exe.io/st?api=f7c1724294337686fddc64d196d06fbbaeed080f&url=ouo.io/qs/irsDdjT0?s=https://megaup.net/2xTpD/3.0.1.2046.X64.rar
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 exe.io/st?api=f7c1724294337686fddc64d196d06fbbaeed080f&url=ouo.io/qs/irsDdjT0?s=https://megaup.net/2xTpD/3.0.1.2046.X64.rar
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?api=f7c1724294337686fddc64d196d06fbbaeed080f&url=ouo.io/qs/irsDdjT0?s=https://megaup.net/2xTpD/3.0.1.2046.X64.rar HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 00:22:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 04 Feb 2023 01:22:18 GMT
Location: https://exe.io/st?api=f7c1724294337686fddc64d196d06fbbaeed080f&url=ouo.io/qs/irsDdjT0?s=https://megaup.net/2xTpD/3.0.1.2046.X64.rar
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjaGNM9pO5K83PEc8VESPOCWtaQIciwr4gfbVLsMRjZFoE1VyepkgwGobnze2UzZqI95fYGFKmR50hCUsdSZeR5BLS6deSNv9NXcq6zbDajPNTRrat3zmgI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793f404af95bb50c-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2194
Expires: Sat, 04 Feb 2023 00:58:52 GMT
Date: Sat, 04 Feb 2023 00:22:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2377
Expires: Sat, 04 Feb 2023 01:01:55 GMT
Date: Sat, 04 Feb 2023 00:22:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 23:43:35 GMT
content-type: application/json
age: 2323
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14119
Expires: Sat, 04 Feb 2023 04:17:37 GMT
Date: Sat, 04 Feb 2023 00:22:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1a4349540094a809bce706f7bc456701
cc81b790539992a296de4646a9583029dbc2b332
81302e4e5bdbabc2535193208e39ed84eab03d7bd66d004a1ac8182bf200f43c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4266
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:18 GMT
Last-Modified: Fri, 03 Feb 2023 23:11:12 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QFwn6miEoR2lPNdJwxD7yhk9Z1oqz634L+2XIHa9mQ0pHCjKcpP8J7Z+K6yU8icghSeNBJWf1yo=
x-amz-request-id: 55XMF1WFS7VV5J15
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 23:52:36 GMT
age: 1782
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 00:22:18 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1a4349540094a809bce706f7bc456701
cc81b790539992a296de4646a9583029dbc2b332
81302e4e5bdbabc2535193208e39ed84eab03d7bd66d004a1ac8182bf200f43c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4266
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:18 GMT
Last-Modified: Fri, 03 Feb 2023 23:11:12 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash f07a308239b88547db8545f32dfb948d
43e90a8e856f7224e61f0c1ca5f0a17c23f03dbf
f2d9e4c281ad9dc81e294ad8f4b5522fe8f4585eb7c092f9919094267696c2c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3794
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:18 GMT
Last-Modified: Fri, 03 Feb 2023 23:19:04 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 00:07:19 GMT
age: 899
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7773
Expires: Sat, 04 Feb 2023 02:31:52 GMT
Date: Sat, 04 Feb 2023 00:22:19 GMT
Connection: keep-alive
exeo.app/css/continue.css
104.26.8.233200 OK 42 kB URL HTTP/2 exeo.app/css/continue.css
IP 104.26.8.233:0
File type ASCII text, with very long lines (65079)
Hash 308291f048f38ab2a59de0c0a72e9f17
f9ad411280271d00d60d0fe061c477056883704c
9e10c27fbb309cfac177e4f3e4958bee63beaf1f427b75eb629e9f74eef36b61
GET /css/continue.css HTTP/1.1
Host: exeo.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/jr00w
Cookie: AppSession=76e6c901d4e3a17d66bf657131a5e42d; csrfToken=957cd9e7c30e7f099342537bb3d9461f7b3cdeca239105a31766c917a7e1f5c8a491fb2fd3dc9e2368cb0b90fb38837bc8dca0cb303e6091a23963cb1a7590d7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:19 GMT
content-type: text/css
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=211688
expires: Fri, 10 Feb 2023 22:59:15 GMT
last-modified: Mon, 12 Dec 2022 17:28:40 GMT
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 1992184
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNmN8ovdgME20UhuNpMQsm7kEVPrs9%2FGUtCcKxM8fG1TRrjG5VbRdCMONcBIS%2F0CDvw96iOlBYCcc%2BDyVZDrEtdljyNfhJ%2FDHBhurWf0%2B%2FFYlisZZwUFwOkk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793f4051f8c0b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
exe.io/img/logo_sm.png
188.114.96.1200 OK 11 kB IP 188.114.96.1:0
File type PNG image data, 262 x 110, 8-bit/color RGBA, non-interlaced\012- data
Hash babf1df3467cca81bd9fdd5540a70b3d
ab768d826851da1b84b22e14f4facfda137500f4
c63f2781570d012d67b1e5ed27544bf90097a71ca5ddbbcd86a98a0f52871534
GET /img/logo_sm.png HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:19 GMT
content-type: image/png
content-length: 10989
x-frame-options: SAMEORIGIN
last-modified: Sun, 28 Mar 2021 18:01:57 GMT
cache-control: max-age=31536000
expires: Thu, 25 Jan 2024 22:31:11 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 784268
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9LK%2BerNJZCGBruGDGwO4GbanxHrUi%2FKr7LHhCEGioSC9w9NsbwZLL5G5vwVl4DvllUqu89iLP6iA9GyCm7Ho7wIagtnXvDhrAK4xhSw2K2ce0PRCe3%2BwGQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793f40522f1f1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-135952122-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-135952122-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 19f2cea2ee4e25c783c26f140a832e58
5c288ce2fa5d85061a9bde6accc60d36e284d672
846c6db26b749a8df2be4d73d5c533d2d077b535992eadb725a63ea95237c3e1
GET /gtag/js?id=UA-135952122-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 00:22:19 GMT
expires: Sat, 04 Feb 2023 00:22:19 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 Feb 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43884
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2064830a6151b4c6f387aef12eec13c1
f1bfbe5443c6b6e1a9ee8640c669730e2c68832d
ee81d1c66b24523072725fd94696a6d3910d9b02f453b2b313d9a178dce63431
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 691
Cache-Control: max-age=149895
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Etag: "63dd490f-116"
Expires: Sun, 05 Feb 2023 18:00:34 GMT
Last-Modified: Fri, 03 Feb 2023 17:49:03 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.149.13.193101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.13.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: px624ktLI7UFIi3s/rZVFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Q14zwjeq6FurNKyDtQlcEcSBsK4=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cafdf1177f73188f68d142173150cd3b
99a911360b81680d4975e9ee6d6a29a1a83f8fc8
a561e7cabcdf6d311d3d5dd5cb19404efbde579881d78b139ce52d3c6eda6592
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4716
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Last-Modified: Fri, 03 Feb 2023 23:03:43 GMT
Server: ECS (amb/6BBA)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ed2d9b1629250698c3430eb097d9db1b
a4df64e2f353f8111bfe830bac08ceacbacc6c06
c748139fc4c6762ac1358d08ac7f2f44f7c1bd0b83dd56ffa8696bf7bdcfdca1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C748139FC4C6762AC1358D08AC7F2F44F7C1BD0B83DD56FFA8696BF7BDCFDCA1"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1516
Expires: Sat, 04 Feb 2023 00:47:35 GMT
Date: Sat, 04 Feb 2023 00:22:19 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash cafdf1177f73188f68d142173150cd3b
99a911360b81680d4975e9ee6d6a29a1a83f8fc8
a561e7cabcdf6d311d3d5dd5cb19404efbde579881d78b139ce52d3c6eda6592
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4716
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Last-Modified: Fri, 03 Feb 2023 23:03:43 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fccfe85480943e75c92061cda7f8de93
