sharemods.com/bk2e1ia76zfo/sgm_touge_underground_tuner_car_pack_v1.rar.html
104.26.10.194301 Moved Permanently 0 B URL HTTP/1.1 sharemods.com/bk2e1ia76zfo/sgm_touge_underground_tuner_car_pack_v1.rar.html
IP 104.26.10.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bk2e1ia76zfo/sgm_touge_underground_tuner_car_pack_v1.rar.html HTTP/1.1
Host: sharemods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 18:23:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 29 Jan 2023 19:23:39 GMT
Location: https://sharemods.com/bk2e1ia76zfo/sgm_touge_underground_tuner_car_pack_v1.rar.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FTDrCpR1JsCcWKC4XVW89Ya8BDKfnrroJdU4gFJwlojIWPCTu6Q3TxuvWvU3EGxVFEpw6oArbDJCWgtQiWWXc%2F3NCDjA2vNwAzBXi8noQhEKjRFe6ZFjqJEpwhQB%2F%2Fk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7914000fa8091c12-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5259
Expires: Sun, 29 Jan 2023 19:51:18 GMT
Date: Sun, 29 Jan 2023 18:23:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 81dd5c5cc5b3278876cb44dcb520a60f
c0511a59e9eccdcdda98717b87c89c5d59974808
41736c303afdb3d31e48724b107dcb22883cae02f3562308eb52d9164001a2de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41736C303AFDB3D31E48724B107DCB22883CAE02F3562308EB52D9164001A2DE"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7675
Expires: Sun, 29 Jan 2023 20:31:34 GMT
Date: Sun, 29 Jan 2023 18:23:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9511
Expires: Sun, 29 Jan 2023 21:02:10 GMT
Date: Sun, 29 Jan 2023 18:23:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 17:43:08 GMT
content-type: application/json
age: 2431
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ih+e7aLsWoRxap1I5fRZCRX9i25Jij8fYMIt+T+FmcQQaguGjC/XwBcFtqI1CZokXhNOW7t2QrQ=
x-amz-request-id: ESE6880H32EV5DYG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 17:50:25 GMT
age: 1994
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 894ce262fe409be6969566eb0bd3c3ef
9bd313bb9ff04ca19cb5d74ea04b5fb0774f170f
b421459e038ffe9c87c0c39f185c97598c5d566d9846f413a81c8bc6acf1ce74
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1873
Cache-Control: max-age=167927
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:39 GMT
Etag: "63d69f51-117"
Expires: Tue, 31 Jan 2023 17:02:26 GMT
Last-Modified: Sun, 29 Jan 2023 16:31:13 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 18:23:39 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 894ce262fe409be6969566eb0bd3c3ef
9bd313bb9ff04ca19cb5d74ea04b5fb0774f170f
b421459e038ffe9c87c0c39f185c97598c5d566d9846f413a81c8bc6acf1ce74
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1873
Cache-Control: max-age=167927
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:39 GMT
Etag: "63d69f51-117"
Expires: Tue, 31 Jan 2023 17:02:26 GMT
Last-Modified: Sun, 29 Jan 2023 16:31:13 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9cea98a843749ab6ffcc1e4d554d70ee
4d4d4c548678ce5dc407a73f393a2abf1aae4cfb
478e8249f84da1fe4fc36c7f752dde2d61de74e5271e4be36c51a8e5ad1c2730
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2980
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Last-Modified: Sun, 29 Jan 2023 17:34:00 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9cea98a843749ab6ffcc1e4d554d70ee
4d4d4c548678ce5dc407a73f393a2abf1aae4cfb
478e8249f84da1fe4fc36c7f752dde2d61de74e5271e4be36c51a8e5ad1c2730
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2980
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Last-Modified: Sun, 29 Jan 2023 17:34:00 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9cea98a843749ab6ffcc1e4d554d70ee
4d4d4c548678ce5dc407a73f393a2abf1aae4cfb
478e8249f84da1fe4fc36c7f752dde2d61de74e5271e4be36c51a8e5ad1c2730
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2980
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Last-Modified: Sun, 29 Jan 2023 17:34:00 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 786 B IP 93.184.220.29:0
Hash c285d24b133dc7e9323b9f4e12ba2a8e
acdb9117b90a66a38609ac29f576a73588097c85
0be714fcb358647feb05f19a38b5f58bef05327755639be14e1d85da4a687bc3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4549
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Last-Modified: Sun, 29 Jan 2023 17:07:51 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b042b7f57812777b3726c1474f8164a3
d2a0d1213aa7b5c15a9d1d90a16f50567f78877e
175088c024dbc02cc15755733ae5756b0321025d0c1cd93f00bf706e25159f1f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2288
Cache-Control: max-age=152480
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Etag: "63d6615c-116"
Expires: Tue, 31 Jan 2023 12:45:00 GMT
Last-Modified: Sun, 29 Jan 2023 12:06:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b042b7f57812777b3726c1474f8164a3
d2a0d1213aa7b5c15a9d1d90a16f50567f78877e
175088c024dbc02cc15755733ae5756b0321025d0c1cd93f00bf706e25159f1f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2288
Cache-Control: max-age=152480
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Etag: "63d6615c-116"
Expires: Tue, 31 Jan 2023 12:45:00 GMT
Last-Modified: Sun, 29 Jan 2023 12:06:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0de603d75d5852dce3616086a380dfb0
e1fefa1f283f2420077fe20456fdec550dfda5bd
20a3aea744a2f5fa9ef21057a0de2904370fa173e590d15ae67d59e537856e17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20A3AEA744A2F5FA9EF21057A0DE2904370FA173E590D15AE67D59E537856E17"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11760
Expires: Sun, 29 Jan 2023 21:39:40 GMT
Date: Sun, 29 Jan 2023 18:23:40 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9cea98a843749ab6ffcc1e4d554d70ee
4d4d4c548678ce5dc407a73f393a2abf1aae4cfb
478e8249f84da1fe4fc36c7f752dde2d61de74e5271e4be36c51a8e5ad1c2730
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2980
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Last-Modified: Sun, 29 Jan 2023 17:34:00 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ece9390c976730e6214ce64852356866
1feeb9780dfcfff7e7c4991a995e3994e543cffc
90ca41aa1f1b5906c5dce5e3f07a6756f4fc424d0dd3a3e2fe582b224f87f27b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "90CA41AA1F1B5906C5DCE5E3F07A6756F4FC424D0DD3A3E2FE582B224F87F27B"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14124
Expires: Sun, 29 Jan 2023 22:19:04 GMT
Date: Sun, 29 Jan 2023 18:23:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b25c5e5373a27e1373fa27047fecf7d2
ecc84d7ecc286df26723997a9528305b7fc0dc70
41084d9c5055c0f0c86481edfc35ab8f6530cf9655caf6bd8069a36a7b93f303
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41084D9C5055C0F0C86481EDFC35AB8F6530CF9655CAF6BD8069A36A7B93F303"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15299
Expires: Sun, 29 Jan 2023 22:38:39 GMT
Date: Sun, 29 Jan 2023 18:23:40 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-15082559-23
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-15082559-23
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash f9525559bc23a92c95cdd25a8ac684f4
e6041de04a2179d593420a04a277ae45baeb21b2
25e50f2b5dea40120d83228b86f69493613db60c16832da96233d76cd5801e70
GET /gtag/js?id=UA-15082559-23 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 18:23:40 GMT
expires: Sun, 29 Jan 2023 18:23:40 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44096
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 17:49:04 GMT
age: 2076
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
video.onnetwork.tv/widget/widget_scrolllist.php?widget=808
178.33.138.136200 OK 5.3 kB URL HTTP/2 video.onnetwork.tv/widget/widget_scrolllist.php?widget=808
IP 178.33.138.136:0
File type ASCII text, with very long lines (2119)
Hash 1bfda76dfb26c569bc2c35ff2c36a67c
9e98d9cb34901dc9c75f7a159c6184e9c144ba6f
ea0c1e859eb705018ffd9ac38b3bbaa21219a94fceb35fe1ecc5e930d83ab6cb
GET /widget/widget_scrolllist.php?widget=808 HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Sun, 29 Jan 2023 18:23:40 GMT
expires: Sun, 29 Jan 2023 18:23:41 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
strict-transport-security: max-age=31536000
content-length: 5260
content-type: text/html; charset=utf-8
date: Sun, 29 Jan 2023 18:23:40 GMT
server: XO.webservant
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
biancasunlit.com/1clkn/16756
23.109.87.77200 OK 26 B URL HTTP/1.1 biancasunlit.com/1clkn/16756
IP 23.109.87.77:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
Analyzer Verdict Alert quad9 Sinkholed
GET /1clkn/16756 HTTP/1.1
Host: biancasunlit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 29 Jan 2023 18:23:40 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 30-Jan-2023 18:23:40 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Mon, 30-Jan-2023 18:23:40 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b042b7f57812777b3726c1474f8164a3
d2a0d1213aa7b5c15a9d1d90a16f50567f78877e
175088c024dbc02cc15755733ae5756b0321025d0c1cd93f00bf706e25159f1f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2288
Cache-Control: max-age=152480
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Etag: "63d6615c-116"
Expires: Tue, 31 Jan 2023 12:45:00 GMT
Last-Modified: Sun, 29 Jan 2023 12:06:52 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 278
cookieinfoscript.com/js/cookieinfo.min.js
188.114.97.1200 OK 3.5 kB URL HTTP/2 cookieinfoscript.com/js/cookieinfo.min.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (7650)
Hash e08daa4b2de51832802e454cefbb1c98
27dfcffb9edb3c4799cec1b145a4f8d8126e52e6
afd7fd1536db9872f20064341113ba67a20969d2f50f248c7409fb200b1dcbc6
GET /js/cookieinfo.min.js HTTP/1.1
Host: cookieinfoscript.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: application/x-javascript
x-amz-id-2: scD+jI49bgDpkSsayoO8NMGEeMAg8uyEzYmd2TDwWaa5DpJZchpugmE1fcRG0gu3wK+jmB/jBww=
x-amz-request-id: 51SSPQYQZSA5RPMV
x-amz-meta-cb-modifiedtime: Wed, 07 Apr 2021 11:38:58 GMT
last-modified: Wed, 07 Apr 2021 11:39:17 GMT
etag: W/"d15d93068c1121f63008407d339bd819"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 5327
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9aIkjCaC%2FwMMJAs5c00PTHs3cI9dv1XWJgvy4C9UCZQH0IuzH17WP3eFfHCw19yqbrXtGFrS5PsmBguWehJqgyM%2Bp856mILfYgak4s8qOh7MDnOlTmK6N0VO9bzghfdJTrL6ysxEJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79140013dd4cb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap
142.250.74.106200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap
IP 142.250.74.106:0
Hash 39429bc686aa956c90c2a73d58534131
db0777984d44bb0b1250b8465b4149b9ddec213f
b64c77eb15a418476707970ff7c539779a966003c3bbb6be940cb0651bcf311e
GET /css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 18:23:40 GMT
date: Sun, 29 Jan 2023 18:23:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8b2b66babab5ee67ae85b4f23d2b2a3a
2725a014a2e6f2c095cb83e04bb1428ad8251ad5
3265ecadd3eab148367cc3bb216868d6d83c2948133d81f1e188108c59cbdc57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1809
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Last-Modified: Sun, 29 Jan 2023 17:53:31 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sharemods.com/bk2e1ia76zfo/sgm_touge_underground_tuner_car_pack_v1.rar.html
104.26.11.194200 OK 6.9 kB URL HTTP/2 sharemods.com/bk2e1ia76zfo/sgm_touge_underground_tuner_car_pack_v1.rar.html
IP 104.26.11.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1511)
Hash 6a80e50c8d3aedc4d2b4881fcd007ee5
47753ad26a4b7c6fafdf2c944e96b4762c467d7d
a83544b55866bb49287b113107c463a105c0b21e857f5dcc01ee951c798762bf
GET /bk2e1ia76zfo/sgm_touge_underground_tuner_car_pack_v1.rar.html HTTP/1.1
Host: sharemods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:39 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Sat, 28 Jan 2023 18:23:39 GMT
set-cookie: affiliate=RjuPA%2B77bYEMJS9voUK5H0jQBbIEpDOt%2FcRSHy8MJPJS85kS3kgyct9W%2BHnLw9lhAZ2CKjRzQskOIe30JJwAQQCrc2mJIW8G3omgwPw%3D; domain=.sharemods.com; path=/; expires=Sun, 12-Feb-2023 18:23:39 GMT
lang=english; domain=.sharemods.com; path=/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJgJEv65TPdZ2Qakdq3b%2BLM2rU0dMZXU3SbGaVUyHbyCrteq3AdNdw41BIa2RVduOWomqihMhPhmHpLP%2F7TpEtZX%2B4UESCksW4QliEWUrJMcrGPMrJhZGUXSKvlFL%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79140011099bb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 516659
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=1&e=0.807673169951685
104.26.3.70200 OK 1.7 kB URL HTTP/2 ad-delivery.net/px.gif?ch=1&e=0.807673169951685
IP 104.26.3.70:0
Hash fbddd7e048003da9880627e059548864
82d2cbbb03a425d06ab5032d7418e01a8da46cb8
5de73a64b1dc4efbcb6fdcc095815f20410f4f87bc0b3a6f8a33a23a53f864ab
GET /px.gif?ch=1&e=0.807673169951685 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdvRyQuiKR7vao0d0gZH1fD4TACxVBfdiOoBZcjsTHe5pQD9btOiEjggzyh8C86yatVzyUlYTAFym5Cc073wIsWMUTACWflM
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 26 Jan 2023 22:54:58 GMT
cache-control: public, max-age=86400
age: 246348
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yzxbJo5oJgevW55Bkojat8MvrSU55TijIoRf4FvA8VgWBODW5Y13RrpHV2mDBaWvDhcD9DuM1pF5WnKEGlSvo8yxtqc2iLKLpG7rkOqB4a%2BduQV3kOnCwW554O%2BIYhoKCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791400160b63b4f9-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
142.250.74.35200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP 142.250.74.35:0
Hash 419903d57405faa8caeff90e2d82a556
0ec5d11c278c1d6ab26918583e2240742f282529
afecc1b63833d35e9d45bb7f4b32b4588eff0aa50ae58b3e0a3cdc6e5757bba1
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 10:03:33 GMT
expires: Wed, 24 Jan 2024 10:03:33 GMT
cache-control: public, max-age=31536000
age: 462007
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=2
104.26.3.70200 OK 43 B URL HTTP/2 ad-delivery.net/px.gif?ch=2
IP 104.26.3.70:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdvRyQuiKR7vao0d0gZH1fD4TACxVBfdiOoBZcjsTHe5pQD9btOiEjggzyh8C86yatVzyUlYTAFym5Cc073wIsWMUTACWflM
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 26 Jan 2023 22:54:58 GMT
cache-control: public, max-age=86400
age: 246348
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5gA%2FPh5oWBAJ8q%2FuS565Kw%2Bly3E4eudbXuLpI%2B6cWIMKoBpYqF61gKb8vxfy%2FQePzDNSKeGzNEO1n6xamEkmYYkQM7MqHHh4iZNmmBp%2BY2LP0o0fyOV%2F%2BfI2SLhchWOew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791400161b87b4f9-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ed8a8c45dceab588456b222e04775919
0242859712655caa3c3e9b936878c7c7874b7b5a
669f0691b8bf32a10fb219ce47ad69495e5cd2a11317b672aecca53f50b51de3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
142.250.74.35200 OK 39 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 38752, version 1.0\012- data
Hash d451decbad0d0d2feba27610481a34d8
1479b2ad870d5e2bb04d206f33460089394f6eb5
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 38752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 10:14:17 GMT
expires: Sat, 27 Jan 2024 10:14:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
content-type: font/woff2
age: 202163
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21696195204/sharemods.com_336x280_1_DFP&sz=336x280&t=Placement_type%3Dserving&1675016628723
142.250.74.162200 OK 16 kB URL HTTP/2 pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21696195204/sharemods.com_336x280_1_DFP&sz=336x280&t=Placement_type%3Dserving&1675016628723
IP 142.250.74.162:0
File type ASCII text, with very long lines (10371)
Hash c0624b8f48331f7e1abedc6f6fb3f66f
7d597c2e8850349a3a2366fba3decfe4a9e56a7d
bb09ce8fd1e812780986ec94e2515af68d9c702bcfad24489868cb9518e13ca7
GET /gampad/adx?iu=/147246189,21696195204/sharemods.com_336x280_1_DFP&sz=336x280&t=Placement_type%3Dserving&1675016628723 HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
google-lineitem-id: 5657257864
google-creative-id: 138344837108
google-mediationgroup-id: -2
google-mediationtag-id: -2
date: Sun, 29 Jan 2023 18:23:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 13920
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Jan-2023 18:38:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
btloader.com/tag?o=5646025299591168&domain=sharemods.com&upapi=true
104.26.6.139200 OK 19 kB URL HTTP/2 btloader.com/tag?o=5646025299591168&domain=sharemods.com&upapi=true
IP 104.26.6.139:0
File type ASCII text, with very long lines (14137)
Hash 7689d85e972a25396f31d564ebfeb460
86515995b349e1524ac15f4e404efada633bc1e1
1f9b8e9c2f74d6cee647c1510eba290aca793992bb493d67f0f8ad5355677659
GET /tag?o=5646025299591168&domain=sharemods.com&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
etag: W/"97222a34e4c1c8e7d48196062c9c943f"
last-modified: Sun, 29 Jan 2023 17:39:39 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 2603
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrXFW3UWn7yBZ2sY6wS%2BXGREv0MBlFb5eZWtmTYgk%2BeY3t2neBY%2BC8aufRO72QBU5xA0ZNZ2lqKiG7OnmwcS9cmQpgWgxVmWPG%2FCV6OjdbS5wEGy%2F95pmPYMD0GDKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79140013cd93b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
video.onnetwork.tv/embed.php?mid=NTcwODU4LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA=&iid=1675016628723&cId=pid1675016628723&widget=808
178.33.138.136200 OK 1.3 kB URL HTTP/2 video.onnetwork.tv/embed.php?mid=NTcwODU4LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA=&iid=1675016628723&cId=pid1675016628723&widget=808
IP 178.33.138.136:0
File type ASCII text, with very long lines (1779)
Hash f4825903d116f8501e095ef1c3ec62fd
a8925ec28694ffc6e09c314ea7b2951971865984
123856d0534f777c727de3549190caffc70f997738150516d2a9c41594b23b67
GET /embed.php?mid=NTcwODU4LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA=&iid=1675016628723&cId=pid1675016628723&widget=808 HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Sun, 29 Jan 2023 18:23:39 GMT
expires: Sun, 29 Jan 2023 18:23:39 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
feature-policy: fullscreen *; autoplay;
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-length: 1281
content-type: text/javascript;charset=utf-8
date: Sun, 29 Jan 2023 18:23:40 GMT
server: XO.webservant
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570858_5m.jpg
87.98.235.235200 OK 30 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570858_5m.jpg
IP 87.98.235.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 84a6a72d40f958ffeaf761d0883b38b2
de8e2ce426e7b03d202935b1c8b9caa0868c9731
43f7beebc22497f827ada6ee9c1f2e5b84264621a69bd47c9130709f3ce47f13
GET /poster/5/7/570858_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: image/jpeg
content-length: 29982
last-modified: Mon, 07 Feb 2022 09:58:20 GMT
etag: "6200ed3c-751e"
expires: Thu, 17 Aug 2023 18:23:40 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570832_1m.jpg
87.98.235.235200 OK 22 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570832_1m.jpg
IP 87.98.235.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash e89f8967d6c9e9e774ffe2d1acd0eb7b
3c31a2d1c270ea31232aea01df5044da8e63c3bc
