ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 84da2775fd574a7e475affe9d024e951
cc2da97f96b631af451a74e980a53937932a141e
6acecf3111ae491738373ad638c81f69031dc28805aa0b5b8c00746a9e989d08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 20:35:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.nitropay.com/1.gif?x=1&adslot=
104.18.2.78200 OK 42 B URL GET HTTP/3 s.nitropay.com/1.gif?x=1&adslot=
IP 104.18.2.78:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintFF:E0:CE:2D:DB:8C:14:91:BC:B8:DE:9F:24:62:06:3E:6F:69:EC:55
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /1.gif?x=1&adslot= HTTP/1.1
Host: s.nitropay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=.wulnWzaL_dEksZxByrJFVMrSXIoXW_W2dRY6CxuJ_E-1692477342-0-AUFoX27AVirx3KJVXggPgWna0Q7zxqhZXfQcjDQ2z2s/cqNqjZ+IRQlAjRNDjV9g8yAkbO0tspCKsgi8BstIWjg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:42 GMT
content-type: image/gif
content-length: 42
x-guploader-uploadid: ADPycduJ5x5Xn00lA4iwT_KCAu2dIQwgKERrrv3EFb0fkCXPKUuyyeXZaBfYT4CCfUKCA1CTZSReLYzRPDF5Gplc_KvmuA
cache-control: public, max-age=604800
expires: Fri, 25 Aug 2023 19:55:38 GMT
last-modified: Fri, 22 Jan 2021 08:58:45 GMT
etag: "d89746888da2d9510b64a9f031eaecd5"
x-goog-generation: 1611305925409947
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 42
x-goog-meta-:
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-hash: crc32c=ljrbyA==, md5=2JdGiI2i2VELZKnwMers1Q==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 88801
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 7f952f3efcaab4ed-OSL
easymc.io/static/js/2.84d33f18.chunk.js
172.67.138.103200 OK 435 kB URL GET HTTP/3 easymc.io/static/js/2.84d33f18.chunk.js
IP 172.67.138.103:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerLet's Encrypt
Subjecteasymc.io
FingerprintBF:26:16:CF:7C:FC:F2:81:2D:E1:E7:F7:6F:14:70:9E:F9:81:B5:1F
ValiditySat, 19 Aug 2023 09:23:34 GMT - Fri, 17 Nov 2023 09:23:33 GMT
File type gzip compressed data, from Unix\012- data
Size 435 kB (435075 bytes)
Hash 0f1ca1ce3288ff0d2302d0669dce1a31
07ae2fe116cbf21421b4a3220349e2151f6d2054
75edbda061c3bc588241a008887bc2c0254f3d0b7643f97b83e029a870091853
GET /static/js/2.84d33f18.chunk.js HTTP/1.1
Host: easymc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/client/EasyMC.exe?1608595200031/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:42 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"376c18b2e07ae14bef73811be6e4a3d5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvZFR36qUkR5lKnTkIhZCf3rjtv84Fc7EZWn4XanazdWw2BRnJ3zWaF7XjAk3CDYgwxie1Dfr7mp1fWaSxR2cZtoCkWgMfT4Y8oLK3SNEHSm%2FeSf4QPNbv60yeA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 762
server: cloudflare
cf-ray: 7f952f3cfcc7b4f7-OSL
alt-svc: h3=":443"; ma=86400
easymc.io/ads/px.gif?ch=1&0.40166219486392496&adslot=
172.67.138.103200 OK 56 B URL GET HTTP/3 easymc.io/ads/px.gif?ch=1&0.40166219486392496&adslot=
IP 172.67.138.103:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerLet's Encrypt
Subjecteasymc.io
FingerprintBF:26:16:CF:7C:FC:F2:81:2D:E1:E7:F7:6F:14:70:9E:F9:81:B5:1F
ValiditySat, 19 Aug 2023 09:23:34 GMT - Fri, 17 Nov 2023 09:23:33 GMT
File type GIF image data, version 89a, 2 x 2\012- data
Hash a0bee492131e81dde452fd4d3322f1ea
bd6d9bc2324a0d1d834620dc1593060e75daca30
83bad44087c870f55916391b2096573b21d085a58ea975adc3848aae9468aa87
GET /ads/px.gif?ch=1&0.40166219486392496&adslot= HTTP/1.1
Host: easymc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/client/EasyMC.exe?1608595200031/
DNT: 1
Connection: keep-alive
Cookie: _pbjs_userid_consent_data=3524755945110770
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:42 GMT
content-type: image/gif
content-length: 56
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "b7edd133e7769aaf7bd052a7728ed8d7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8N%2FVTHuMlJllZOyRUEazL0rH1yi%2Bu9NDgWZzyTpwcxSf789gggFQznAOk0ZSK%2Ba8VEo1M9IKHSlGSYKKfhqZI7Roz%2FVOD%2FVvtfscGG7ooBltSdBTNsHWrCegas%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 7f952f407acab4f7-OSL
alt-svc: h3=":443"; ma=86400
tracker.nitropay.com/sites/461/analytics?ab=eyJocmVmIjoiaHR0cHM6Ly9lYXN5bWMuaW8vY2xpZW50L0Vhc3lNQy5leGU%2FMTYwODU5NTIwMDAzMS8iLCJ2Ijo2MywiYSI6ZmFsc2UsInMiOnRydWV9
104.18.2.78200 OK 0 B URL GET HTTP/2 tracker.nitropay.com/sites/461/analytics?ab=eyJocmVmIjoiaHR0cHM6Ly9lYXN5bWMuaW8vY2xpZW50L0Vhc3lNQy5leGU%2FMTYwODU5NTIwMDAzMS8iLCJ2Ijo2MywiYSI6ZmFsc2UsInMiOnRydWV9
IP 104.18.2.78:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintFF:E0:CE:2D:DB:8C:14:91:BC:B8:DE:9F:24:62:06:3E:6F:69:EC:55
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sites/461/analytics?ab=eyJocmVmIjoiaHR0cHM6Ly9lYXN5bWMuaW8vY2xpZW50L0Vhc3lNQy5leGU%2FMTYwODU5NTIwMDAzMS8iLCJ2Ijo2MywiYSI6ZmFsc2UsInMiOnRydWV9 HTTP/1.1
Host: tracker.nitropay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Aug 2023 20:35:42 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=MwXIBHB8uptW7J56VdjFyv_FtyEMWZCEbrwGLSX6zn8-1692477342-0-AVmj3JYXJ3rL3z0al5gd70i9uIxDZ13V9UJGnMq6TWv65HuEWdso6jg2vnxdE6VUHXDZFy+LLmpaOAauiq2XrFc=; path=/; expires=Sat, 19-Aug-23 21:05:42 GMT; domain=.nitropay.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 7f952f408fdab4f4-OSL
X-Firefox-Spdy: h2
easymc.io/static/media/skins.e9ce5901.jpg
172.67.138.103200 OK 36 kB URL GET HTTP/3 easymc.io/static/media/skins.e9ce5901.jpg
IP 172.67.138.103:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerLet's Encrypt
Subjecteasymc.io
FingerprintBF:26:16:CF:7C:FC:F2:81:2D:E1:E7:F7:6F:14:70:9E:F9:81:B5:1F
ValiditySat, 19 Aug 2023 09:23:34 GMT - Fri, 17 Nov 2023 09:23:33 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 533x310, components 3\012- data
Hash e9ce590131a9c3b70f89d05e54383175
7de5c2d338e7485c856a8d7d10e014da9f722819
6171caccf38dc3f9e16c7f5442debb86013e852d5b1501fcd3ab8021bb444ce2
GET /static/media/skins.e9ce5901.jpg HTTP/1.1
Host: easymc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/client/EasyMC.exe?1608595200031/
DNT: 1
Connection: keep-alive
Cookie: _pbjs_userid_consent_data=3524755945110770
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:42 GMT
content-type: image/jpeg
content-length: 35840
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "cd3be61a4a3ac39300bf8d484a00a8f7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1RKO79SqPjIrnHXjNR7TnU2uYTDslAhreqhlrdD%2B2rqRbvlAQxXPXVG6807R5NOhX9Q4uMjSrTJtTzKQ6EIJDHJ7PXcp733b0yQxWqmqC8RjsZ4b%2BrCAPNujppiXzR0HhOKq%2BqkDNSM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 4547
accept-ranges: bytes
server: cloudflare
cf-ray: 7f952f418cb5b4f7-OSL
alt-svc: h3=":443"; ma=86400
easymc.io/static/media/modpacks.8edf645a.jpg
172.67.138.103200 OK 52 kB URL GET HTTP/3 easymc.io/static/media/modpacks.8edf645a.jpg
IP 172.67.138.103:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerLet's Encrypt
Subjecteasymc.io
FingerprintBF:26:16:CF:7C:FC:F2:81:2D:E1:E7:F7:6F:14:70:9E:F9:81:B5:1F
ValiditySat, 19 Aug 2023 09:23:34 GMT - Fri, 17 Nov 2023 09:23:33 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 396x376, components 3\012- data
Hash 8edf645a14db0c87f5c8725ee3fad12e
94729c11da71e8f3cc9bccbf57084aabb25c5d48
141fccbd55b8434eec1f7d49aa4f626e4cf98491315552d7302d789804e3da30
GET /static/media/modpacks.8edf645a.jpg HTTP/1.1
Host: easymc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/client/EasyMC.exe?1608595200031/
DNT: 1
Connection: keep-alive
Cookie: _pbjs_userid_consent_data=3524755945110770
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:42 GMT
content-type: image/jpeg
content-length: 51787
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "07fa3da7087d984145f5cc6a6ec6e769"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zUGTAQJdKTxGnH84k22HcRZCWanaZ%2Fd8b4N7dNx0aT6iwWXT4i9cbFuDF6%2B5fJv3tBOOWMIe4bTC177ml8KkemKb7YPV%2BKO7A9%2BIlUHAFQNHKDbpBW54D0b%2Bwdpj9NPhjr6SojsfAA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 4547