4c547379f5d25e4715516d6935a85d1d04f97045
0469ee3520b2afe0beb69802c351928286e2817890e5feda9638db277d8b9717
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0469EE3520B2AFE0BEB69802C351928286E2817890E5FEDA9638DB277D8B9717"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Sat, 04 Feb 2023 01:07:33 GMT
Date: Sat, 04 Feb 2023 00:22:19 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fccfe85480943e75c92061cda7f8de93
4c547379f5d25e4715516d6935a85d1d04f97045
0469ee3520b2afe0beb69802c351928286e2817890e5feda9638db277d8b9717
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0469EE3520B2AFE0BEB69802C351928286E2817890E5FEDA9638DB277D8B9717"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Sat, 04 Feb 2023 01:07:33 GMT
Date: Sat, 04 Feb 2023 00:22:19 GMT
Connection: keep-alive
exeo.app/jr00w
104.26.8.233200 OK 153 kB IP 104.26.8.233:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (59486)
Size 153 kB (152977 bytes)
Hash 5bdfce7ee48d67b44456f758ad0b6096
fc93616eb04a265c98742b499e4ac696ec46ee8c
7cb205dc40be53dfd773a1c7c77dc2896a7b3ef1347ec4c37627be9970bb2e00
GET /jr00w HTTP/1.1
Host: exeo.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exe.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:19 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
set-cookie: AppSession=76e6c901d4e3a17d66bf657131a5e42d; path=/; HttpOnly
csrfToken=957cd9e7c30e7f099342537bb3d9461f7b3cdeca239105a31766c917a7e1f5c8a491fb2fd3dc9e2368cb0b90fb38837bc8dca0cb303e6091a23963cb1a7590d7; path=/; HttpOnly
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76fQveZZu%2FGPbMaTPSgmFQ0CKuxgHpAG3q2K%2Fo%2BDnL%2FNPcS8E5W7a%2BovJgeazbcvWIyKYX0b5Xskv1%2Bic6Gb5kxk4CpuNQX8MB%2BvARldSeV9qyo8vRwjN3vJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793f4050df87b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Cc4-x5B-V-k
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Cc4-x5B-V-k
IP 142.250.74.131:0
Hash 42e4f9cd20c5a54a2fba4aff185c9246
4d289915e595e54e937c4e98869988f19ad5ab1e
be36468cea9bb9a7c639b14b45ce9ca48a17e86977c65d065b083d02f2d2141f
POST /s/gts1p5/Cc4-x5B-V-k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://exeo.app
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:52:41 GMT
expires: Tue, 30 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 365378
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
exeo.app/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675468800
104.26.8.233200 OK 14 kB URL HTTP/2 exeo.app/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675468800
IP 104.26.8.233:0
File type ASCII text, with very long lines (33902), with no line terminators
Hash e58f27afcc23b324ab941004b2dca0b7
09142afc08fe3bebfc31c5a5b01bc6657fa3788a
6ff901f7321698ae8d557c228f9a9521f7d6d9ea052ff815155dc0206f9babb0
GET /cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1675468800 HTTP/1.1
Host: exeo.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: AppSession=76e6c901d4e3a17d66bf657131a5e42d; csrfToken=957cd9e7c30e7f099342537bb3d9461f7b3cdeca239105a31766c917a7e1f5c8a491fb2fd3dc9e2368cb0b90fb38837bc8dca0cb303e6091a23963cb1a7590d7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:19 GMT
content-type: application/javascript; charset=UTF-8
x-control-type-options: nosniff
cache-control: max-age=14400, public
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BW1OivLmdAG0F6iZGUbL8Gu3zzkWic9gvUJSnE08xbGadUpXqsU6Bwe7LVFUIidAzL5xxhK4o8VmyDy3Xln8xmzfdAeUludjK%2Ba7BzCGhV1BrhT1uX9mDlMu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793f40540ac2b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 2064830a6151b4c6f387aef12eec13c1
f1bfbe5443c6b6e1a9ee8640c669730e2c68832d
ee81d1c66b24523072725fd94696a6d3910d9b02f453b2b313d9a178dce63431
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5008
Cache-Control: max-age=154212
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Etag: "63dd490f-116"
Expires: Sun, 05 Feb 2023 19:12:31 GMT
Last-Modified: Fri, 03 Feb 2023 17:49:03 GMT
Server: ECS (amb/6BBA)
X-Cache: HIT
Content-Length: 278
wecouldle.com/utx?cb=3Ms20sIO7MFz&top=exeo.app&tid=889494
65.9.44.110204 No Content 0 B URL HTTP/2 wecouldle.com/utx?cb=3Ms20sIO7MFz&top=exeo.app&tid=889494
IP 65.9.44.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=3Ms20sIO7MFz&top=exeo.app&tid=889494 HTTP/1.1
Host: wecouldle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 00:22:19 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://exeo.app
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 04 Feb 2023 00:23:19 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 7f7d86a250c539fe4431535882cf4e4e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: NgXEe_usxPc7qYTHMmVhfaeyFRy5drERPs0qgHU0KbnUCmt1VtZLQA==
X-Firefox-Spdy: h2
wecouldle.com/SFlKbjMpOykDDClkKEhGOjV3SwEOfHgoV3s9f1pZfyojWkQnKCZAUCQ2PwpVOjYkGh0mPD5LAQ4AHF5hMggcBQMDIXoAaSEUPigAMDETXVcKPXgGSwQ+Cxt9MT1/IHARKygWdiodLVpUCxoDWXs/CyMsSTtgKwBhHhUeCQYBaX8AYwwyJDpdCnx4KH0hGBgIdHkhBzx5cBcOCRZ6Gw0HA3kXJyhxCmsyW1cOAzAPa3AjDQcLcRYOI3ISHj4AeC89IQ8BLGgbXAo4OiQNSxIePgB+MDY8DAEGMRsvfXADEj9/LGt7F1cyHyEPAStrCDlhOR8kOHcsES4AUR50EBRSHBgiK3AnaykAank6eAJeLBwEGVIfAyI/aw18eChjIgAdJEkRLxM7dgA4DQpLEAEMSwEOECQCcG4zOQFdOGQNCUFwDCIhZD8VGxR1Gw
65.9.44.110200 OK 1.2 kB URL HTTP/2 wecouldle.com/SFlKbjMpOykDDClkKEhGOjV3SwEOfHgoV3s9f1pZfyojWkQnKCZAUCQ2PwpVOjYkGh0mPD5LAQ4AHF5hMggcBQMDIXoAaSEUPigAMDETXVcKPXgGSwQ+Cxt9MT1/IHARKygWdiodLVpUCxoDWXs/CyMsSTtgKwBhHhUeCQYBaX8AYwwyJDpdCnx4KH0hGBgIdHkhBzx5cBcOCRZ6Gw0HA3kXJyhxCmsyW1cOAzAPa3AjDQcLcRYOI3ISHj4AeC89IQ8BLGgbXAo4OiQNSxIePgB+MDY8DAEGMRsvfXADEj9/LGt7F1cyHyEPAStrCDlhOR8kOHcsES4AUR50EBRSHBgiK3AnaykAank6eAJeLBwEGVIfAyI/aw18eChjIgAdJEkRLxM7dgA4DQpLEAEMSwEOECQCcG4zOQFdOGQNCUFwDCIhZD8VGxR1Gw
IP 65.9.44.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3025), with no line terminators
Hash 67a9093c3c3f6a029fb82b58f57afeb2
33a74b2c795f4a5f8302b67061f73e25d7faa4c0
884598a7b8a79831bcc131e4e66f5c6c46c257e875a3d06bd5788bb684f996ae
GET /SFlKbjMpOykDDClkKEhGOjV3SwEOfHgoV3s9f1pZfyojWkQnKCZAUCQ2PwpVOjYkGh0mPD5LAQ4AHF5hMggcBQMDIXoAaSEUPigAMDETXVcKPXgGSwQ+Cxt9MT1/IHARKygWdiodLVpUCxoDWXs/CyMsSTtgKwBhHhUeCQYBaX8AYwwyJDpdCnx4KH0hGBgIdHkhBzx5cBcOCRZ6Gw0HA3kXJyhxCmsyW1cOAzAPa3AjDQcLcRYOI3ISHj4AeC89IQ8BLGgbXAo4OiQNSxIePgB+MDY8DAEGMRsvfXADEj9/LGt7F1cyHyEPAStrCDlhOR8kOHcsES4AUR50EBRSHBgiK3AnaykAank6eAJeLBwEGVIfAyI/aw18eChjIgAdJEkRLxM7dgA4DQpLEAEMSwEOECQCcG4zOQFdOGQNCUFwDCIhZD8VGxR1Gw HTTP/1.1
Host: wecouldle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1178
date: Sat, 04 Feb 2023 00:22:19 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 7f7d86a250c539fe4431535882cf4e4e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: IYbRgTwInAEEhl1MXYJA-2vxyKA-TKnN58Ywz_sPRWEjtnuDGPZijQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Cc4-x5B-V-k
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Cc4-x5B-V-k
IP 142.250.74.131:0
Hash 42e4f9cd20c5a54a2fba4aff185c9246
4d289915e595e54e937c4e98869988f19ad5ab1e
be36468cea9bb9a7c639b14b45ce9ca48a17e86977c65d065b083d02f2d2141f
POST /s/gts1p5/Cc4-x5B-V-k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/Cc4-x5B-V-k
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Cc4-x5B-V-k
IP 142.250.74.131:0
Hash 42e4f9cd20c5a54a2fba4aff185c9246
4d289915e595e54e937c4e98869988f19ad5ab1e
be36468cea9bb9a7c639b14b45ce9ca48a17e86977c65d065b083d02f2d2141f
POST /s/gts1p5/Cc4-x5B-V-k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fccfe85480943e75c92061cda7f8de93
4c547379f5d25e4715516d6935a85d1d04f97045
0469ee3520b2afe0beb69802c351928286e2817890e5feda9638db277d8b9717
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0469EE3520B2AFE0BEB69802C351928286E2817890E5FEDA9638DB277D8B9717"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2714