971ee47efa3517204e4cf69c23c891f00cb2da7e88fd3381e5b6e12ccbb113b3
GET /poster/5/7/570832_1m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: image/jpeg
content-length: 21547
last-modified: Mon, 07 Feb 2022 09:41:25 GMT
etag: "6200e945-542b"
expires: Thu, 17 Aug 2023 18:23:40 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570840_5m.jpg
87.98.235.235200 OK 27 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570840_5m.jpg
IP 87.98.235.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 24bbfc2efae8c74b6924bf1a5592d39d
9e0fa658e3bb252c65b474a8d0f64e73e7c0896e
c3eefd5595d59072bfa4e2fe0f26df33c1013b7eeb3f1176c0b411b14c14f8df
GET /poster/5/7/570840_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: image/jpeg
content-length: 26627
last-modified: Mon, 07 Feb 2022 09:47:37 GMT
etag: "6200eab9-6803"
expires: Thu, 17 Aug 2023 18:23:40 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dAzzI2gqYtqgTYTfv1tqhQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sXu5PfkwQZsJr+TT4jM8J6OpwVE=
cdnt.onnetwork.tv/poster/5/7/570814_5m.jpg
87.98.235.235200 OK 22 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570814_5m.jpg
IP 87.98.235.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 408d928fdc630ebd5ad904b0499c7388
0e7e45f316289fb28b48398170e170eb55bf6fa9
d174b44385b81158573717412867bdde8c1641dbb83e086f7794aa3789e023aa
GET /poster/5/7/570814_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: image/jpeg
content-length: 22008
last-modified: Mon, 07 Feb 2022 09:30:47 GMT
etag: "6200e6c7-55f8"
expires: Thu, 17 Aug 2023 18:23:40 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570804_5m.jpg
87.98.235.235200 OK 11 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570804_5m.jpg
IP 87.98.235.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 2871fb03f440dedc5c98a39e3233ecca
cdab8fec4adf07e4fc0ed5f84e6b5f421242b37e
c00fd1fce75f8aaf02c223b7140caf4b537e7c5660c7bba78a63d799baaf5cbb
GET /poster/5/7/570804_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: image/jpeg
content-length: 10645
last-modified: Mon, 07 Feb 2022 09:22:50 GMT
etag: "6200e4ea-2995"
expires: Thu, 17 Aug 2023 18:23:40 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675016629096&d=9784&wsc=00&typ=embed&mobile=0&c=43
87.98.235.235200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675016629096&d=9784&wsc=00&typ=embed&mobile=0&c=43
IP 87.98.235.235:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1675016629096&d=9784&wsc=00&typ=embed&mobile=0&c=43 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Sunday, 29-Jan-2023 18:23:40 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675016629197&d=9784&wsc=00&typ=embed&mobile=0&c=40
87.98.235.235200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675016629197&d=9784&wsc=00&typ=embed&mobile=0&c=40
IP 87.98.235.235:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1675016629197&d=9784&wsc=00&typ=embed&mobile=0&c=40 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Sunday, 29-Jan-2023 18:23:40 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 29 Jan 2023 17:45:20 GMT
expires: Sun, 29 Jan 2023 19:45:20 GMT
cache-control: public, max-age=7200
age: 2300
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.1 kB IP 142.250.74.131:0
Hash bf0404e143d65c03588626ceb87a3d83
7a5f2894467efb517318798414d7c903a3e08fce
ea3904066cb7b805aafa0122f2190dd996a441153f27f9a99c0491da6977d1fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.34200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (39375)
Hash 89a6ea526b035136cacee88639e91cc3
6ac457a0d1ffbbce2dc2745058f3c7544de1605d
ba8cf537b78784917647d70c0b3a59143ebded7da3745f722aafbb927c817d1f
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27568
date: Sun, 29 Jan 2023 18:23:40 GMT
expires: Sun, 29 Jan 2023 18:23:40 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1466 / 857 of 1000 / last-modified: 1674860937"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
104.110.14.155301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
IP 104.110.14.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date: Sun, 29 Jan 2023 18:23:40 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
stpd.cloud/assets/postbid/stpd201221.js
104.18.30.49200 OK 145 kB URL HTTP/2 stpd.cloud/assets/postbid/stpd201221.js
IP 104.18.30.49:0
File type ASCII text, with very long lines (59071)
Size 145 kB (144876 bytes)
Hash f7ad1a2ed83c70f6673c3715e14029c5
79ee303fcfaf447ffccb0817f1c6a58464837e54
5a6945e969ecf3b81fc8a47ed463b3f3441e54fa77810cbe64ddeea4dc22f29f
GET /assets/postbid/stpd201221.js HTTP/1.1
Host: stpd.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: application/javascript
content-md5: /FnTyG7mivuubIGMmM4B7Q==
last-modified: Fri, 27 Jan 2023 10:52:18 GMT
vary: Origin, Accept-Encoding
x-ms-request-id: b8087e4b-f01e-0008-603d-32e598000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
age: 5327
expires: Sun, 29 Jan 2023 22:23:40 GMT
cache-control: public, max-age=14400
access-control-allow-origin: *
server: cloudflare
cf-ray: 791400172b520afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash c702f00c10d097bd154b92959b685a24
218ad527fc1bf7c9d74c0b9df17fe919107bffd7
4b3a421a71e9eb8011df87a1b7ac48eb5cf258147bfb1e3ff9cc6e37b8a949ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5735
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Last-Modified: Sun, 29 Jan 2023 16:48:06 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash c702f00c10d097bd154b92959b685a24
218ad527fc1bf7c9d74c0b9df17fe919107bffd7
4b3a421a71e9eb8011df87a1b7ac48eb5cf258147bfb1e3ff9cc6e37b8a949ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5762
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Last-Modified: Sun, 29 Jan 2023 16:47:38 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f69c5f43bf99edb53b690cb0bba51efb
e303559ff0956b6bf963b572b17da2a713ce5206
bc95b0a6b8b9a1df9c53272c4324ca1d008699b3da74110efa37ed0118c66181
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.4dex.io/localstore.js
104.26.9.169304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.9.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Sun, 29 Jan 2023 18:23:40 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1472082
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MJPX0KQ5sLDplQ0LnWmjLRKXWXUywYrwYThp59T4djRjYSTEyJmjJafwMHCzp3qcA9Ab9lgKRed9WmWuNXuFeqmOP1%2Bhatv1RVd9AAWDM%2FKklBr8t5c1WpDoGtBDBnR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79140018e97fb4f4-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11163da0a9cc4caa58468b7538fe942f
b35e184afc6413e35a07b56b1370656875942dec
34841bbe495f8bea279be5c41eefbf05c17b47f23becc518cf8832dce0fbac13
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34841BBE495F8BEA279BE5C41EEFBF05C17B47F23BECC518CF8832DCE0FBAC13"
Last-Modified: Sat, 28 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8654
Expires: Sun, 29 Jan 2023 20:47:54 GMT
Date: Sun, 29 Jan 2023 18:23:40 GMT
Connection: keep-alive
id5-sync.com/g/v2/481.json
162.19.138.117200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 162.19.138.117:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4219bf7608ca3b325718f2dc99e60f3c
c6aac0b2c149c6c08b892dc91a3b7c4bca1218f9
5b6346a1fa3d49f180af4be73b17149b1ef81d89e79fcd875a7d2227f83d1ae1
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 315
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 18:23:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
script.4dex.io/adagio.js
104.26.9.169200 OK 23 kB IP 104.26.9.169:0
File type ASCII text, with very long lines (65354)
Hash 532a99fc0eb7b2c50a6bb0e5238b8dbb
d84157eb7e55c39d52ba5dde6e5bd4666f596e71
e6fa5d38f82f6bebf5dba12f2e84db1383827936fe077374593c6285f94e784c
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 18:23:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: 4tOz+34hpDpk86MvU1P78KPKm7a7VIS+MWt8xLldR2VdIdE8oWlfd7P/leRkBx6ZuEdqqsffCFU=
x-amz-request-id: CAW143MYKR71BRQX
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 549015
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJiOoo%2FQFaPK0TnPmYTsa%2BImKzvX2pL7n5%2FlTH676dwLiSDtY5DRgHpRdKMLTAZD7Qb%2FtJ3KBlQGxvcCMf62%2FtX2RGVJVLGyBMYd6b%2BYTvEnCrvqO92HLyBXi6%2FTLVlo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7914001958fbfab8-OSL
Content-Encoding: br
id5-sync.com/g/v2/481.json
162.19.138.117200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 162.19.138.117:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6da28b036a61a137eb824f8fce465798
6778031c740b962a26aecc858ddd3fd85e3847b8
24ba774938c44111a7f25f289226c42d2a8b1a1de77fbb95cb091658329c9e39
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 315
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 18:23:40 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
script.4dex.io/adagio.js
104.26.9.169304 Not Modified 0 B IP 104.26.9.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Sun, 29 Jan 2023 18:23:41 GMT
Connection: keep-alive
x-amz-id-2: 4tOz+34hpDpk86MvU1P78KPKm7a7VIS+MWt8xLldR2VdIdE8oWlfd7P/leRkBx6ZuEdqqsffCFU=
x-amz-request-id: CAW143MYKR71BRQX
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: "c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 549015
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plVSRaNtMFxxFRCkF2UM5vXJGrVTNg%2FFtPAoVHRZWhK5BjFUwXU0T1kv9t4EH9FuWkDc5%2FxhDBHCOfnG7L%2FyB8oxdw0RB%2FIarjljLDKd8s%2BlkYTz1PJ%2FCq48rEAWZgSi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791400198922fab8-OSL
eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=pbs-setupad&endpoint=eu HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 29 Jan 2023 18:23:41 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash 8501df073e195b61b11671c71dc6e517
64f997cf18c9beb1dfd3335c640be61633ee3a6a
65cbdda61019321f2953ea85522407c1242d3239afa4297265329ad72cfbb591
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:41 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.0.157200 OK 632 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (588)
Hash ea5051587f64175e516cfe03d00094d6
bf278fc56c9c6af55820d55b4ed745bade132d68
74e0026a4f5c297569a3540d4f80c5b1165928a8cd2b13f0bfe1c5c18be7c24c
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 1161402
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (18573)
Hash 94594fcb3f1a079c4093f3ad1691f32e
f51766302d80f39bcce23211f347b8ca48a8c798
0ca34a92ce6068d9c5760c075a3a533a2bd978fa325172d1616233370c64cb75
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Sun, 29 Jan 2023 00:30:00 GMT
Content-Encoding: gzip
Content-Length: 10036
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=21948
Expires: Mon, 30 Jan 2023 00:29:29 GMT
Date: Sun, 29 Jan 2023 18:23:41 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5ee05fe823fce57908ccd7fba4dadb17
ef10cdd25c0f26abb95bcc0547296400bab4dbca
4adb07719ce3db8f218d9ae47b426b8d5244146e7a0e79451592cc5cb61de069
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3623
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:41 GMT
Last-Modified: Sun, 29 Jan 2023 17:23:18 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash 8501df073e195b61b11671c71dc6e517
64f997cf18c9beb1dfd3335c640be61633ee3a6a
65cbdda61019321f2953ea85522407c1242d3239afa4297265329ad72cfbb591
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:41 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=2207523950
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=2207523950
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=32&wv=4.21.0-pre&cb=2207523950 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 354
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://sharemods.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fb826c48e28e596cf8bad7329a3f883
4cd1271de1565b1ebadc20c0e1f737cc36e76d33
ff5b0a0dce610b20a48d131fbf373779c1224359525b7e281c3760a0a8b4423b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF5B0A0DCE610B20A48D131FBF373779C1224359525B7E281C3760A0A8B4423B"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3258
Expires: Sun, 29 Jan 2023 19:17:59 GMT
Date: Sun, 29 Jan 2023 18:23:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fb826c48e28e596cf8bad7329a3f883
4cd1271de1565b1ebadc20c0e1f737cc36e76d33
ff5b0a0dce610b20a48d131fbf373779c1224359525b7e281c3760a0a8b4423b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF5B0A0DCE610B20A48D131FBF373779C1224359525B7E281C3760A0A8B4423B"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3258
Expires: Sun, 29 Jan 2023 19:17:59 GMT
Date: Sun, 29 Jan 2023 18:23:41 GMT
Connection: keep-alive
ib.adnxs.com/ut/v3/prebid
185.89.210.20200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.20:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 945
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: e1e0fdc5-6c36-4117-8db3-c7ba8083eaa3
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
185.89.210.20200 OK 140 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.20:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f0a076b5bc10ab23db5347372481e8d6
061e1ae96912ffc1e5114389a3f29bf1b20ae3bb
93dd3dcad685b0763d4e0e348c0dd6455a4824a4efc655ec0d17ca980fda4911
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 945
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 140
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: b3b1a5c0-eb22-478a-a935-70b19a4c5da8
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b9217c86404013063f75bb2fb56cea74
8b460df713d52301f59b0c583210ed27dda8ec4e
74400246b2e8ce8b9b3a6289a2e8f35c854347383998c905ebd68c69931b8add
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5137
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:41 GMT
Last-Modified: Sun, 29 Jan 2023 16:58:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2ae92259ec035172729f1aa2db9ffb15
52f63e1a41cff5e2a332084c90a2732d71b44957
43ba154d0c583ea8473701dfe181f636be5df7c93e3d2b25def035696abef46c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3143
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:41 GMT
Last-Modified: Sun, 29 Jan 2023 17:31:19 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 313
bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=61864839573
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=61864839573
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=32&wv=4.21.0-pre&cb=61864839573 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 353
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://sharemods.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 760
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: max-age=0, private, must-revalidate
date: Sun, 29 Jan 2023 18:23:40 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 756
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: max-age=0, private, must-revalidate
date: Sun, 29 Jan 2023 18:23:40 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.20200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.20:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 945
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: e037c28c-8943-4926-b68e-1be78702ba96
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b9217c86404013063f75bb2fb56cea74
8b460df713d52301f59b0c583210ed27dda8ec4e
74400246b2e8ce8b9b3a6289a2e8f35c854347383998c905ebd68c69931b8add
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5137
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:41 GMT
Last-Modified: Sun, 29 Jan 2023 16:58:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-15082559-23&cid=984468325.1675016629&jid=357879905&gjid=960863995&_gid=1567764493.1675016629&_u=YEBAAUAAAAAAACAAI~&z=1956678550
173.194.73.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-15082559-23&cid=984468325.1675016629&jid=357879905&gjid=960863995&_gid=1567764493.1675016629&_u=YEBAAUAAAAAAACAAI~&z=1956678550
IP 173.194.73.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-15082559-23&cid=984468325.1675016629&jid=357879905&gjid=960863995&_gid=1567764493.1675016629&_u=YEBAAUAAAAAAACAAI~&z=1956678550 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://sharemods.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 29 Jan 2023 18:23:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.20200 OK 325 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.20:0
Hash 075043f621063019e4f48fa033e6be25
45912634a845b4d61f1a77d2bd6c715c4f9da685
b5cc45dccdef14de1d188e19d78069153cf7e6ac9fc4f43a53fa41282b2e614c
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 944
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: a1d654d1-14c1-4258-a189-a66e145efb29
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 595
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 18:23:41 GMT
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 580c380d6f8d002d96ae71ae5860947a
54a9e4fb2359186af113e1a488f71cee7f82454e
fb10e684c3201177c8f902521ea611b1ebad96b31651416ba54a9dfeddc9bf94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1829
Cache-Control: max-age=93315
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:41 GMT
Etag: "63d57c0b-1d7"
Expires: Mon, 30 Jan 2023 20:18:56 GMT
Last-Modified: Sat, 28 Jan 2023 19:48:27 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 673b3376c8d09e8b7b6559f118c9c8a9
7c9bbb4dd4a5b36424e357a64734c27698898e63
c8185d7be91fd2aec27ef692ad62581187d99f8d80249f48c096171e4fa0f2f5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 18:23:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 14:03:28 GMT
Expires: Sat, 04 Feb 2023 14:03:27 GMT
Etag: "7c9bbb4dd4a5b36424e357a64734c27698898e63"
Cache-Control: max-age=502185,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7914001a6ad61c0a-OSL
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 594
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 18:23:41 GMT
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1056
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
date: Sun, 29 Jan 2023 18:23:39 GMT
X-Firefox-Spdy: h2
api.btloader.com/pv?tid=w0Hc77SWiM&w=5737349457641472&o=5646025299591168&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&sid=brG4TmTj1F&upapi=true
130.211.23.194204 No Content 0 B URL HTTP/2 api.btloader.com/pv?tid=w0Hc77SWiM&w=5737349457641472&o=5646025299591168&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&sid=brG4TmTj1F&upapi=true
IP 130.211.23.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?tid=w0Hc77SWiM&w=5737349457641472&o=5646025299591168&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&sid=brG4TmTj1F&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Sun, 29 Jan 2023 18:23:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.btloader.com/country
130.211.23.194200 OK 16 B IP 130.211.23.194:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 452880c1a375b8fba8c9499f0930d05f
ffe5484a23512c2a574d837fe2d3267b134e48c8
8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d
GET /country HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Sun, 29 Jan 2023 18:23:41 GMT
