9a7e8698f7a56ed003796d8582
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
GET /visitormatch?reat=1 HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-xcsk8
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
content-type: text/html;charset=iso-8859-1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=3625a0f2221a5b1f; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.211.84200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 20:24:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: e56c4d58-9b05-415f-be0b-177014fb1d54
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ag.gbc.criteo.com/newidsd
178.250.6.59200 OK 82 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.59:0
Hash e4f6f5cc3df25c483c99d9981487435a
c83ab3a21ce634edfae0e35f017b0666e9fef5ae
352a72e4c565ffc7a62588790b300a29bb179bfad7a69231a6249cbf89c4eb60
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 137137
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.211.84307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 20:24:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 09f3cfcd-cacd-4213-a5f4-cc1619d40315
Set-Cookie: uuid2=3584806581521191200; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 30-Apr-2023 20:24:17 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.211.84200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 20:24:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 945c9685-b417-4dae-83cf-1dcf0dabf418
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.211.84307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 20:24:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: a86af67c-b591-4ed4-b148-8c9c12904ee6
Set-Cookie: uuid2=955310204004527606; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 30-Apr-2023 20:24:17 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.211.84200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 20:24:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 07f817e4-aa22-4cab-b602-59883dddfadb
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.211.84307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.211.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Mon, 30 Jan 2023 20:24:17 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: a4ed7df6-a2f7-4274-a03d-d4009335070c
Set-Cookie: uuid2=7298042372896107504; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 30-Apr-2023 20:24:17 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
bh.contextweb.com/visitormatch
198.148.27.139302 Found 0 B URL HTTP/2 bh.contextweb.com/visitormatch
IP 198.148.27.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /visitormatch HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-fgl7r
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: /visitormatch?reat=1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=C4L5iUurNf4U;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Thu, 25-Jan-2024 20:24:16 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=339e510c16f2d3fe; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675110273054&event=plstarttry&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
217.182.102.207200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675110273054&event=plstarttry&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 217.182.102.207:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1675110273054&event=plstarttry&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:19 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Monday, 30-Jan-2023 20:24:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675110273067&event=adsearch&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
217.182.102.207200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675110273067&event=adsearch&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 217.182.102.207:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1675110273067&event=adsearch&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:19 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Monday, 30-Jan-2023 20:24:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675110273294&event=adnotpresent&d=9784&vs=0&aps=4&playerVisible=2&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