Expires: Sat, 04 Feb 2023 01:07:33 GMT
Date: Sat, 04 Feb 2023 00:22:19 GMT
Connection: keep-alive
edhimasifiwoery.xyz/cTJHeEheDSQLdRBkFTYtOWAlIQAZfRUUDhpUdxQJJHUVXXo3YxI1bgVbI0VwRQF1TnlXQi4cdUAKYQs8EEYyC3VAFC4WLh4PYQ51QBx3VnpfAGENdUAUMwgpFg92XjgFRitFeUcFckx/QQNwSn5BBQ
172.67.136.172204 No Content 0 B URL HTTP/2 edhimasifiwoery.xyz/cTJHeEheDSQLdRBkFTYtOWAlIQAZfRUUDhpUdxQJJHUVXXo3YxI1bgVbI0VwRQF1TnlXQi4cdUAKYQs8EEYyC3VAFC4WLh4PYQ51QBx3VnpfAGENdUAUMwgpFg92XjgFRitFeUcFckx/QQNwSn5BBQ
IP 172.67.136.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cTJHeEheDSQLdRBkFTYtOWAlIQAZfRUUDhpUdxQJJHUVXXo3YxI1bgVbI0VwRQF1TnlXQi4cdUAKYQs8EEYyC3VAFC4WLh4PYQ51QBx3VnpfAGENdUAUMwgpFg92XjgFRitFeUcFckx/QQNwSn5BBQ HTTP/1.1
Host: edhimasifiwoery.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 00:22:19 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrrSOmczg0WA7WoEjwfRf%2F5HuXunZpZt8J%2F0DBVjRaB6GELi5ZaZDWT8ReIborYRoDskgTmwsihHwkUCMqcaCQORSXj5NBTPUqJP%2BrmxdDNfRJt2vfT7viC2SpGNR4%2BWv43bEA1U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793f40548801b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wecouldle.com/utx?cb=XBDMZKCUKWTh&top=exeo.app&tid=822524
65.9.44.110204 No Content 0 B URL HTTP/2 wecouldle.com/utx?cb=XBDMZKCUKWTh&top=exeo.app&tid=822524
IP 65.9.44.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=XBDMZKCUKWTh&top=exeo.app&tid=822524 HTTP/1.1
Host: wecouldle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 00:22:19 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://exeo.app
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 04 Feb 2023 00:23:19 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 7f7d86a250c539fe4431535882cf4e4e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: vOS2uhTCDRK_Iup_zmn3TRz5sarPVbGC4okY_ywaP-wpJ0UwlEWQWA==
X-Firefox-Spdy: h2
cdntechone.com/stattag.js
188.114.96.1200 OK 7.9 kB URL HTTP/2 cdntechone.com/stattag.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (17301), with no line terminators
Hash d2550e8941543b8e1f9601dee00770ce
711165976f7a3ba93299844bde68e18da601f2f2
a34c89a1261b6094683834aa4487ca32a2ad8dcc22138bf855d59e5baf182156
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:19 GMT
content-type: application/javascript
last-modified: Fri, 03 Feb 2023 16:30:45 GMT
etag: W/"63dd36b5-4395"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6412
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CA8A3TUsedgcj3cxQ63DWXsrEqtDoT%2BX8IrFsudCLX1XE9MiaaKelI9jy3jYU9lte6MxV2zcXsQxU2w6u1tvn%2BPT8v0kQA%2FrFCp8hUTr24IiYCE5krKGG5oay5HBotokg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f40537ed3b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
edhimasifiwoery.xyz/RUVwb2JqehMcXxx3KiAALnQSOTp8EhYpJBYhHDVHdwclKTB3E0MERDEsFFJafXxEVlZjNRkLX3RjAxsDMTADUlNjLB4JDXhjBlJTa3ZEQVF0a0JJF3h0VhsSJCJNXkQ1MQQDX3RzR1pWcnVBWFBwfEA
172.67.136.172204 No Content 0 B URL HTTP/2 edhimasifiwoery.xyz/RUVwb2JqehMcXxx3KiAALnQSOTp8EhYpJBYhHDVHdwclKTB3E0MERDEsFFJafXxEVlZjNRkLX3RjAxsDMTADUlNjLB4JDXhjBlJTa3ZEQVF0a0JJF3h0VhsSJCJNXkQ1MQQDX3RzR1pWcnVBWFBwfEA
IP 172.67.136.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /RUVwb2JqehMcXxx3KiAALnQSOTp8EhYpJBYhHDVHdwclKTB3E0MERDEsFFJafXxEVlZjNRkLX3RjAxsDMTADUlNjLB4JDXhjBlJTa3ZEQVF0a0JJF3h0VhsSJCJNXkQ1MQQDX3RzR1pWcnVBWFBwfEA HTTP/1.1
Host: edhimasifiwoery.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 00:22:19 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqJKr9pRtmZ53XTF95Fjfg1v7bGM1epHpz8Ww0c7sAPyMUVaGfneJiLyLENpfGp7QYYDImKPX18R0uVFY1JW2vN1gXQUnVkQEPfKz7DxxkApIaeHwb53urNKvsneTTxO0IBrP26%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793f4054d82cb4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
edhimasifiwoery.xyz/SkRTT3BlezA8TRADJwMpJhIHFx4EFQkZQRkhBRkZHBIZdiYdCXU7GS55a31Cf3ZnaQAjIG5+VjkwMjsFOXliaRkkIjxyVjx5YmFDfmpgfl54YiZyQWwwIy4Xd3V1PwQ+KG5+Rn1xZ3hAe3NhekN6
172.67.136.172204 No Content 0 B URL HTTP/2 edhimasifiwoery.xyz/SkRTT3BlezA8TRADJwMpJhIHFx4EFQkZQRkhBRkZHBIZdiYdCXU7GS55a31Cf3ZnaQAjIG5+VjkwMjsFOXliaRkkIjxyVjx5YmFDfmpgfl54YiZyQWwwIy4Xd3V1PwQ+KG5+Rn1xZ3hAe3NhekN6
IP 172.67.136.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /SkRTT3BlezA8TRADJwMpJhIHFx4EFQkZQRkhBRkZHBIZdiYdCXU7GS55a31Cf3ZnaQAjIG5+VjkwMjsFOXliaRkkIjxyVjx5YmFDfmpgfl54YiZyQWwwIy4Xd3V1PwQ+KG5+Rn1xZ3hAe3NhekN6 HTTP/1.1
Host: edhimasifiwoery.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 00:22:19 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqOu7Lb%2BYK9jjZo7i6xPBF25%2BIEQ5%2BsGCIFRglAY6Hz0um%2FXqgDtJVuzM0PYGdNGY0pAeN28un%2B03RoyplEqxxhIh0Gb54sNsU4OmEWw7PxR02X4yQ%2Fd%2BBjK9zXaYjrYcH9B2Uhs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793f4054d82eb4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Cc4-x5B-V-k
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Cc4-x5B-V-k
IP 142.250.74.131:0
Hash 42e4f9cd20c5a54a2fba4aff185c9246
4d289915e595e54e937c4e98869988f19ad5ab1e
be36468cea9bb9a7c639b14b45ce9ca48a17e86977c65d065b083d02f2d2141f
POST /s/gts1p5/Cc4-x5B-V-k HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wecouldle.com/MWM5SkJQAVonfVBeW2w3Qw8Eb3B3RgsMJgIHDH4oBhBQfjVeElVkIV0MTC4kQwxXPmxfBk1vcHcqWwwXSQJXJRJ+DwEHEGMEARwUVSBhJyF0NHx/CWFTcAwEcxtWGHMJKnYLenApQAggdlBKGwNGEFQMOgUieg0lczd7Ewx+UmMSGnAIDh8uVS9qIBBnIHwuG1JTbCsEYAdWHTp4KnsgEHgrUQcKfiFaLAUAJg0SKnA3eA4uYDcJLTNoIQArGgBWVQ0QATd4IARUK2gmCGsUfA8GWg9XCxRFKGgnF2Q0bSIIaxR8LgdGKVMIFwgpdSQDdTReACNoMRQYGH4mVSQDYwR0GRVrFG56MmsGTgwGaVIMJhRWW2MIOF42bg46VDloCCNiDwgmA3RacBIGfzp+CHp6LFImEmIgSSEDZ1psEgp/Jm96MRcJSiUsQV5PfzBlOQgHGAYtczA7VhA
65.9.44.110200 OK 1.2 kB URL HTTP/2 wecouldle.com/MWM5SkJQAVonfVBeW2w3Qw8Eb3B3RgsMJgIHDH4oBhBQfjVeElVkIV0MTC4kQwxXPmxfBk1vcHcqWwwXSQJXJRJ+DwEHEGMEARwUVSBhJyF0NHx/CWFTcAwEcxtWGHMJKnYLenApQAggdlBKGwNGEFQMOgUieg0lczd7Ewx+UmMSGnAIDh8uVS9qIBBnIHwuG1JTbCsEYAdWHTp4KnsgEHgrUQcKfiFaLAUAJg0SKnA3eA4uYDcJLTNoIQArGgBWVQ0QATd4IARUK2gmCGsUfA8GWg9XCxRFKGgnF2Q0bSIIaxR8LgdGKVMIFwgpdSQDdTReACNoMRQYGH4mVSQDYwR0GRVrFG56MmsGTgwGaVIMJhRWW2MIOF42bg46VDloCCNiDwgmA3RacBIGfzp+CHp6LFImEmIgSSEDZ1psEgp/Jm96MRcJSiUsQV5PfzBlOQgHGAYtczA7VhA
IP 65.9.44.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3049), with no line terminators
Hash 8749d2035dc16484a896f20af66c1e29
10be432d61cd34ff9072298dfd3e5969018ce8c2
84ad0f73bb572ba7b922772958bb3a669df6cf433c479439e4b7bbad42fa4cb5
GET /MWM5SkJQAVonfVBeW2w3Qw8Eb3B3RgsMJgIHDH4oBhBQfjVeElVkIV0MTC4kQwxXPmxfBk1vcHcqWwwXSQJXJRJ+DwEHEGMEARwUVSBhJyF0NHx/CWFTcAwEcxtWGHMJKnYLenApQAggdlBKGwNGEFQMOgUieg0lczd7Ewx+UmMSGnAIDh8uVS9qIBBnIHwuG1JTbCsEYAdWHTp4KnsgEHgrUQcKfiFaLAUAJg0SKnA3eA4uYDcJLTNoIQArGgBWVQ0QATd4IARUK2gmCGsUfA8GWg9XCxRFKGgnF2Q0bSIIaxR8LgdGKVMIFwgpdSQDdTReACNoMRQYGH4mVSQDYwR0GRVrFG56MmsGTgwGaVIMJhRWW2MIOF42bg46VDloCCNiDwgmA3RacBIGfzp+CHp6LFImEmIgSSEDZ1psEgp/Jm96MRcJSiUsQV5PfzBlOQgHGAYtczA7VhA HTTP/1.1
Host: wecouldle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1198
date: Sat, 04 Feb 2023 00:22:19 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 7f7d86a250c539fe4431535882cf4e4e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: yMmJFM3frELH71NJGHU9Sju9-6bNf7Q-gpQ6fFZHMTMrOHB47gcvgQ==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 71c8111ac9d63deac2a414c0a64fcc9b
855b767fc93c000b338e25e6342d93611447d677
9eb3105d541665d69b5a23b32ed483f71616fd390d47a44f32eb20cb8ba1f7a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 00:22:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 14:07:11 GMT
Expires: Thu, 09 Feb 2023 14:07:10 GMT
Etag: "855b767fc93c000b338e25e6342d93611447d677"
Cache-Control: max-age=480890,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793f4055ec0ab4f4-OSL