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.0.157200 OK 22 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 91d4898f938e4920ac88f87453b33933
1bd4a04303c2501101656075ad8304e1a84eb91e
93ecc6762eafd376cbe2fd18250fa9f12c90f9a86b481430ef29ec40716d8f35
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 485444
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=1313142430184606.2&tz=0&fl=0&rr=direct&s=2544233&bidid=1856609131f2c1e8&transactionid=74f4adb7-b46a-4b23-bfb6-cffbc0890745&auctionid=f3a8aae6-a27d-498f-a384-b9e7d0cd5ea1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=1313142430184606.2&tz=0&fl=0&rr=direct&s=2544233&bidid=1856609131f2c1e8&transactionid=74f4adb7-b46a-4b23-bfb6-cffbc0890745&auctionid=f3a8aae6-a27d-498f-a384-b9e7d0cd5ea1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=1313142430184606.2&tz=0&fl=0&rr=direct&s=2544233&bidid=1856609131f2c1e8&transactionid=74f4adb7-b46a-4b23-bfb6-cffbc0890745&auctionid=f3a8aae6-a27d-498f-a384-b9e7d0cd5ea1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=1313142430184606.2&tz=0&fl=0&rr=direct&s=2544233&bidid=1856609131f2c1e8&transactionid=74f4adb7-b46a-4b23-bfb6-cffbc0890745&auctionid=f3a8aae6-a27d-498f-a384-b9e7d0cd5ea1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Mon, 29 Jan 2024 18:23:42 GMT; Path=/; Domain=.betweendigital.com
tuuid=21ba6fbc-4012-521d-9d29-b9f0feff005e; Max-Age=31536000; Expires=Mon, 29 Jan 2024 18:23:42 GMT; Path=/; Domain=.betweendigital.com
ut=Y9a5rgAG6YhUD1Hbv-NDiprEqNyztgwFHEdeAQ==; Max-Age=31536000; Expires=Mon, 29 Jan 2024 18:23:42 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash 8501df073e195b61b11671c71dc6e517
64f997cf18c9beb1dfd3335c640be61633ee3a6a
65cbdda61019321f2953ea85522407c1242d3239afa4297265329ad72cfbb591
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:41 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.4dex.io/localstore.js
104.26.9.169304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 104.26.9.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Sun, 29 Jan 2023 18:23:41 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1472083
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSO8VZHVxP%2FGOeoNIeabOOtiPY7PZmvDET%2Frr9tcx1FdQEUnjOP8DY2TCYqdyqpRClsJVEYOTJblbIfNEqZYEqLNIJzTc19PIaJQ6L%2BLU6NoV2kcoArOVKtLjxUP7jhO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7914001b1d17b4f4-OSL
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=kR8sM19sZWxubTB5YTl4azk1TmhwSkZEa1RJTFJibDBxMjQ5RVlzR29pZlRXaXdCN0Y4TWxDaWxsckUlMkZMVnM3JTJGVSUyRko2RDQ0Q1Vnc3RtSVNadkpqN0xNa3JpZnVRRE1nU3RuOVY4eHkxbjdjWjJ3WERZZlVVbFEySTJKaUc3S1ZQaE8lMkZs&cw=1&lsw=1
178.250.0.157200 OK 22 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=kR8sM19sZWxubTB5YTl4azk1TmhwSkZEa1RJTFJibDBxMjQ5RVlzR29pZlRXaXdCN0Y4TWxDaWxsckUlMkZMVnM3JTJGVSUyRko2RDQ0Q1Vnc3RtSVNadkpqN0xNa3JpZnVRRE1nU3RuOVY4eHkxbjdjWjJ3WERZZlVVbFEySTJKaUc3S1ZQaE8lMkZs&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 91d4898f938e4920ac88f87453b33933
1bd4a04303c2501101656075ad8304e1a84eb91e
93ecc6762eafd376cbe2fd18250fa9f12c90f9a86b481430ef29ec40716d8f35
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=kR8sM19sZWxubTB5YTl4azk1TmhwSkZEa1RJTFJibDBxMjQ5RVlzR29pZlRXaXdCN0Y4TWxDaWxsckUlMkZMVnM3JTJGVSUyRko2RDQ0Q1Vnc3RtSVNadkpqN0xNa3JpZnVRRE1nU3RuOVY4eHkxbjdjWjJ3WERZZlVVbFEySTJKaUc3S1ZQaE8lMkZs&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 391153
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.20200 OK 470 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.20:0
File type JSON data\012- , ASCII text, with very long lines (470), with no line terminators
Hash 699e36c480071c258d60c9db5705df89
34036b8658c963fcf366d3cab2e70c9624154a0a
accf9192e12167a4ec2bc5637716f74c19b68d010d5284ebc1bf82287dfbe946
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1936
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 470
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 850c2e63-7f0e-454e-a3ac-0a8cf1b1cc4d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1129
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 29 Jan 2023 18:23:41 GMT
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.20200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.20:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1941
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: a3ffbcdd-a0fa-4ec0-94d0-26597b174d60
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1589
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: max-age=0, private, must-revalidate
date: Sun, 29 Jan 2023 18:23:40 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=81846746509
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=81846746509
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=32&wv=4.21.0-pre&cb=81846746509 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 939
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:41 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://sharemods.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e3cd729a1a6f39ffc45c14fc1f586f96
e3dbf39e7eeda40a88655bcd40c8a8ac3f7bc000
ad028b19715d61b4a7310e24ae379e37679aa6e82b04c5bc880d19a9b4331f79
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 18:23:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 12:31:16 GMT
Expires: Fri, 03 Feb 2023 12:31:15 GMT
Etag: "e3dbf39e7eeda40a88655bcd40c8a8ac3f7bc000"
Cache-Control: max-age=410253,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7914001a8e641c12-OSL
prg.smartadserver.com/prebid/v1
185.86.138.121200 OK 577 B URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.138.121:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- , ASCII text, with very long lines (1190), with no line terminators
Hash 603b091a1a5be434cb82dedb94f63c6e
7f74c86e7848f354e06f39c7653e5f555465b90c
0506c147ca786accad105c2c06114f41f2c92db751832f67ccc24cdbdc142c27
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 578
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sun, 29 Jan 2023 18:23:40 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Mon, 29 Jan 2024 18:23:41 GMT; domain=.smartadserver.com; path=/
vs=327264=5300303; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Mon, 29 Jan 2024 18:23:41 GMT; domain=.smartadserver.com; path=/
pid=5588417949103214510; expires=Mon, 29 Jan 2024 18:23:41 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638106134213319881&o=1; expires=Mon, 30 Jan 2023 18:23:41 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Mon, 30 Jan 2023 18:23:41 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e3cd729a1a6f39ffc45c14fc1f586f96
e3dbf39e7eeda40a88655bcd40c8a8ac3f7bc000
ad028b19715d61b4a7310e24ae379e37679aa6e82b04c5bc880d19a9b4331f79
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 18:23:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 12:31:16 GMT
Expires: Fri, 03 Feb 2023 12:31:15 GMT
Etag: "e3dbf39e7eeda40a88655bcd40c8a8ac3f7bc000"
Cache-Control: max-age=410253,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7914001bad381c0a-OSL
rtb.adxpremium.services/openrtb2/auction
185.106.140.18400 Bad Request 69 B URL HTTP/1.1 rtb.adxpremium.services/openrtb2/auction
IP 185.106.140.18:0
Hash 44cb4c4df8fff2ff6db15392639f1260
3d5e4e46c840169413eaa9052ec516a8f4120f1c
432d55e02a9db801a90caab4a06dd441d8d02fb2428e453c20f0331cfc8d136f
POST /openrtb2/auction HTTP/1.1
Host: rtb.adxpremium.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 820
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx
Date: Sun, 29 Jan 2023 18:23:41 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 69
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Vary: Origin
X-Prebid: pbs-go/unknown
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2042
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
date: Sun, 29 Jan 2023 18:23:39 GMT
X-Firefox-Spdy: h2
rtb.adxpremium.services/openrtb2/auction
185.106.140.18400 Bad Request 138 B URL HTTP/1.1 rtb.adxpremium.services/openrtb2/auction
IP 185.106.140.18:0
Hash 5f78c751d01f494ae8e01aadcc631379
b2dda869fe1ef0bf1ffde8b9e0baffb9bb7d6f05
4435a89c97521b357804146d7d466c6dce236fb8438804918cf2a7758f912f94
POST /openrtb2/auction HTTP/1.1
Host: rtb.adxpremium.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1447
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx
Date: Sun, 29 Jan 2023 18:23:41 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 138
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Vary: Origin
X-Prebid: pbs-go/unknown
c.amazon-adsystem.com/aax2/apstag.js
54.230.111.210200 OK 47 kB URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 54.230.111.210:0
Hash d63fb9ecb5ee19d2460f3dd73bdab444
66dca9d937dd75ebe67eab37f2f37bfa35fcecad
a7463a5dd20aff5f8d1d38f17b093954cd51390e47969619696eee9050a1a1db
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 29 Jan 2023 17:25:16 GMT
last-modified: Wed, 25 Jan 2023 21:28:25 GMT
etag: W/"8a6d0f2d51de2b80e524e04684f71215"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront), 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1, OSL50-P1
x-amz-cf-id: 8K_ltQxcAo6z9pNykd3gT-qW7pSRZmw68fOb9jVp7fhQMYsTDSRjXg==
age: 3506
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsharemods.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
54.230.111.210200 OK 1.3 kB URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsharemods.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
IP 54.230.111.210:0
File type JSON data\012- , ASCII text, with very long lines (1326), with no line terminators
Hash a86f964d95b83df6b8761dec3895fb28
b465f383b2efebd9306004bb7be1a915034378cb
f641e0e13e7d72f53b3406ad9a493a013eca8c7efff120e60153c978a13bea2b
GET /cdn/prod/config?src=600&u=https%3A%2F%2Fsharemods.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
content-length: 1326
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Sun, 29 Jan 2023 14:22:02 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HjeTWiz5MRoUpyxzLhzkvlH6KIxMvAroxDEv4XNXG4n4yJNkEnQg6Q==
age: 14499
X-Firefox-Spdy: h2
bid.contextweb.com/header/ortb?src=prebid
198.148.27.133204 No Content 0 B URL HTTP/2 bid.contextweb.com/header/ortb?src=prebid
IP 198.148.27.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /header/ortb?src=prebid HTTP/1.1
Host: bid.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 731
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-no-bid-reason: Passback by decision
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-expose-headers: Access-Control-Allow-Origin
x-envoy-upstream-service-time: 3
date: Sun, 29 Jan 2023 18:23:41 GMT
server: envoy
X-Firefox-Spdy: h2
bid.contextweb.com/header/ortb?src=prebid
198.148.27.133204 No Content 0 B URL HTTP/2 bid.contextweb.com/header/ortb?src=prebid
IP 198.148.27.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /header/ortb?src=prebid HTTP/1.1
Host: bid.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 727
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-no-bid-reason: Passback by decision
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-expose-headers: Access-Control-Allow-Origin
x-envoy-upstream-service-time: 0
date: Sun, 29 Jan 2023 18:23:41 GMT
server: envoy
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash a6d5138adc575cfa0ad0a1a8c8cb8947
cbc8f40df06efc26094f5c19122b555b14dc0d41
e09c7cf8423058e45ab041b8ac023f7f4be8242d21e1c53ec908139543080c25
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3234
Cache-Control: max-age=155239
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:41 GMT
Etag: "63d66872-118"
Expires: Tue, 31 Jan 2023 13:31:00 GMT
Last-Modified: Sun, 29 Jan 2023 12:37:06 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
23.46.116.133200 OK 17 kB URL HTTP/2 secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
IP 23.46.116.133:0
File type Unicode text, UTF-8 text, with very long lines (36525), with NEL line terminators
Hash 65875d9adc4599663a61e744c57d3e08
da7689e79bd92cd1c676badf0fb897f045d48653
830050c7e3b735c29efa65defb4de8dc42969a8cbb12e520479f9d067a90f4bf
GET /js/pubcid/latest/pubcid.min.js HTTP/1.1
Host: secure.cdn.fastclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Thu, 13 Oct 2022 18:14:48 GMT
etag: "d4ed-5eaee7c12df48-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 17131
content-type: application/javascript
cache-control: max-age=900
expires: Sun, 29 Jan 2023 18:38:41 GMT
date: Sun, 29 Jan 2023 18:23:41 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&pid=TnwXGeTQExNqU&cb=0&ws=336x150&v=23.123.1617&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1675016629100-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22300x300%22%2C%22336x280%22%2C%22320x320%22%5D%2C%22sn%22%3A%22%2F147246189%2C21696195204%2Fsharemods.com_336x280_1%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
54.230.241.131200 OK 193 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&pid=TnwXGeTQExNqU&cb=0&ws=336x150&v=23.123.1617&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1675016629100-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22300x300%22%2C%22336x280%22%2C%22320x320%22%5D%2C%22sn%22%3A%22%2F147246189%2C21696195204%2Fsharemods.com_336x280_1%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash b248a666cc8937132a2fe02d5b38050d
055a4e059e1513c175eb66fa46edfadef523cc9e
ad812d846e127baf14db46ce2d3cf0b0bd64c3ecdeb17e0ca4c956d40582492d
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&pid=TnwXGeTQExNqU&cb=0&ws=336x150&v=23.123.1617&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1675016629100-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22300x300%22%2C%22336x280%22%2C%22320x320%22%5D%2C%22sn%22%3A%22%2F147246189%2C21696195204%2Fsharemods.com_336x280_1%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 193
server: Server
date: Sun, 29 Jan 2023 18:23:41 GMT
x-amz-rid: T1BYR6Q1SR72W351S3SY
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KtVWNddGRARlCgAOd3HdF-5OviVUXI1AhJptTsOJckDm1HtEz-kO8w==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.id5-sync.com/api/1.0/id5-api.js
104.22.52.86200 OK 17 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 104.22.52.86:0
File type ASCII text, with very long lines (58744)
Hash 40a7e87eeb35c3c3b3044bc156c57435
ddaf8e12c1f5c565da8851e4fe36ae90c5dd22ac
3691ec8edc82cefd5462f3402fa47a765b48332412ba0004a6259b35aae9ccdd
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:41 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: CO+cPK9MlXQ+Pp7rzr8UBe9jXf3QVRyCEIXUUj0WHfDV3zQVrjcz3bOmEOU9iBqkaS9ucJx5v/0=
x-amz-request-id: H722FXZ7MH4EZWKX
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 809
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7914001e6da2b4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=sharemods.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=sharemods.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharemods.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 18:23:41 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=sharemods.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=sharemods.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharemods.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 18:23:41 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=sharemods.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=sharemods.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharemods.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 18:23:41 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=sharemods.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=sharemods.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharemods.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 18:23:41 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=sharemods.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=sharemods.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharemods.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 29 Jan 2023 18:23:41 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b7da7d1d3e5880d5d4e313ac7fcf2a83
60a1e887ccb7c7cdae0035c65ef7df9908547fef
af17efcd17df50324c29cff05cea79f18cba79f6b1134ec0e6d1637759b5e895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11667
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 18:23:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11667
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 18:23:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11667
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 18:23:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:24:09 GMT
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
age: 46773
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11667
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 18:23:42 GMT
Connection: keep-alive
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
54.230.111.210200 OK 11 kB URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 54.230.111.210:0
Hash 0781829afa80a8e98ca3c61b4dfa0fc9
c8a356bbe0f6301ed4926a0d32aa5752de178bef
918eed206616aa10f190ae426d3495cd1d359b1d2862b38a5b5998d3395c54b4
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 08:29:36 GMT
cache-control: public, max-age=86400
etag: W/"a4d296427fc806b21335359e398c025c"
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5WOJKLBoxnQiI1kAFITD3UAoyx9cYvNd-itij4jM-_5UIqc-7Qf_mw==
age: 35651
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 2866
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167a00fc-5c65-46d1-816e-da9e473736e3.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167a00fc-5c65-46d1-816e-da9e473736e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e7433eb3123a1f9b14507c78e38e7b9
fef8b905b580999963758a56be9c3226697929a2
895298ddf6822e9f95e10fe17c1ade0b0782c3753e96eab8a3798df5ba969dbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167a00fc-5c65-46d1-816e-da9e473736e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6518
x-amzn-requestid: 6e9c624a-2036-4161-ad9e-1c66068e3eb1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPHz0HmsoAMFljA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf867e-011e1c43072a8dfa22af6e88;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:19:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q1ZzG8pFadpyekXKMIv_GJZ-_rPBBBvvfVXSXLbSQVLhPETx6Eomvw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:47 GMT
age: 74215
etag: "fef8b905b580999963758a56be9c3226697929a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11667
Expires: Sun, 29 Jan 2023 21:38:09 GMT
Date: Sun, 29 Jan 2023 18:23:42 GMT
Connection: keep-alive
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675016630519&d=9784&wsc=00&typ=embed&mobile=0&c=44
87.98.235.235200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675016630519&d=9784&wsc=00&typ=embed&mobile=0&c=44
IP 87.98.235.235:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1675016630519&d=9784&wsc=00&typ=embed&mobile=0&c=44 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Sunday, 29-Jan-2023 18:23:42 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:12:28 GMT