accept-ranges: bytes
server: cloudflare
cf-ray: 7f952f418cb3b4f7-OSL
alt-svc: h3=":443"; ma=86400
easymc.io/static/media/clients.f2b9dae3.jpg
172.67.138.103200 OK 40 kB URL GET HTTP/3 easymc.io/static/media/clients.f2b9dae3.jpg
IP 172.67.138.103:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerLet's Encrypt
Subjecteasymc.io
FingerprintBF:26:16:CF:7C:FC:F2:81:2D:E1:E7:F7:6F:14:70:9E:F9:81:B5:1F
ValiditySat, 19 Aug 2023 09:23:34 GMT - Fri, 17 Nov 2023 09:23:33 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 489x366, components 3\012- data
Hash f2b9dae3b88ef10afe17ee84cbe342c1
21b54ca3a31fd5acde38439ba7fd36164382d284
30472eafbbb5cdd68c6cec6d2ebcb8c435d254d93dbd1eb1e94c84ba7e2f2800
GET /static/media/clients.f2b9dae3.jpg HTTP/1.1
Host: easymc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/client/EasyMC.exe?1608595200031/
DNT: 1
Connection: keep-alive
Cookie: _pbjs_userid_consent_data=3524755945110770
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:42 GMT
content-type: image/jpeg
content-length: 39579
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: "6b49744f2e0d8363ef16c96d955d3291"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3VjmuDE%2BePgD1HUUYC%2FevBCw8KF0tOEVggpLjdcLi%2BNioQjmtFXvJPypQIlFyj1RdssrvQGU3xoSX6Xnf69udIX29VV5rdbL%2BsUp8P1as2q4mfRjxV%2FSv4UZjHpMeVK8q4vPwSyJI8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: HIT
age: 4547
accept-ranges: bytes
server: cloudflare
cf-ray: 7f952f418cbfb4f7-OSL
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 6ae7c42061efe3d8e03447df20c45991
ae96c94a5397c555bcc1954e9e680059a4ce2cda
6e28249b71bafc7049ad4162cb328d8bc805f2c5819d671b13029c17d2c7372e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 20:35:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.nitropay.com/gpp-8a63835.min.js
104.18.2.78200 OK 127 kB URL GET HTTP/3 s.nitropay.com/gpp-8a63835.min.js
IP 104.18.2.78:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintFF:E0:CE:2D:DB:8C:14:91:BC:B8:DE:9F:24:62:06:3E:6F:69:EC:55
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Size 127 kB (127268 bytes)
Hash 908462df7ddb4787f54f8bef92e0b6d0
256f1af0df61b5e45a2bff19c068c6846164dc2f
918db7cc7b6a946614b7c0d28ae3d698b32f11def404e6a65e09c6fc04bb7c5e
GET /gpp-8a63835.min.js HTTP/1.1
Host: s.nitropay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=.wulnWzaL_dEksZxByrJFVMrSXIoXW_W2dRY6CxuJ_E-1692477342-0-AUFoX27AVirx3KJVXggPgWna0Q7zxqhZXfQcjDQ2z2s/cqNqjZ+IRQlAjRNDjV9g8yAkbO0tspCKsgi8BstIWjg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:42 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsK3sHtNaqnvIxFPkO1fW6tKi2uFeou3FWeFlLuOasSI-vwQ2MC8Fhwz_nAdtj9J4vUC8NtYrYP7NC5UzR-BWb1PA
cache-control: public, max-age=604800
expires: Fri, 25 Aug 2023 19:55:38 GMT
last-modified: Thu, 17 Aug 2023 18:19:49 GMT
etag: W/"d26180cddbd93db7a4e540d61477ac4e"
x-goog-generation: 1692296389646291
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 259616
x-goog-hash: crc32c=7PVRRA==, md5=0mGAzdvZPbek5UDWFHesTg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 88803
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 7f952f3fee2ab4ed-OSL
content-encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 6ae7c42061efe3d8e03447df20c45991
ae96c94a5397c555bcc1954e9e680059a4ce2cda
6e28249b71bafc7049ad4162cb328d8bc805f2c5819d671b13029c17d2c7372e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 20:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 5b83279f087bc1d3b70b7dcda32443ef
c028ba0146561271ccdd6eab7d5802deb0a5d473
d5656413f43f353f78b3f4a79568f56c37105b7e2b070f7da5d6bd1782dc6e54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 20:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 5b83279f087bc1d3b70b7dcda32443ef
c028ba0146561271ccdd6eab7d5802deb0a5d473
d5656413f43f353f78b3f4a79568f56c37105b7e2b070f7da5d6bd1782dc6e54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 20:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
142.250.74.35200 OK 26 kB URL GET HTTP/2 fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
IP 142.250.74.35:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT
File type Web Open Font Format (Version 2), TrueType, length 25672, version 1.0\012- data
Hash fe3e5be2baa0126122ba9367ebab73c8
40bec99106dfab5f3721ed725483eb618a9016cd
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
GET /s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://easymc.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25672
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 14:52:38 GMT
expires: Fri, 16 Aug 2024 14:52:38 GMT
cache-control: public, max-age=31536000
age: 193385
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=1&e=0.3403706363691663
172.67.69.19200 OK 43 B URL GET HTTP/2 ad-delivery.net/px.gif?ch=1&e=0.3403706363691663
IP 172.67.69.19:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:7E:C3:56:0A:04:84:BD:24:32:3D:C3:8E:66:52:26:37:E8:90:D3
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.3403706363691663 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Aug 2023 20:35:43 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdtY6bHNT-C3oV3Hsxs3dXqjj9jRsXa2NHnShbxO-2mXjC-oq1fI7t0L1PpyltODw8DDzutke8pkQKsGzdFMQciO0Q
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sun, 13 Aug 2023 21:07:12 GMT
cache-control: public, max-age=86400
age: 519316
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDXzYUrhl2rPNh8bD4iLMAuEJxUR0ZqJ1CH%2BBTU2XDHrfRByurYA9QjLMi0Euzq4wG25rHNCQ0LzN%2BBDqd%2BEQ1VrCcfEoB9seBGgSNckw5MbxIWmlH77n1VuGv4krJl1hA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f952f430fcab529-OSL
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=2
172.67.69.19200 OK 43 B URL GET HTTP/2 ad-delivery.net/px.gif?ch=2
IP 172.67.69.19:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintD9:7E:C3:56:0A:04:84:BD:24:32:3D:C3:8E:66:52:26:37:E8:90:D3
ValiditySun, 19 Feb 2023 00:00:00 GMT - Mon, 19 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Aug 2023 20:35:43 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdtY6bHNT-C3oV3Hsxs3dXqjj9jRsXa2NHnShbxO-2mXjC-oq1fI7t0L1PpyltODw8DDzutke8pkQKsGzdFMQciO0Q
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sun, 13 Aug 2023 21:07:12 GMT
cache-control: public, max-age=86400
age: 519316
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hl55yoQ8oCMHwDwk%2BXfznL8mDbuJA6vTVmzcymlQhnCJ0B26bxfex3HrkG5nV8SzVOUl1DeKJEROxhKl1w8kLiRdSA%2FY6hHKzL4R5WundFSvYXgGCMFAOdmbc4IYvyd1uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f952f430fd3b529-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/karla/v30/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
142.250.74.35200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/karla/v30/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
IP 142.250.74.35:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT
File type Web Open Font Format (Version 2), TrueType, length 24276, version 1.0\012- data
Hash 4d6edb3c3dcf2f0f42e455c901d73a33
ff05ba6c18d004244de00cc706f5823366574cad
ea534e6a2346477e2d7d449df346a86465908c4469c4447a1db41b64627348c2
GET /s/karla/v30/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://easymc.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 05:08:55 GMT
expires: Fri, 16 Aug 2024 05:08:55 GMT
cache-control: public, max-age=31536000
age: 228408
last-modified: Mon, 08 May 2023 22:55:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
142.250.74.35200 OK 26 kB URL GET HTTP/2 fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
IP 142.250.74.35:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT
File type Web Open Font Format (Version 2), TrueType, length 25672, version 1.0\012- data
Hash fe3e5be2baa0126122ba9367ebab73c8