d3d54j7si4woql.cloudfront.net/YV0RzQVk0Kx0nZiMtF3xhY3dBd2hxLgAuNyd5NCYrbxEbDg4gCCI7HwRiBzs9anRVLTg5I05nPDknTnB/NiARfG1xMRJ8NDg+Gi01NmFBB2x5dFZzaX8zGi89ODMAZGtnKgdka2d1Q29pcncxZGtnMxovb2NhQAN8ZXQLd21ydzFka2c2BWRqFnVDdHdnbV-ZzaTAhECo2cnY1c2lmdENwaWZhQXE/PjYWJzYvYUEHaGdxXXF/InlC
143.204.42.218200 OK 189 B URL HTTP/2 d3d54j7si4woql.cloudfront.net/YV0RzQVk0Kx0nZiMtF3xhY3dBd2hxLgAuNyd5NCYrbxEbDg4gCCI7HwRiBzs9anRVLTg5I05nPDknTnB/NiARfG1xMRJ8NDg+Gi01NmFBB2x5dFZzaX8zGi89ODMAZGtnKgdka2d1Q29pcncxZGtnMxovb2NhQAN8ZXQLd21ydzFka2c2BWRqFnVDdHdnbV-ZzaTAhECo2cnY1c2lmdENwaWZhQXE/PjYWJzYvYUEHaGdxXXF/InlC
IP 143.204.42.218:0
File type ASCII text, with no line terminators
Hash 80bd039dbc4670a70cb973cd78b971df
e927f0e6dffbca35442dc4c96ca46667ecb67881
d6b42cf97f72eecf5c29f626b6ae3932ef00cadb6ddc2237a22a9c53c82ba0f4
GET /YV0RzQVk0Kx0nZiMtF3xhY3dBd2hxLgAuNyd5NCYrbxEbDg4gCCI7HwRiBzs9anRVLTg5I05nPDknTnB/NiARfG1xMRJ8NDg+Gi01NmFBB2x5dFZzaX8zGi89ODMAZGtnKgdka2d1Q29pcncxZGtnMxovb2NhQAN8ZXQLd21ydzFka2c2BWRqFnVDdHdnbV-ZzaTAhECo2cnY1c2lmdENwaWZhQXE/PjYWJzYvYUEHaGdxXXF/InlC HTTP/1.1
Host: d3d54j7si4woql.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wecouldle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 189
date: Sat, 04 Feb 2023 00:22:19 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: U5i0T04CjCOs0V7C_RTy74ux4tgXpAjBzZSymyYIx4x9cO7p84yJdA==
X-Firefox-Spdy: h2
datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
139.45.195.253200 OK 2 B URL HTTP/1.1 datatechone.com/log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697
IP 139.45.195.253:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=099bff94-57af-4b2b-a42c-300c65c51697 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1189
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 04 Feb 2023 00:22:19 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://exeo.app
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
d3d54j7si4woql.cloudfront.net/ecXYzOTgSGV1fBwUfVwQASU8HAAxXHEBWVgFLcQFsRydaVkwbAwYJcBRQR0NcTEYVVVkfEQ4fXR8VDggeEBJRBAxXAkNWU0wcS0tSEA9HUFMcUEZYBRwZSVBUHRcWC35EWAMcCkFeRFBWFRlESh1DRl1NHUNGAgkWQVMAex1DRkRQVkdCFgp6VEQDQQ5FUw-B7HUNGQU8dQjcCCQ1fRhocCkERVlpTHlMBfwpBRwMJCUFHFgsIFx9BXF4eDhYLfkBGBhcIVwMOCA
143.204.42.218200 OK 611 B URL HTTP/2 d3d54j7si4woql.cloudfront.net/ecXYzOTgSGV1fBwUfVwQASU8HAAxXHEBWVgFLcQFsRydaVkwbAwYJcBRQR0NcTEYVVVkfEQ4fXR8VDggeEBJRBAxXAkNWU0wcS0tSEA9HUFMcUEZYBRwZSVBUHRcWC35EWAMcCkFeRFBWFRlESh1DRl1NHUNGAgkWQVMAex1DRkRQVkdCFgp6VEQDQQ5FUw-B7HUNGQU8dQjcCCQ1fRhocCkERVlpTHlMBfwpBRwMJCUFHFgsIFx9BXF4eDhYLfkBGBhcIVwMOCA
IP 143.204.42.218:0
File type ASCII text, with very long lines (862), with no line terminators
Hash fc83bae5c4b3f49542038d91ff62c78d
637b8e74f7d978bfc5141c8d9e5d3caa3d37f804
0d1de3860804322bf5d4f5c33a259266c0e7c693a4865b729c035f47e4b65c86
GET /ecXYzOTgSGV1fBwUfVwQASU8HAAxXHEBWVgFLcQFsRydaVkwbAwYJcBRQR0NcTEYVVVkfEQ4fXR8VDggeEBJRBAxXAkNWU0wcS0tSEA9HUFMcUEZYBRwZSVBUHRcWC35EWAMcCkFeRFBWFRlESh1DRl1NHUNGAgkWQVMAex1DRkRQVkdCFgp6VEQDQQ5FUw-B7HUNGQU8dQjcCCQ1fRhocCkERVlpTHlMBfwpBRwMJCUFHFgsIFx9BXF4eDhYLfkBGBhcIVwMOCA HTTP/1.1
Host: d3d54j7si4woql.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wecouldle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 611
date: Sat, 04 Feb 2023 00:22:19 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bjdsVzqAmgL-458EArs0EKgThVZ9m0v1c_zzDkmpNKi2ExxPWquZgg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3e050cf67675c3c19014a74517e3747
9931fd6a416e220e15ef5eccad6d0cb12edf3995
8411e23b7bfeba91b6252f15de6ed18b8cff1f752af0efc4f5429b54fccb0da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1938
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Last-Modified: Fri, 03 Feb 2023 23:50:01 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Fri, 03 Feb 2023 23:44:08 GMT
expires: Sat, 04 Feb 2023 01:44:08 GMT
cache-control: public, max-age=7200
age: 2291
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7815df9178e9a1b99aacd0e4b012d9e0
24d0c3c04404356ce1fbffabcf82fc196fa0e99c
02661905ba6f91909a98b1038f9b260f9e7e524515246775567d6ed26a0f4a48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7815df9178e9a1b99aacd0e4b012d9e0
24d0c3c04404356ce1fbffabcf82fc196fa0e99c
02661905ba6f91909a98b1038f9b260f9e7e524515246775567d6ed26a0f4a48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d3d54j7si4woql.cloudfront.net/IbFUxanoPOl8MRRg8VVdCXmcEWE5KP0IFFBxoR18IOA8AJyBbG3sQAwsmFx4ACGgBTBYNO1ZXXAk7UldLSjRVCEdYc0UaFQdoWxIIBjRIHhMHOBcfG1E4XhATADlQT0gqYB9aX15lGR0TAjFeHQlJZwEEDklnAVtKQmUUWThJZwEdEwJjBU9JLnADWgJaYR-RZOElnARgMSWZwW0pZewFDX15lVg8ZBzoUWDxeZQBaSl1lAE9IXDNYGB8KOklPSCpkAV9UXHNEV0s
143.204.42.218200 OK 505 B URL HTTP/2 d3d54j7si4woql.cloudfront.net/IbFUxanoPOl8MRRg8VVdCXmcEWE5KP0IFFBxoR18IOA8AJyBbG3sQAwsmFx4ACGgBTBYNO1ZXXAk7UldLSjRVCEdYc0UaFQdoWxIIBjRIHhMHOBcfG1E4XhATADlQT0gqYB9aX15lGR0TAjFeHQlJZwEEDklnAVtKQmUUWThJZwEdEwJjBU9JLnADWgJaYR-RZOElnARgMSWZwW0pZewFDX15lVg8ZBzoUWDxeZQBaSl1lAE9IXDNYGB8KOklPSCpkAV9UXHNEV0s
IP 143.204.42.218:0
File type ASCII text, with very long lines (687), with no line terminators
Hash 1d3764239f7fae6fd86baadc5a4ea91e
747ce2834d70f70210a417c27078203745e4baa4
fa7afe71d9934186778fcdf2d07971bd70f38ba96e8ad2607ea0ee32402cb6aa
GET /IbFUxanoPOl8MRRg8VVdCXmcEWE5KP0IFFBxoR18IOA8AJyBbG3sQAwsmFx4ACGgBTBYNO1ZXXAk7UldLSjRVCEdYc0UaFQdoWxIIBjRIHhMHOBcfG1E4XhATADlQT0gqYB9aX15lGR0TAjFeHQlJZwEEDklnAVtKQmUUWThJZwEdEwJjBU9JLnADWgJaYR-RZOElnARgMSWZwW0pZewFDX15lVg8ZBzoUWDxeZQBaSl1lAE9IXDNYGB8KOklPSCpkAV9UXHNEV0s HTTP/1.1
Host: d3d54j7si4woql.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wecouldle.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 505
date: Sat, 04 Feb 2023 00:22:19 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bhdIs44DJEIUqUZJQlUEtbuYzNCpjX5v8tXYcJ6Sm0JU5QtHh-BisA==
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.130200 OK 27 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (39302)
Hash 3c7a974a67b160886b69d029650bf82a
c140c04bc0e28c658dc1f6035e0a48f685e8e4fa
6e15f30d54b70a261c4a071b7a032864603a4cb92ef9496ac5b8f7038d8482f8
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27271
date: Sat, 04 Feb 2023 00:22:19 GMT
expires: Sat, 04 Feb 2023 00:22:19 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1472 / 787 of 1000 / last-modified: 1675465921"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j99&a=1312455163&t=pageview&_s=1&dl=https%3A%2F%2Fexeo.app%2Fjr00w&dr=https%3A%2F%2Fexe.io%2F&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=46034972&gjid=983450008&cid=1589259712.1675470173&tid=UA-135952122-1&_gid=610570141.1675470173&_r=1&_slc=1>m=457e3210&z=1665429441
216.239.32.178200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=1312455163&t=pageview&_s=1&dl=https%3A%2F%2Fexeo.app%2Fjr00w&dr=https%3A%2F%2Fexe.io%2F&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=46034972&gjid=983450008&cid=1589259712.1675470173&tid=UA-135952122-1&_gid=610570141.1675470173&_r=1&_slc=1>m=457e3210&z=1665429441
IP 216.239.32.178:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=1312455163&t=pageview&_s=1&dl=https%3A%2F%2Fexeo.app%2Fjr00w&dr=https%3A%2F%2Fexe.io%2F&ul=en-us&de=UTF-8&dt=exe.io&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=46034972&gjid=983450008&cid=1589259712.1675470173&tid=UA-135952122-1&_gid=610570141.1675470173&_r=1&_slc=1>m=457e3210&z=1665429441 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://exeo.app
date: Sat, 04 Feb 2023 00:22:19 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 391 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash 8e6cdcb94e1f2d2e9d6595267d074989
74848ab1747f3ce2d7f309bdbf82bf9f6cf19f43
0610c32ef7ec400b56865b931151409bf12b96b5df37e88c8416f327d75c311c
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Feb 2023 00:22:19 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S805345054%3A1675470139990818&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdX3n63P7mkoM10aepBvlRPe0R8IEHuzLnYx2i_aIAgyvlOovTPXmQ1nt434JZz5nNBTH0ZKQ