age: 69074
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 57 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 57116, version 1.0\012- data
Hash 0df839703cae7648ea76e7525842ec83
1220ca1a9f7fb2f27f0249fdcc31e29636e48e9b
1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2
GET /s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://cdn.onnetwork.tv/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 57116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 18:34:26 GMT
expires: Sat, 27 Jan 2024 18:34:26 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 21 Sep 2021 23:13:54 GMT
content-type: font/woff2
age: 172156
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D2ZAelkDgsd0wjoOSoPRwTzhozs84_aIcgwU-QmbDrTnHztVD0VL_A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:26:16 GMT
age: 46646
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ac90ffd878b472806f23d4df5b899c8f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
142.250.74.97200 OK 2.7 kB URL HTTP/2 ac90ffd878b472806f23d4df5b899c8f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html?n=2 HTTP/1.1
Host: ac90ffd878b472806f23d4df5b899c8f.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sun, 29 Jan 2023 18:23:42 GMT
expires: Mon, 29 Jan 2024 18:23:42 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012501&st=env
142.250.74.98200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012501&st=env
IP 142.250.74.98:0
File type JSON data\012- , ASCII text, with very long lines (14962), with no line terminators
Hash 8e8b3ddf804bf14b136ef68a03a06b79
92a799aee57020e33b114aaab0e8dd6aab4da3b3
9333612e0c3dd0f7295288f80e544006f29152d3ac6c8dfb8f627c65da7b3ea4
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023012501&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 29 Jan 2023 18:23:42 GMT
server: cafe
content-length: 11295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b279d00e3fe506fa55ae410fca0c901
c88d705cf5d6d692ec6104dcc4690c8817afebab
11f31abefac6551a99c0d4fc1fcb303b678cc50b7616d5cdb53c0a6382f024a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11F31ABEFAC6551A99C0D4FC1FCB303B678CC50B7616D5CDB53C0A6382F024A5"
Last-Modified: Sat, 28 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8697
Expires: Sun, 29 Jan 2023 20:48:39 GMT
Date: Sun, 29 Jan 2023 18:23:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7b279d00e3fe506fa55ae410fca0c901
c88d705cf5d6d692ec6104dcc4690c8817afebab
11f31abefac6551a99c0d4fc1fcb303b678cc50b7616d5cdb53c0a6382f024a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11F31ABEFAC6551A99C0D4FC1FCB303B678CC50B7616D5CDB53C0A6382F024A5"
Last-Modified: Sat, 28 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8697
Expires: Sun, 29 Jan 2023 20:48:39 GMT
Date: Sun, 29 Jan 2023 18:23:42 GMT
Connection: keep-alive
ef91bc542a097c901f1bca2d1e70cabb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
142.250.74.97200 OK 2.7 kB URL HTTP/2 ef91bc542a097c901f1bca2d1e70cabb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html?n=2 HTTP/1.1
Host: ef91bc542a097c901f1bca2d1e70cabb.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sun, 29 Jan 2023 18:23:42 GMT
expires: Mon, 29 Jan 2024 18:23:42 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fc40ca942955df930d515c73473472fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 2.7 kB URL HTTP/2 fc40ca942955df930d515c73473472fe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: fc40ca942955df930d515c73473472fe.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sun, 29 Jan 2023 18:23:42 GMT
expires: Mon, 29 Jan 2024 18:23:42 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 16079991629b5f277cf7fd803c583f4f
6526913d5033fc6262f3648a8aeb5c6875b19578
9732808d0b5e570381b2f610518abae0eb9de852f65952c5919a116fe3a20600
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 278
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:42 GMT
Last-Modified: Sun, 29 Jan 2023 18:19:04 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
lb.eu-1-id5-sync.com/lb/v1
162.19.138.120200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 162.19.138.120:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ddd1ec31a9fcd2cdfa6de38690b95136
42a8410fe1a99f0bae461ab314a09b9226a0a54d
efb49beb881f0cefce9fba955ad611fec88f65998e6310ace6d831fde973c555
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 18:23:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.97200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.97:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 29 Jan 2023 18:23:42 GMT
expires: Sun, 29 Jan 2023 18:23:42 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lbs.eu-1-id5-sync.com/lbs/v1
162.19.138.83200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP 162.19.138.83:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c04b9ad2fa88c54b12558fb83b226f20
85464eb5121127dd494a96e9c8e0cf9f2b799cfb
f46d1088d09eaa592a494f9dbcbd91d86025762af60dc204f51eff6864ef12ee
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sun, 29 Jan 2023 18:23:42 GMT
access-control-allow-origin: https://sharemods.com
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
bcp.crwdcntrl.net/6/map
52.49.185.121200 OK 60 B IP 52.49.185.121:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4377d1510601d3c2d5065e7bc478474e
24fc915e35494e26666841c0e9c980f0ba91155b
686e6805f697f5ec405c7731307117c2ccc146fa33ba25d725e5313a037abfb3
POST /6/map HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 50
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: application/json;charset=utf-8
content-length: 60
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.7.207
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
142.250.74.98200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
IP 142.250.74.98:0
File type JSON data\012- , ASCII text, with very long lines (14842), with no line terminators
Hash 726572cbc820441e7569af49c0157e90
073f6939c05bb45a850522200f945bbe714c1543
2223a2dcb468ddb00165bd071bc4c3f0cbf1980b0dd2f22275336e8b7f3a3efa
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 29 Jan 2023 18:23:42 GMT
server: cafe
content-length: 11207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/hls.min.js
151.101.1.229200 OK 93 kB URL HTTP/2 cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/hls.min.js
IP 151.101.1.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4cc4caf7724584aecce10a3465661f1c
199035cd38640b65c11e61429fade2c5c4f2e213
7b6e0377389650e55abb7aec33aa43be7fbc522c2abb1f9a2e3413bcae7019d5
GET /npm/hls.js@1.1.3/dist/hls.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.1.3
x-jsd-version-type: version
etag: W/"4eaf2-/CwIB8b0ZgFLVgmQTHnomAXuiz4"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 29 Jan 2023 18:23:42 GMT
age: 8350436
x-served-by: cache-fra-eddf8230138-FRA, cache-bma1643-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 92753
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 622fef0135648b055d1691ae97508eff
535c21115ccc50934d06c70e153df6ae542f1b5c
a66508fe21cab04638a3988ee90babe52167f0399a5440e329cf397182c813b4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id5-sync.com/g/v2/481.json
162.19.138.117200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 162.19.138.117:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 48194ddabcc428e7f44ace4b88a576dc
cc03a93ae31f5c6d9dbd768432396d3c28ec0f17
5e5e779cbde6a454e6ff165ced3e6a0b6139201471e313ebf2b59d018c3c570d
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 496
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 29 Jan 2023 18:23:41 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain
67.220.228.203302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain
IP 67.220.228.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Sun, 29 Jan 2023 18:23:42 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: CDQ12B7321S3BKSKJY88
Set-Cookie: ad-id=A-8MzRG1gUv9i5l4c7jlEUk|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 18:23:42 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
cdn.onnetwork.tv/js/player86/player_utils.js?s=1674995118
87.98.235.235200 OK 8.3 kB URL HTTP/2 cdn.onnetwork.tv/js/player86/player_utils.js?s=1674995118
IP 87.98.235.235:0
File type ASCII text, with very long lines (2020)
Hash 49dcfbdc790adb1159cca9e5e6ad75c1
43c9445ea318bade19e0510ccf94fce2ff843f12
6f88763c0999a8c99fe53585342cfe6ae471ecf72bf7ae68bb5968b76da00352
GET /js/player86/player_utils.js?s=1674995118 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: application/javascript
last-modified: Sun, 29 Jan 2023 12:25:18 GMT
vary: Accept-Encoding
etag: W/"63d665ae-2cde"
expires: Thu, 17 Aug 2023 18:23:42 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/bg/o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js
142.250.74.98200 OK 14 kB URL HTTP/2 pagead2.googlesyndication.com/bg/o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (35756)
Hash 35140d94f445a831d30781b8adcf5d51
6c87c844332042a520158f20791a2a450e411439
2cd84ad1068050b649d6f5c6600cf0e79fd1983ff5979b695f987337ac4edfd5
GET /bg/o7PJ4mencrJpfBYBJyNLdqHy4_8T8e3TraCPfA4Fn-I.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 20:30:33 GMT
expires: Tue, 23 Jan 2024 20:30:33 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 19 Jan 2023 11:48:00 GMT
content-type: text/javascript
age: 510789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 30 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
Hash b56e564c6f037deadb52d1e0ce64fbcc
1b35cf1d23b6a0da72d76d9c0ebfc3df4578a788
82e008743b0a14bb7adf1834be78991dbf316be55c4a9002adeac8c2f2f7f764
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-162fb"
expires: Mon, 30 Jan 2023 18:23:42 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 2939f1986ef44e9af19f6cccba9656f2
a07cd57fca9603a75dbc698a14b7face2a132390
55abab16cade00d91ec7fe71dbda5f7be4f0fd8050e975a0810058f71492c186
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 18:23:42 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0861D62009B2344EA7B48831952F13F1B2EE53AC"
Expires: Mon, 30 Jan 2023 05:00:00 GMT
Last-Modified: Sun, 29 Jan 2023 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2161
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79140021cbef0b45-OSL
aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain&dcc=t
67.220.228.203200 OK 64 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain&dcc=t
IP 67.220.228.203:0
File type HTML document, ASCII text
Hash be99f9f8ced5e5eb1f9721d861712f89
4291ee98f7ce20471796ec89961abb1acb2af1d8
f17fe415b91a13ea86b93344389e18c996384323ca3c2f4267b18c96b8314a12
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Sun, 29 Jan 2023 18:23:42 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 64
Connection: keep-alive
x-amz-rid: XTQ43RGYR38H03BV580Y
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
142.250.74.74200 OK 30 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (3448)
Hash c07b9ad75840734471c894f19ec1a5d4
e7961cbda33facd68e559950952d6672163cece6
ccb3ed445806bad2a91194b8e19ab83ff19e616dec62685741e214125987f690
GET /js/sdkloader/gpt_proxy.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 29703
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 18:22:30 GMT
expires: Sun, 29 Jan 2023 18:37:30 GMT
cache-control: public, max-age=900
age: 72
last-modified: Thu, 26 Jan 2023 19:32:55 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.onnetwork.tv/css/player86.css?s=1673963806
87.98.235.235200 OK 138 kB URL HTTP/2 cdn.onnetwork.tv/css/player86.css?s=1673963806
IP 87.98.235.235:0
File type Unicode text, UTF-8 text, with very long lines (1227)
Size 138 kB (137457 bytes)
Hash 41c41b98d53620888e1584b7d891e7e7
90e059dfee8bc942615a834d08773ec417aa9870
3f0bd985371da02476051ea77d538ad5f463bb8a26f431686d287e447251622e
GET /css/player86.css?s=1673963806 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: text/css
last-modified: Tue, 17 Jan 2023 13:56:46 GMT
vary: Accept-Encoding
etag: W/"63c6a91e-b317"
expires: Thu, 17 Aug 2023 18:23:42 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
adx.adform.net/adx/?rp=4&bWlkPTUzMzM5OCZ0cmFuc2FjdGlvbklkPTc0ZjRhZGI3LWI0NmEtNGIyMy1iZmI2LWNmZmJjMDg5MDc0NQ%3D%3D&pt=gross&stid=f3a8aae6-a27d-498f-a384-b9e7d0cd5ea1&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjAyNjJjY2M1LWFmZjYtNDhjNi05ZjM1LTU0ZjBjNzFiMDljMCI6WzFdfX0%3D
37.157.5.141200 OK 13 kB URL HTTP/2 adx.adform.net/adx/?rp=4&bWlkPTUzMzM5OCZ0cmFuc2FjdGlvbklkPTc0ZjRhZGI3LWI0NmEtNGIyMy1iZmI2LWNmZmJjMDg5MDc0NQ%3D%3D&pt=gross&stid=f3a8aae6-a27d-498f-a384-b9e7d0cd5ea1&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjAyNjJjY2M1LWFmZjYtNDhjNi05ZjM1LTU0ZjBjNzFiMDljMCI6WzFdfX0%3D
IP 37.157.5.141:0
Hash a8fc38497736be7a7d7bc6ffe470fba1
7a69163c6dd581e4934756765185846af76ff326
048227aa97ffd510a611be4c06d701fb9af49c331d22745edd7ed57c6e687267
GET /adx/?rp=4&bWlkPTUzMzM5OCZ0cmFuc2FjdGlvbklkPTc0ZjRhZGI3LWI0NmEtNGIyMy1iZmI2LWNmZmJjMDg5MDc0NQ%3D%3D&pt=gross&stid=f3a8aae6-a27d-498f-a384-b9e7d0cd5ea1&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjAyNjJjY2M1LWFmZjYtNDhjNi05ZjM1LTU0ZjBjNzFiMDljMCI6WzFdfX0%3D HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 18:23:41 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://sharemods.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
216.58.207.228200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 7bc03d907326c6db8815db2de5f28796
fa9101457f0e9dfa6cc1c342e5e9f20010619dd0
ea313de95cc3272ffe3d5dd602dfd6a20a6b9f2e1dd3b8f6654e7326b1522402
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 29 Jan 2023 18:23:42 GMT
date: Sun, 29 Jan 2023 18:23:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-Czri0oDNpuDzuhLREm4A7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
216.58.207.228200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 71fffddd5109fe3124b5677dae85e9a0
194c63859b5ce2ebbdcd7e9d296e66dd0f0c828a
c39a6e456c51607564ad776c751a8bd359483ee73d6ff9144f4f73079040a90f
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 29 Jan 2023 18:23:42 GMT
date: Sun, 29 Jan 2023 18:23:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-6Y9sRdfhbY-cYb1YMJpWqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
IP 142.250.74.131:0
Hash ea1bffe8040f6c1679f6c050c3c54fbe
bde2939c6663099b71ee67a4c871dd7c76f57e6f
727f75deef34436b5842893143fb405f54eb211f8e3f330a0c19557626e1903c
POST /s/gts1d4/0-8iGxjpB1Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.prod.uidapi.com/uid2SecureSignal.js
54.230.82.163200 OK 1.9 kB URL HTTP/1.1 cdn.prod.uidapi.com/uid2SecureSignal.js
IP 54.230.82.163:0
File type ASCII text, with very long lines (1859), with no line terminators
Hash aded621b17723f487b3c9d0e43cf2f94
90fbec381aa4a6ae2a2bb37eb082291432a1ab18
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
GET /uid2SecureSignal.js HTTP/1.1
Host: cdn.prod.uidapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1859
Connection: keep-alive
Date: Sun, 29 Jan 2023 04:07:51 GMT
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
ETag: "aded621b17723f487b3c9d0e43cf2f94"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MSW6438gUAo1dH-a2gF3xWkK45Hum9HkaI8p6aqfBQ1CetCOZHKc-g==
Age: 51352
oa.openxcdn.net/esp.js
34.102.146.192200 OK 7.9 kB IP 34.102.146.192:0
File type ASCII text, with very long lines (24615), with no line terminators
Hash df5542b88bc0e368c6999754a5b9e2ba
54f17142faeb7c882fee3bf67d537733e75e43ae
b82da9703a35c5436f9e47711f5b95d5357f02d590cb39dba99355b9b073561f
GET /esp.js HTTP/1.1
Host: oa.openxcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduHl6u8JxpNEVdXEvZZTLdWuAUkboHIwYGMUr80BITdcHVtAYBnyTRFUssV-3Yidk2maNk1R-3HZQ4wmL-LnQEK_w
x-goog-generation: 1622140251693895
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7927
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7927
server: UploadServer
date: Sat, 31 Dec 2022 15:01:53 GMT
expires: Sun, 31 Dec 2023 15:01:53 GMT
cache-control: no-transform
age: 2517709
last-modified: Thu, 27 May 2021 18:30:51 GMT
etag: "df5542b88bc0e368c6999754a5b9e2ba"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16589/sync.min.js
54.230.111.94200 OK 10 kB URL HTTP/2 tags.crwdcntrl.net/lt/c/16589/sync.min.js
IP 54.230.111.94:0
Hash 27a7a92e00b9db828bf637e79d3281b1
75f901b9968941d2dca3f3425fc5a6da21988f53
d1ae3a4b9167e9d77399d99742fa254b0615ee0d52cc76d48fb15f5eafb38bbb
GET /lt/c/16589/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 15:35:23 GMT
cache-control: max-age: 86400
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f_RcnscadfGNR2vd91QoEuwKckWPIU4yl_ly3EZFSKdZNIxm8gXY0w==
age: 10100
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 196441b9ab491e04729c460aa7c63959
867ae480338a7fb9b5b58822291e27da45e624e7
b9189c93052f01d911133670a93abb3fa63a2e45ca729c9d64c5e9a0096b3427
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 196441b9ab491e04729c460aa7c63959
867ae480338a7fb9b5b58822291e27da45e624e7
b9189c93052f01d911133670a93abb3fa63a2e45ca729c9d64c5e9a0096b3427
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash efada10d2d3b1c0348542f4385bb0125
f7a73a926024caff1886422c930c6816192293d6
109aa85aa5895922a8c042bee431609d2c514ee08547cc0f4cbd96de9060b04f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash efada10d2d3b1c0348542f4385bb0125
f7a73a926024caff1886422c930c6816192293d6
109aa85aa5895922a8c042bee431609d2c514ee08547cc0f4cbd96de9060b04f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
216.58.207.193200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/amp4ads-v0.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash 27cf438fb43d91ae188ec660779545d6
8b9a4cafe884163806af638d24d38b3d3ebc9a4b
fbad1bda779d108b137b7ef98564a9538f866d3c20208c5c3f59f30be33e43ad
GET /rtv/012301112346000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61771
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "004684fcaffa7679"
content-type: text/javascript; charset=UTF-8
age: 519157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/032301181928000/v0/amp-ad-exit-0.1.mjs
216.58.207.193200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/032301181928000/v0/amp-ad-exit-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (14751)
Hash 73e00d54af81c3fab604b50e24c8e9c3
69acac1ec53fcbcf886bb240adabd050520197f9
3347e49ea6e174315c1bee3660a9988e4c7fe184a7a1176cf2aceb307c73125a
GET /rtv/032301181928000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5218
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:00:30 GMT
expires: Thu, 25 Jan 2024 19:00:30 GMT
cache-control: public, max-age=31536000
etag: "47662644ea8653a3"
content-type: text/javascript; charset=UTF-8
age: 343392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/032301181928000/v0/amp-analytics-0.1.mjs
216.58.207.193200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/032301181928000/v0/amp-analytics-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (65534)