40bec99106dfab5f3721ed725483eb618a9016cd
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
GET /s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://easymc.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25672
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 14:52:38 GMT
expires: Fri, 16 Aug 2024 14:52:38 GMT
cache-control: public, max-age=31536000
age: 193385
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/karla/v30/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
142.250.74.35200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/karla/v30/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
IP 142.250.74.35:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT
File type Web Open Font Format (Version 2), TrueType, length 24276, version 1.0\012- data
Hash 4d6edb3c3dcf2f0f42e455c901d73a33
ff05ba6c18d004244de00cc706f5823366574cad
ea534e6a2346477e2d7d449df346a86465908c4469c4447a1db41b64627348c2
GET /s/karla/v30/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://easymc.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Aug 2023 05:08:55 GMT
expires: Fri, 16 Aug 2024 05:08:55 GMT
cache-control: public, max-age=31536000
age: 228408
last-modified: Mon, 08 May 2023 22:55:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
consent.nitrocnct.com/additional-consent-providers.csv
104.21.33.230200 OK 119 kB URL GET HTTP/2 consent.nitrocnct.com/additional-consent-providers.csv
IP 104.21.33.230:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerLet's Encrypt
Subjectnitrocnct.com
Fingerprint59:E0:BD:6D:66:DD:C3:A3:9C:E3:91:AC:B2:1D:86:D2:FC:E3:AC:6B
ValidityThu, 29 Jun 2023 20:46:40 GMT - Wed, 27 Sep 2023 20:46:39 GMT
File type CSV text\012- , Unicode text, UTF-8 text, with very long lines (3438)
Size 119 kB (119221 bytes)
Hash 81f96867523b7ea4a2f05a62b9fdf1c7
56de3daf870fcd9e64797a97a859a34c30ce1e06
f2f17bc9f046ebdef7a9a75a449e88da020439f4871d5dd54eed4ff9cc2536c1
GET /additional-consent-providers.csv HTTP/1.1
Host: consent.nitrocnct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
Origin: https://easymc.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Aug 2023 20:35:43 GMT
content-type: text/csv
content-length: 119221
x-guploader-uploadid: ADPycdsLz9_W0LFAK3MXwzQge5NLdpzi2Aqzms2GI0g-_4WMwijnGvWh9zOwbBENS0CIEvi3Ds1KUAcw-qEGqocI4bgrvwtfC5Wd
x-goog-generation: 1689147090287559
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 119221
x-goog-hash: crc32c=x8iKUw==, md5=gfloZ1I7fqSi8Fpiuf3xxw==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 19 Aug 2023 20:26:09 GMT
cache-control: public, max-age=3600
age: 2508
last-modified: Wed, 12 Jul 2023 07:31:30 GMT
etag: "81f96867523b7ea4a2f05a62b9fdf1c7"
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYLkwYhjnec7mQjzQc%2Bb0T58DOaoIvhLsu1BK8Y97IsfFor%2BWgjLf25aw3s9S0KwcM7j4cGY2rQiUVrzbTBgX6Gh2FClKY5DzQQG4bPyikSy1GF7JEghveohRQbG6%2FBz4SbOqWMN4ZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f952f4339600b31-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/_L_waTtXLZ4
142.250.74.131 472 B URL ocsp.pki.goog/s/gts1d4/_L_waTtXLZ4
IP 142.250.74.131:0
Hash 19d934732fb51865b5c6c311ed2f68d7
925a86af9a0d5c316cf43ae7d2f20c81b90fa48f
6e7cfb97ddf4334b29647f07cf17986a0b5ea3dec4fc80917675e5b93e7eccd8
POST /s/gts1d4/_L_waTtXLZ4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 20:35:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 5b83279f087bc1d3b70b7dcda32443ef
c028ba0146561271ccdd6eab7d5802deb0a5d473
d5656413f43f353f78b3f4a79568f56c37105b7e2b070f7da5d6bd1782dc6e54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 20:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
consent.nitrocnct.com/vendor-list-combo.json
104.21.33.230200 OK 80 kB URL GET HTTP/2 consent.nitrocnct.com/vendor-list-combo.json
IP 104.21.33.230:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerLet's Encrypt
Subjectnitrocnct.com
Fingerprint59:E0:BD:6D:66:DD:C3:A3:9C:E3:91:AC:B2:1D:86:D2:FC:E3:AC:6B
ValidityThu, 29 Jun 2023 20:46:40 GMT - Wed, 27 Sep 2023 20:46:39 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65513), with no line terminators
Hash 9ff8517ff55b052f4683e0ea451010a0
3ac25dca2d876182149fbed5f15e2284cc493594
3d7fcb3ef67b68238c533cffc601586f14197915781ea3fa7f94715fbea9b8e5
GET /vendor-list-combo.json HTTP/1.1
Host: consent.nitrocnct.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
Origin: https://easymc.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Aug 2023 20:35:43 GMT
content-type: application/json
x-guploader-uploadid: ADPycdtnKJtCO_tCFAEKmBMHBfX-Ezjr1bUIPFJAzZSjWkuIXpe3asK4UU-dLkFmQAxSa9LPY7OSwlef0aaBOeipCGIWxw
x-goog-generation: 1692288904302891
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 611961
x-goog-hash: crc32c=KZc4yg==, md5=n/hRf/VbBS9Gg+DqRRAQoA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Origin, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 26 Aug 2023 11:50:21 GMT
cache-control: public, max-age=604800
age: 30987
last-modified: Thu, 17 Aug 2023 16:15:04 GMT
etag: W/"9ff8517ff55b052f4683e0ea451010a0"
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58kq0JKJsOUWx9hkFerCb4bz3u44ZDHhBkwn13n%2FQN9AXJ7wp%2BA%2Fwvv%2BKMMZ%2FbALahXzgzpuUBnrr4V%2BtoNgON7JZAgsrtL4uGCtxztK1hKm1lRPxc2XfPHQpBVV4IVMzloHCjRCrI8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7f952f4339670b31-OSL
content-encoding: br
X-Firefox-Spdy: h2
s.nitropay.com/cmp/lang.png
104.18.2.78200 OK 1.9 kB URL GET HTTP/3 s.nitropay.com/cmp/lang.png
IP 104.18.2.78:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintFF:E0:CE:2D:DB:8C:14:91:BC:B8:DE:9F:24:62:06:3E:6F:69:EC:55
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT
File type PNG image data, 20 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash ca072a3965f49a2c242c45d535163a53
365e8c94931edd4bb5548861d856390662fc39bb
eda5ec1c59939f001bdc15f557f3a905110aac0a60afc5a1eb92d8cdc2d2cbb5
GET /cmp/lang.png HTTP/1.1
Host: s.nitropay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=.wulnWzaL_dEksZxByrJFVMrSXIoXW_W2dRY6CxuJ_E-1692477342-0-AUFoX27AVirx3KJVXggPgWna0Q7zxqhZXfQcjDQ2z2s/cqNqjZ+IRQlAjRNDjV9g8yAkbO0tspCKsgi8BstIWjg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:43 GMT
content-type: image/png
content-length: 1887
x-guploader-uploadid: ADPycdtgawWG6R0W0SXCEhke9Xy5WoFjO8ZQgjHS0d7BWAwOtlCSkAMI6xspqIvqiZ63LPWHlQ51rpI7If8k7yBSb5om
expires: Sat, 19 Aug 2023 20:56:38 GMT
cache-control: public, max-age=3600
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
etag: "ca072a3965f49a2c242c45d535163a53"
x-goog-generation: 1666344058779792
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1887
x-goog-hash: crc32c=7x+tRA==, md5=ygcqOWX0miwkLEXVNRY6Uw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2273
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 7f952f457805b4ed-OSL
s.nitropay.com/cmp/logo.png
104.18.2.78200 OK 2.6 kB URL GET HTTP/3 s.nitropay.com/cmp/logo.png
IP 104.18.2.78:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintFF:E0:CE:2D:DB:8C:14:91:BC:B8:DE:9F:24:62:06:3E:6F:69:EC:55
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT
File type PNG image data, 80 x 62, 8-bit/color RGBA, non-interlaced\012- data
Hash 940aa5b81e99bbb7414acc474a89bad9
e19998a580400a11fe57b72acb87e6eb27fbf1ee
6d8fea63a817b75ec9bfbc153b60b576dd31392e4d2afbec0d83cc813f8aca4d
GET /cmp/logo.png HTTP/1.1
Host: s.nitropay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=.wulnWzaL_dEksZxByrJFVMrSXIoXW_W2dRY6CxuJ_E-1692477342-0-AUFoX27AVirx3KJVXggPgWna0Q7zxqhZXfQcjDQ2z2s/cqNqjZ+IRQlAjRNDjV9g8yAkbO0tspCKsgi8BstIWjg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:43 GMT
content-type: image/png
content-length: 2592
x-guploader-uploadid: ADPycdtYkBEXsa2CLxRKKfMyCRv95tLc3c0a2X2aDZ3K_jRI7XTN2j_ZeDZ7qaayAJf_qMUQYRg2jxqgv6ELlnJrBkd5UQ
x-goog-generation: 1666344058842900