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-keZe9kp_G5fa0IY__VFJ0A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 391
server: GSE
set-cookie: __Host-GAPS=1:7H3RA0S-UvVXDy3ZTgCsL04MWYG6:yDR8LQ8UniCaRJM9;Path=/;Expires=Mon, 03-Feb-2025 00:22:19 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 392 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382)
Hash 0ebfb9de3db3026d708356fa4a9203be
659eb1c13789838ecdbd805964abaea491878117
85792936e74f0d853e6a338d3e8513422ab77ce4582706e043ed8ca26cf05973
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Feb 2023 00:22:20 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1980225171%3A1675470140048028&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHfXnsgZRVKLwYE29EJDtv5cIhFTR0g41okyMBDg114Tb1-TOGwFvd1mipI8a8USit82gE7F
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-Xaq3-uOQhzuOjg2DzUu0tg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:6GiHC3MxQfnVc1OmYcZdRFmfF6RIXg:nvY9IJ1Vikhp_QK1;Path=/;Expires=Mon, 03-Feb-2025 00:22:20 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.3 kB IP 142.250.74.131:0
File type gzip compressed data, max compression\012- data
Hash 48bcdb5e8060791d95aacf7b130e6cb0
d04df3ec66145b970ee3f072b492c8a734b4fce8
08f5607be26d282c908f46cdf3c4fdbfaed01a286cfbc568414699431e51b2c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=exeo.app
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=exeo.app
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=exeo.app HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 00:22:20 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=exeo.app
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=exeo.app
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=exeo.app HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 00:22:20 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 2.7 kB URL HTTP/2 9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sat, 04 Feb 2023 00:22:20 GMT
expires: Sun, 04 Feb 2024 00:22:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3e050cf67675c3c19014a74517e3747
9931fd6a416e220e15ef5eccad6d0cb12edf3995
8411e23b7bfeba91b6252f15de6ed18b8cff1f752af0efc4f5429b54fccb0da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1939
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:20 GMT
Last-Modified: Fri, 03 Feb 2023 23:50:01 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020201&st=env
142.250.74.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020201&st=env
IP 142.250.74.162:0
File type JSON data\012- , ASCII text, with very long lines (14602), with no line terminators
Hash 9e218e80d77e67c72182ae9c9df6fd21
fdfad9ef0c2f4e526407136330a51c8ea03622b7
bb037881f6d4b1fb08dd490d14e351030a340f722da20c05ef7bbdcc57d76f6b
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023020201&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 04 Feb 2023 00:22:20 GMT
server: cafe
content-length: 11018
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash bf7176f53ae48e2937606ec6a3183894
72d62284ef50bfcd25d89230b976e7801aa9fb61
8018ea43e6fb413dbfeef29775f4606cd81178505f36344434da57ec5d728033
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3829
Cache-Control: max-age=134308
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:20 GMT
Etag: "63dcffeb-117"
Expires: Sun, 05 Feb 2023 13:40:48 GMT
Last-Modified: Fri, 03 Feb 2023 12:36:59 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 707bbc8a805b920528f43d3b19e9e41f
d33afb3c6b479050987b8ffa9ca64f574656af87
2e840eb2feba7a5a9c565c16c78c0c4ecbaa6273b9c77d97548b4d5c58ae2011
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
216.58.207.193200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1605)
Hash aeaebc4fec11dcafa566897f3b2aa937
7b4507c8793c1ce833dccaeb7dbc956c1fd06668
c23b4a16d9468c0018f502492594408fc809fc0fe003aed2f1145ba3dca87bae
GET /pagead/js/r20230201/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7647
x-xss-protection: 0
date: Fri, 03 Feb 2023 21:43:53 GMT
expires: Fri, 17 Feb 2023 21:43:53 GMT
cache-control: public, max-age=1209600
age: 9507
etag: 2161395064574532456
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 04 Feb 2023 00:22:20 GMT
expires: Sat, 04 Feb 2023 00:22:20 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY-ueEvQEwAQ&v=APEucNXsc-mooYGhV1EVVxvnC4Up-6x3YYiK7SwjHNe7ynghCCYRl0qedHK89VPzSzpmMvyNYPQL_7wYa1vfksB3A6X1_zMP7-nRHv1pOXQ3iMyTh1lZvLx0OLNpbcKYzs2gOFvNDYonhalkRCd4ONBTMt1hCbOx9VfBA_oEGws3eQXCxm57_BJJDCUmhsP5Hn1cE4GVq6SUfBf7D4P4lw-mkk5rVgZAAA
142.250.74.98200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY-ueEvQEwAQ&v=APEucNXsc-mooYGhV1EVVxvnC4Up-6x3YYiK7SwjHNe7ynghCCYRl0qedHK89VPzSzpmMvyNYPQL_7wYa1vfksB3A6X1_zMP7-nRHv1pOXQ3iMyTh1lZvLx0OLNpbcKYzs2gOFvNDYonhalkRCd4ONBTMt1hCbOx9VfBA_oEGws3eQXCxm57_BJJDCUmhsP5Hn1cE4GVq6SUfBf7D4P4lw-mkk5rVgZAAA
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CJfnugEQpvPq4AIY-ueEvQEwAQ&v=APEucNXsc-mooYGhV1EVVxvnC4Up-6x3YYiK7SwjHNe7ynghCCYRl0qedHK89VPzSzpmMvyNYPQL_7wYa1vfksB3A6X1_zMP7-nRHv1pOXQ3iMyTh1lZvLx0OLNpbcKYzs2gOFvNDYonhalkRCd4ONBTMt1hCbOx9VfBA_oEGws3eQXCxm57_BJJDCUmhsP5Hn1cE4GVq6SUfBf7D4P4lw-mkk5rVgZAAA HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 00:22:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 00:37:20 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 00:22:20 GMT
cache-control: private
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
172.217.21.162200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 172.217.21.162:0
File type ASCII text, with very long lines (3504)
Hash 40b8ffdc606e81703c5f6a39df96f373
0a39b905fe6b8f947d256b01614abcdd27baef65
93cfc3bdb53008e8640dee5f3e7515b10a9b2959e69d8f2919f3d243cf547f36
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 49146
date: Sat, 04 Feb 2023 00:22:20 GMT
expires: Sat, 04 Feb 2023 00:22:20 GMT
cache-control: private, max-age=3000
etag: "1675254965429469"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/NK8pNQwXpzI
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NK8pNQwXpzI
IP 142.250.74.131:0
Hash 7f3414a5325ee1ef24fa95b3a59f7256
bb8db75411bcf9f6ee64d2defebaafc41291ff89
c36ae8406b9e5ecdc9d0fe12d0b4db4ad5f84a7ce62816ce7d106c4c452534fb
POST /s/gts1p5/NK8pNQwXpzI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:20 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY-ueEvQEwAQ&v=APEucNUjDZzvctSfC4ya6aBrzaF85UhhWEjw10DyeyYxU37qsN9WpXpBV57Wy4wMWFkvrNy3kDW_ULpb_ZmKCxGcMcQQ_SjmtFxkJZHmMkSF3FkfDiTi_nWBp1jVHf9Vw0qfv7EtaQDzMmo54o4CfjceeE3yONnNtk9LghMh-oCdnxyuf3tXkkrNByRYfth2kVhOm_aK3iDXA1mzoWjZX01nBGYmhWb5PQ
142.250.74.98200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIY-ueEvQEwAQ&v=APEucNUjDZzvctSfC4ya6aBrzaF85UhhWEjw10DyeyYxU37qsN9WpXpBV57Wy4wMWFkvrNy3kDW_ULpb_ZmKCxGcMcQQ_SjmtFxkJZHmMkSF3FkfDiTi_nWBp1jVHf9Vw0qfv7EtaQDzMmo54o4CfjceeE3yONnNtk9LghMh-oCdnxyuf3tXkkrNByRYfth2kVhOm_aK3iDXA1mzoWjZX01nBGYmhWb5PQ
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CJfnugEQpvPq4AIY-ueEvQEwAQ&v=APEucNUjDZzvctSfC4ya6aBrzaF85UhhWEjw10DyeyYxU37qsN9WpXpBV57Wy4wMWFkvrNy3kDW_ULpb_ZmKCxGcMcQQ_SjmtFxkJZHmMkSF3FkfDiTi_nWBp1jVHf9Vw0qfv7EtaQDzMmo54o4CfjceeE3yONnNtk9LghMh-oCdnxyuf3tXkkrNByRYfth2kVhOm_aK3iDXA1mzoWjZX01nBGYmhWb5PQ HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 00:22:20 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 00:37:20 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 00:22:20 GMT
cache-control: private
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7812
Expires: Sat, 04 Feb 2023 02:32:32 GMT
Date: Sat, 04 Feb 2023 00:22:20 GMT
Connection: keep-alive
cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182866&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hqgMuIz--ae1xPrbTo5Thq&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&turl=https://exeo.app/jr00w&DVP_PP_BUNDLE_ID=
95.101.11.115200 OK 1.9 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182866&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hqgMuIz--ae1xPrbTo5Thq&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&turl=https://exeo.app/jr00w&DVP_PP_BUNDLE_ID=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (536)
Hash 87b6182d03ee779aa68e37632f67656e
fac511e36df5215ae95ad7d03c4984e5ffcb7f6e
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
GET /dvbs_src.js?ctx=1828362&cmp=115750&plc=5182866&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hqgMuIz--ae1xPrbTo5Thq&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&turl=https://exeo.app/jr00w&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycds6p1jm1dM37ZrGE7degj1PHtVHSCOhkWg3tNxtDa8jls04Qf_pWilJX59SK2PF90mCXMWOvLDiSS4yJ4B9Ex0-uw
Cache-Control: max-age=86400
Expires: Wed, 18 Jan 2023 15:48:02 GMT
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1922
x-goog-meta-pipeline-id: 742670731
x-goog-meta-previous-generation-number: 1673253614982549
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
x-goog-storage-class: STANDARD
Accept-Ranges: bytes
Content-Length: 1922
Server: UploadServer
Date: Sat, 04 Feb 2023 00:22:20 GMT
Connection: keep-alive
cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hqgMuIz--ae1xPrbTo5Thq&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&turl=https://exeo.app/jr00w&DVP_PP_BUNDLE_ID=
95.101.11.115200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hqgMuIz--ae1xPrbTo5Thq&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&turl=https://exeo.app/jr00w&DVP_PP_BUNDLE_ID=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash 558236d14c2aba66c3914c13a1854592
6f67ca562bf15c1a23254b80111d11d99260eff7
ae734998083e7b4a03942d17ae10e83c9d5ff2a75ad66fadfe7eb8acab3bf23f
GET /dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hqgMuIz--ae1xPrbTo5Thq&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&turl=https://exeo.app/jr00w&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 10:02:56 GMT
Accept-Ranges: bytes
ETag: "0c8245b2436d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3338
Date: Sat, 04 Feb 2023 00:22:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac51fd6789cbe19c2d484c9022b0e39
bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9
300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:30:36 GMT
age: 6704
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 37c26fb09f8a09fdc910d20b97d6f079
5d7848dc1152b81bf53c10fee9e26e20a01b0f02
740e3d2348357db713554ff75471d18ad9d2a2e810f71b3bab61984b026295fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "740E3D2348357DB713554FF75471D18AD9D2A2E810F71B3BAB61984B026295FD"
Last-Modified: Thu, 02 Feb 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2647
Expires: Sat, 04 Feb 2023 01:06:27 GMT
Date: Sat, 04 Feb 2023 00:22:20 GMT
Connection: keep-alive
googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CvQHlHHcdjTArpRjnODlSjYrepX7K9NLn3EFX-w_hHf-euYbWlxmT6ufdu8nu22TI3fzM_rY_wSkDYmh2IGB7T73o6IGTVaHhpsZapc1C0qL3diuBXEOm--5O4lhMottgS_E1aJ5x7b8ijCn8wTRxYgGCjU2mTJ3lWejHMziFJIXmSXTY&cry=1&dbm_d=AKAmf-DDicE0w39v3t-VUJhDCcYG6m7i5prUK7l0b9GfXs5P2o77NnbA2v-V6EEf5igEbjcTsHt27nzUXO6ETn4wQL4fwe-oZqWSPdZd3Vlbdi4RTHdvhev7Sne-i0GSJsBHlBn09GcIoakoyxhbn8xlRm0IX8IRiVziRknhKKQp4o3HNWmOdipmDQk7PGaf1FUII6XS3FPtOCUxPusjn3M4rJ8spCyRy4WMYE-VfGDvNi514vw0DsD9kpbk5L5Rxqq_jT1UpdJQq6izQNpt3tVaTL4H_Dag-JgnTcfnANRsebGWveiIOgRCjy52b_fTEXhNUTIqt2xTWYpSKPGYzN1Xp7dfC5K2SNm9KP4AU4Mh6Gc35GtLntpQB-ffyyldYFSdKRE7QQ-17WCiBKyM1TuG-8KsX0pByqIBjPHCjRmTXNX8DnCNUGumFR2zzEvEi9HbW-UGeP8BPkx3vzKTtSd2duy_TZlo44KTCTsU5z6P-tV7XtpsZufA-doE5LsvQG1CX6sj79B6d9l0QpsID20bHfVr-YQLFarFTJ7rh_mJlNRwTszxLHQzzLVc6gXTipKyY9jOV4_quH0jQnV9pnisIWkGCiO2yB0RJnstLmwNNUqVSTPFE7r9wqX2E_1-dyFsj_cEJVO55r_foezZ7Gn8gYLZvxpW5P9PjgEM1gA5YgqVbnfVU__nopBgI347pSMSZiM4fnNc3WSiZ6UBJhD6BtfQLWdf_Y8dAUwxEEHuApFTI72rbvqKOFdhZpJjkSVlcu5VN1DhhpHzTN97sueCi1nbaDJoQnitanfsml3lz8E-QTMsy0QMxeFQ_PvKKjEptW8nno00om3gotRZLboKQddD6JOCwf9zTloJ-2dQ_K94677ReHsO0BYryQ_pN0_6um1Lu7kQXvhJmh-036asB8Pz_9FzmrIeJDWs4xfTo4Ex6TSbPMWdCI7SLxnLzlRlG7hJSl7RL7Gt9UX7lbszn0AQQCIcukQpU2r2ZKXXw13CTOfalmUtUqSwNTq4rl2oR3s30LFt7vLVdLSzr2UWdpeGN6Og6vIoc6d-iAxPXzXr8T_QuVvIAhLpnV-vs2_eP-F5qd4n-_E8CjC8hJBdNpkYcioaFtwfO_ILq_1y2KQJ4XdH0mZsio4rARgqTXkTdYzBxiulV78wo91v4qIxZCbapgjZm-etwg6GAs_PkpaacjzdncPsqZbu5CLFz68iMRR293ZZEP-GMwXyWybIVOwo1w8OkF6lT2vKCpo3sVH_PD1l1sG1uGTey1UGmemSr2v8fz0zorRx6Ng55N3PxmCSwi2GaRf17t8uh-VsDIyBLZmsA87nEq8YQGZcyHVAWgh99GfXzJK82VZLj-E1Wf38hnd0Cr88qJD4KKoV2vpgB7xwitcTsNzSKD2UECicF9d4K-tgSFK0k6xvBNqH4sXdVdIwjz7oKbDR4Ar1gKG4puv0R98syHsOW_McVygmDBFTQ5Uq3CP-Li7YbuuMxsHeJeSiS0OUJ8uvJ_19DU63p8qQ-f9SAeYSCFYndHz2tiroRs-JZG6xCMuLdbkSFb-KHMQi3tWiSK8x--3DrSV2HahZbFav08p0PEZughaTYBTbx8QZ3vK4g_eirmDqK9AnMTcDGw9euXG__90w5xpw_OGRqxXdQo-aIgI_l6kdf6Lf9_eAQoI7zab9Bpcm_eaI5Svye57ZLyslVw3Tojyy9wtZ637XV8Q34T9eYuSv_Ocu3b3ypyaCbuNyuwzRomj4rSsDgwv0hkVZBTxI2LXeaLzgLUoobALBGkoCvdMPdCM-K2xuMFMKk25vcrjeQEC9sSMWCDWi_FKFvBv3i_1ob_NweIABFJpKhPtmaI1QpQo7G7roIuIPERbktnMyDdDylyeyuTKqdV76GKihvC7LM87I8vG9ySSxihvBsmPeThjiwJwMCJpXqi8XsULL8Cf2v4rJMfgG8jZiITOfl69V_7xX-oqyUspaqr8Av0JESmuSo2vEMs_gJLEcB1vVbUjpNLrLFxRF8Iz72S3rICNtodruQIBMVFDVjI-E3xzDVLE3fEBO3HHdpF5MnQsmW8Fpb1eZ9sPcbVgVynvATuw8FEcF9z3PvMxo6iWS7BWjUsRFd_dpL31pi56Gs6IbKwjs3Zi3NzNQ2d24khGBqYVOzJ6Ne2X9J0O82p4GpSL_Ntl_uaChV_-S2T8qg8gEKOyA2Ilk0RlHQ6aNTeGx9tDaljO2aZyOC30rlu8W9ea7Thtf0X9VsK2TDr4mhl70niY5jf2mCGf6-kxsLoxDZcByc884hvShJgsQc4RYQKPYaYnD_pCcQzmjYHTMbd7RVop9vyVXbq9tHXqq4OztyhtkcsSQeTaNU1A59SwiWYq8Ub3uYxJonoGIgqaC3ckTMPSHEY9W-7q7SlzUCUsSQ3val0ne4aUpaBhbX1HCKIf1PwsKt5-0xqhudx9i3R3GdW_j4UDo9fDiVyhiFT4PDV9qrPBmEubhRpAqvtQdQhMWUQJETrwBcRVu2PtHvrlvWCdmS07STGgbsPypzQKQjw9hXimalUWa5iVGQhfCsZ4mD05YoEsQ0ppNYvs4kYncPDAnmU-b2mKViOLmLeXTYgzmCjDfzByrwdi42FJI31B7thDGFc4qY2jmyursoWSpFeoyVrSfMnafOCRjqMVTJyi8lxkKJgyCj_yv9KWXf5VIrlXT7xDfPsvtXd-qV_BiWE7AFc_DCLIGvPzUYXzDTGmEUXqQ6q1YmZQ5cIntEg_onn_L1uYIHD-Ti6RbVch0_lx7seSw0h9-0rZ8nRPH_iAFOoMmPCdoQ3h3eJejYXYhCZvRJNU4S1rTvuJQFzM89NV1KIJ67Yp78RR98uGTcjxEd6CDmBb1RidPs7efXhbKFKTo633c_XjRD-xnYBknHI6ldPq86uyXIFbhPRCy594Car7M-2mqk4uLn7PhGg-BpwaSa2X_kYZhVhkeRepqy7FAXHClrCZsa-3ugCpmoeweSub_OfkPtJDkSSqD0Q3iN-Fh9t0XZzsxNoI-Jr8B4_NTFVzMb223sQifuaTr3Wh_NPX94aE6m-I0XhFmisP1MpgPC12u-Qt8Wje_MrJDYIxK7GXDkZfHLffMSq-21yPPqOQFCY-ltBT_2cDXeCJmWXnIY4gFP1sk0Iyz94zVp2Muctgi_ckaocM_TqPQGT3AShUX1hWanrCuG65z-1wVYc1Heu46RDqA8HKU-caOtfXOceqR-YWg99pKVUX3fBYnRz8IqK6Vav68-kIjF2gvQ67ws26yu_Q3_cGCnvxbWy9GC2ca57mBmUALlmuoa-uIIb79pGjeCusZwC0apm4NysWN5vthtDEMRV3JeFyXeoTKnoIw7w&cid=CAQSSwDUE5ym6xr3TGoRPAYU2KyxbZWxwIlXOMjvk-OJhe62zIBJJGNG3ObivA-lfa0kBxxFdGNe7anMOEUubnIWzZy7ZC4J4OxxJepELhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fexeo.app%2F&ds=l&xdt=1&iif=1&cor=10389756493204339000&adk=2923430907&idt=50&cac=0&dtd=14