Hash 71f3ba24b0a01ade500d97ad0b8f3617
508b7affbf3e3c2b8bf4f46ebcb69ea29855bf9a
34c90f195073264a8f3e51bb9582b73665f65d7b053a031400c48bf627ca9d69
GET /rtv/032301181928000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28817
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 18:56:17 GMT
expires: Thu, 25 Jan 2024 18:56:17 GMT
cache-control: public, max-age=31536000
etag: "6eb387830c268337"
content-type: text/javascript; charset=UTF-8
age: 343645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/032301181928000/v0/amp-fit-text-0.1.mjs
216.58.207.193200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/032301181928000/v0/amp-fit-text-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (5021)
Hash 15dbec6a43680f6683938949e1b50562
fd479e89a3460ca0e48b5001aad0a2836df31dab
d08eefabc738f11545330db83c2d3e9a855add08db6b9d9217a15dd783c4f5c8
GET /rtv/032301181928000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1914
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:00:30 GMT
expires: Thu, 25 Jan 2024 19:00:30 GMT
cache-control: public, max-age=31536000
etag: "f13d3e1d36b26a3d"
content-type: text/javascript; charset=UTF-8
age: 343392
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/032301181928000/v0/amp-form-0.1.mjs
216.58.207.193200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/032301181928000/v0/amp-form-0.1.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (41057)
Hash d002971e2ddb3b4efd4dc02db13ee630
da135f871d06963e22f3dc6ec251cfbaed9740ad
a464154b965a79018453f4b97ffa8412a5059b0b521472bfc0e84df5c74d8fac
GET /rtv/032301181928000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12960
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 18:57:27 GMT
expires: Thu, 25 Jan 2024 18:57:27 GMT
cache-control: public, max-age=31536000
etag: "f74ebce85e2cb18a"
content-type: text/javascript; charset=UTF-8
age: 343575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
IP 142.250.74.131:0
Hash ea1bffe8040f6c1679f6c050c3c54fbe
bde2939c6663099b71ee67a4c871dd7c76f57e6f
727f75deef34436b5842893143fb405f54eb211f8e3f330a0c19557626e1903c
POST /s/gts1d4/0-8iGxjpB1Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012301112346000/v0/amp-ad-exit-0.1.mjs
216.58.207.193200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-ad-exit-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (14751)
Hash 8d4f7148a157a31d69df198119f15f6c
869d2edb3409f82d8da8690b3b6c7c4212466bf1
9e17a0f37428d7db29cea9973f978d4716aaa7581c2480e9c337efcc84def4bf
GET /rtv/012301112346000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5217
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "cee5c64b71634b65"
content-type: text/javascript; charset=UTF-8
age: 519157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-analytics-0.1.mjs
216.58.207.193200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-analytics-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (65534)
Hash 7c4e76629bf5f57043e927954d19a19d
a144b16ad4d7168628eaed4f4b26e00a8f4364e3
310354d1c8f1db61fdfb182e107c8eb8a2e7986d1f4e95a2664df2cbdc1f7ccf
GET /rtv/012301112346000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28839
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:05 GMT
expires: Tue, 23 Jan 2024 18:11:05 GMT
cache-control: public, max-age=31536000
etag: "22d781f17bba60c1"
content-type: text/javascript; charset=UTF-8
age: 519157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/vFK9qEKFQSs
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/vFK9qEKFQSs
IP 142.250.74.131:0
Hash 5836a772775fdc2c8863bfa3031b962b
322804367519bdecdc6e3649d453ac3d6b2e75a2
ea7c91d88d1692038c9a4dbfccba6546c9a88ae0f760638aa74cc518a8ede92d
POST /s/gts1d4/vFK9qEKFQSs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/032301181928000/amp4ads-v0.mjs
216.58.207.193200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/032301181928000/amp4ads-v0.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (65016)
Hash 48a6de3ae55700342790796bc74ed284
95b56e24c6f3e51f8d6e76e358fd818080190af6
bbb194cfa602dd225a510e0d20f0e2fd904a86576ef541e524cca82689c52cd3
GET /rtv/032301181928000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61705
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 07:20:44 GMT
expires: Fri, 26 Jan 2024 07:20:44 GMT
cache-control: public, max-age=31536000
etag: "d25f495a59e571aa"
content-type: text/javascript; charset=UTF-8
age: 298978
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-form-0.1.mjs
216.58.207.193200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-form-0.1.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (41068)
Hash dac0049d10fef1c315153ac07254ffda
6282a0a8727d76cb0fe8267c7f1aac6646302ebc
e7d78a90fc0d890bd6da55f94658d31a587cca0247d81364b7a39a7f142772d1
GET /rtv/012301112346000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12955
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:08 GMT
expires: Tue, 23 Jan 2024 18:11:08 GMT
cache-control: public, max-age=31536000
etag: "ba03cd6134fdf15c"
content-type: text/javascript; charset=UTF-8
age: 519154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301112346000/v0/amp-fit-text-0.1.mjs
216.58.207.193200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012301112346000/v0/amp-fit-text-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (5021)
Hash 7fe5c160dceb250b352d5e11b7586036
0903f40a74a5805f6391a371509369de8e2e1c50
eaec033417fdbf02ec62fc0bf45d0bee3538e3e1722660a312cbe3e4dd60068f
GET /rtv/012301112346000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1907
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:11:08 GMT
expires: Tue, 23 Jan 2024 18:11:08 GMT
cache-control: public, max-age=31536000
etag: "5788572ff662ddbc"
content-type: text/javascript; charset=UTF-8
age: 519154
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash efada10d2d3b1c0348542f4385bb0125
f7a73a926024caff1886422c930c6816192293d6
109aa85aa5895922a8c042bee431609d2c514ee08547cc0f4cbd96de9060b04f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
34.96.70.87200 OK 1.3 kB URL HTTP/2 invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
IP 34.96.70.87:0
File type ASCII text, with very long lines (1178)
Hash f5bc066f146e3dbb049aa6c86c7012e6
efa97d857c263b3b3672e2ffa630af6e2625d84b
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
GET /encrypted-signals/encrypted-tag-g.js HTTP/1.1
Host: invstatic101.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsl1pmeMltfAH9gCDYpZOtXFMJfVL9TEzCK_7abTwtwqzhKtNdnMr_J6m18rXKRNel8iEWrBXmIdm6f3i3Pn2hS
vary: X-Goog-Allowed-Resources
x-goog-generation: 1659113709880056
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1258
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1258
server: UploadServer
via: 1.1 google
date: Sun, 29 Jan 2023 17:42:03 GMT
expires: Sun, 29 Jan 2023 18:42:03 GMT
cache-control: public, max-age=3600
age: 2499
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 30 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
Hash d472063d7addc7f86b5bc48c365e5842
0117ce31299089e62759cc682ed4803d3d684722
11e8a747c8bac4827cba0491759e776960e9e24f8307542a71f65c9a59e8c7db
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-162fb"
expires: Mon, 30 Jan 2023 18:23:42 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
142.250.74.98200 OK 13 kB URL HTTP/2 pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (1493)
Hash 0dece4b354fc41d0430994be26247a47
1063c9471665bb53cc9a4e89c4cf0f1e9f695f8d
71a1c1d814cc6c713b3513212be779f944e9b4002e1fb89ac36e438a1a04e4a0
GET /omsdk/releases/live/omweb-v1.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-length: 13109
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 17:41:19 GMT
expires: Sun, 29 Jan 2023 18:41:19 GMT
cache-control: public, max-age=3600
age: 2543
last-modified: Mon, 31 Oct 2022 17:24:37 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
178.250.0.157200 OK 5.5 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
IP 178.250.0.157:0
Hash 6e54e0a03f75b45ecf78164e9ba89b75
143897dd0ca36097d9199cee27502abb128e3d2c
4355d19c25d618a347aae57204c7d4bd940a5ba90193b4d88f521703de3b4956
GET /syncframe?origin=publishertag&topUrl=sharemods.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:41 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=acb0b30f-d337-43ca-ab8d-6f428f075775; expires=Fri, 23 Feb 2024 18:23:42 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 929771
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
IP 142.250.74.131:0
Hash 3623f1478e90cac3dd2ae304f8e197be
735c661c1cad47bc3729ffac872e4c8620a8992e
4072c398136faa675642554725f31957d31178922a39387a8c554d4c6597db97
POST /s/gts1d4/xn041pq5aCQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b5f5b4d6925248fc5513627cdf20721c
e78e624ac5e8923182a20fdd14b7ff9a517aee33
2ee7c29e2c31431671a8ad8381b521b191c546e2f0e1549da1bd23bf3701ba0f
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 216
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:42 GMT
Last-Modified: Sun, 29 Jan 2023 18:20:06 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
esp.rtbhouse.com/encrypt
35.190.39.111200 OK 2 B IP 35.190.39.111:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
OPTIONS /encrypt HTTP/1.1
Host: esp.rtbhouse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Origin
access-control-allow-methods: POST, GET
access-control-max-age: 600
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
access-control-allow-headers: content-type
content-type: text/plain; charset=utf-8
x-cloud-trace-context: 04c8a5b9a25a7e1de29e4d3969b9edc5
date: Sun, 29 Jan 2023 18:23:42 GMT
server: Google Frontend
content-length: 2
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570858_5.jpg
87.98.235.235200 OK 155 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570858_5.jpg
IP 87.98.235.235:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 1280x720, components 3\012- data
Size 155 kB (154899 bytes)
Hash ea43b313130e7527fe51795a30934315
105060de892725fbe000aabf29980bede96d3629
34f121235020395a98aeb5c719ab11a52e3d0654e5e10c31401bff5264774a51
GET /poster/5/7/570858_5.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: image/jpeg
content-length: 154899
last-modified: Mon, 07 Feb 2022 09:58:20 GMT
etag: "6200ed3c-25d13"
expires: Thu, 17 Aug 2023 18:23:42 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675016631328&event=plimpression&d=9784&vs=0&aps=3&playerVisible=0&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
87.98.235.235200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675016631328&event=plimpression&d=9784&vs=0&aps=3&playerVisible=0&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 87.98.235.235:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1675016631328&event=plimpression&d=9784&vs=0&aps=3&playerVisible=0&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Sunday, 29-Jan-2023 18:23:42 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675016631329&d=9784&wsc=ar&typ=embed&mobile=0&c=45
87.98.235.235200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675016631329&d=9784&wsc=ar&typ=embed&mobile=0&c=45
IP 87.98.235.235:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1675016631329&d=9784&wsc=ar&typ=embed&mobile=0&c=45 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Sunday, 29-Jan-2023 18:23:42 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
bcp.crwdcntrl.net/6/map
52.49.185.121200 OK 60 B IP 52.49.185.121:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5186adc30b248cfcbf516a07942039a3
647ecd98151550702b04ec996d172c93da8ba77c
4846ba106817eac7582eaca66203b3cdf68f4b87c12466176c6c605a003cac5e
POST /6/map HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 50
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:43 GMT
content-type: application/json;charset=utf-8
content-length: 60
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.17.54
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
esp.rtbhouse.com/encrypt
35.190.39.111200 OK 265 B IP 35.190.39.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e2bb003c1959f04a7c06238cbdf80473
d1d46071e8c79ec2b50b9a93eb55f32374b59afb
7a86dc1cd9b8d2a200f4745d9caf7c0652c1488981dca7f155463c3f9dcb2332
POST /encrypt HTTP/1.1
Host: esp.rtbhouse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Content-Type: application/json
Origin: https://sharemods.com
Content-Length: 197
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-cloud-trace-context: c5e548e3f020ac00cde7333c73ade766
date: Sun, 29 Jan 2023 18:23:43 GMT
server: Google Frontend
content-length: 265
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
IP 142.250.74.131:0
Hash 3623f1478e90cac3dd2ae304f8e197be
735c661c1cad47bc3729ffac872e4c8620a8992e
4072c398136faa675642554725f31957d31178922a39387a8c554d4c6597db97
POST /s/gts1d4/xn041pq5aCQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.35200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 14:34:21 GMT
expires: Fri, 26 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 272962
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s0.2mdn.net/instream/video/client.js
142.250.74.70200 OK 17 kB URL HTTP/2 s0.2mdn.net/instream/video/client.js
IP 142.250.74.70:0
File type ASCII text, with very long lines (2156)
Hash 49295de6ccd23cf80b6418a2d209868f
42a955b4560bb22cb9b5b39577f7a691ea345018
d5a29c73c6200af2ed6918a61106e649b92098ecd476830d725ed4d2ea5a8efa
GET /instream/video/client.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 16746
date: Sun, 29 Jan 2023 18:23:43 GMT
expires: Sun, 29 Jan 2023 18:23:43 GMT
cache-control: private, max-age=900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
id5-sync.com/api/esp/increment?counter=no-config
162.19.138.117204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 162.19.138.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
date: Sun, 29 Jan 2023 18:23:42 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cdn.onnetwork.tv/cnt/a_cntm.png?ts=1675016631478&i=570858&d=9784&wsc=ar&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=3&vs=30
87.98.235.235200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntm.png?ts=1675016631478&i=570858&d=9784&wsc=ar&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=3&vs=30
IP 87.98.235.235:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntm.png?ts=1675016631478&i=570858&d=9784&wsc=ar&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=3&vs=30 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:43 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Sunday, 29-Jan-2023 18:23:43 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/img/black2.mp4
87.98.235.235206 Partial Content 2.2 kB URL HTTP/2 cdn.onnetwork.tv/img/black2.mp4
IP 87.98.235.235:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 5cb95b4168423a49376882e1b2ba6171
8f6cc8c3da7687921eb12ef0d20769b988626f88
6212a4c6fd9be62d0795e3957471693cb344af6f21c2bbe0e957f3ed82520f1b
GET /img/black2.mp4 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:43 GMT
content-type: video/mp4
content-length: 2238
last-modified: Tue, 15 Nov 2022 12:58:10 GMT
etag: "63738ce2-8be"
expires: Thu, 17 Aug 2023 18:23:43 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-range: bytes 0-2237/2238
X-Firefox-Spdy: h2
oajs.openx.net/esp?url=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&rid=esp
34.120.135.53200 OK 2 B URL HTTP/2 oajs.openx.net/esp?url=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&rid=esp
IP 34.120.135.53:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /esp?url=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&rid=esp HTTP/1.1
Host: oajs.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: https://sharemods.com
vary: Origin
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 2
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
date: Sun, 29 Jan 2023 18:23:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b5f5b4d6925248fc5513627cdf20721c
e78e624ac5e8923182a20fdd14b7ff9a517aee33
2ee7c29e2c31431671a8ad8381b521b191c546e2f0e1549da1bd23bf3701ba0f
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 217
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:43 GMT
Last-Modified: Sun, 29 Jan 2023 18:20:06 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
static.criteo.net/js/ld/publishertag.ids.js
178.250.0.130200 OK 13 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.ids.js
IP 178.250.0.130:0
Hash 00db1f07c150b8d9951f681279b42b48
7dcab726283732760f5f4d425d6887a7413606ab
3bf8eeab2c1013de69bbdba49c401a0cd0342246a4bba0a7683557031603ac62
GET /js/ld/publishertag.ids.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-9c1f"
expires: Mon, 30 Jan 2023 18:23:42 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 921 B IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash f50ea8c9ed9c92c73d9bdf3d7761b95f
ed8ac7268a58d0ffb07e3cef6b5853ad1de92e16
b6fb560a196483f14b6a721e08e9bd57d1ca7451f27f006bc5a90c2164c25987
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4425
Cache-Control: max-age=159988
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:43 GMT
Etag: "63d6765a-139"
Expires: Tue, 31 Jan 2023 14:50:11 GMT
Last-Modified: Sun, 29 Jan 2023 13:36:26 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/syncframe?origin=publishertagids&topUrl=sharemods.com
178.250.0.157200 OK 14 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertagids&topUrl=sharemods.com
IP 178.250.0.157:0
Hash e1dd0c78652d4b6ff5ae12d1cc753345
78505262e5bf8cbff3a18d9889434515491e997d
2dd9b872ef9b528596e266948e5dc17e6d38ba407eb25b1286305a914ad9b4c2
GET /syncframe?origin=publishertagids&topUrl=sharemods.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=a3fa0366-ec31-427b-82f3-5873ab47e428; expires=Fri, 23 Feb 2024 18:23:42 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 892200
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012501&jk=603695204146335&rc=
142.250.74.98204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012501&jk=603695204146335&rc=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gpt_2023012501&jk=603695204146335&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 18:23:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=3268269646061606&rc=
142.250.74.98204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=3268269646061606&rc=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=3268269646061606&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 18:23:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:43 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=4qx1VV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hTdHlSVCUyRnpGZ2R3T09HYm4lMkZCdXNQbA; expires=Fri, 23 Feb 2024 18:23:43 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 401300
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
google-bidout-d.openx.net/w/1.0/pd?plm=5
35.244.159.8200 OK 20 B URL HTTP/2 google-bidout-d.openx.net/w/1.0/pd?plm=5
IP 35.244.159.8:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /w/1.0/pd?plm=5 HTTP/1.1