217.182.102.207200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675110273294&event=adnotpresent&d=9784&vs=0&aps=4&playerVisible=2&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 217.182.102.207:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1675110273294&event=adnotpresent&d=9784&vs=0&aps=4&playerVisible=2&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:19 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Monday, 30-Jan-2023 20:24:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntn.png?ts=1675110273296&d=9784&mobile=0&bp=0&ap=-1&lin=1&muted=1&fna=1&ab=0&co=0
217.182.102.207200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntn.png?ts=1675110273296&d=9784&mobile=0&bp=0&ap=-1&lin=1&muted=1&fna=1&ab=0&co=0
IP 217.182.102.207:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntn.png?ts=1675110273296&d=9784&mobile=0&bp=0&ap=-1&lin=1&muted=1&fna=1&ab=0&co=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:19 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Monday, 30-Jan-2023 20:24:19 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntr.png?ts=16751102730&vmvp=0&w=9784&vs=1197&vc=27330&mobile=0&aps=4&pv=0&ac=0&plist=2557&widget=808&ab=0&co=0&pod=0&muted=1&initap=3&adcount=1
217.182.102.207200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntr.png?ts=16751102730&vmvp=0&w=9784&vs=1197&vc=27330&mobile=0&aps=4&pv=0&ac=0&plist=2557&widget=808&ab=0&co=0&pod=0&muted=1&initap=3&adcount=1
IP 217.182.102.207:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntr.png?ts=16751102730&vmvp=0&w=9784&vs=1197&vc=27330&mobile=0&aps=4&pv=0&ac=0&plist=2557&widget=808&ab=0&co=0&pod=0&muted=1&initap=3&adcount=1 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:19 GMT
content-type: image/png
content-length: 126
last-modified: Fri, 08 Nov 2019 15:04:48 GMT
set-cookie: nv27330=1; Max-Age=600; SameSite=None; Secure; path=/; domain=.onnetwork.tv
nd1197=1; Max-Age=300; SameSite=None; Secure; path=/; domain=.onnetwork.tv
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDJKl99GiUxTW_EgWFDjLaJZbKFhfaJR-XRLsbQphwHuCXczDlxrDA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:37 GMT
age: 80983
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
IP 172.64.133.15:0
GET /releases/v5.1.1/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:11 GMT
content-type: text/css
x-amz-id-2: mxSO7Y2RUnsqPYTbhYMz4ehQu9Or5UugbOcZ2V1a2j7tq6qzcdsLev13QXqmhu0I9nTcgJ8tGog=
x-amz-request-id: K4043YG95XX5KFDJ
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"01727b5056f65c2ac938f5db4e552b10"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2276354
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAWU3JJh8d6Lykv9JeRyGgaCfouJBwrBfGsgaJUWMPmnlyNGD2pwIKV%2BSC6jPul%2BpPv7IoNX7sNqtw%2BUpM9CZH%2BRqRV1EO%2B36uM90YH%2BoPC5JtLNngm7ay4HG7KEvg2lhQ9r5NVP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791cee014c067190-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/esp.js
104.22.53.86200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.53.86:0
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:14 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: FVMlFSmcD0Wn/+rph/xJPSMD8h1xLItGxMiFojs1e+J1f7LO28QsQCtM5wu1mlkwy4pwPQtZ0SQ=
x-amz-request-id: H5PSQWN45SZ0RJ5Q
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 1427
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 791cee15b967b527-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=uZuMA18wJTJCZlF0SXNmRTJ5RlRtckxrbXRsNVJnU1dVa0tTME1laU9MbHRUQiUyRkkxRHNNbDhBNW11MktoT2piZVh2ZGxTUVBGa0VJZ2E5MzdpRkJwaFpUSFV3WlJBV1FFMUZOWkZJZ3o4NGJ3cDZDNzNKUmN1cmFRYUlMWEglMkIxSG9OdHNTTw&info=zZ3H-F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2U0VSUFB5UGxIY09YY3lGVklGd1lkbQ&idsd=-1473198482,-523350592&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=uZuMA18wJTJCZlF0SXNmRTJ5RlRtckxrbXRsNVJnU1dVa0tTME1laU9MbHRUQiUyRkkxRHNNbDhBNW11MktoT2piZVh2ZGxTUVBGa0VJZ2E5MzdpRkJwaFpUSFV3WlJBV1FFMUZOWkZJZ3o4NGJ3cDZDNzNKUmN1cmFRYUlMWEglMkIxSG9OdHNTTw&info=zZ3H-F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2U0VSUFB5UGxIY09YY3lGVklGd1lkbQ&idsd=-1473198482,-523350592&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=uZuMA18wJTJCZlF0SXNmRTJ5RlRtckxrbXRsNVJnU1dVa0tTME1laU9MbHRUQiUyRkkxRHNNbDhBNW11MktoT2piZVh2ZGxTUVBGa0VJZ2E5MzdpRkJwaFpUSFV3WlJBV1FFMUZOWkZJZ3o4NGJ3cDZDNzNKUmN1cmFRYUlMWEglMkIxSG9OdHNTTw&info=zZ3H-F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2U0VSUFB5UGxIY09YY3lGVklGd1lkbQ&idsd=-1473198482,-523350592&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 691079