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2592
x-goog-hash: crc32c=naGVVg==, md5=lAqluB6Zu7dBSsxHSom62Q==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 19 Aug 2023 20:56:38 GMT
cache-control: public, max-age=3600
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
etag: "940aa5b81e99bbb7414acc474a89bad9"
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2273
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 7f952f45780db4ed-OSL
api.btloader.com/mw/state?bt_env=prod
130.211.23.194204 No Content 0 B URL GET HTTP/2 api.btloader.com/mw/state?bt_env=prod
IP 130.211.23.194:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerGoogle Trust Services LLC
Subjectapi.btloader.com
Fingerprint5B:D8:2A:4B:41:13:52:77:BA:2E:03:62:E1:28:7D:54:87:04:7E:6E
ValidityFri, 11 Aug 2023 17:31:00 GMT - Thu, 09 Nov 2023 18:23:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /mw/state?bt_env=prod HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
Origin: https://easymc.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
access-control-allow-origin: *
vary: Origin
date: Sat, 19 Aug 2023 20:35:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/_L_waTtXLZ4
142.250.74.131 472 B URL ocsp.pki.goog/s/gts1d4/_L_waTtXLZ4
IP 142.250.74.131:0
Hash 19d934732fb51865b5c6c311ed2f68d7
925a86af9a0d5c316cf43ae7d2f20c81b90fa48f
6e7cfb97ddf4334b29647f07cf17986a0b5ea3dec4fc80917675e5b93e7eccd8
POST /s/gts1d4/_L_waTtXLZ4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 20:35:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash c9381a4c7808389b738843cf86ba10ee
962f70d1024aef8ec4b87a02abf4a3fcafede368
256d71715a24d3a3d8bc0d69da27236aa7aa76b0e84c5800805e14292797bd88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 20:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8D4FHV4N0X&cid=1020617597.1692477337>m=45je38g0&aip=1&z=872379167
142.250.74.163200 OK 42 B URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8D4FHV4N0X&cid=1020617597.1692477337>m=45je38g0&aip=1&z=872379167
IP 142.250.74.163:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint24:E7:8A:DA:AC:01:E8:B2:D7:78:3E:1A:9A:39:BE:70:0E:4A:47:EF
ValidityMon, 31 Jul 2023 08:24:38 GMT - Mon, 23 Oct 2023 08:24:37 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8D4FHV4N0X&cid=1020617597.1692477337>m=45je38g0&aip=1&z=872379167 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 20:35:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash c9381a4c7808389b738843cf86ba10ee
962f70d1024aef8ec4b87a02abf4a3fcafede368
256d71715a24d3a3d8bc0d69da27236aa7aa76b0e84c5800805e14292797bd88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Aug 2023 20:35:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.btloader.com/country
130.211.23.194200 OK 16 B IP 130.211.23.194:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerGoogle Trust Services LLC
Subjectapi.btloader.com
Fingerprint5B:D8:2A:4B:41:13:52:77:BA:2E:03:62:E1:28:7D:54:87:04:7E:6E
ValidityFri, 11 Aug 2023 17:31:00 GMT - Thu, 09 Nov 2023 18:23:53 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 452880c1a375b8fba8c9499f0930d05f
ffe5484a23512c2a574d837fe2d3267b134e48c8
8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d
GET /country HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
Origin: https://easymc.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Sat, 19 Aug 2023 20:35:43 GMT
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.btloader.com/pv?tid=G95ql4n6&w=6192809940877312&o=6278260873756672&cv=2.1.17-2-g0b33bd3&r=false&vr=1280x1024&pageURL=https%3A%2F%2Feasymc.io%2Fclient%2FEasyMC.exe%3F1608595200031%2F&sid=PVc6FvsDwa&upapi=true
130.211.23.194204 No Content 0 B URL GET HTTP/2 api.btloader.com/pv?tid=G95ql4n6&w=6192809940877312&o=6278260873756672&cv=2.1.17-2-g0b33bd3&r=false&vr=1280x1024&pageURL=https%3A%2F%2Feasymc.io%2Fclient%2FEasyMC.exe%3F1608595200031%2F&sid=PVc6FvsDwa&upapi=true
IP 130.211.23.194:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerGoogle Trust Services LLC
Subjectapi.btloader.com
Fingerprint5B:D8:2A:4B:41:13:52:77:BA:2E:03:62:E1:28:7D:54:87:04:7E:6E
ValidityFri, 11 Aug 2023 17:31:00 GMT - Thu, 09 Nov 2023 18:23:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?tid=G95ql4n6&w=6192809940877312&o=6278260873756672&cv=2.1.17-2-g0b33bd3&r=false&vr=1280x1024&pageURL=https%3A%2F%2Feasymc.io%2Fclient%2FEasyMC.exe%3F1608595200031%2F&sid=PVc6FvsDwa&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
Origin: https://easymc.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Sat, 19 Aug 2023 20:35:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-8D4FHV4N0X>m=45je38g0&_p=831014611&_gaz=1&cid=1020617597.1692477337&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1692477336&sct=1&seg=0&dl=https%3A%2F%2Feasymc.io%2Fclient%2FEasyMC.exe%3F1608595200031%2F&dt=EasyMC.io%20-%20Free%20Minecraft%20Accounts&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL POST HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-8D4FHV4N0X>m=45je38g0&_p=831014611&_gaz=1&cid=1020617597.1692477337&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1692477336&sct=1&seg=0&dl=https%3A%2F%2Feasymc.io%2Fclient%2FEasyMC.exe%3F1608595200031%2F&dt=EasyMC.io%20-%20Free%20Minecraft%20Accounts&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintCD:19:11:50:03:C9:31:CD:B2:32:E1:82:F6:AD:5A:C5:F5:E8:7F:CE
ValidityMon, 31 Jul 2023 08:16:43 GMT - Mon, 23 Oct 2023 08:16:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8D4FHV4N0X>m=45je38g0&_p=831014611&_gaz=1&cid=1020617597.1692477337&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=1&sid=1692477336&sct=1&seg=0&dl=https%3A%2F%2Feasymc.io%2Fclient%2FEasyMC.exe%3F1608595200031%2F&dt=EasyMC.io%20-%20Free%20Minecraft%20Accounts&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
Origin: https://easymc.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://easymc.io
date: Sat, 19 Aug 2023 20:35:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-8D4FHV4N0X>m=45je38g0&_p=831014611&cid=1020617597.1692477337&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=2&dp=%2Fclient%2FEasyMC.exe&sid=1692477336&sct=1&seg=1&dl=https%3A%2F%2Feasymc.io%2Fclient%2FEasyMC.exe%3F1608595200031%2F&dt=EasyMC.io%20-%20Free%20Minecraft%20Accounts&en=page_view&_ee=1
216.239.34.36204 No Content 0 B URL POST HTTP/3 region1.analytics.google.com/g/collect?v=2&tid=G-8D4FHV4N0X>m=45je38g0&_p=831014611&cid=1020617597.1692477337&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=2&dp=%2Fclient%2FEasyMC.exe&sid=1692477336&sct=1&seg=1&dl=https%3A%2F%2Feasymc.io%2Fclient%2FEasyMC.exe%3F1608595200031%2F&dt=EasyMC.io%20-%20Free%20Minecraft%20Accounts&en=page_view&_ee=1
IP 216.239.34.36:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintCD:19:11:50:03:C9:31:CD:B2:32:E1:82:F6:AD:5A:C5:F5:E8:7F:CE
ValidityMon, 31 Jul 2023 08:16:43 GMT - Mon, 23 Oct 2023 08:16:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-8D4FHV4N0X>m=45je38g0&_p=831014611&cid=1020617597.1692477337&ul=en-us&sr=1280x1024&ir=1&_eu=EA&_s=2&dp=%2Fclient%2FEasyMC.exe&sid=1692477336&sct=1&seg=1&dl=https%3A%2F%2Feasymc.io%2Fclient%2FEasyMC.exe%3F1608595200031%2F&dt=EasyMC.io%20-%20Free%20Minecraft%20Accounts&en=page_view&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
Origin: https://easymc.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://easymc.io
date: Sat, 19 Aug 2023 20:35:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.bing.com/th?id=OADD2.8177693266271_1TVIUHZB7HQ8UGUSZ3&pid=21.2&c=16&roil=0&roit=0.1086&roir=1&roib=0.8924&w=379&h=198&qlt=90
23.36.79.25200 OK 16 kB URL GET HTTP/2 www.bing.com/th?id=OADD2.8177693266271_1TVIUHZB7HQ8UGUSZ3&pid=21.2&c=16&roil=0&roit=0.1086&roir=1&roib=0.8924&w=379&h=198&qlt=90
IP 23.36.79.25:443
ASN #20940 Akamai International B.V.