Host: google-bidout-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
date: Sun, 29 Jan 2023 18:23:43 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 555deabccaf21c6c5037aafa862065d3
f4bf841d606161c777817a81c7aa8248b76d44a7
8741e3998969df26e79e633cf653141a1040287d2c7639cb82f73ab2e156a0c9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8741E3998969DF26E79E633CF653141A1040287D2C7639CB82F73AB2E156A0C9"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10793
Expires: Sun, 29 Jan 2023 21:23:36 GMT
Date: Sun, 29 Jan 2023 18:23:43 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 1e93c4dbebf823dde402dd9c356b68d4
eefb240b37361d8d2ef2f6eefc1655f36d8cdd0f
8f10fe7eb933edb5abfc5b60979e844b12766def1f83ff9af07155a99911796a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4155
Cache-Control: max-age=126647
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:43 GMT
Etag: "63d5f52b-13a"
Expires: Tue, 31 Jan 2023 05:34:30 GMT
Last-Modified: Sun, 29 Jan 2023 04:25:15 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 1e93c4dbebf823dde402dd9c356b68d4
eefb240b37361d8d2ef2f6eefc1655f36d8cdd0f
8f10fe7eb933edb5abfc5b60979e844b12766def1f83ff9af07155a99911796a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4167
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 18:23:43 GMT
Last-Modified: Sun, 29 Jan 2023 17:14:16 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 314
pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=603695204146335&vrg=2023012501&nw_id=147246189%5C%2C21696195204&nslots=5&eid=31071905%2C31071944%2C44761477%2C31071326%2C676982961%2C31071579&pub_url=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&qid=CJn8gpaz7fwCFYFAHgIdrGwJpQ&iu=%2F147246189%2C21696195204%2Fsharemods.com_980x250&e=0&ret=728x90&req=970x250%7C980x200%7C728x90%7C970x90&bm=0&efh=1&stk=0&ifi=5
142.250.74.98204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=603695204146335&vrg=2023012501&nw_id=147246189%5C%2C21696195204&nslots=5&eid=31071905%2C31071944%2C44761477%2C31071326%2C676982961%2C31071579&pub_url=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&qid=CJn8gpaz7fwCFYFAHgIdrGwJpQ&iu=%2F147246189%2C21696195204%2Fsharemods.com_980x250&e=0&ret=728x90&req=970x250%7C980x200%7C728x90%7C970x90&bm=0&efh=1&stk=0&ifi=5
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/gen_204?id=gpt_pgbrk&pvsid=603695204146335&vrg=2023012501&nw_id=147246189%5C%2C21696195204&nslots=5&eid=31071905%2C31071944%2C44761477%2C31071326%2C676982961%2C31071579&pub_url=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&qid=CJn8gpaz7fwCFYFAHgIdrGwJpQ&iu=%2F147246189%2C21696195204%2Fsharemods.com_980x250&e=0&ret=728x90&req=970x250%7C980x200%7C728x90%7C970x90&bm=0&efh=1&stk=0&ifi=5 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 18:23:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
142.250.74.130200 OK 145 B URL HTTP/2 googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 92235b51835ea17fa6d313a73f3c2b8f
1e310139fd2be77b54f39c7c64e1616fd35785ad
2cf3e738572a24733a96c3be1d798e95e2bff434d37d6f28cde31ce53df8e333
GET /pagead/drt/s?v=r20120211 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fc40ca942955df930d515c73473472fe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Sun, 29 Jan 2023 17:58:24 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
216.58.211.3200 OK 604 B URL HTTP/2 www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
IP 216.58.211.3:0
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 7bd42e5a35b5fb3ff852d6ea9191ca83
8a141eb392a05a2dea3dcd83b97940ef70a81ebc
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
GET /images/icons/material/system/2x/settings_grey600_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fc40ca942955df930d515c73473472fe.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 13:30:57 GMT
expires: Thu, 25 Jan 2024 13:30:57 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 363166
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 263 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
Hash 44c953a0b60a9bb1d2642913f34cda40
0a37ce8a59f4a30029b7e87e1c8b7919825dd174
12dbf7c994dc8b503c5e2ddaa4ac175bc7eeff4123e83af38838f7a040433ce8
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 470
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 29 Jan 2023 18:23:43 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.69200 OK 774 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.69:0
Hash 67a9a128fb51bfdd570d7b0dc75608da
21bb4757738a84f411578520bb2a3d48dca3f4aa
f19d55fd4bf877a4727a67b634f85aa47fd1a0f0720cf707b7ff4beaafec0fe9
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 99040
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
142.250.74.98200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env
IP 142.250.74.98:0
File type JSON data\012- , ASCII text, with very long lines (14641), with no line terminators
Hash eab39241ec9592a41af6e783f135751c
27c226c343f826da8f89cfbbf6ea0984ac1486f8
fcedb7406e64ea397f5ab9bfd0cdb40ece004f02159425323a10a3a28f8737ef
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023012601&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sun, 29 Jan 2023 18:23:43 GMT
server: cafe
content-length: 11052
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertagids&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=xbnqQl9sZWxubTB5YTl4azk1TmhwSkZEa1RDZmNHJTJCTCUyQlZMclU0dkZCUmdQUEdZVXRjRUhzbm9jMkl6OW1XeUNjQ3RmekJGMWo5Y0VtZ2Uxd1N4ZGJadWpJenhYJTJCJTJGJTJGb1czZWx1eUxuamRvWktjbnhGeGhFd2hrdE9YTmZnY0JKRTJEYm4&info=HL-t-180M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hURDBiQWI4TFFJek1pZzklMkZzYUxkN3I&idsd=925897867,-20022022&cw=1&lsw=1
178.250.0.157200 OK 446 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertagids&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=xbnqQl9sZWxubTB5YTl4azk1TmhwSkZEa1RDZmNHJTJCTCUyQlZMclU0dkZCUmdQUEdZVXRjRUhzbm9jMkl6OW1XeUNjQ3RmekJGMWo5Y0VtZ2Uxd1N4ZGJadWpJenhYJTJCJTJGJTJGb1czZWx1eUxuamRvWktjbnhGeGhFd2hrdE9YTmZnY0JKRTJEYm4&info=HL-t-180M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hURDBiQWI4TFFJek1pZzklMkZzYUxkN3I&idsd=925897867,-20022022&cw=1&lsw=1
IP 178.250.0.157:0
Hash 4ea266225902feb3026ebeb0ff37f909
f9ff00ce88bfbf7baae7ef141197c0ea89bf4b85
869145c510c7484c75b151fa544595379e05d57da70e51017fbecd622bc83572
GET /sid/json?origin=publishertagids&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=xbnqQl9sZWxubTB5YTl4azk1TmhwSkZEa1RDZmNHJTJCTCUyQlZMclU0dkZCUmdQUEdZVXRjRUhzbm9jMkl6OW1XeUNjQ3RmekJGMWo5Y0VtZ2Uxd1N4ZGJadWpJenhYJTJCJTJGJTJGb1czZWx1eUxuamRvWktjbnhGeGhFd2hrdE9YTmZnY0JKRTJEYm4&info=HL-t-180M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hURDBiQWI4TFFJek1pZzklMkZzYUxkN3I&idsd=925897867,-20022022&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1320872
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=872988739969392&rc=
142.250.74.98204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=872988739969392&rc=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gpt_2023012601&jk=872988739969392&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 18:23:44 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 203 B IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9526e2a757e599a0aa56d428db52bcaf
a4fea544987edec6d6413c387ad8b690c5b1e3f0
2bc32d17bb3548738469cc3abffbe5d4553fe82e908947aadcbcb53f9a827e5a
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=LlCYGV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hRMXlWZFRsN2p4b0olMkZEUGNkcERQNzE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:43 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=DEWAbV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hUZGw1NmtNR0h0dWR0S3VuMDQ1VDM4; expires=Fri, 23 Feb 2024 18:23:44 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 335933
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdgWRA6EsXElEVN8jjpP35f5zW53x6tKOjIRbQjHX11tbxek1vwZIH-g-AkXrH0NWQ1D0zrJ2x4O7lexE8XKQ1WslzKOgPghfznubOMgBIS23mKkHx&sig=Cg0ArKJSzBg3ro1uPU3eEAE&id=lidar2&mcvt=1012&p=339,270,429,998&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230125&bin=7&avms=nio&bs=1268,939&mc=1&vu=1&app=0&itpl=3&adk=2666607112&rs=4&la=0&cr=0&vs=4&r=v&rst=1675016631068&rpt=857&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
142.250.74.98200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdgWRA6EsXElEVN8jjpP35f5zW53x6tKOjIRbQjHX11tbxek1vwZIH-g-AkXrH0NWQ1D0zrJ2x4O7lexE8XKQ1WslzKOgPghfznubOMgBIS23mKkHx&sig=Cg0ArKJSzBg3ro1uPU3eEAE&id=lidar2&mcvt=1012&p=339,270,429,998&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230125&bin=7&avms=nio&bs=1268,939&mc=1&vu=1&app=0&itpl=3&adk=2666607112&rs=4&la=0&cr=0&vs=4&r=v&rst=1675016631068&rpt=857&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
IP 142.250.74.98:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjssdgWRA6EsXElEVN8jjpP35f5zW53x6tKOjIRbQjHX11tbxek1vwZIH-g-AkXrH0NWQ1D0zrJ2x4O7lexE8XKQ1WslzKOgPghfznubOMgBIS23mKkHx&sig=Cg0ArKJSzBg3ro1uPU3eEAE&id=lidar2&mcvt=1012&p=339,270,429,998&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20230125&bin=7&avms=nio&bs=1268,939&mc=1&vu=1&app=0&itpl=3&adk=2666607112&rs=4&la=0&cr=0&vs=4&r=v&rst=1675016631068&rpt=857&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Sun, 29 Jan 2023 18:23:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 131 B IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1b225b4ce7ad43cda12a2ad5ffda2571
23fd4dcd805ed7a4cbe68cb853b4185c0ca82d27
139f7601cf7cc2f5f03f946315c9865dd6a725c2780b126882649ec9440a7aac
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=DEWAbV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hUZGw1NmtNR0h0dWR0S3VuMDQ1VDM4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:44 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=HEluAl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hUWHhrSERwVWFqNyUyRlFPJTJCRHhUZjFTRQ; expires=Fri, 23 Feb 2024 18:23:44 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 264694
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.betweendigital.com/sspmatch-iframe
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Mon, 29 Jan 2024 18:23:45 GMT; Path=/; Domain=.betweendigital.com
tuuid=89b7beec-4d9a-521d-bc96-8dd9df403468; Max-Age=31536000; Expires=Mon, 29 Jan 2024 18:23:45 GMT; Path=/; Domain=.betweendigital.com
ut=Y9a5sQANC9hpQ0IjX7pDrPwXgYrUAoaEiYM-gg==; Max-Age=31536000; Expires=Mon, 29 Jan 2024 18:23:45 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012501&jk=603695204146335&bg=!kZKlktbNAAZSrDxfcqw7ACkAdvg8Wjgp9c_NyTDneNXGTzoMDhsW1mMbS8p8e_iNmKofZIpXjQeoUQIAAAdtUgAAAANoAQcKAQmBEscFJILtvKG-e_GIYra7GgGh-TJZ5aanPgpzFDnNuSOi4n7rAcleY_wYBOkTZtQ7WarmsgKzP_wGQ1E4Zx-1xGOBJt35R4oFQEPEBRRA1AqHYYujcV9fPoV7fAvVWZDDGfTDp_uW4ugOQbrvrcL3iEiPj1GZIWPXuknCFmZvPbSw-7t0O7faNe6pDAGb889DGCYDDmhG70JQslsKxs8Jnp-E2oImK4IaSJsKhd3oa2qNWoa9rGvgOmCMHxNZegMjMzwr3Lp79yOiahJWIdVn-tXTRp2UyvNr4ehb7O6YJNzIC647vvLApnaIoQKP2-Vpln7cJoRt9kOlVnWCW6mpVHvXwPeln1nYmQKHPF8xSNrQDzZmDk2aprjq8oRbLu2jTRKB4Bf9HNC8XXESkA8isTuKPcqZ-E7KNzY44nb0TszEahHe5DQkp9EHILuGjpHAPZPGcFPAAaxwWyQrOXoVytFzpCxbP4nSrZ-hiOrV4U6MsdTw4Bntqg0l7JrBaZpKVUwaaH20VzoDcgSRBaaEcD9lXN5TB90l5BsWQ0nW0EI_eBw5DrUmb_GiI-EeziFA0nqqd2gEC0n2CQUln49d_txT01NnYwZu5C90S7smaRPJOqgwr-1sLQzwvW_Sh6oBj2V3Ki97kONsfW6hLlGLDORRoF2MGrRgaxt5ltMxiJWxV7_cMdwxONR9_Jcf-vyNt9cYPKck07U7Bk1bZ0eLChT4knFhRW9UsBT-KD8N4yTA6jCMmDYaZHpSF46IXtFcsu13DY9w55LP1cK5UcUWn1S-zYbTonNsnHz95m7gqSiyNf_Du4VSip3b6E39rpeQhcWkUYjBpFvK36XKZSgUptz3PIlVbJf7ujpyd01y5j8Yd7d6UPa7xaGJMNe_pq3EGGh60Rz-bjFxKCxjup4mAJqiRTHteGlMdTJVYuFsM_Drk-EV46sl4eVUX6WUBNm59OZ7j2sf_0gimYhe_ZarTBI5cvZprlD84yi6fYPbj9ACu65vgfwOXMSkKCOKKHJPYmKtJVEM8vaVBMuv2omHzGA_2D7rw_aKo0cfansc6nUrKUKhFJRAPuagVo0ANd2zHtG_7HVJnAm073KfdrmKa_069xMI8Jq3fChwCfwIWegEKSNehF1_P4FjWnCVeh3QWs7_c8JpvJg46gHAjdC_zN1RV5FuqAguQpRuOFrgJRP7K3CtEir59p-OTuStAQ2p2Po
142.250.74.98204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012501&jk=603695204146335&bg=!kZKlktbNAAZSrDxfcqw7ACkAdvg8Wjgp9c_NyTDneNXGTzoMDhsW1mMbS8p8e_iNmKofZIpXjQeoUQIAAAdtUgAAAANoAQcKAQmBEscFJILtvKG-e_GIYra7GgGh-TJZ5aanPgpzFDnNuSOi4n7rAcleY_wYBOkTZtQ7WarmsgKzP_wGQ1E4Zx-1xGOBJt35R4oFQEPEBRRA1AqHYYujcV9fPoV7fAvVWZDDGfTDp_uW4ugOQbrvrcL3iEiPj1GZIWPXuknCFmZvPbSw-7t0O7faNe6pDAGb889DGCYDDmhG70JQslsKxs8Jnp-E2oImK4IaSJsKhd3oa2qNWoa9rGvgOmCMHxNZegMjMzwr3Lp79yOiahJWIdVn-tXTRp2UyvNr4ehb7O6YJNzIC647vvLApnaIoQKP2-Vpln7cJoRt9kOlVnWCW6mpVHvXwPeln1nYmQKHPF8xSNrQDzZmDk2aprjq8oRbLu2jTRKB4Bf9HNC8XXESkA8isTuKPcqZ-E7KNzY44nb0TszEahHe5DQkp9EHILuGjpHAPZPGcFPAAaxwWyQrOXoVytFzpCxbP4nSrZ-hiOrV4U6MsdTw4Bntqg0l7JrBaZpKVUwaaH20VzoDcgSRBaaEcD9lXN5TB90l5BsWQ0nW0EI_eBw5DrUmb_GiI-EeziFA0nqqd2gEC0n2CQUln49d_txT01NnYwZu5C90S7smaRPJOqgwr-1sLQzwvW_Sh6oBj2V3Ki97kONsfW6hLlGLDORRoF2MGrRgaxt5ltMxiJWxV7_cMdwxONR9_Jcf-vyNt9cYPKck07U7Bk1bZ0eLChT4knFhRW9UsBT-KD8N4yTA6jCMmDYaZHpSF46IXtFcsu13DY9w55LP1cK5UcUWn1S-zYbTonNsnHz95m7gqSiyNf_Du4VSip3b6E39rpeQhcWkUYjBpFvK36XKZSgUptz3PIlVbJf7ujpyd01y5j8Yd7d6UPa7xaGJMNe_pq3EGGh60Rz-bjFxKCxjup4mAJqiRTHteGlMdTJVYuFsM_Drk-EV46sl4eVUX6WUBNm59OZ7j2sf_0gimYhe_ZarTBI5cvZprlD84yi6fYPbj9ACu65vgfwOXMSkKCOKKHJPYmKtJVEM8vaVBMuv2omHzGA_2D7rw_aKo0cfansc6nUrKUKhFJRAPuagVo0ANd2zHtG_7HVJnAm073KfdrmKa_069xMI8Jq3fChwCfwIWegEKSNehF1_P4FjWnCVeh3QWs7_c8JpvJg46gHAjdC_zN1RV5FuqAguQpRuOFrgJRP7K3CtEir59p-OTuStAQ2p2Po
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012501&jk=603695204146335&bg=!kZKlktbNAAZSrDxfcqw7ACkAdvg8Wjgp9c_NyTDneNXGTzoMDhsW1mMbS8p8e_iNmKofZIpXjQeoUQIAAAdtUgAAAANoAQcKAQmBEscFJILtvKG-e_GIYra7GgGh-TJZ5aanPgpzFDnNuSOi4n7rAcleY_wYBOkTZtQ7WarmsgKzP_wGQ1E4Zx-1xGOBJt35R4oFQEPEBRRA1AqHYYujcV9fPoV7fAvVWZDDGfTDp_uW4ugOQbrvrcL3iEiPj1GZIWPXuknCFmZvPbSw-7t0O7faNe6pDAGb889DGCYDDmhG70JQslsKxs8Jnp-E2oImK4IaSJsKhd3oa2qNWoa9rGvgOmCMHxNZegMjMzwr3Lp79yOiahJWIdVn-tXTRp2UyvNr4ehb7O6YJNzIC647vvLApnaIoQKP2-Vpln7cJoRt9kOlVnWCW6mpVHvXwPeln1nYmQKHPF8xSNrQDzZmDk2aprjq8oRbLu2jTRKB4Bf9HNC8XXESkA8isTuKPcqZ-E7KNzY44nb0TszEahHe5DQkp9EHILuGjpHAPZPGcFPAAaxwWyQrOXoVytFzpCxbP4nSrZ-hiOrV4U6MsdTw4Bntqg0l7JrBaZpKVUwaaH20VzoDcgSRBaaEcD9lXN5TB90l5BsWQ0nW0EI_eBw5DrUmb_GiI-EeziFA0nqqd2gEC0n2CQUln49d_txT01NnYwZu5C90S7smaRPJOqgwr-1sLQzwvW_Sh6oBj2V3Ki97kONsfW6hLlGLDORRoF2MGrRgaxt5ltMxiJWxV7_cMdwxONR9_Jcf-vyNt9cYPKck07U7Bk1bZ0eLChT4knFhRW9UsBT-KD8N4yTA6jCMmDYaZHpSF46IXtFcsu13DY9w55LP1cK5UcUWn1S-zYbTonNsnHz95m7gqSiyNf_Du4VSip3b6E39rpeQhcWkUYjBpFvK36XKZSgUptz3PIlVbJf7ujpyd01y5j8Yd7d6UPa7xaGJMNe_pq3EGGh60Rz-bjFxKCxjup4mAJqiRTHteGlMdTJVYuFsM_Drk-EV46sl4eVUX6WUBNm59OZ7j2sf_0gimYhe_ZarTBI5cvZprlD84yi6fYPbj9ACu65vgfwOXMSkKCOKKHJPYmKtJVEM8vaVBMuv2omHzGA_2D7rw_aKo0cfansc6nUrKUKhFJRAPuagVo0ANd2zHtG_7HVJnAm073KfdrmKa_069xMI8Jq3fChwCfwIWegEKSNehF1_P4FjWnCVeh3QWs7_c8JpvJg46gHAjdC_zN1RV5FuqAguQpRuOFrgJRP7K3CtEir59p-OTuStAQ2p2Po HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 18:23:44 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 14 kB URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (38560)
Hash 2dee4b2abe6d238dd8aeb76f289462ec
769676d123d365b9d337629f9fe4f3a767f99218
cbc13f43da97516ec6811a3265cfd84ee8dd197769911e430b4bd2e62666e7b9
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 677
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 29 Jan 2023 18:23:43 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
ads.betweendigital.com/sspmatch-iframe?crf=1
188.42.191.196200 OK 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe?crf=1
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe?crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Mon, 29 Jan 2024 18:23:44 GMT; Path=/; Domain=.betweendigital.com
tuuid=824aae31-78e2-521d-85a1-8613e6773fa3; Max-Age=31536000; Expires=Mon, 29 Jan 2024 18:23:44 GMT; Path=/; Domain=.betweendigital.com
ut=Y9a5sAABdwCy88zE1bKaUmOjo3scw-Ap2ox43g==; Max-Age=31536000; Expires=Mon, 29 Jan 2024 18:23:44 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.65.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.65.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 29 Jan 2023 18:23:44 GMT
Age: 41921
X-Served-By: cache-lga13626-LGA, cache-bma1655-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20, 135319
X-Timer: S1675016625.880547,VS0,VE0
Vary: Accept-Encoding
ads.pubmatic.com/AdServer/js/showad.js
23.38.200.201200 OK 14 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/showad.js
IP 23.38.200.201:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (38560)
Hash 0bfae9b18579b7ea0de0abd7c0ffc58f
c2f662ef4cccd27c27ef82686c9ee92b742bc9eb
3fa4e70bb63923f8dd778b7c310e48ec07bbd13ec13ad144d902f8502247f714
GET /AdServer/js/showad.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13968
content-type: text/html
cache-control: max-age=84692
expires: Mon, 30 Jan 2023 17:55:16 GMT
date: Sun, 29 Jan 2023 18:23:44 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/showad.js
23.38.200.201200 OK 14 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/showad.js
IP 23.38.200.201:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (38560)
Hash 0bfae9b18579b7ea0de0abd7c0ffc58f
c2f662ef4cccd27c27ef82686c9ee92b742bc9eb
3fa4e70bb63923f8dd778b7c310e48ec07bbd13ec13ad144d902f8502247f714
GET /AdServer/js/showad.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13968
content-type: text/html
cache-control: max-age=84692
expires: Mon, 30 Jan 2023 17:55:16 GMT
date: Sun, 29 Jan 2023 18:23:44 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.districtm.io/ids/index.html
54.230.111.88200 OK 116 B URL HTTP/2 cdn.districtm.io/ids/index.html
IP 54.230.111.88:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 517f2062d883c0ee35479a2da0c50b8c
73aed992d9fe72d54e3e638e51784db91bf345eb
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
GET /ids/index.html HTTP/1.1
Host: cdn.districtm.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 116
last-modified: Thu, 20 May 2021 02:18:27 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 07:11:01 GMT
etag: "517f2062d883c0ee35479a2da0c50b8c"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pyJoz12oAREatKhReREtMtby5JM76FcbPHlsV6bLtN8zxiz8QwQLZg==
age: 40364
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.65.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.65.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 29 Jan 2023 18:23:44 GMT
Age: 41921
X-Served-By: cache-lga13626-LGA, cache-bma1655-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20, 135320
X-Timer: S1675016625.894825,VS0,VE0
Vary: Accept-Encoding
acdn.adnxs.com/dmp/async_usersync.html
151.101.65.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.65.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sun, 29 Jan 2023 18:23:44 GMT
Age: 41921
X-Served-By: cache-lga13626-LGA, cache-bma1682-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20, 141268
X-Timer: S1675016625.894777,VS0,VE0
Vary: Accept-Encoding