142.250.74.98200 OK 11 kB URL HTTP/2 googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CvQHlHHcdjTArpRjnODlSjYrepX7K9NLn3EFX-w_hHf-euYbWlxmT6ufdu8nu22TI3fzM_rY_wSkDYmh2IGB7T73o6IGTVaHhpsZapc1C0qL3diuBXEOm--5O4lhMottgS_E1aJ5x7b8ijCn8wTRxYgGCjU2mTJ3lWejHMziFJIXmSXTY&cry=1&dbm_d=AKAmf-DDicE0w39v3t-VUJhDCcYG6m7i5prUK7l0b9GfXs5P2o77NnbA2v-V6EEf5igEbjcTsHt27nzUXO6ETn4wQL4fwe-oZqWSPdZd3Vlbdi4RTHdvhev7Sne-i0GSJsBHlBn09GcIoakoyxhbn8xlRm0IX8IRiVziRknhKKQp4o3HNWmOdipmDQk7PGaf1FUII6XS3FPtOCUxPusjn3M4rJ8spCyRy4WMYE-VfGDvNi514vw0DsD9kpbk5L5Rxqq_jT1UpdJQq6izQNpt3tVaTL4H_Dag-JgnTcfnANRsebGWveiIOgRCjy52b_fTEXhNUTIqt2xTWYpSKPGYzN1Xp7dfC5K2SNm9KP4AU4Mh6Gc35GtLntpQB-ffyyldYFSdKRE7QQ-17WCiBKyM1TuG-8KsX0pByqIBjPHCjRmTXNX8DnCNUGumFR2zzEvEi9HbW-UGeP8BPkx3vzKTtSd2duy_TZlo44KTCTsU5z6P-tV7XtpsZufA-doE5LsvQG1CX6sj79B6d9l0QpsID20bHfVr-YQLFarFTJ7rh_mJlNRwTszxLHQzzLVc6gXTipKyY9jOV4_quH0jQnV9pnisIWkGCiO2yB0RJnstLmwNNUqVSTPFE7r9wqX2E_1-dyFsj_cEJVO55r_foezZ7Gn8gYLZvxpW5P9PjgEM1gA5YgqVbnfVU__nopBgI347pSMSZiM4fnNc3WSiZ6UBJhD6BtfQLWdf_Y8dAUwxEEHuApFTI72rbvqKOFdhZpJjkSVlcu5VN1DhhpHzTN97sueCi1nbaDJoQnitanfsml3lz8E-QTMsy0QMxeFQ_PvKKjEptW8nno00om3gotRZLboKQddD6JOCwf9zTloJ-2dQ_K94677ReHsO0BYryQ_pN0_6um1Lu7kQXvhJmh-036asB8Pz_9FzmrIeJDWs4xfTo4Ex6TSbPMWdCI7SLxnLzlRlG7hJSl7RL7Gt9UX7lbszn0AQQCIcukQpU2r2ZKXXw13CTOfalmUtUqSwNTq4rl2oR3s30LFt7vLVdLSzr2UWdpeGN6Og6vIoc6d-iAxPXzXr8T_QuVvIAhLpnV-vs2_eP-F5qd4n-_E8CjC8hJBdNpkYcioaFtwfO_ILq_1y2KQJ4XdH0mZsio4rARgqTXkTdYzBxiulV78wo91v4qIxZCbapgjZm-etwg6GAs_PkpaacjzdncPsqZbu5CLFz68iMRR293ZZEP-GMwXyWybIVOwo1w8OkF6lT2vKCpo3sVH_PD1l1sG1uGTey1UGmemSr2v8fz0zorRx6Ng55N3PxmCSwi2GaRf17t8uh-VsDIyBLZmsA87nEq8YQGZcyHVAWgh99GfXzJK82VZLj-E1Wf38hnd0Cr88qJD4KKoV2vpgB7xwitcTsNzSKD2UECicF9d4K-tgSFK0k6xvBNqH4sXdVdIwjz7oKbDR4Ar1gKG4puv0R98syHsOW_McVygmDBFTQ5Uq3CP-Li7YbuuMxsHeJeSiS0OUJ8uvJ_19DU63p8qQ-f9SAeYSCFYndHz2tiroRs-JZG6xCMuLdbkSFb-KHMQi3tWiSK8x--3DrSV2HahZbFav08p0PEZughaTYBTbx8QZ3vK4g_eirmDqK9AnMTcDGw9euXG__90w5xpw_OGRqxXdQo-aIgI_l6kdf6Lf9_eAQoI7zab9Bpcm_eaI5Svye57ZLyslVw3Tojyy9wtZ637XV8Q34T9eYuSv_Ocu3b3ypyaCbuNyuwzRomj4rSsDgwv0hkVZBTxI2LXeaLzgLUoobALBGkoCvdMPdCM-K2xuMFMKk25vcrjeQEC9sSMWCDWi_FKFvBv3i_1ob_NweIABFJpKhPtmaI1QpQo7G7roIuIPERbktnMyDdDylyeyuTKqdV76GKihvC7LM87I8vG9ySSxihvBsmPeThjiwJwMCJpXqi8XsULL8Cf2v4rJMfgG8jZiITOfl69V_7xX-oqyUspaqr8Av0JESmuSo2vEMs_gJLEcB1vVbUjpNLrLFxRF8Iz72S3rICNtodruQIBMVFDVjI-E3xzDVLE3fEBO3HHdpF5MnQsmW8Fpb1eZ9sPcbVgVynvATuw8FEcF9z3PvMxo6iWS7BWjUsRFd_dpL31pi56Gs6IbKwjs3Zi3NzNQ2d24khGBqYVOzJ6Ne2X9J0O82p4GpSL_Ntl_uaChV_-S2T8qg8gEKOyA2Ilk0RlHQ6aNTeGx9tDaljO2aZyOC30rlu8W9ea7Thtf0X9VsK2TDr4mhl70niY5jf2mCGf6-kxsLoxDZcByc884hvShJgsQc4RYQKPYaYnD_pCcQzmjYHTMbd7RVop9vyVXbq9tHXqq4OztyhtkcsSQeTaNU1A59SwiWYq8Ub3uYxJonoGIgqaC3ckTMPSHEY9W-7q7SlzUCUsSQ3val0ne4aUpaBhbX1HCKIf1PwsKt5-0xqhudx9i3R3GdW_j4UDo9fDiVyhiFT4PDV9qrPBmEubhRpAqvtQdQhMWUQJETrwBcRVu2PtHvrlvWCdmS07STGgbsPypzQKQjw9hXimalUWa5iVGQhfCsZ4mD05YoEsQ0ppNYvs4kYncPDAnmU-b2mKViOLmLeXTYgzmCjDfzByrwdi42FJI31B7thDGFc4qY2jmyursoWSpFeoyVrSfMnafOCRjqMVTJyi8lxkKJgyCj_yv9KWXf5VIrlXT7xDfPsvtXd-qV_BiWE7AFc_DCLIGvPzUYXzDTGmEUXqQ6q1YmZQ5cIntEg_onn_L1uYIHD-Ti6RbVch0_lx7seSw0h9-0rZ8nRPH_iAFOoMmPCdoQ3h3eJejYXYhCZvRJNU4S1rTvuJQFzM89NV1KIJ67Yp78RR98uGTcjxEd6CDmBb1RidPs7efXhbKFKTo633c_XjRD-xnYBknHI6ldPq86uyXIFbhPRCy594Car7M-2mqk4uLn7PhGg-BpwaSa2X_kYZhVhkeRepqy7FAXHClrCZsa-3ugCpmoeweSub_OfkPtJDkSSqD0Q3iN-Fh9t0XZzsxNoI-Jr8B4_NTFVzMb223sQifuaTr3Wh_NPX94aE6m-I0XhFmisP1MpgPC12u-Qt8Wje_MrJDYIxK7GXDkZfHLffMSq-21yPPqOQFCY-ltBT_2cDXeCJmWXnIY4gFP1sk0Iyz94zVp2Muctgi_ckaocM_TqPQGT3AShUX1hWanrCuG65z-1wVYc1Heu46RDqA8HKU-caOtfXOceqR-YWg99pKVUX3fBYnRz8IqK6Vav68-kIjF2gvQ67ws26yu_Q3_cGCnvxbWy9GC2ca57mBmUALlmuoa-uIIb79pGjeCusZwC0apm4NysWN5vthtDEMRV3JeFyXeoTKnoIw7w&cid=CAQSSwDUE5ym6xr3TGoRPAYU2KyxbZWxwIlXOMjvk-OJhe62zIBJJGNG3ObivA-lfa0kBxxFdGNe7anMOEUubnIWzZy7ZC4J4OxxJepELhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fexeo.app%2F&ds=l&xdt=1&iif=1&cor=10389756493204339000&adk=2923430907&idt=50&cac=0&dtd=14
IP 142.250.74.98:0
File type ASCII text, with very long lines (14888), with no line terminators
Hash 33ee822ca9f9275a4cf9d0b7021d7b43
9c5d021c112b6f93b0d49b7ae6c2c2adedf4481e
861726489972abb6531a8161f008c3935af3a91ad419e01d972c42346f967b12
GET /dbm/ad?dbm_c=AKAmf-CvQHlHHcdjTArpRjnODlSjYrepX7K9NLn3EFX-w_hHf-euYbWlxmT6ufdu8nu22TI3fzM_rY_wSkDYmh2IGB7T73o6IGTVaHhpsZapc1C0qL3diuBXEOm--5O4lhMottgS_E1aJ5x7b8ijCn8wTRxYgGCjU2mTJ3lWejHMziFJIXmSXTY&cry=1&dbm_d=AKAmf-DDicE0w39v3t-VUJhDCcYG6m7i5prUK7l0b9GfXs5P2o77NnbA2v-V6EEf5igEbjcTsHt27nzUXO6ETn4wQL4fwe-oZqWSPdZd3Vlbdi4RTHdvhev7Sne-i0GSJsBHlBn09GcIoakoyxhbn8xlRm0IX8IRiVziRknhKKQp4o3HNWmOdipmDQk7PGaf1FUII6XS3FPtOCUxPusjn3M4rJ8spCyRy4WMYE-VfGDvNi514vw0DsD9kpbk5L5Rxqq_jT1UpdJQq6izQNpt3tVaTL4H_Dag-JgnTcfnANRsebGWveiIOgRCjy52b_fTEXhNUTIqt2xTWYpSKPGYzN1Xp7dfC5K2SNm9KP4AU4Mh6Gc35GtLntpQB-ffyyldYFSdKRE7QQ-17WCiBKyM1TuG-8KsX0pByqIBjPHCjRmTXNX8DnCNUGumFR2zzEvEi9HbW-UGeP8BPkx3vzKTtSd2duy_TZlo44KTCTsU5z6P-tV7XtpsZufA-doE5LsvQG1CX6sj79B6d9l0QpsID20bHfVr-YQLFarFTJ7rh_mJlNRwTszxLHQzzLVc6gXTipKyY9jOV4_quH0jQnV9pnisIWkGCiO2yB0RJnstLmwNNUqVSTPFE7r9wqX2E_1-dyFsj_cEJVO55r_foezZ7Gn8gYLZvxpW5P9PjgEM1gA5YgqVbnfVU__nopBgI347pSMSZiM4fnNc3WSiZ6UBJhD6BtfQLWdf_Y8dAUwxEEHuApFTI72rbvqKOFdhZpJjkSVlcu5VN1DhhpHzTN97sueCi1nbaDJoQnitanfsml3lz8E-QTMsy0QMxeFQ_PvKKjEptW8nno00om3gotRZLboKQddD6JOCwf9zTloJ-2dQ_K94677ReHsO0BYryQ_pN0_6um1Lu7kQXvhJmh-036asB8Pz_9FzmrIeJDWs4xfTo4Ex6TSbPMWdCI7SLxnLzlRlG7hJSl7RL7Gt9UX7lbszn0AQQCIcukQpU2r2ZKXXw13CTOfalmUtUqSwNTq4rl2oR3s30LFt7vLVdLSzr2UWdpeGN6Og6vIoc6d-iAxPXzXr8T_QuVvIAhLpnV-vs2_eP-F5qd4n-_E8CjC8hJBdNpkYcioaFtwfO_ILq_1y2KQJ4XdH0mZsio4rARgqTXkTdYzBxiulV78wo91v4qIxZCbapgjZm-etwg6GAs_PkpaacjzdncPsqZbu5CLFz68iMRR293ZZEP-GMwXyWybIVOwo1w8OkF6lT2vKCpo3sVH_PD1l1sG1uGTey1UGmemSr2v8fz0zorRx6Ng55N3PxmCSwi2GaRf17t8uh-VsDIyBLZmsA87nEq8YQGZcyHVAWgh99GfXzJK82VZLj-E1Wf38hnd0Cr88qJD4KKoV2vpgB7xwitcTsNzSKD2UECicF9d4K-tgSFK0k6xvBNqH4sXdVdIwjz7oKbDR4Ar1gKG4puv0R98syHsOW_McVygmDBFTQ5Uq3CP-Li7YbuuMxsHeJeSiS0OUJ8uvJ_19DU63p8qQ-f9SAeYSCFYndHz2tiroRs-JZG6xCMuLdbkSFb-KHMQi3tWiSK8x--3DrSV2HahZbFav08p0PEZughaTYBTbx8QZ3vK4g_eirmDqK9AnMTcDGw9euXG__90w5xpw_OGRqxXdQo-aIgI_l6kdf6Lf9_eAQoI7zab9Bpcm_eaI5Svye57ZLyslVw3Tojyy9wtZ637XV8Q34T9eYuSv_Ocu3b3ypyaCbuNyuwzRomj4rSsDgwv0hkVZBTxI2LXeaLzgLUoobALBGkoCvdMPdCM-K2xuMFMKk25vcrjeQEC9sSMWCDWi_FKFvBv3i_1ob_NweIABFJpKhPtmaI1QpQo7G7roIuIPERbktnMyDdDylyeyuTKqdV76GKihvC7LM87I8vG9ySSxihvBsmPeThjiwJwMCJpXqi8XsULL8Cf2v4rJMfgG8jZiITOfl69V_7xX-oqyUspaqr8Av0JESmuSo2vEMs_gJLEcB1vVbUjpNLrLFxRF8Iz72S3rICNtodruQIBMVFDVjI-E3xzDVLE3fEBO3HHdpF5MnQsmW8Fpb1eZ9sPcbVgVynvATuw8FEcF9z3PvMxo6iWS7BWjUsRFd_dpL31pi56Gs6IbKwjs3Zi3NzNQ2d24khGBqYVOzJ6Ne2X9J0O82p4GpSL_Ntl_uaChV_-S2T8qg8gEKOyA2Ilk0RlHQ6aNTeGx9tDaljO2aZyOC30rlu8W9ea7Thtf0X9VsK2TDr4mhl70niY5jf2mCGf6-kxsLoxDZcByc884hvShJgsQc4RYQKPYaYnD_pCcQzmjYHTMbd7RVop9vyVXbq9tHXqq4OztyhtkcsSQeTaNU1A59SwiWYq8Ub3uYxJonoGIgqaC3ckTMPSHEY9W-7q7SlzUCUsSQ3val0ne4aUpaBhbX1HCKIf1PwsKt5-0xqhudx9i3R3GdW_j4UDo9fDiVyhiFT4PDV9qrPBmEubhRpAqvtQdQhMWUQJETrwBcRVu2PtHvrlvWCdmS07STGgbsPypzQKQjw9hXimalUWa5iVGQhfCsZ4mD05YoEsQ0ppNYvs4kYncPDAnmU-b2mKViOLmLeXTYgzmCjDfzByrwdi42FJI31B7thDGFc4qY2jmyursoWSpFeoyVrSfMnafOCRjqMVTJyi8lxkKJgyCj_yv9KWXf5VIrlXT7xDfPsvtXd-qV_BiWE7AFc_DCLIGvPzUYXzDTGmEUXqQ6q1YmZQ5cIntEg_onn_L1uYIHD-Ti6RbVch0_lx7seSw0h9-0rZ8nRPH_iAFOoMmPCdoQ3h3eJejYXYhCZvRJNU4S1rTvuJQFzM89NV1KIJ67Yp78RR98uGTcjxEd6CDmBb1RidPs7efXhbKFKTo633c_XjRD-xnYBknHI6ldPq86uyXIFbhPRCy594Car7M-2mqk4uLn7PhGg-BpwaSa2X_kYZhVhkeRepqy7FAXHClrCZsa-3ugCpmoeweSub_OfkPtJDkSSqD0Q3iN-Fh9t0XZzsxNoI-Jr8B4_NTFVzMb223sQifuaTr3Wh_NPX94aE6m-I0XhFmisP1MpgPC12u-Qt8Wje_MrJDYIxK7GXDkZfHLffMSq-21yPPqOQFCY-ltBT_2cDXeCJmWXnIY4gFP1sk0Iyz94zVp2Muctgi_ckaocM_TqPQGT3AShUX1hWanrCuG65z-1wVYc1Heu46RDqA8HKU-caOtfXOceqR-YWg99pKVUX3fBYnRz8IqK6Vav68-kIjF2gvQ67ws26yu_Q3_cGCnvxbWy9GC2ca57mBmUALlmuoa-uIIb79pGjeCusZwC0apm4NysWN5vthtDEMRV3JeFyXeoTKnoIw7w&cid=CAQSSwDUE5ym6xr3TGoRPAYU2KyxbZWxwIlXOMjvk-OJhe62zIBJJGNG3ObivA-lfa0kBxxFdGNe7anMOEUubnIWzZy7ZC4J4OxxJepELhgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fexeo.app%2F&ds=l&xdt=1&iif=1&cor=10389756493204339000&adk=2923430907&idt=50&cac=0&dtd=14 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 00:22:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 11121
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 00:37:20 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cf80667db0c35c9c6139eca4ba5d12fd
4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590