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerMicrosoft Corporation
Subjectr.bing.com
Fingerprint16:DF:96:BE:A5:09:9C:D6:10:D8:3C:74:D6:16:86:35:97:47:40:FE
ValidityTue, 15 Nov 2022 20:16:38 GMT - Wed, 15 Nov 2023 20:16:38 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 379x198, components 3\012- data
Hash 1e1ff8f509f5116e31f8cdedbdb91956
b2ac0e951e57c948dde6082b690e7bb92b992e7f
13002e6349aaa2a731331bc1f9b98c365fc6adc91bce868f76a4254be5c68583
GET /th?id=OADD2.8177693266271_1TVIUHZB7HQ8UGUSZ3&pid=21.2&c=16&roil=0&roit=0.1086&roir=1&roib=0.8924&w=379&h=198&qlt=90 HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://easymc.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=2592000
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-headers: *
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
content-length: 16191
date: Sat, 19 Aug 2023 20:35:53 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.154f2417.1692477353.d88f690f
X-Firefox-Spdy: h2
www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=92cd28e2-7f91-4114-a31e-ec67549b34b7&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=25b35c12-79f8-42cc-962c-8c68f93bf060&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Da7dfc1b5b9b54d18b7660cb4a9d00cd7%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=19695922&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_fp&aid=6775624439826430892&wp=
23.36.79.25303 See Other 154 B URL GET HTTP/2 www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=92cd28e2-7f91-4114-a31e-ec67549b34b7&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=25b35c12-79f8-42cc-962c-8c68f93bf060&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Da7dfc1b5b9b54d18b7660cb4a9d00cd7%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=19695922&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_fp&aid=6775624439826430892&wp=
IP 23.36.79.25:443
ASN #20940 Akamai International B.V.
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerMicrosoft Corporation
Subjectr.bing.com
Fingerprint16:DF:96:BE:A5:09:9C:D6:10:D8:3C:74:D6:16:86:35:97:47:40:FE
ValidityTue, 15 Nov 2022 20:16:38 GMT - Wed, 15 Nov 2023 20:16:38 GMT
File type HTML document, ASCII text
Hash 02751d4213954525983d85a28bf4f83d
6ffc292aa473ed8404afc0d4c5c7fbde2f522fc2
879c544045d7b6baeb2c2bca7ef1954f7c0f94bd697ae7655ade55d297196ad1
GET /api/v1/mediation/tracking?adUnit=391466&auId=92cd28e2-7f91-4114-a31e-ec67549b34b7&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=25b35c12-79f8-42cc-962c-8c68f93bf060&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Da7dfc1b5b9b54d18b7660cb4a9d00cd7%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=19695922&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_fp&aid=6775624439826430892&wp= HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://easymc.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 154
content-type: text/html; charset=utf-8
expires: 0
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a7dfc1b5b9b54d18b7660cb4a9d00cd7&SNR=1&GV=2&med=10
vary: Origin
strict-transport-security: max-age=15724800; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C78BEF5DA2D34EFAB981966D48953D1D Ref B: MIL30EDGE1205 Ref C: 2023-08-19T20:35:54Z
date: Sat, 19 Aug 2023 20:35:54 GMT
set-cookie: _EDGE_S=F=1&SID=07B3769EE70B672F28C265ECE6D66675; path=/; httponly; domain=bing.com
_EDGE_V=1; path=/; httponly; expires=Thu, 12-Sep-2024 20:35:54 GMT; domain=bing.com
MUID=1C55EC7D00546CFC2EA2FF0F01896DDF; samesite=none; path=/; secure; expires=Thu, 12-Sep-2024 20:35:54 GMT; domain=bing.com
MUIDB=1C55EC7D00546CFC2EA2FF0F01896DDF; path=/; httponly; expires=Thu, 12-Sep-2024 20:35:54 GMT
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.154f2417.1692477353.d88f6911
X-Firefox-Spdy: h2
www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a7dfc1b5b9b54d18b7660cb4a9d00cd7&SNR=1&GV=2&med=10
23.36.79.25200 OK 0 B URL GET HTTP/3 www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a7dfc1b5b9b54d18b7660cb4a9d00cd7&SNR=1&GV=2&med=10
IP 23.36.79.25:443
ASN #20940 Akamai International B.V.
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerMicrosoft Corporation
Subjectr.bing.com
Fingerprint16:DF:96:BE:A5:09:9C:D6:10:D8:3C:74:D6:16:86:35:97:47:40:FE
ValidityTue, 15 Nov 2022 20:16:38 GMT - Wed, 15 Nov 2023 20:16:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a7dfc1b5b9b54d18b7660cb4a9d00cd7&SNR=1&GV=2&med=10 HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: private,no-store
pragma: no-cache
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E6DE007AB47B452DA20B6DF590BE5769 Ref B: BRU30EDGE0619 Ref C: 2023-08-19T20:35:54Z
content-length: 0
date: Sat, 19 Aug 2023 20:35:54 GMT
set-cookie: _EDGE_S=F=1&SID=3A4C6D3E2A0967452A087E4C2B656612; path=/; httponly; domain=bing.com
_EDGE_V=1; path=/; httponly; expires=Thu, 12-Sep-2024 20:35:54 GMT; domain=bing.com
MUID=3058623D90536EA72FA4714F913F6F8A; samesite=none; path=/; secure; expires=Thu, 12-Sep-2024 20:35:54 GMT; domain=bing.com
MUIDB=3058623D90536EA72FA4714F913F6F8A; path=/; httponly; expires=Thu, 12-Sep-2024 20:35:54 GMT
quic-version: 0x00000001
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.154f2417.1692477354.d88f6b3d
tracker.nitropay.com/pixel.png?s=461&wb=eyJhZFVuaXRDb2RlIjoiaG9tZV9iaWxsYm9hcmQiLCJjcmVhdGl2ZUlkIjoiMzgxODQ2NzE0IiwiYmlkZGVyIjoiYXBwbmV4dXNBc3QiLCJ0aW1lVG9SZXNwb25kIjozNDYsImhlaWdodCI6MjUwLCJ3aWR0aCI6OTcwLCJjcG0iOjAuMDM1MzAwNTgsImhyZWYiOiJodHRwczovL2Vhc3ltYy5pby9jbGllbnQvRWFzeU1DLmV4ZT8xNjA4NTk1MjAwMDMxLyIsImFjY2VwdGFibGUiOmZhbHNlLCJtZXRhIjoie1wiZGNoYWluXCI6e1widmVyXCI6XCIxLjBcIixcImNvbXBsZXRlXCI6MCxcIm5vZGVzXCI6W3tcImJzaWRcIjpcIjEyMDg1XCJ9XX0sXCJicmFuZElkXCI6MTExNTQ0fSIsInJlcXVlc3RJZCI6IjEzODQzMDdmLWNlYTYtNGMyOC04Yzk1LWVkYTdhYmIxOGNmMiIsImMiOiJOTyIsInIiOiIwMyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJ0aW1lc3RhbXAiOjE2OTI0NzczNDc1NzN9&t=0
104.18.2.78200 OK 73 B URL GET HTTP/3 tracker.nitropay.com/pixel.png?s=461&wb=eyJhZFVuaXRDb2RlIjoiaG9tZV9iaWxsYm9hcmQiLCJjcmVhdGl2ZUlkIjoiMzgxODQ2NzE0IiwiYmlkZGVyIjoiYXBwbmV4dXNBc3QiLCJ0aW1lVG9SZXNwb25kIjozNDYsImhlaWdodCI6MjUwLCJ3aWR0aCI6OTcwLCJjcG0iOjAuMDM1MzAwNTgsImhyZWYiOiJodHRwczovL2Vhc3ltYy5pby9jbGllbnQvRWFzeU1DLmV4ZT8xNjA4NTk1MjAwMDMxLyIsImFjY2VwdGFibGUiOmZhbHNlLCJtZXRhIjoie1wiZGNoYWluXCI6e1widmVyXCI6XCIxLjBcIixcImNvbXBsZXRlXCI6MCxcIm5vZGVzXCI6W3tcImJzaWRcIjpcIjEyMDg1XCJ9XX0sXCJicmFuZElkXCI6MTExNTQ0fSIsInJlcXVlc3RJZCI6IjEzODQzMDdmLWNlYTYtNGMyOC04Yzk1LWVkYTdhYmIxOGNmMiIsImMiOiJOTyIsInIiOiIwMyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJ0aW1lc3RhbXAiOjE2OTI0NzczNDc1NzN9&t=0
IP 104.18.2.78:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintFF:E0:CE:2D:DB:8C:14:91:BC:B8:DE:9F:24:62:06:3E:6F:69:EC:55
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash 0c605efa89709962b88bf867e5cb2826
7c71d08f88603ba0ae35a656b5ac180f3a1b1039
3336865c07143159ab73893863070b6d7f0516b0de61a236a0c5c52246cb3b2e
GET /pixel.png?s=461&wb=eyJhZFVuaXRDb2RlIjoiaG9tZV9iaWxsYm9hcmQiLCJjcmVhdGl2ZUlkIjoiMzgxODQ2NzE0IiwiYmlkZGVyIjoiYXBwbmV4dXNBc3QiLCJ0aW1lVG9SZXNwb25kIjozNDYsImhlaWdodCI6MjUwLCJ3aWR0aCI6OTcwLCJjcG0iOjAuMDM1MzAwNTgsImhyZWYiOiJodHRwczovL2Vhc3ltYy5pby9jbGllbnQvRWFzeU1DLmV4ZT8xNjA4NTk1MjAwMDMxLyIsImFjY2VwdGFibGUiOmZhbHNlLCJtZXRhIjoie1wiZGNoYWluXCI6e1widmVyXCI6XCIxLjBcIixcImNvbXBsZXRlXCI6MCxcIm5vZGVzXCI6W3tcImJzaWRcIjpcIjEyMDg1XCJ9XX0sXCJicmFuZElkXCI6MTExNTQ0fSIsInJlcXVlc3RJZCI6IjEzODQzMDdmLWNlYTYtNGMyOC04Yzk1LWVkYTdhYmIxOGNmMiIsImMiOiJOTyIsInIiOiIwMyIsInR5cGUiOjAsImR1cmF0aW9uIjowLCJ0aW1lc3RhbXAiOjE2OTI0NzczNDc1NzN9&t=0 HTTP/1.1
Host: tracker.nitropay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=.wulnWzaL_dEksZxByrJFVMrSXIoXW_W2dRY6CxuJ_E-1692477342-0-AUFoX27AVirx3KJVXggPgWna0Q7zxqhZXfQcjDQ2z2s/cqNqjZ+IRQlAjRNDjV9g8yAkbO0tspCKsgi8BstIWjg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:54 GMT
content-type: image/png
content-length: 73
cache-control: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 7f952f877f05b4ed-OSL
www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=92cd28e2-7f91-4114-a31e-ec67549b34b7&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=25b35c12-79f8-42cc-962c-8c68f93bf060&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Da7dfc1b5b9b54d18b7660cb4a9d00cd7%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=19695922&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_fp&aid=6775624439826430892&wp=
23.36.79.25303 See Other 146 B URL GET HTTP/3 www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=92cd28e2-7f91-4114-a31e-ec67549b34b7&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=25b35c12-79f8-42cc-962c-8c68f93bf060&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Da7dfc1b5b9b54d18b7660cb4a9d00cd7%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=19695922&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_fp&aid=6775624439826430892&wp=
IP 23.36.79.25:443
ASN #20940 Akamai International B.V.