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwKdcoVeRIltb0b1lkL2XPftdG87oF2vErTmQxaYPx_HbdBwz-89n-B_m8OUn7h4qFwFfFJqj39O32KempkLokfiIBfZRquGOd3MgTl0CSQ7kgapahqhb1zd98JsYLfK0NJtLNug&sai=AMfl-YQNGh7ydDko-6OQmthZS35Ye09cCNFI4b9BaDLYS-sd42QfYACmPCiIJAwJZ-x_P2_ibq0slygr9meqDBKR6FhUZIYT5T85gNGoT_u2k2U_3pCn8cH2YArpCygi9ekbHBOsk1M-kcu3Ae_81TU&sig=Cg0ArKJSzMT7ZGqfKdKuEAE&cid=CAQSSwDUE5ym1tYwyDyXii5H5u11SZDFMBK3ips84M10NS5Lema2RNpJ-_s-lBfOFCMrNpt5MxUY4LRp7_x4lIaQW4OISD14xQOfPowi_hgBIBM&id=ampim&o=149,662&d=980,280&ss=1280,1024&bs=1280,939&mcvt=1011&mtos=0,0,0,1011,1011&tos=0,0,0,1011,0&tfs=1396&tls=2407&g=75.72619047619048&h=75.72619047619048&tt=2407&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0
142.250.74.98200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvwKdcoVeRIltb0b1lkL2XPftdG87oF2vErTmQxaYPx_HbdBwz-89n-B_m8OUn7h4qFwFfFJqj39O32KempkLokfiIBfZRquGOd3MgTl0CSQ7kgapahqhb1zd98JsYLfK0NJtLNug&sai=AMfl-YQNGh7ydDko-6OQmthZS35Ye09cCNFI4b9BaDLYS-sd42QfYACmPCiIJAwJZ-x_P2_ibq0slygr9meqDBKR6FhUZIYT5T85gNGoT_u2k2U_3pCn8cH2YArpCygi9ekbHBOsk1M-kcu3Ae_81TU&sig=Cg0ArKJSzMT7ZGqfKdKuEAE&cid=CAQSSwDUE5ym1tYwyDyXii5H5u11SZDFMBK3ips84M10NS5Lema2RNpJ-_s-lBfOFCMrNpt5MxUY4LRp7_x4lIaQW4OISD14xQOfPowi_hgBIBM&id=ampim&o=149,662&d=980,280&ss=1280,1024&bs=1280,939&mcvt=1011&mtos=0,0,0,1011,1011&tos=0,0,0,1011,0&tfs=1396&tls=2407&g=75.72619047619048&h=75.72619047619048&tt=2407&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0
IP 142.250.74.98:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pcs/activeview?xai=AKAOjsvwKdcoVeRIltb0b1lkL2XPftdG87oF2vErTmQxaYPx_HbdBwz-89n-B_m8OUn7h4qFwFfFJqj39O32KempkLokfiIBfZRquGOd3MgTl0CSQ7kgapahqhb1zd98JsYLfK0NJtLNug&sai=AMfl-YQNGh7ydDko-6OQmthZS35Ye09cCNFI4b9BaDLYS-sd42QfYACmPCiIJAwJZ-x_P2_ibq0slygr9meqDBKR6FhUZIYT5T85gNGoT_u2k2U_3pCn8cH2YArpCygi9ekbHBOsk1M-kcu3Ae_81TU&sig=Cg0ArKJSzMT7ZGqfKdKuEAE&cid=CAQSSwDUE5ym1tYwyDyXii5H5u11SZDFMBK3ips84M10NS5Lema2RNpJ-_s-lBfOFCMrNpt5MxUY4LRp7_x4lIaQW4OISD14xQOfPowi_hgBIBM&id=ampim&o=149,662&d=980,280&ss=1280,1024&bs=1280,939&mcvt=1011&mtos=0,0,0,1011,1011&tos=0,0,0,1011,0&tfs=1396&tls=2407&g=75.72619047619048&h=75.72619047619048&tt=2407&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=0 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Sun, 29 Jan 2023 18:23:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.districtm.io/ids/idsync.d5cb6b96.js
54.230.111.88200 OK 3.3 kB URL HTTP/2 cdn.districtm.io/ids/idsync.d5cb6b96.js
IP 54.230.111.88:0
File type ASCII text, with very long lines (2048)
Hash 74ede07ef946dc2316f86b2661cf2dd3
dee3ae6938bd288ab9519a38eac3c39495a85f0f
196b425485c119046eada45bc1a473e6c35f7f8c5a94824873535de823af517f
GET /ids/idsync.d5cb6b96.js HTTP/1.1
Host: cdn.districtm.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.districtm.io/ids/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3302
last-modified: Thu, 20 May 2021 02:18:27 GMT
accept-ranges: bytes
server: AmazonS3
date: Sun, 29 Jan 2023 04:05:22 GMT
etag: "74ede07ef946dc2316f86b2661cf2dd3"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oPdKMDH3POwBvs1fprjWvQwAOOHVwoDKrDFLmLACKkLHbHs06GggAA==
age: 51504
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.20307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 96c25d59-6c62-4fbb-a900-6de5670c3dc8
Set-Cookie: uuid2=1056028183294087661; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 29-Apr-2023 18:23:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=3268269646061606&bg=!vr2lvfnNAAZSrDxfcqw7ACkAdvg8Wnd9O-lqj873AiPiIIG2at5OVg0Bz7vLtPKQBnwnwBN3QesVOAIAAAPiUgAAAARoAQcKAKGqgXCxjfZEF0N7IWmjhINmRYSDrvav2JJGLc4qtUDmTgqIkbmBS8czNyavvLg9hak3oPXSua9GvMv7LLgU5KAfL3h3ainrYAb3Kw5iMo9zyfYPjQih7-TiE9Vnf9ByVs03vdXa5sqBDEIukeg1N02y4YVSTnqyOtTdEs7fck-0X6AFP4dlgcyMhPTN6rTQeiItKh_O-vCO-RpGo79Vkxy5vZkCfC9Wx4-ctmkLs_MbBD2KfC4nOl5G76OF_D6Ol3uUxeEVkKPgBBZShCb_AvAAoiT0OHlODas0kioJVAg74EwHy19VxG9n7xUNujWvb83XiE6Dt0WVWnJ2oFqZPq4_20gsMGH1ZhrePIqhdrj6y-g2kAeo7Xr82EK3wFcFyyPCF9hA55JRgkMa2IURz_7aW4eIZbZeTE8Q4yQswy59m8YJYdiu33H3Ja4FOqqginIA-SCCvQAVwbBm5PFngUAeJWyIUpnXeH8pbSKggOD5icJoNdQ-U-U2HMufKQdbc0_D0rUYQZZCOyIqB_pqgwXt_ZexXMgmdVTT738SJVL3_-YFHl_kb_xpuWYloprQOxXsN7EkS1Lz6fMRlAGhbPJb4dWtWKQJ_wDr0TZt44hp_AVPdWOqj3bXLR8hItm8QiIM0VqH2Yw7d9dXM8pT6OyLEoNkClkgPsY-WXQ_lHR_2O_Jb6cpecgaMBgoiqtS9TTc0TZWcs44DpQl6O5jTKxKGw9h9xb7Coip9OO99P1BZ1AVhfev0aL2RHmMc-0ikL4mtVIHGRhyzpbSa7wxVbfg57txI4bZNibiWZKWGo7eL7mjG-heAFZ3p1TMzhrY8Qj2kNDiBCWSj0i55rGa72lglIt-rMEuW4et1I4iOsv_oQDa5VYaOtl9t2ZTKMOzvk8L8UhEKQL6t4eOYx1y-reZxezUhLOHsO2o92pvK4kNQ8svk_Aef1MzvvXdxjHESYoIQSrSmZn1AnhSFpgLvqMWl976VK5jHfkQmbKqNs7RiaZTc7DtZSY6cShuDGTIoheY5XoAzaKZoDs6m1gw8QYBkqbyICWA2YFxl4anqzDiAA
142.250.74.98204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=3268269646061606&bg=!vr2lvfnNAAZSrDxfcqw7ACkAdvg8Wnd9O-lqj873AiPiIIG2at5OVg0Bz7vLtPKQBnwnwBN3QesVOAIAAAPiUgAAAARoAQcKAKGqgXCxjfZEF0N7IWmjhINmRYSDrvav2JJGLc4qtUDmTgqIkbmBS8czNyavvLg9hak3oPXSua9GvMv7LLgU5KAfL3h3ainrYAb3Kw5iMo9zyfYPjQih7-TiE9Vnf9ByVs03vdXa5sqBDEIukeg1N02y4YVSTnqyOtTdEs7fck-0X6AFP4dlgcyMhPTN6rTQeiItKh_O-vCO-RpGo79Vkxy5vZkCfC9Wx4-ctmkLs_MbBD2KfC4nOl5G76OF_D6Ol3uUxeEVkKPgBBZShCb_AvAAoiT0OHlODas0kioJVAg74EwHy19VxG9n7xUNujWvb83XiE6Dt0WVWnJ2oFqZPq4_20gsMGH1ZhrePIqhdrj6y-g2kAeo7Xr82EK3wFcFyyPCF9hA55JRgkMa2IURz_7aW4eIZbZeTE8Q4yQswy59m8YJYdiu33H3Ja4FOqqginIA-SCCvQAVwbBm5PFngUAeJWyIUpnXeH8pbSKggOD5icJoNdQ-U-U2HMufKQdbc0_D0rUYQZZCOyIqB_pqgwXt_ZexXMgmdVTT738SJVL3_-YFHl_kb_xpuWYloprQOxXsN7EkS1Lz6fMRlAGhbPJb4dWtWKQJ_wDr0TZt44hp_AVPdWOqj3bXLR8hItm8QiIM0VqH2Yw7d9dXM8pT6OyLEoNkClkgPsY-WXQ_lHR_2O_Jb6cpecgaMBgoiqtS9TTc0TZWcs44DpQl6O5jTKxKGw9h9xb7Coip9OO99P1BZ1AVhfev0aL2RHmMc-0ikL4mtVIHGRhyzpbSa7wxVbfg57txI4bZNibiWZKWGo7eL7mjG-heAFZ3p1TMzhrY8Qj2kNDiBCWSj0i55rGa72lglIt-rMEuW4et1I4iOsv_oQDa5VYaOtl9t2ZTKMOzvk8L8UhEKQL6t4eOYx1y-reZxezUhLOHsO2o92pvK4kNQ8svk_Aef1MzvvXdxjHESYoIQSrSmZn1AnhSFpgLvqMWl976VK5jHfkQmbKqNs7RiaZTc7DtZSY6cShuDGTIoheY5XoAzaKZoDs6m1gw8QYBkqbyICWA2YFxl4anqzDiAA
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=3268269646061606&bg=!vr2lvfnNAAZSrDxfcqw7ACkAdvg8Wnd9O-lqj873AiPiIIG2at5OVg0Bz7vLtPKQBnwnwBN3QesVOAIAAAPiUgAAAARoAQcKAKGqgXCxjfZEF0N7IWmjhINmRYSDrvav2JJGLc4qtUDmTgqIkbmBS8czNyavvLg9hak3oPXSua9GvMv7LLgU5KAfL3h3ainrYAb3Kw5iMo9zyfYPjQih7-TiE9Vnf9ByVs03vdXa5sqBDEIukeg1N02y4YVSTnqyOtTdEs7fck-0X6AFP4dlgcyMhPTN6rTQeiItKh_O-vCO-RpGo79Vkxy5vZkCfC9Wx4-ctmkLs_MbBD2KfC4nOl5G76OF_D6Ol3uUxeEVkKPgBBZShCb_AvAAoiT0OHlODas0kioJVAg74EwHy19VxG9n7xUNujWvb83XiE6Dt0WVWnJ2oFqZPq4_20gsMGH1ZhrePIqhdrj6y-g2kAeo7Xr82EK3wFcFyyPCF9hA55JRgkMa2IURz_7aW4eIZbZeTE8Q4yQswy59m8YJYdiu33H3Ja4FOqqginIA-SCCvQAVwbBm5PFngUAeJWyIUpnXeH8pbSKggOD5icJoNdQ-U-U2HMufKQdbc0_D0rUYQZZCOyIqB_pqgwXt_ZexXMgmdVTT738SJVL3_-YFHl_kb_xpuWYloprQOxXsN7EkS1Lz6fMRlAGhbPJb4dWtWKQJ_wDr0TZt44hp_AVPdWOqj3bXLR8hItm8QiIM0VqH2Yw7d9dXM8pT6OyLEoNkClkgPsY-WXQ_lHR_2O_Jb6cpecgaMBgoiqtS9TTc0TZWcs44DpQl6O5jTKxKGw9h9xb7Coip9OO99P1BZ1AVhfev0aL2RHmMc-0ikL4mtVIHGRhyzpbSa7wxVbfg57txI4bZNibiWZKWGo7eL7mjG-heAFZ3p1TMzhrY8Qj2kNDiBCWSj0i55rGa72lglIt-rMEuW4et1I4iOsv_oQDa5VYaOtl9t2ZTKMOzvk8L8UhEKQL6t4eOYx1y-reZxezUhLOHsO2o92pvK4kNQ8svk_Aef1MzvvXdxjHESYoIQSrSmZn1AnhSFpgLvqMWl976VK5jHfkQmbKqNs7RiaZTc7DtZSY6cShuDGTIoheY5XoAzaKZoDs6m1gw8QYBkqbyICWA2YFxl4anqzDiAA HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 18:23:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=872988739969392&bg=!x8SlxIDNAAZSrDxfcqw7ACkAdvg8WkJ5dTSTT08oVOqSpfikTBG_gLFApPc7sMNRfUQOKy-0g4cnLAIAAADAUgAAAAJoAQcKAM2keVNTvpCAAXOFQYsVijs1W7Ib8O9nP2c3gXKiTzGd0eFl4VVM49RL9LIHoZOdC8LnnIzX2GD9KnfjSbkognmV_aSzYTW2mr-GRcWWCjmj8L1j42d7OepuNxRB_KzUsFs9N1H-6OOTcx8uuJ6DPVVNriBPxMYgwxC9XR1qE-YL3Jol-HifvViwhAvvPAsHYE6ZG_FvucjKgfHQq42jZ5cLWZbUhRmBWO2APwt_mqAqCfSQyz8byD3CQ6z8cXZvIs0WtA0eXRV0u7T87hGgmQKCwqowLLy7NMpOQJQMmuTSazbkgmwIlIgm7t4gakeEddDY7eam2IvfUW-UmZcHxzkbY6n8KJH7PgQ_D_K-JNyUEtZEI6R5BsNHhv6q6fp7k1-GhFSmcSB5opOx_vlLEFamg7Lx7M0iR6TBONfuGSM2Mrx94junkRkQXkm4Fn4eUpjqPKUxbGEs_4QMcZVJfFXBD_zONReHdB8L-krjMNZFTotWjyTCma75_xGoXpgbBzuU9RU_jGPb7A32HuegGr9beF3x1Vc7AxGu6X2TG57op3kdRbXcCi9N3E8m0y0qpyRFtsERNyhkgCLHyYVoBtOp9S-8L83jydPiKn2VUJL4jwhLp5yJnihdTuuLIu1XWpBgZqzAZX7k-E9B5cqFKMrPTQOzuI8AWmb8uFfBiOXl3I7Y4QfhRjSSrCFQsCIobj4lwtsdDAHIauGEVN0dYHy1btff0id_SUSjUJPEozhf3SFlY3ibI5CMs3--r7_CSxYyqRd7b9vFqsURQC2MBJI-fpNGe34UB35h9rfX9Yw-24EZovQm1sB9yxxgjP4rzMor0hZ6UgEWFwcOVohcpObb_AIOyVRpwsebs1Zaq0AZD0BglJyGk82La01i4rIknWY3de3TkG6eNlrwxBb6UYsRLLSHvSFaRhmqSfU1XGVYm3MMJLGSJzGRfe1LXdYsLumMwSrqAaGl7-NPwuaJxqdbDr7-1qAQBSLUQ7CQbRm2S9lTUPM3XOJX4gyKD2t1N8eGTxMolLFbgtPLSAwrQ0lgcwXfJL8GPiOlMsrvWW8_B6Iwz005qBNOo5k44wkv8rTE9kyz5F2ZgkS5It7k4cOpzIEXrI33SYZ_yuTZsKEFRWlR
142.250.74.98204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=872988739969392&bg=!x8SlxIDNAAZSrDxfcqw7ACkAdvg8WkJ5dTSTT08oVOqSpfikTBG_gLFApPc7sMNRfUQOKy-0g4cnLAIAAADAUgAAAAJoAQcKAM2keVNTvpCAAXOFQYsVijs1W7Ib8O9nP2c3gXKiTzGd0eFl4VVM49RL9LIHoZOdC8LnnIzX2GD9KnfjSbkognmV_aSzYTW2mr-GRcWWCjmj8L1j42d7OepuNxRB_KzUsFs9N1H-6OOTcx8uuJ6DPVVNriBPxMYgwxC9XR1qE-YL3Jol-HifvViwhAvvPAsHYE6ZG_FvucjKgfHQq42jZ5cLWZbUhRmBWO2APwt_mqAqCfSQyz8byD3CQ6z8cXZvIs0WtA0eXRV0u7T87hGgmQKCwqowLLy7NMpOQJQMmuTSazbkgmwIlIgm7t4gakeEddDY7eam2IvfUW-UmZcHxzkbY6n8KJH7PgQ_D_K-JNyUEtZEI6R5BsNHhv6q6fp7k1-GhFSmcSB5opOx_vlLEFamg7Lx7M0iR6TBONfuGSM2Mrx94junkRkQXkm4Fn4eUpjqPKUxbGEs_4QMcZVJfFXBD_zONReHdB8L-krjMNZFTotWjyTCma75_xGoXpgbBzuU9RU_jGPb7A32HuegGr9beF3x1Vc7AxGu6X2TG57op3kdRbXcCi9N3E8m0y0qpyRFtsERNyhkgCLHyYVoBtOp9S-8L83jydPiKn2VUJL4jwhLp5yJnihdTuuLIu1XWpBgZqzAZX7k-E9B5cqFKMrPTQOzuI8AWmb8uFfBiOXl3I7Y4QfhRjSSrCFQsCIobj4lwtsdDAHIauGEVN0dYHy1btff0id_SUSjUJPEozhf3SFlY3ibI5CMs3--r7_CSxYyqRd7b9vFqsURQC2MBJI-fpNGe34UB35h9rfX9Yw-24EZovQm1sB9yxxgjP4rzMor0hZ6UgEWFwcOVohcpObb_AIOyVRpwsebs1Zaq0AZD0BglJyGk82La01i4rIknWY3de3TkG6eNlrwxBb6UYsRLLSHvSFaRhmqSfU1XGVYm3MMJLGSJzGRfe1LXdYsLumMwSrqAaGl7-NPwuaJxqdbDr7-1qAQBSLUQ7CQbRm2S9lTUPM3XOJX4gyKD2t1N8eGTxMolLFbgtPLSAwrQ0lgcwXfJL8GPiOlMsrvWW8_B6Iwz005qBNOo5k44wkv8rTE9kyz5F2ZgkS5It7k4cOpzIEXrI33SYZ_yuTZsKEFRWlR
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023012601&jk=872988739969392&bg=!x8SlxIDNAAZSrDxfcqw7ACkAdvg8WkJ5dTSTT08oVOqSpfikTBG_gLFApPc7sMNRfUQOKy-0g4cnLAIAAADAUgAAAAJoAQcKAM2keVNTvpCAAXOFQYsVijs1W7Ib8O9nP2c3gXKiTzGd0eFl4VVM49RL9LIHoZOdC8LnnIzX2GD9KnfjSbkognmV_aSzYTW2mr-GRcWWCjmj8L1j42d7OepuNxRB_KzUsFs9N1H-6OOTcx8uuJ6DPVVNriBPxMYgwxC9XR1qE-YL3Jol-HifvViwhAvvPAsHYE6ZG_FvucjKgfHQq42jZ5cLWZbUhRmBWO2APwt_mqAqCfSQyz8byD3CQ6z8cXZvIs0WtA0eXRV0u7T87hGgmQKCwqowLLy7NMpOQJQMmuTSazbkgmwIlIgm7t4gakeEddDY7eam2IvfUW-UmZcHxzkbY6n8KJH7PgQ_D_K-JNyUEtZEI6R5BsNHhv6q6fp7k1-GhFSmcSB5opOx_vlLEFamg7Lx7M0iR6TBONfuGSM2Mrx94junkRkQXkm4Fn4eUpjqPKUxbGEs_4QMcZVJfFXBD_zONReHdB8L-krjMNZFTotWjyTCma75_xGoXpgbBzuU9RU_jGPb7A32HuegGr9beF3x1Vc7AxGu6X2TG57op3kdRbXcCi9N3E8m0y0qpyRFtsERNyhkgCLHyYVoBtOp9S-8L83jydPiKn2VUJL4jwhLp5yJnihdTuuLIu1XWpBgZqzAZX7k-E9B5cqFKMrPTQOzuI8AWmb8uFfBiOXl3I7Y4QfhRjSSrCFQsCIobj4lwtsdDAHIauGEVN0dYHy1btff0id_SUSjUJPEozhf3SFlY3ibI5CMs3--r7_CSxYyqRd7b9vFqsURQC2MBJI-fpNGe34UB35h9rfX9Yw-24EZovQm1sB9yxxgjP4rzMor0hZ6UgEWFwcOVohcpObb_AIOyVRpwsebs1Zaq0AZD0BglJyGk82La01i4rIknWY3de3TkG6eNlrwxBb6UYsRLLSHvSFaRhmqSfU1XGVYm3MMJLGSJzGRfe1LXdYsLumMwSrqAaGl7-NPwuaJxqdbDr7-1qAQBSLUQ7CQbRm2S9lTUPM3XOJX4gyKD2t1N8eGTxMolLFbgtPLSAwrQ0lgcwXfJL8GPiOlMsrvWW8_B6Iwz005qBNOo5k44wkv8rTE9kyz5F2ZgkS5It7k4cOpzIEXrI33SYZ_yuTZsKEFRWlR HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 18:23:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.20307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: f4cde807-cfcb-4ad6-8d52-5dbddaa2f566
Set-Cookie: uuid2=5457536383374953367; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 29-Apr-2023 18:23:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.20307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 053b20f8-813b-4191-bc27-ac58923c0056
Set-Cookie: uuid2=8228405294029291146; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 29-Apr-2023 18:23:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.20200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 086d4e4b-5306-4231-a405-aadcc2f442a5
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.20200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 9470892d-8280-4774-9885-756c791cae7b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.20200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:45 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: a6ae03f7-2eea-4cb3-9a3f-ccdbc06b5f87
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.20307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:46 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: d4520c3c-5732-4da6-82cd-17fc2e55dc29
Set-Cookie: uuid2=1711021049587661819; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 29-Apr-2023 18:23:45 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.20307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:46 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: ea0634bc-312f-4875-b832-64b4dec29fdc
Set-Cookie: uuid2=7502906467797192200; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 29-Apr-2023 18:23:46 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.20200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:46 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 74117251-ee00-4826-805b-9679a4e18d7b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.20200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:46 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: e2bf1e74-bc5d-423e-93fd-97affd052685
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
bh.contextweb.com/visitormatch?reat=1
198.148.27.140200 OK 27 B URL HTTP/2 bh.contextweb.com/visitormatch?reat=1
IP 198.148.27.140:0
File type HTML document, ASCII text
Hash 806d8942eb70ed2d827b12ed2bf44533
b1149d9764ff4a9a7e8698f7a56ed003796d8582
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
GET /visitormatch?reat=1 HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-m8kzc
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
content-type: text/html;charset=iso-8859-1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=14adb2777103489d; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.20200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.20:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 29 Jan 2023 18:23:46 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: ed83f163-9345-4e5d-9739-0af3d3807498
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675016636337&event=plstarttry&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
87.98.235.235200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675016636337&event=plstarttry&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 87.98.235.235:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1675016636337&event=plstarttry&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:47 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Sunday, 29-Jan-2023 18:23:47 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
bh.contextweb.com/visitormatch
198.148.27.140302 Found 100 B URL HTTP/2 bh.contextweb.com/visitormatch
IP 198.148.27.140:0
File type gzip compressed data, max compression\012- data
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /visitormatch HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-9l8jf
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: /visitormatch?reat=1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=pZc8RF8DLE9e;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Wed, 24-Jan-2024 18:23:45 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=24bec9b86c92142e; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
bh.contextweb.com/visitormatch
198.148.27.140302 Found 153 B URL HTTP/2 bh.contextweb.com/visitormatch
IP 198.148.27.140:0
Hash 0d4c681540d2b6b9d3ba991a99c52e28
2322b9dcd4241b8a8212934f0141df0293d1be66
1dd4125b267affbc7408eadb591721295b16e990c481a620f553391878723a6a
GET /visitormatch HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-r7vsg
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: /visitormatch?reat=1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=5uq3XW5PVqmN;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Wed, 24-Jan-2024 18:23:45 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=3c7b95bafd47ffb2; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
pubads.g.doubleclick.net/gampad/ads?iu=%2F147246189%2C21696195204%2Fsharemods.com_instream&description_url=https%3A%2F%2Fsharemods.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&min_ad_duration=5000&max_ad_duration=120000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1017953000522801&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&mpt=onnetwork%2Fvplayer&mpv=8.6.1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4093528735&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=6A45AF66-F945-42FB-90C2-0BBD9F2EDF06&a3p=EhkKCnVpZGFwaS5jb20Y-eSV9t8wSABSAghkEtsBCg5lc3AuY3JpdGVvLmNvbRK_AXhibnFRbDlzWld4dWJUQjVZVGw0YXprMVRtaHdTa1pFYTFSRFptTkhKVEpDVENVeVFsWk1jbFUwZGtaQ1VtZFFVRWRaVlhSalJVaHpibTlqTWtsNk9XMVhlVU5qUTNSbWVrSkdNV281WTBWdFoyVXhkMU40WkdKYWRXcEplbmhZSlRKQ0pUSkdKVEpHYjFjelpXeDFlVXh1YW1SdldrdGpibmhHZUdoRmQyaHJkRTlZVG1ablkwSktSVEpFWW00GIPplfbfMEgAEhwKDWNyd2RjbnRybC5uZXQY-eSV9t8wSABSAghkEhsKDGlkNS1zeW5jLmNvbRig6pX23zBIAFICCGoSFAoFb3BlbngYveuV9t8wSABSAghvEhkKCnB1YmNpZC5vcmcY8eWV9t8wSABSAghqEu4BCghydGJob3VzZRLYATNTdmNTeEV4dkdSQm1uUnBHNDd3S0g0YkN1Tm15ZFk0N1ZCM1hLdXQ2S3hKYnN1UDZhQ2x0ZDZtZHBWeDh4RFBLbDgveWtac0xza25Bc3ZJUUhYcW9qa0tPNXAvZjY3UTF0OXVHbEF2dmM3NmNOcG4yQzBRRkxxRFJWVDBrbHVxdnBsNHNDR1MyNExUMWhSRVFSaHZ5VDNtS3JjSGVRWmF0TU55NlVTa2dNcFFWZjZ3M0c2bzE5WHhGRjRWZldPdktBMWdMbHNQV3VYY1BFajQza0QyT2c9PRju6pX23zBIAA..&nel=0&eid=44748969%2C44765701%2C44771449%2C44773331%2C44777649%2C44782090&url=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&dlt=1675016629199&idt=2754&dt=1675016636503&cookie=ID%3Dffc625feebcfd1ed%3AT%3D1675016622%3AS%3DALNI_MbKWEhQHePOfeEo6BPnvA0hUhqF_A&gpic=UID%3D00000babc3204c7f%3AT%3D1675016622%3ART%3D1675016622%3AS%3DALNI_MbRE9K5D3zJwCVJ_RpgeRRg4MqTog&scor=865897500918610&fbidx=-1&ppid=onnetwork&ged=ve4_td7_tt4_pd7_la7000_er1809.64.1809.64_vi0.0.939.1268_vp0_eb16619
142.250.74.162200 OK 98 B URL HTTP/2 pubads.g.doubleclick.net/gampad/ads?iu=%2F147246189%2C21696195204%2Fsharemods.com_instream&description_url=https%3A%2F%2Fsharemods.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&min_ad_duration=5000&max_ad_duration=120000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1017953000522801&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&mpt=onnetwork%2Fvplayer&mpv=8.6.1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4093528735&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=6A45AF66-F945-42FB-90C2-0BBD9F2EDF06&a3p=EhkKCnVpZGFwaS5jb20Y-eSV9t8wSABSAghkEtsBCg5lc3AuY3JpdGVvLmNvbRK_AXhibnFRbDlzWld4dWJUQjVZVGw0YXprMVRtaHdTa1pFYTFSRFptTkhKVEpDVENVeVFsWk1jbFUwZGtaQ1VtZFFVRWRaVlhSalJVaHpibTlqTWtsNk9XMVhlVU5qUTNSbWVrSkdNV281WTBWdFoyVXhkMU40WkdKYWRXcEplbmhZSlRKQ0pUSkdKVEpHYjFjelpXeDFlVXh1YW1SdldrdGpibmhHZUdoRmQyaHJkRTlZVG1ablkwSktSVEpFWW00GIPplfbfMEgAEhwKDWNyd2RjbnRybC5uZXQY-eSV9t8wSABSAghkEhsKDGlkNS1zeW5jLmNvbRig6pX23zBIAFICCGoSFAoFb3BlbngYveuV9t8wSABSAghvEhkKCnB1YmNpZC5vcmcY8eWV9t8wSABSAghqEu4BCghydGJob3VzZRLYATNTdmNTeEV4dkdSQm1uUnBHNDd3S0g0YkN1Tm15ZFk0N1ZCM1hLdXQ2S3hKYnN1UDZhQ2x0ZDZtZHBWeDh4RFBLbDgveWtac0xza25Bc3ZJUUhYcW9qa0tPNXAvZjY3UTF0OXVHbEF2dmM3NmNOcG4yQzBRRkxxRFJWVDBrbHVxdnBsNHNDR1MyNExUMWhSRVFSaHZ5VDNtS3JjSGVRWmF0TU55NlVTa2dNcFFWZjZ3M0c2bzE5WHhGRjRWZldPdktBMWdMbHNQV3VYY1BFajQza0QyT2c9PRju6pX23zBIAA..&nel=0&eid=44748969%2C44765701%2C44771449%2C44773331%2C44777649%2C44782090&url=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&dlt=1675016629199&idt=2754&dt=1675016636503&cookie=ID%3Dffc625feebcfd1ed%3AT%3D1675016622%3AS%3DALNI_MbKWEhQHePOfeEo6BPnvA0hUhqF_A&gpic=UID%3D00000babc3204c7f%3AT%3D1675016622%3ART%3D1675016622%3AS%3DALNI_MbRE9K5D3zJwCVJ_RpgeRRg4MqTog&scor=865897500918610&fbidx=-1&ppid=onnetwork&ged=ve4_td7_tt4_pd7_la7000_er1809.64.1809.64_vi0.0.939.1268_vp0_eb16619