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP 104.18.10.207:0
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:11 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 20559736
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791cee00ae441c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 20551850
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791cee00be531c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stpd.cloud/assets/hb/sharemods.js
104.18.30.49200 OK 0 B URL HTTP/2 stpd.cloud/assets/hb/sharemods.js
IP 104.18.30.49:0
GET /assets/hb/sharemods.js HTTP/1.1
Host: stpd.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:11 GMT
content-type: application/javascript
content-md5: bWb7BtXWQtqkkPx7GJ/9MA==
last-modified: Fri, 27 Jan 2023 10:52:24 GMT
vary: Origin, Accept-Encoding
x-ms-request-id: 58433397-201e-0069-5f3d-32c6db000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
age: 2159
expires: Tue, 31 Jan 2023 00:24:11 GMT
cache-control: public, max-age=14400
access-control-allow-origin: *
server: cloudflare
cf-ray: 791cee00c96c1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/widgets/widgetScrollist.js?s=202209160956
217.182.102.207200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/js/widgets/widgetScrollist.js?s=202209160956
IP 217.182.102.207:0
GET /js/widgets/widgetScrollist.js?s=202209160956 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 11:52:32 GMT
vary: Accept-Encoding
etag: W/"63c14600-6a04"
expires: Fri, 18 Aug 2023 20:24:12 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.2.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:24:14 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-162fb"
expires: Tue, 31 Jan 2023 20:24:14 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.91200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.91:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:14 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 105399
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
stpd.cloud/assets/postbid/stpd201221.js
104.18.30.49200 OK 0 B URL HTTP/2 stpd.cloud/assets/postbid/stpd201221.js
IP 104.18.30.49:0
GET /assets/postbid/stpd201221.js HTTP/1.1
Host: stpd.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: application/javascript
content-md5: /FnTyG7mivuubIGMmM4B7Q==
last-modified: Fri, 27 Jan 2023 10:52:18 GMT
vary: Origin, Accept-Encoding
x-ms-request-id: b8087e4b-f01e-0008-603d-32e598000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
age: 5299
expires: Tue, 31 Jan 2023 00:24:12 GMT
cache-control: public, max-age=14400
access-control-allow-origin: *
server: cloudflare
cf-ray: 791cee04ddfd1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.2.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:24:14 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-162fb"
expires: Tue, 31 Jan 2023 20:24:14 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adx.adform.net/adx/?rp=4&bWlkPTUzMzM5OCZ0cmFuc2FjdGlvbklkPThjZWJmNDVmLWRjMGEtNGQxYy04MmEzLTRiYzdiODE3ZGUzNA%3D%3D&pt=gross&stid=01940cc8-9c30-4d6f-870b-f01defca59d0&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjgxMmY4M2FmLTg3ZjMtNDNlNC1hMWUzLWFjODUzZDQxYTIwNCI6WzFdfX0%3D
37.157.4.24200 OK 0 B URL HTTP/2 adx.adform.net/adx/?rp=4&bWlkPTUzMzM5OCZ0cmFuc2FjdGlvbklkPThjZWJmNDVmLWRjMGEtNGQxYy04MmEzLTRiYzdiODE3ZGUzNA%3D%3D&pt=gross&stid=01940cc8-9c30-4d6f-870b-f01defca59d0&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjgxMmY4M2FmLTg3ZjMtNDNlNC1hMWUzLWFjODUzZDQxYTIwNCI6WzFdfX0%3D
IP 37.157.4.24:0
GET /adx/?rp=4&bWlkPTUzMzM5OCZ0cmFuc2FjdGlvbklkPThjZWJmNDVmLWRjMGEtNGQxYy04MmEzLTRiYzdiODE3ZGUzNA%3D%3D&pt=gross&stid=01940cc8-9c30-4d6f-870b-f01defca59d0&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjgxMmY4M2FmLTg3ZjMtNDNlNC1hMWUzLWFjODUzZDQxYTIwNCI6WzFdfX0%3D HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://sharemods.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
54.230.111.210200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 54.230.111.210:0
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Mon, 30 Jan 2023 19:26:30 GMT
last-modified: Wed, 25 Jan 2023 21:28:25 GMT
etag: W/"8a6d0f2d51de2b80e524e04684f71215"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-P1
x-amz-cf-id: W7KfvnOTAPx388A3DLzfxBluLVHQT8fiN7JIVH7Tp7dkun55Fu3bHg==