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerMicrosoft Corporation
Subjectr.bing.com
Fingerprint16:DF:96:BE:A5:09:9C:D6:10:D8:3C:74:D6:16:86:35:97:47:40:FE
ValidityTue, 15 Nov 2022 20:16:38 GMT - Wed, 15 Nov 2023 20:16:38 GMT
File type HTML document, ASCII text
Hash a6a1daa3ab4e7d7c1f5cde63dc578181
a61af09c13fa5467dbe6e663c5518d2ee948c0ba
557d41a06aebd42e1f0ddee72a5d22c01f389f6841e699504d2049e8ab9c63ac
GET /api/v1/mediation/tracking?adUnit=391466&auId=92cd28e2-7f91-4114-a31e-ec67549b34b7&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=25b35c12-79f8-42cc-962c-8c68f93bf060&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3Da7dfc1b5b9b54d18b7660cb4a9d00cd7%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=19695922&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_fp&aid=6775624439826430892&wp= HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://easymc.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 303 See Other
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-length: 146
content-type: text/html; charset=utf-8
expires: 0
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=a7dfc1b5b9b54d18b7660cb4a9d00cd7&tids=15000&med=10
vary: Origin
strict-transport-security: max-age=15724800; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 165F0693B6524343A73734E4CB7FB74E Ref B: MIL30EDGE1220 Ref C: 2023-08-19T20:35:54Z
date: Sat, 19 Aug 2023 20:35:54 GMT
set-cookie: _EDGE_S=F=1&SID=3A1D435DEBE263C8251E502FEA3F62BD; path=/; httponly; domain=bing.com
_EDGE_V=1; path=/; httponly; expires=Thu, 12-Sep-2024 20:35:54 GMT; domain=bing.com
MUID=3B4B829B887A69D51B4791E989A768A6; samesite=none; path=/; secure; expires=Thu, 12-Sep-2024 20:35:54 GMT; domain=bing.com
MUIDB=3B4B829B887A69D51B4791E989A768A6; path=/; httponly; expires=Thu, 12-Sep-2024 20:35:54 GMT
quic-version: 0x00000001
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.154f2417.1692477354.d88f7df6
www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=a7dfc1b5b9b54d18b7660cb4a9d00cd7&tids=15000&med=10
23.36.79.25200 OK 0 B URL GET HTTP/3 www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=a7dfc1b5b9b54d18b7660cb4a9d00cd7&tids=15000&med=10
IP 23.36.79.25:443
ASN #20940 Akamai International B.V.
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerMicrosoft Corporation
Subjectr.bing.com
Fingerprint16:DF:96:BE:A5:09:9C:D6:10:D8:3C:74:D6:16:86:35:97:47:40:FE
ValidityTue, 15 Nov 2022 20:16:38 GMT - Wed, 15 Nov 2023 20:16:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aes/c.gif?type=mv&reqver=1.0&rg=a7dfc1b5b9b54d18b7660cb4a9d00cd7&tids=15000&med=10 HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
cache-control: private,no-store
pragma: no-cache
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 195CB46757A3408A9102C67FE707D2E1 Ref B: AMS04EDGE2218 Ref C: 2023-08-19T20:35:55Z
content-length: 0
date: Sat, 19 Aug 2023 20:35:55 GMT
set-cookie: _EDGE_S=F=1&SID=02451D9792126C0316770EE593D56DA1; path=/; httponly; domain=bing.com
_EDGE_V=1; path=/; httponly; expires=Thu, 12-Sep-2024 20:35:55 GMT; domain=bing.com
MUID=111CEBE5BBBC620B37AEF897BA7B630C; samesite=none; path=/; secure; expires=Thu, 12-Sep-2024 20:35:55 GMT; domain=bing.com
MUIDB=111CEBE5BBBC620B37AEF897BA7B630C; path=/; httponly; expires=Thu, 12-Sep-2024 20:35:55 GMT
quic-version: 0x00000001
alt-svc: h3=":443"; ma=93600
x-cdn-traceid: 0.154f2417.1692477354.d88f7fd1
tracker.nitropay.com/viewability/1384307f-cea6-4c28-8c95-eda7abb18cf2?viewable=true&timeInView=1000
104.18.2.78204 No Content 0 B URL POST HTTP/3 tracker.nitropay.com/viewability/1384307f-cea6-4c28-8c95-eda7abb18cf2?viewable=true&timeInView=1000
IP 104.18.2.78:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintFF:E0:CE:2D:DB:8C:14:91:BC:B8:DE:9F:24:62:06:3E:6F:69:EC:55
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /viewability/1384307f-cea6-4c28-8c95-eda7abb18cf2?viewable=true&timeInView=1000 HTTP/1.1
Host: tracker.nitropay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
Origin: https://easymc.io
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=.wulnWzaL_dEksZxByrJFVMrSXIoXW_W2dRY6CxuJ_E-1692477342-0-AUFoX27AVirx3KJVXggPgWna0Q7zxqhZXfQcjDQ2z2s/cqNqjZ+IRQlAjRNDjV9g8yAkbO0tspCKsgi8BstIWjg=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
date: Sat, 19 Aug 2023 20:35:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 7f952f8db944b4ed-OSL
www.googletagmanager.com/gtag/js?id=G-8D4FHV4N0X
142.250.74.40200 OK 222 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-8D4FHV4N0X
IP 142.250.74.40:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintCD:19:11:50:03:C9:31:CD:B2:32:E1:82:F6:AD:5A:C5:F5:E8:7F:CE
ValidityMon, 31 Jul 2023 08:16:43 GMT - Mon, 23 Oct 2023 08:16:42 GMT
File type ASCII text, with very long lines (5857)
Size 222 kB (221489 bytes)
Hash 9a652edb7f3e46089aed0c3a7cce6e48
275274226c6aed8c1a0796e6a4306ce8c3785398
a0685d0bb19c22ff386d7e28f92d5adb8472baba3980c2470c5ae9b927f062a0
GET /gtag/js?id=G-8D4FHV4N0X HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Aug 2023 20:35:42 GMT
expires: Sat, 19 Aug 2023 20:35:42 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78503
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.nitropay.com/n.svg
104.18.2.78200 OK 1.4 kB IP 104.18.2.78:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintFF:E0:CE:2D:DB:8C:14:91:BC:B8:DE:9F:24:62:06:3E:6F:69:EC:55
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (1496), with no line terminators
Hash 661a41d072f13f43176a18e44bd2b0d4
33af5c5eb7ac90995736be7f6a22f8a14c1df1af
b0f7bb15b0274da37be347886aeaf2399d6714cb86efdbe38a79ba7c6821d007
GET /n.svg HTTP/1.1
Host: s.nitropay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=.wulnWzaL_dEksZxByrJFVMrSXIoXW_W2dRY6CxuJ_E-1692477342-0-AUFoX27AVirx3KJVXggPgWna0Q7zxqhZXfQcjDQ2z2s/cqNqjZ+IRQlAjRNDjV9g8yAkbO0tspCKsgi8BstIWjg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:54 GMT
content-type: image/svg+xml
x-guploader-uploadid: ADPycdsGr9sPTc9MTzSWM-oZDqflyog_KusbSJgk3CnylI5fB9Rz5ZVY2uGV_vtsFeKs_BSmSaul23g44qIttI0Gyvp3-A
x-goog-generation: 1664950747723912
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1437
x-goog-hash: crc32c=Tm86FQ==, md5=R85XyhysX5VF8eL7nGvZDQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Type
expires: Sat, 19 Aug 2023 20:56:34 GMT
cache-control: public, max-age=3600
last-modified: Wed, 05 Oct 2022 06:19:07 GMT
etag: W/"47ce57ca1cac5f9545f1e2fb9c6bd90d"
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2327
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 7f952f877f09b4ed-OSL
content-encoding: gzip
ib.adnxs.com/ut/v3/prebid
185.89.210.153200 OK 13 kB URL POST HTTP/2 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.153:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerDigiCert Inc
Subject*.adnxs.com
Fingerprint30:E1:57:C8:5A:77:64:AE:54:99:08:F7:2B:B8:C7:F4:28:85:56:08