IP 142.250.74.162:0
Hash 60a684ea33f5a8ea992e3166f6015d77
07c31ee8b077593f0af0a85d422d8d21da4e7212
4888fd03619b61ad7ff3c1968be6789eda2fd0a949b407994a507d709907d4ac
GET /gampad/ads?iu=%2F147246189%2C21696195204%2Fsharemods.com_instream&description_url=https%3A%2F%2Fsharemods.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&min_ad_duration=5000&max_ad_duration=120000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1017953000522801&sdkv=h.3.553.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&mpt=onnetwork%2Fvplayer&mpv=8.6.1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4093528735&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.553.0&sid=6A45AF66-F945-42FB-90C2-0BBD9F2EDF06&a3p=EhkKCnVpZGFwaS5jb20Y-eSV9t8wSABSAghkEtsBCg5lc3AuY3JpdGVvLmNvbRK_AXhibnFRbDlzWld4dWJUQjVZVGw0YXprMVRtaHdTa1pFYTFSRFptTkhKVEpDVENVeVFsWk1jbFUwZGtaQ1VtZFFVRWRaVlhSalJVaHpibTlqTWtsNk9XMVhlVU5qUTNSbWVrSkdNV281WTBWdFoyVXhkMU40WkdKYWRXcEplbmhZSlRKQ0pUSkdKVEpHYjFjelpXeDFlVXh1YW1SdldrdGpibmhHZUdoRmQyaHJkRTlZVG1ablkwSktSVEpFWW00GIPplfbfMEgAEhwKDWNyd2RjbnRybC5uZXQY-eSV9t8wSABSAghkEhsKDGlkNS1zeW5jLmNvbRig6pX23zBIAFICCGoSFAoFb3BlbngYveuV9t8wSABSAghvEhkKCnB1YmNpZC5vcmcY8eWV9t8wSABSAghqEu4BCghydGJob3VzZRLYATNTdmNTeEV4dkdSQm1uUnBHNDd3S0g0YkN1Tm15ZFk0N1ZCM1hLdXQ2S3hKYnN1UDZhQ2x0ZDZtZHBWeDh4RFBLbDgveWtac0xza25Bc3ZJUUhYcW9qa0tPNXAvZjY3UTF0OXVHbEF2dmM3NmNOcG4yQzBRRkxxRFJWVDBrbHVxdnBsNHNDR1MyNExUMWhSRVFSaHZ5VDNtS3JjSGVRWmF0TU55NlVTa2dNcFFWZjZ3M0c2bzE5WHhGRjRWZldPdktBMWdMbHNQV3VYY1BFajQza0QyT2c9PRju6pX23zBIAA..&nel=0&eid=44748969%2C44765701%2C44771449%2C44773331%2C44777649%2C44782090&url=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&dlt=1675016629199&idt=2754&dt=1675016636503&cookie=ID%3Dffc625feebcfd1ed%3AT%3D1675016622%3AS%3DALNI_MbKWEhQHePOfeEo6BPnvA0hUhqF_A&gpic=UID%3D00000babc3204c7f%3AT%3D1675016622%3ART%3D1675016622%3AS%3DALNI_MbRE9K5D3zJwCVJ_RpgeRRg4MqTog&scor=865897500918610&fbidx=-1&ppid=onnetwork&ged=ve4_td7_tt4_pd7_la7000_er1809.64.1809.64_vi0.0.939.1268_vp0_eb16619 HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
google-lineitem-id: -2
google-creative-id: -2
date: Sun, 29 Jan 2023 18:23:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 98
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675016636564&event=adnotpresent&d=9784&vs=0&aps=4&playerVisible=2&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
87.98.235.235200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675016636564&event=adnotpresent&d=9784&vs=0&aps=4&playerVisible=2&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 87.98.235.235:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1675016636564&event=adnotpresent&d=9784&vs=0&aps=4&playerVisible=2&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:48 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Sunday, 29-Jan-2023 18:23:48 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntn.png?ts=1675016636566&d=9784&mobile=0&bp=0&ap=-1&lin=1&muted=1&fna=1&ab=0&co=0
87.98.235.235200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntn.png?ts=1675016636566&d=9784&mobile=0&bp=0&ap=-1&lin=1&muted=1&fna=1&ab=0&co=0
IP 87.98.235.235:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntn.png?ts=1675016636566&d=9784&mobile=0&bp=0&ap=-1&lin=1&muted=1&fna=1&ab=0&co=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:48 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Sunday, 29-Jan-2023 18:23:48 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntr.png?ts=16750166360&vmvp=0&w=9784&vs=1197&vc=27330&mobile=0&aps=4&pv=0&ac=0&plist=2557&widget=808&ab=0&co=0&pod=0&muted=1&initap=3&adcount=1
87.98.235.235200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntr.png?ts=16750166360&vmvp=0&w=9784&vs=1197&vc=27330&mobile=0&aps=4&pv=0&ac=0&plist=2557&widget=808&ab=0&co=0&pod=0&muted=1&initap=3&adcount=1
IP 87.98.235.235:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntr.png?ts=16750166360&vmvp=0&w=9784&vs=1197&vc=27330&mobile=0&aps=4&pv=0&ac=0&plist=2557&widget=808&ab=0&co=0&pod=0&muted=1&initap=3&adcount=1 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:48 GMT
content-type: image/png
content-length: 126
last-modified: Fri, 08 Nov 2019 15:04:48 GMT
set-cookie: nv27330=1; Max-Age=600; SameSite=None; Secure; path=/; domain=.onnetwork.tv
nd1197=1; Max-Age=300; SameSite=None; Secure; path=/; domain=.onnetwork.tv
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/widgets/widgetScrollist.js?s=202209160956
94.23.95.107200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/js/widgets/widgetScrollist.js?s=202209160956
IP 94.23.95.107:0
GET /js/widgets/widgetScrollist.js?s=202209160956 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 11:52:32 GMT
vary: Accept-Encoding
etag: W/"63c14600-6a04"
expires: Thu, 17 Aug 2023 18:23:40 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP 104.18.10.207:0
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 20466105
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79140013899ab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.1.1/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.1.1/css/all.css
IP 172.64.132.15:0
GET /releases/v5.1.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: text/css
x-amz-id-2: 97tj2z04b4usB7JjD3sNAwe62WJ9JT6WzbwusvQaPMotgnfqHo+RQqbh+biGiSQjHfkXKUWUHhA=
x-amz-request-id: WCYT6CTEVDKN3HZC
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"597b70b2ce6b1483f72526c906918fe9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 269954
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibdxCx454IxxoXDRwkuadl6MUylb8QSjHtOaLkItRKRvbNx6XR%2BHIDGVBdg9JjVMwv31Mh09mr3M6yjx3B7g5tEsA0MBFBMrt6%2BhT3i7iKxQWXS2iOGBEA%2B2a9idKzd3YgO0vdwU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791400141f26740f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=kR8sM19sZWxubTB5YTl4azk1TmhwSkZEa1RJTFJibDBxMjQ5RVlzR29pZlRXaXdCN0Y4TWxDaWxsckUlMkZMVnM3JTJGVSUyRko2RDQ0Q1Vnc3RtSVNadkpqN0xNa3JpZnVRRE1nU3RuOVY4eHkxbjdjWjJ3WERZZlVVbFEySTJKaUc3S1ZQaE8lMkZs&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=kR8sM19sZWxubTB5YTl4azk1TmhwSkZEa1RJTFJibDBxMjQ5RVlzR29pZlRXaXdCN0Y4TWxDaWxsckUlMkZMVnM3JTJGVSUyRko2RDQ0Q1Vnc3RtSVNadkpqN0xNa3JpZnVRRE1nU3RuOVY4eHkxbjdjWjJ3WERZZlVVbFEySTJKaUc3S1ZQaE8lMkZs&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=kR8sM19sZWxubTB5YTl4azk1TmhwSkZEa1RJTFJibDBxMjQ5RVlzR29pZlRXaXdCN0Y4TWxDaWxsckUlMkZMVnM3JTJGVSUyRko2RDQ0Q1Vnc3RtSVNadkpqN0xNa3JpZnVRRE1nU3RuOVY4eHkxbjdjWjJ3WERZZlVVbFEySTJKaUc3S1ZQaE8lMkZs&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:41 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 1471947
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player90/embed.min.js?s=1674742780
94.23.95.107200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/js/player90/embed.min.js?s=1674742780
IP 94.23.95.107:0
GET /js/player90/embed.min.js?s=1674742780 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: application/javascript
last-modified: Thu, 26 Jan 2023 14:19:40 GMT
vary: Accept-Encoding
etag: W/"63d28bfc-119d5"
expires: Thu, 17 Aug 2023 18:23:40 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=xbnqQl9sZWxubTB5YTl4azk1TmhwSkZEa1RDZmNHJTJCTCUyQlZMclU0dkZCUmdQUEdZVXRjRUhzbm9jMkl6OW1XeUNjQ3RmekJGMWo5Y0VtZ2Uxd1N4ZGJadWpJenhYJTJCJTJGJTJGb1czZWx1eUxuamRvWktjbnhGeGhFd2hrdE9YTmZnY0JKRTJEYm4&info=DEWAbV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hUZGw1NmtNR0h0dWR0S3VuMDQ1VDM4&idsd=925897867,-20022022&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=xbnqQl9sZWxubTB5YTl4azk1TmhwSkZEa1RDZmNHJTJCTCUyQlZMclU0dkZCUmdQUEdZVXRjRUhzbm9jMkl6OW1XeUNjQ3RmekJGMWo5Y0VtZ2Uxd1N4ZGJadWpJenhYJTJCJTJGJTJGb1czZWx1eUxuamRvWktjbnhGeGhFd2hrdE9YTmZnY0JKRTJEYm4&info=DEWAbV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hUZGw1NmtNR0h0dWR0S3VuMDQ1VDM4&idsd=925897867,-20022022&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=xbnqQl9sZWxubTB5YTl4azk1TmhwSkZEa1RDZmNHJTJCTCUyQlZMclU0dkZCUmdQUEdZVXRjRUhzbm9jMkl6OW1XeUNjQ3RmekJGMWo5Y0VtZ2Uxd1N4ZGJadWpJenhYJTJCJTJGJTJGb1czZWx1eUxuamRvWktjbnhGeGhFd2hrdE9YTmZnY0JKRTJEYm4&info=DEWAbV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hUZGw1NmtNR0h0dWR0S3VuMDQ1VDM4&idsd=925897867,-20022022&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:43 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1088787
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
bh.contextweb.com/visitormatch
198.148.27.140302 Found 0 B URL HTTP/2 bh.contextweb.com/visitormatch
IP 198.148.27.140:0
GET /visitormatch HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-9l8jf
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: /visitormatch?reat=1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=fV1TVzI9j6bf;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Wed, 24-Jan-2024 18:23:45 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=24bec9b86c92142e; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=1313142430184606.2&tz=0&fl=0&rr=direct&s=2544233&bidid=1856609131f2c1e8&transactionid=74f4adb7-b46a-4b23-bfb6-cffbc0890745&auctionid=f3a8aae6-a27d-498f-a384-b9e7d0cd5ea1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&crf=1
188.42.191.196200 OK 0 B URL HTTP/2 ads.betweendigital.com/adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=1313142430184606.2&tz=0&fl=0&rr=direct&s=2544233&bidid=1856609131f2c1e8&transactionid=74f4adb7-b46a-4b23-bfb6-cffbc0890745&auctionid=f3a8aae6-a27d-498f-a384-b9e7d0cd5ea1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&crf=1
IP 188.42.191.196:0
GET /adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=1313142430184606.2&tz=0&fl=0&rr=direct&s=2544233&bidid=1856609131f2c1e8&transactionid=74f4adb7-b46a-4b23-bfb6-cffbc0890745&auctionid=f3a8aae6-a27d-498f-a384-b9e7d0cd5ea1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Fbk2e1ia76zfo%2Fsgm_touge_underground_tuner_car_pack_v1.rar.html&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Content-Type: text/plain
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Mon, 29 Jan 2024 18:23:41 GMT; Path=/; Domain=.betweendigital.com
tuuid=a2f16849-94b3-521d-a4f3-ea45c72553e8; Max-Age=31536000; Expires=Mon, 29 Jan 2024 18:23:41 GMT; Path=/; Domain=.betweendigital.com
ut=Y9a5rQAJXnDYyl9dhfoDtpQuLKwARTlNhrnT1Q==; Max-Age=31536000; Expires=Mon, 29 Jan 2024 18:23:41 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
IP 172.64.132.15:0
GET /releases/v5.1.1/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: text/css
x-amz-id-2: mxSO7Y2RUnsqPYTbhYMz4ehQu9Or5UugbOcZ2V1a2j7tq6qzcdsLev13QXqmhu0I9nTcgJ8tGog=
x-amz-request-id: K4043YG95XX5KFDJ
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"01727b5056f65c2ac938f5db4e552b10"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2182723
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXCOcDhvScKrWZhztXakLn5GXLTRHIS%2Bm57KGzy9VDLNRbWCIKYwYveLJzwitRPh%2F8jIjTN7rzgVpCek03ekyEe9Tpdfiatg5g%2FMwOwACQiMeex3qisEzBxawSGrUnJMT206L%2FEM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791400141f32740f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stpd.cloud/assets/hb/sharemods.js
104.18.30.49200 OK 0 B URL HTTP/2 stpd.cloud/assets/hb/sharemods.js
IP 104.18.30.49:0
GET /assets/hb/sharemods.js HTTP/1.1
Host: stpd.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: application/javascript
content-md5: bWb7BtXWQtqkkPx7GJ/9MA==
last-modified: Fri, 27 Jan 2023 10:52:24 GMT
vary: Origin, Accept-Encoding
x-ms-request-id: 58433397-201e-0069-5f3d-32c6db000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
age: 4070
expires: Sun, 29 Jan 2023 22:23:40 GMT
cache-control: public, max-age=14400
access-control-allow-origin: *
server: cloudflare
cf-ray: 791400148fe20afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
video.onnetwork.tv/frame86.php?id=ffONNP31ea1e50c804d5cd6169ba81011c703c16750166291941&iid=1675016628723&e=1&widget=808&lang=7&onnsfonn=1&mid=NTcwODU4LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA%3D&wtop=https%253A%252F%252Fsharemods.com%252Fbk2e1ia76zfo%252Fsgm_touge_underground_tuner_car_pack_v1.rar.html&apop=0&vpop=0&apopa=0&vpopa=0&cId=pid1675016628723&rrpt=%7B%22CxSegments%22%3Anull%7D
178.33.138.136200 OK 0 B URL HTTP/2 video.onnetwork.tv/frame86.php?id=ffONNP31ea1e50c804d5cd6169ba81011c703c16750166291941&iid=1675016628723&e=1&widget=808&lang=7&onnsfonn=1&mid=NTcwODU4LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA%3D&wtop=https%253A%252F%252Fsharemods.com%252Fbk2e1ia76zfo%252Fsgm_touge_underground_tuner_car_pack_v1.rar.html&apop=0&vpop=0&apopa=0&vpopa=0&cId=pid1675016628723&rrpt=%7B%22CxSegments%22%3Anull%7D
IP 178.33.138.136:0
GET /frame86.php?id=ffONNP31ea1e50c804d5cd6169ba81011c703c16750166291941&iid=1675016628723&e=1&widget=808&lang=7&onnsfonn=1&mid=NTcwODU4LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA%3D&wtop=https%253A%252F%252Fsharemods.com%252Fbk2e1ia76zfo%252Fsgm_touge_underground_tuner_car_pack_v1.rar.html&apop=0&vpop=0&apopa=0&vpopa=0&cId=pid1675016628723&rrpt=%7B%22CxSegments%22%3Anull%7D HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Sun, 29 Jan 2023 18:23:41 GMT
expires: Sun, 29 Jan 2023 18:23:42 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
feature-policy: fullscreen *; autoplay;
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
date: Sun, 29 Jan 2023 18:23:41 GMT
server: XO.webservant
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.69200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.69:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:43 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 93937
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
178.250.6.136200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 178.250.6.136:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 61907
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16576/sync.min.js
54.230.111.94200 OK 0 B URL HTTP/2 tags.crwdcntrl.net/lt/c/16576/sync.min.js
IP 54.230.111.94:0
GET /lt/c/16576/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sun, 29 Jan 2023 15:35:23 GMT
cache-control: max-age: 86400
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZJpqQvmTnU8EwaiXcdEG6IvbCDaoNq5zIbvI4uspVr5zRerdpmaMew==
age: 10099
X-Firefox-Spdy: h2
cdn.onnetwork.tv/css/roboto.css
87.98.235.235200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/css/roboto.css
IP 87.98.235.235:0
GET /css/roboto.css HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: text/css
last-modified: Thu, 01 Jul 2021 08:44:40 GMT
vary: Accept-Encoding
etag: W/"60dd8078-194c"
expires: Thu, 17 Aug 2023 18:23:42 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.69200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.69:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:43 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 102790
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 401164
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player86/player.js?s=1674995118
94.23.95.107200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/js/player86/player.js?s=1674995118
IP 94.23.95.107:0
GET /js/player86/player.js?s=1674995118 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: application/javascript
last-modified: Sun, 29 Jan 2023 12:25:18 GMT
vary: Accept-Encoding
etag: W/"63d665ae-44a4b"
expires: Thu, 17 Aug 2023 18:23:42 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
IP 104.18.10.207:0
GET /bootstrap/3.3.7/css/bootstrap-theme.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 08/03/2021 14:28:52
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: e346f97b1d38a339b60e3cf96f044831
cdn-cache: HIT
cf-cache-status: HIT
age: 20459940
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79140013ba251c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 977212
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.69200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.69:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:43 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 100924
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
bh.contextweb.com/visitormatch?reat=1
198.148.27.140200 OK 0 B URL HTTP/2 bh.contextweb.com/visitormatch?reat=1
IP 198.148.27.140:0
GET /visitormatch?reat=1 HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-fgl7r
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
content-type: text/html;charset=iso-8859-1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=339e510c16f2d3fe; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP 104.18.10.207:0
GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:40 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 20458219
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79140013a9ccb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/esp.js
104.22.52.86200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.52.86:0
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: FVMlFSmcD0Wn/+rph/xJPSMD8h1xLItGxMiFojs1e+J1f7LO28QsQCtM5wu1mlkwy4pwPQtZ0SQ=
x-amz-request-id: H5PSQWN45SZ0RJ5Q
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 1422
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 791400231c37b4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 0 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 498
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sun, 29 Jan 2023 18:23:43 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=4qx1VV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hTdHlSVCUyRnpGZ2R3T09HYm4lMkZCdXNQbA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=HL-t-180M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hURDBiQWI4TFFJek1pZzklMkZzYUxkN3I; expires=Fri, 23 Feb 2024 18:23:43 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 372325
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=HL-t-180M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hURDBiQWI4TFFJek1pZzklMkZzYUxkN3I
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 29 Jan 2023 18:23:42 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=LlCYGV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhOcW4zVmlXJTJGdVA3ZXQxJTJGQXhPZ1hRMXlWZFRsN2p4b0olMkZEUGNkcERQNzE; expires=Fri, 23 Feb 2024 18:23:43 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 457304
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2