age: 3464
X-Firefox-Spdy: h2
video.onnetwork.tv/frame86.php?id=ffONNP529826ee5a0936afb86db6b90e468fd216751102661001&iid=1675110265424&e=1&widget=808&lang=7&onnsfonn=1&mid=NTcwODE0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA%3D&wtop=https%253A%252F%252Fsharemods.com%252Fvmlcxededu7o%252FFS19_BizonRekordZ058.zip.html%253Ffbclid%253DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&apop=0&vpop=0&apopa=0&vpopa=0&cId=pid1675110265424&rrpt=%7B%22CxSegments%22%3Anull%7D
137.74.34.12200 OK 0 B URL HTTP/2 video.onnetwork.tv/frame86.php?id=ffONNP529826ee5a0936afb86db6b90e468fd216751102661001&iid=1675110265424&e=1&widget=808&lang=7&onnsfonn=1&mid=NTcwODE0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA%3D&wtop=https%253A%252F%252Fsharemods.com%252Fvmlcxededu7o%252FFS19_BizonRekordZ058.zip.html%253Ffbclid%253DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&apop=0&vpop=0&apopa=0&vpopa=0&cId=pid1675110265424&rrpt=%7B%22CxSegments%22%3Anull%7D
IP 137.74.34.12:0
GET /frame86.php?id=ffONNP529826ee5a0936afb86db6b90e468fd216751102661001&iid=1675110265424&e=1&widget=808&lang=7&onnsfonn=1&mid=NTcwODE0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA%3D&wtop=https%253A%252F%252Fsharemods.com%252Fvmlcxededu7o%252FFS19_BizonRekordZ058.zip.html%253Ffbclid%253DIwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8&apop=0&vpop=0&apopa=0&vpopa=0&cId=pid1675110265424&rrpt=%7B%22CxSegments%22%3Anull%7D HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Mon, 30 Jan 2023 20:24:13 GMT
expires: Mon, 30 Jan 2023 20:24:14 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
feature-policy: fullscreen *; autoplay;
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
date: Mon, 30 Jan 2023 20:24:13 GMT
server: XO.webservant
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.2.146:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:12 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 256210
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.onnetwork.tv/css/player86.css?s=1673963806
217.182.102.207200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/css/player86.css?s=1673963806
IP 217.182.102.207:0
GET /css/player86.css?s=1673963806 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:13 GMT
content-type: text/css
last-modified: Tue, 17 Jan 2023 13:56:46 GMT
vary: Accept-Encoding
etag: W/"63c6a91e-b317"
expires: Fri, 18 Aug 2023 20:24:13 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.onnetwork.tv/css/roboto.css
217.182.102.207200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/css/roboto.css
IP 217.182.102.207:0
GET /css/roboto.css HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Mon, 30 Jan 2023 20:24:13 GMT
content-type: text/css
last-modified: Thu, 01 Jul 2021 08:44:40 GMT
vary: Accept-Encoding
etag: W/"60dd8078-194c"
expires: Fri, 18 Aug 2023 20:24:13 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
bh.contextweb.com/visitormatch
198.148.27.139302 Found 0 B URL HTTP/2 bh.contextweb.com/visitormatch
IP 198.148.27.139:0
GET /visitormatch HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-h7n2s
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: /visitormatch?reat=1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=Kvax2o2xg7zG;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Thu, 25-Jan-2024 20:24:16 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=6179ee1e88d3e4e8; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=ujo2W18wJTJCZlF0SXNmRTJ5RlRtckxrbXRsNWJTck5LSkx4anlKViUyQkxaNzV2VVVrYmFUNmIwMnluajhUYXVmVmclMkZKT2Q1JTJCdUlwVU1WWSUyQjFYeWlYSURkU29Bb1pMUm5yTlk0R3ZJJTJCSFA2RmFjb1hmeCUyQkFCR2tGaHRiVG9uUVdOV1o4V3klMkI&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=ujo2W18wJTJCZlF0SXNmRTJ5RlRtckxrbXRsNWJTck5LSkx4anlKViUyQkxaNzV2VVVrYmFUNmIwMnluajhUYXVmVmclMkZKT2Q1JTJCdUlwVU1WWSUyQjFYeWlYSURkU29Bb1pMUm5yTlk0R3ZJJTJCSFA2RmFjb1hmeCUyQkFCR2tGaHRiVG9uUVdOV1o4V3klMkI&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=ujo2W18wJTJCZlF0SXNmRTJ5RlRtckxrbXRsNWJTck5LSkx4anlKViUyQkxaNzV2VVVrYmFUNmIwMnluajhUYXVmVmclMkZKT2Q1JTJCdUlwVU1WWSUyQjFYeWlYSURkU29Bb1pMUm5yTlk0R3ZJJTJCSFA2RmFjb1hmeCUyQkFCR2tGaHRiVG9uUVdOV1o4V3klMkI&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 1523092
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.1.1/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.1.1/css/all.css