ValidityMon, 13 Feb 2023 00:00:00 GMT - Fri, 15 Mar 2024 23:59:59 GMT
File type JSON data\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12704), with no line terminators
Hash f0bd43eccd949caabe81998ad8fb6a89
7d9b654c9a571bff91742afdce3aab447027dd7b
fb48b62ab08a22e930b85d615950db8cae428d480e7da5b95cca8d01fc582d10
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
Content-Type: text/plain
Content-Length: 1256
Origin: https://easymc.io
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.21.3
date: Sat, 19 Aug 2023 20:35:53 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: no-store, no-cache, private
pragma: no-cache
expires: Sat, 15 Nov 2008 16:00:00 GMT
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-xss-protection: 0
access-control-allow-credentials: true
access-control-allow-origin: https://easymc.io
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
an-x-request-uuid: 8960456b-0638-4f26-8999-9955285d4ceb
set-cookie: icu=ChgI5YA9EAoYASABKAEwqc-EpwY4AUABSAEQqc-EpwYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 17-Nov-2023 20:35:53 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=1779337513419039599; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 17-Nov-2023 20:35:53 GMT; Domain=.adnxs.com; Secure; HttpOnly
x-proxy-origin: 91.90.42.154; 91.90.42.154; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-encoding: gzip
X-Firefox-Spdy: h2
adsdk.microsoft.com/native-to-display/sdk.js
13.107.246.53200 OK 82 kB URL GET HTTP/2 adsdk.microsoft.com/native-to-display/sdk.js
IP 13.107.246.53:443
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerMicrosoft Corporation
Subjectadsdk.microsoft.com
Fingerprint4D:4E:E8:2F:E3:1C:51:20:43:F1:11:11:AC:26:8B:36:D0:89:4D:44
ValidityFri, 07 Apr 2023 11:08:56 GMT - Mon, 01 Apr 2024 11:08:56 GMT
File type ASCII text, with very long lines (56351)
Hash 9697970e93449da9665021dc622565f8
711395503c085bb1c64e52d2554990b064357671
6d217af9105d69f82cd5e29239c0caea643aa9af6854a7ed32da9452a9634ec0
GET /native-to-display/sdk.js HTTP/1.1
Host: adsdk.microsoft.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://easymc.io
DNT: 1
Connection: keep-alive
Referer: https://easymc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private, max-age=3600
content-type: application/javascript
content-encoding: br
content-md5: lpeXDpNEnalmUCHcYiVl+A==
last-modified: Wed, 16 Aug 2023 17:14:29 GMT
etag: 0x8DB9E7C405C4A92
x-cache: TCP_HIT
x-ms-request-id: 9bf66340-301e-0100-215e-d23562000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
x-azure-ref-originshield: 0d8TgZAAAAADH7wJifurcSaLQpdFBnKVdQU1TMDRFREdFMTgxOQA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
access-control-allow-origin: *
x-azure-ref: 0qSfhZAAAAABnaRTBidBWRqSTrVL9fCR2U1ZHMjBFREdFMDYyMAA5N2M5YThjNi1mYzc5LTRjNDQtYjU1OS01OGMxNmJjZWEzMjI=
date: Sat, 19 Aug 2023 20:35:53 GMT
X-Firefox-Spdy: h2
easymc.io/client/EasyMC.exe?1608595200031/
172.67.138.103200 OK 12 kB URL User Request GET HTTP/2 easymc.io/client/EasyMC.exe?1608595200031/
IP 172.67.138.103:443
Certificate IssuerLet's Encrypt
Subjecteasymc.io
FingerprintBF:26:16:CF:7C:FC:F2:81:2D:E1:E7:F7:6F:14:70:9E:F9:81:B5:1F
ValiditySat, 19 Aug 2023 09:23:34 GMT - Fri, 17 Nov 2023 09:23:33 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12242), with no line terminators
Hash b819065b4fc99327f0728215bbc2c42d
59132b063f9de30a5e68661d039377acb90f6f98
c6fa7d205124e139cf8c17b72e6baad7a22e26462a74ee3e0542c769ecca1202
GET /client/EasyMC.exe?1608595200031/ HTTP/1.1
Host: easymc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Aug 2023 20:35:41 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMpJ8U68x%2BJEr8gCGtDgN9r7u%2B%2BXzgyZ3%2FzrK77rtQJPbTqoRWe5oMYhpuzEXQOvSyv%2FwIPClp66I4WPu0XBUyPhQVD2g2Wg7XFrTkvq5vl%2Fbl1p550kh4KI%2FHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 7f952f38d85db503-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
easymc.io/favicon.ico
172.67.138.103200 OK 68 kB IP 172.67.138.103:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerLet's Encrypt
Subjecteasymc.io
FingerprintBF:26:16:CF:7C:FC:F2:81:2D:E1:E7:F7:6F:14:70:9E:F9:81:B5:1F
ValiditySat, 19 Aug 2023 09:23:34 GMT - Fri, 17 Nov 2023 09:23:33 GMT
File type MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel\012- data
Hash 6ecbef1e31ac4d7c2234bcb22d72880d
e306667493ad93588997284b7e89522b80b23ee0
ab950c26dd9e4d00ffaaed745734ddb4f9ebafbfb8771887c07d8f7628930625
GET /favicon.ico HTTP/1.1
Host: easymc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/client/EasyMC.exe?1608595200031/
DNT: 1
Connection: keep-alive
Cookie: _pbjs_userid_consent_data=3524755945110770; ncmp.domain=easymc.io; _ga_8D4FHV4N0X=GS1.1.1692477336.1.1.1692477336.60.0.0; _ga=GA1.1.1020617597.1692477337
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:43 GMT
content-type: image/vnd.microsoft.icon
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"71f3c0c6993ea882cfe5655aaf552347"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1v91dB99wHLjaOV1GOBymqzRG3aghSnasB%2BxkqfdTTSf9zGpBmJql5aMoXzhI2tinA7pW4i3CYnfZQGESSIBDNN6%2F8fsGVAaAmylMyjFlqYTkhjXlH6%2FvBoGmZU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 6777
server: cloudflare
cf-ray: 7f952f45fd55b4f7-OSL
alt-svc: h3=":443"; ma=86400
s.nitropay.com/cmp/cancel.png
104.18.2.78200 OK 1.3 kB URL GET HTTP/3 s.nitropay.com/cmp/cancel.png
IP 104.18.2.78:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintFF:E0:CE:2D:DB:8C:14:91:BC:B8:DE:9F:24:62:06:3E:6F:69:EC:55
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash c707b2d501a53bc2c66e98e4e5cabefb
428a51cba1d520eae0c90de0cf367fd0ea0b9622
89863d0411e5273c7c2befe50bceeab57034e26b5df8751cc13c3bd78c73511d
GET /cmp/cancel.png HTTP/1.1
Host: s.nitropay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=.wulnWzaL_dEksZxByrJFVMrSXIoXW_W2dRY6CxuJ_E-1692477342-0-AUFoX27AVirx3KJVXggPgWna0Q7zxqhZXfQcjDQ2z2s/cqNqjZ+IRQlAjRNDjV9g8yAkbO0tspCKsgi8BstIWjg=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:43 GMT
content-type: image/png
content-length: 1302
x-guploader-uploadid: ADPycdsMhwRHnhaOOdc6cOzvBBrHb5zsbFsxiv5FW3lOGxT8wHo-hnJhlbScIW_H_njFjKqMuVV_KoLOw1oAt1lZqrunTA
x-goog-generation: 1666344058825998
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1302
x-goog-hash: crc32c=QrhBNA==, md5=xwey1QGlO8LGbpjk5cq++w==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sat, 19 Aug 2023 20:56:38 GMT
cache-control: public, max-age=3600
last-modified: Fri, 21 Oct 2022 09:20:58 GMT
etag: "c707b2d501a53bc2c66e98e4e5cabefb"
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2273
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
server: cloudflare
cf-ray: 7f952f45780cb4ed-OSL
s.nitropay.com/ads-461.js
104.18.2.78200 OK 436 kB URL GET HTTP/2 s.nitropay.com/ads-461.js
IP 104.18.2.78:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintFF:E0:CE:2D:DB:8C:14:91:BC:B8:DE:9F:24:62:06:3E:6F:69:EC:55
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT
Size 436 kB (435525 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads-461.js HTTP/1.1
Host: s.nitropay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Aug 2023 20:35:42 GMT
content-type: application/javascript
cf-ray: 7f952f3d0ceeb4f7-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 6712
cache-control: private, max-age=600
etag: W/"137e621ac6f5801fa601b0da70ae81ef:1692426784000"
expires: Sun, 20 Aug 2023 06:34:22 GMT
last-modified: Sat, 19 Aug 2023 06:33:04 GMT
strict-transport-security: max-age=2592000; includeSubDomains
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=86400
x-goog-generation: 1692388435654193
x-goog-hash: crc32c=l9G6nw==, md5=E35iGsb1gB+mAbDacK6B7w==
x-goog-meta-goog-reserved-file-mtime: 1692387633
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 433368
x-guploader-uploadid: ADPycdutsjchdyDkUKEAtdUFvY5mxhAqiJRGf2oyeFd3doTCQQioUhlcwju8KAEEteQk_aCXY-mXvMP6B5aWkE1Xz1lB
set-cookie: __cf_bm=.wulnWzaL_dEksZxByrJFVMrSXIoXW_W2dRY6CxuJ_E-1692477342-0-AUFoX27AVirx3KJVXggPgWna0Q7zxqhZXfQcjDQ2z2s/cqNqjZ+IRQlAjRNDjV9g8yAkbO0tspCKsgi8BstIWjg=; path=/; expires=Sat, 19-Aug-23 21:05:42 GMT; domain=.nitropay.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Karla:400,700|Quicksand:400,700&display=swap
142.250.74.74200 OK 4.1 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Karla:400,700|Quicksand:400,700&display=swap
IP 142.250.74.74:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint2A:06:F9:5A:FD:FC:89:5C:D7:C5:CC:38:F0:25:78:FB:15:9F:5A:67
ValidityMon, 31 Jul 2023 08:22:19 GMT - Mon, 23 Oct 2023 08:22:18 GMT
File type ASCII text, with very long lines (4152), with no line terminators
Hash 957bf06e4c63b49204f22dbd4d48d92f
1e31f66a68a7105c926634476e5d7dd1d9b67d87
72d0d1f4f4f2a6d5714b1c42ac133b86d693a6642b63d8459f94f19b76eefedb
GET /css?family=Karla:400,700|Quicksand:400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Aug 2023 20:35:42 GMT
date: Sat, 19 Aug 2023 20:35:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
easymc.io/static/css/main.1238f433.chunk.css
172.67.138.103200 OK 11 kB URL GET HTTP/3 easymc.io/static/css/main.1238f433.chunk.css
IP 172.67.138.103:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerLet's Encrypt
Subjecteasymc.io
FingerprintBF:26:16:CF:7C:FC:F2:81:2D:E1:E7:F7:6F:14:70:9E:F9:81:B5:1F
ValiditySat, 19 Aug 2023 09:23:34 GMT - Fri, 17 Nov 2023 09:23:33 GMT
File type ASCII text, with very long lines (10572)
Hash d8c358d4f9ae351355ea09022282e17f
224a9ddb2913402aa2a61b7ccd031bbe210f8647
662fa21a79b6a4c07658247026df3324519c68467c2ee53a6eae7251ae3127fe
GET /static/css/main.1238f433.chunk.css HTTP/1.1
Host: easymc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/client/EasyMC.exe?1608595200031/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:42 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"e64ec2028f5d22f37d8c7a332d350387"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xq6flRXmAXYt7ewAc26C0Hq7D4mz%2BepK8z2SDm%2BMrajNNh34TzfBINxiDi52YC3TwG4BxhCAr%2FVF%2BNU1AkbKn03QtGGfdL6A1cOE1HUFUf0pmS27kPvHXecURQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 4547
server: cloudflare
cf-ray: 7f952f3cecb1b4f7-OSL
alt-svc: h3=":443"; ma=86400
easymc.io/static/js/main.b961184c.chunk.js
172.67.138.103200 OK 214 kB URL GET HTTP/3 easymc.io/static/js/main.b961184c.chunk.js
IP 172.67.138.103:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerLet's Encrypt
Subjecteasymc.io
FingerprintBF:26:16:CF:7C:FC:F2:81:2D:E1:E7:F7:6F:14:70:9E:F9:81:B5:1F
ValiditySat, 19 Aug 2023 09:23:34 GMT - Fri, 17 Nov 2023 09:23:33 GMT
File type ASCII text, with very long lines (65459)
Size 214 kB (214279 bytes)
Hash 2707cf900832a1108bb63298db1c5637
b45f649481d768125521f25a21df863f79eccadc
8639572f27cf341f06a897da459d8bbdf90c4aba9d1239a70bb53e60e12cd62c
GET /static/js/main.b961184c.chunk.js HTTP/1.1
Host: easymc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/client/EasyMC.exe?1608595200031/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:42 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"4e799a7a1d8d93b14bffbb67e46f00e9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rfcn4w8ij1DNe9JZdGgVnD89LaqQodVhgd%2FpnifOZ5P8nKyPqd36Cf5y3BRFZ%2BCb%2FZPAoDJMLJJglqsXVgPu5DovQq76aJYxKI0PPFsU40boV20EsgDTl2q9PHY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 762
server: cloudflare
cf-ray: 7f952f3cfcc8b4f7-OSL
alt-svc: h3=":443"; ma=86400
btloader.com/tag?o=6278260873756672&upapi=true
172.67.70.134200 OK 42 kB URL GET HTTP/2 btloader.com/tag?o=6278260873756672&upapi=true
IP 172.67.70.134:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintCD:1F:8E:8F:6E:EE:A0:08:86:01:36:43:60:04:A2:33:3C:47:9F:3B
ValidityThu, 06 Jul 2023 00:00:00 GMT - Fri, 05 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (42017)
Hash 26bba6d9d8c1c9ae30d079a09e00c6c2
dd2b47a4e7893fe393fb8658f1890cb8f9e79d1f
f3e583e04773d5c2b72c84fe23ade0c524c6f65daa414c46268fa5a1da090780
GET /tag?o=6278260873756672&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 19 Aug 2023 20:35:42 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
etag: W/"cb2a86927cb6a35f2d3317cf957201f2"
last-modified: Sat, 19 Aug 2023 19:47:21 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 2889
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUSeDC7WZ2BABBpHbg%2F12mNx2eRUMBGqDujNPhp82lbkWgswOVKBUwL6bmZ9wwSzkc0Cbok6DoU1iesVavO5OBZX9Ab%2F9jIlQ58W8%2B%2BWDOE%2F5RCax2b2L9brMeAmYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7f952f3fc811fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2
easymc.io/static/css/2.c2809310.chunk.css
172.67.138.103200 OK 149 kB URL GET HTTP/3 easymc.io/static/css/2.c2809310.chunk.css
IP 172.67.138.103:443
Requested by https://easymc.io/client/EasyMC.exe?1608595200031/
Certificate IssuerLet's Encrypt
Subjecteasymc.io
FingerprintBF:26:16:CF:7C:FC:F2:81:2D:E1:E7:F7:6F:14:70:9E:F9:81:B5:1F
ValiditySat, 19 Aug 2023 09:23:34 GMT - Fri, 17 Nov 2023 09:23:33 GMT
File type ASCII text, with very long lines (65326)
Size 149 kB (148869 bytes)
Hash 616fec9ff251b9f9b3c369d600d8299d
66ecc22b4d6ebec052a5a47c9a583c54631b7547
3d6f7dffca859da345c5ccdad723fa9a449db97256634c06cbbe1bd8a0b81109
GET /static/css/2.c2809310.chunk.css HTTP/1.1
Host: easymc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://easymc.io/client/EasyMC.exe?1608595200031/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 19 Aug 2023 20:35:42 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400, must-revalidate
etag: W/"4e8cd96bac5a769acb323cf99545105b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgQECQgqzKP1LYLW2SQdoRzF3BcOk%2Fqt%2B1FzdJrmKCcKKjqVgkCISgKk4HVpxsw%2FlsQRW9n2lF%2Fc60SWHfgYCIFoX42s1vpoXqzJ5LEJvlN63tgcNmjh5M5n9yI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 762
server: cloudflare
cf-ray: 7f952f3cdca7b4f7-OSL
alt-svc: h3=":443"; ma=86400