IP 172.64.133.15:0
GET /releases/v5.1.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:11 GMT
content-type: text/css
x-amz-id-2: 97tj2z04b4usB7JjD3sNAwe62WJ9JT6WzbwusvQaPMotgnfqHo+RQqbh+biGiSQjHfkXKUWUHhA=
x-amz-request-id: WCYT6CTEVDKN3HZC
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"597b70b2ce6b1483f72526c906918fe9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 363585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVCooHT0kjnG%2FKZ1Eu8gMXUn5xSqsAMwtKDd11WjQjUy6fpkVNQRH%2FmDmZIgsJHNL2cqtDAOzCaH%2Bxf%2BXvB0q8MTw7NzAhoex0qhIun2KIK0eqMqVH44l2D%2F7jmSYAvsFxlaCWXp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791cee018c947190-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=P7HaLF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2UW5wbFVURWJGTHVFaktEVXgyb2tVaw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:14 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=a4q86F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2VDFXSG9sakdKRVN2Y2g4M0w2eXpqRA; expires=Sat, 24 Feb 2024 20:24:15 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 345803
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=P7HaLF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2UW5wbFVURWJGTHVFaktEVXgyb2tVaw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:14 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=tRxsXl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czZSekYlMkJ4S3JUaDFXYVJlbVBIaEs2U3hqJTJGYVhxWjRKWWd1bk5OY0hKUnpJ; expires=Sat, 24 Feb 2024 20:24:15 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 370227
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.ids.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.ids.js
IP 178.250.2.130:0
GET /js/ld/publishertag.ids.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 20:24:15 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-9c1f"
expires: Tue, 31 Jan 2023 20:24:15 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
bh.contextweb.com/visitormatch
198.148.27.139302 Found 0 B URL HTTP/2 bh.contextweb.com/visitormatch
IP 198.148.27.139:0
GET /visitormatch HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-tn22h
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: /visitormatch?reat=1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=CgelDSd3jrDH;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Thu, 25-Jan-2024 20:24:16 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=1b2ae3670274db47; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
sharemods.com/vmlcxededu7o/FS19_BizonRekordZ058.zip.html?fbclid=IwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8
104.26.11.194200 OK 0 B URL HTTP/2 sharemods.com/vmlcxededu7o/FS19_BizonRekordZ058.zip.html?fbclid=IwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8
IP 104.26.11.194:0
GET /vmlcxededu7o/FS19_BizonRekordZ058.zip.html?fbclid=IwAR27QtAhH4eW42s6WOOs3AFnPZmWyoT7nCpxEI1cJQWoVUowUBNgpu5lWe8 HTTP/1.1
Host: sharemods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:11 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Sun, 29 Jan 2023 20:24:11 GMT
set-cookie: affiliate=G4Qtfw3tB4QMJS9voUK5Hzw6A5N8C7w%2FLXvZE3G5ioBX2guon1wbIf9jTyZv6c5IPlTzYAHlj%2FDIBEnKa1nheZJrZNsnxPDuTAEDRg%3D%3D; domain=.sharemods.com; path=/; expires=Mon, 13-Feb-2023 20:24:11 GMT
lang=english; domain=.sharemods.com; path=/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2FEyxGprHWYzawQ%2BlXSjD4Whq9OS7lcRRfa%2Fsvrv%2BMPQ8BheH6dU7R%2Fk4zqpF8ceij9O6LTUrfWVl6NYbTEcEMvmAruRIk4yplM4BwskEdiynrzbidg%2FujzxjiMQ6%2Bg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791cedfe1f1b1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bh.contextweb.com/visitormatch?reat=1
198.148.27.139200 OK 0 B URL HTTP/2 bh.contextweb.com/visitormatch?reat=1
IP 198.148.27.139:0
GET /visitormatch?reat=1 HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-m8kzc
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
content-type: text/html;charset=iso-8859-1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=14adb2777103489d; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.59200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.59:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 20:24:15 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 155523
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2