d63e69f4b6ea16333d242bf33d4f02a4a6c96a739ca018d86afc5741d85b774d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe4c16006-34b0-45cb-bb9f-46fe6dd44e3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13065
x-amzn-requestid: 54c06759-6fab-455c-be34-496ee42a2580
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZLQEqroAMFyWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d57b-2237358a5cc22b8003af1852;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:08:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oc3NhvAmcrO3msFYF2ITsEpq8a2wsOLkXtmZxRQpmse84yml0l9PNA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:46:57 GMT
age: 9323
etag: "4c4cfdc2463e8704a7bf8e1477c43b6adf7c7590"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: slDJVVNZDwjopU0kXbAvAJw4A0I_hGKXbRf9O15sXxmvu0JXe8yuPA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:59 GMT
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
age: 7461
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.doubleverify.com/dvbs_src_internal117.js
95.101.11.115200 OK 19 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src_internal117.js
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2636), with CRLF, LF line terminators
Hash cf93b15de9d1c76c1bc6fdaee5382496
26e52f0a242bff375cc54d8d33a1a416d89e2813
c290ae68279e0685c13650d1534a0cd86997420399bb67288046e61b13defb53
GET /dvbs_src_internal117.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Accept-Ranges: bytes
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 18840
Date: Sat, 04 Feb 2023 00:22:20 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182866&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gHLOyVWthQmaf4e69soPKO&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&turl=https://exeo.app/jr00w&DVP_PP_BUNDLE_ID=
95.101.11.115200 OK 1.9 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182866&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gHLOyVWthQmaf4e69soPKO&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&turl=https://exeo.app/jr00w&DVP_PP_BUNDLE_ID=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (536)
Hash 87b6182d03ee779aa68e37632f67656e
fac511e36df5215ae95ad7d03c4984e5ffcb7f6e
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
GET /dvbs_src.js?ctx=1828362&cmp=115750&plc=5182866&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gHLOyVWthQmaf4e69soPKO&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&turl=https://exeo.app/jr00w&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycds6p1jm1dM37ZrGE7degj1PHtVHSCOhkWg3tNxtDa8jls04Qf_pWilJX59SK2PF90mCXMWOvLDiSS4yJ4B9Ex0-uw
Cache-Control: max-age=86400
Expires: Wed, 18 Jan 2023 15:48:02 GMT
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1922
x-goog-meta-pipeline-id: 742670731
x-goog-meta-previous-generation-number: 1673253614982549
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
x-goog-storage-class: STANDARD
Accept-Ranges: bytes
Content-Length: 1922
Server: UploadServer
Date: Sat, 04 Feb 2023 00:22:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41580a501cc07c328e6ab6b167a110dc
a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e
0fa45161e563101b3f1293f951a3edf84c88c9f3b29bed9b54f952ca325bf21d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7101
x-amzn-requestid: 479d8004-430a-45b9-99fa-11cbcc605a7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHxqoAMFaug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-25ac3c54427748bc191fd1ba;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6h25M_XSVuTCF-9FkTtwujV0X-0-M9fvw4ouOBFmSnMWeApCSHmBsA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 7730
etag: "a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gHLOyVWthQmaf4e69soPKO&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&turl=https://exeo.app/jr00w&DVP_PP_BUNDLE_ID=
95.101.11.115200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gHLOyVWthQmaf4e69soPKO&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&turl=https://exeo.app/jr00w&DVP_PP_BUNDLE_ID=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash 558236d14c2aba66c3914c13a1854592
6f67ca562bf15c1a23254b80111d11d99260eff7
ae734998083e7b4a03942d17ae10e83c9d5ff2a75ad66fadfe7eb8acab3bf23f
GET /dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gHLOyVWthQmaf4e69soPKO&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&turl=https://exeo.app/jr00w&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 10:02:56 GMT
Accept-Ranges: bytes
ETag: "0c8245b2436d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3338
Date: Sat, 04 Feb 2023 00:22:20 GMT
Connection: keep-alive
deavynuotbrohw.xyz/NXdPSWwaSCw6UW8iJwo+BjEcLzRFRh4fFE0UBwsrYz8JeQ9wFGk9BVFKd3teAEV7bxxcE3J4SkYDLj0ZRkp8eVwEUSYnClpKf3lcBFE5dF0bRHtnXwRZfW8ZCEV+fFoMQH1wXgxOfHleDVE7OQ1SSn5vHEEDI3RdA0B6fVsFRnh6WgdH
172.67.192.123204 No Content 0 B URL HTTP/2 deavynuotbrohw.xyz/NXdPSWwaSCw6UW8iJwo+BjEcLzRFRh4fFE0UBwsrYz8JeQ9wFGk9BVFKd3teAEV7bxxcE3J4SkYDLj0ZRkp8eVwEUSYnClpKf3lcBFE5dF0bRHtnXwRZfW8ZCEV+fFoMQH1wXgxOfHleDVE7OQ1SSn5vHEEDI3RdA0B6fVsFRnh6WgdH
IP 172.67.192.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /NXdPSWwaSCw6UW8iJwo+BjEcLzRFRh4fFE0UBwsrYz8JeQ9wFGk9BVFKd3teAEV7bxxcE3J4SkYDLj0ZRkp8eVwEUSYnClpKf3lcBFE5dF0bRHtnXwRZfW8ZCEV+fFoMQH1wXgxOfHleDVE7OQ1SSn5vHEEDI3RdA0B6fVsFRnh6WgdH HTTP/1.1
Host: deavynuotbrohw.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 00:22:20 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ol1lVz05NUTt39FIMRVimB49SHDBr099UGl5M3AfPMmtq7ZjzV%2FXdfsoQJsItOsPO3nR2YrN4iOYt7vaMNJFrJOZpsx11PVnuk1u2C1ewBRpzi8CjNGsaagiEpa0sZaRHIs%2FYpw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793f405b9f4d0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 7730
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb113548-e726-4cd4-a717-242fef288126.jpeg
34.120.237.76200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb113548-e726-4cd4-a717-242fef288126.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76ce18a45923a440add58f68a794bd03
e15570e6c3b6a801b8bc7f4c8c87bb7ec071fc43
9abc1e152bd102d799d189fa3b74961cb22d17571c2ee6676d4c937c3b75da42
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb113548-e726-4cd4-a717-242fef288126.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2478
x-amzn-requestid: 8695cadd-57b2-416e-9f5b-ace8a9931ab4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyED6GP9oAMFnZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd807f-17eaa05a4aae5a6807829bd1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RrRMudbU55NOXYoDxQZ8sm2pAMUYOUfd19yHqVpSPMhYatrQTeqf-g==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:28 GMT
age: 7912
etag: "e15570e6c3b6a801b8bc7f4c8c87bb7ec071fc43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
id5-sync.com/api/esp/increment?counter=no-config
162.19.138.117204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 162.19.138.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://exeo.app
access-control-allow-credentials: true
date: Sat, 04 Feb 2023 00:22:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
www.google.com/recaptcha/api2/aframe
216.58.207.228200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 1c54d087da69db88c5d6a25cb1d9d3f5
4fca74f0af22de5d12823bd16c8bdfdb99df08f5
b091a79da4209b63ae06d705a24633d3c1d2f300c63124ca906700309e2655d7
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 04 Feb 2023 00:22:20 GMT
date: Sat, 04 Feb 2023 00:22:20 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-vdncNEXZZR3vy9Gb45v-fA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/NK8pNQwXpzI
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NK8pNQwXpzI
IP 142.250.74.131:0
Hash 7f3414a5325ee1ef24fa95b3a59f7256
bb8db75411bcf9f6ee64d2defebaafc41291ff89
c36ae8406b9e5ecdc9d0fe12d0b4db4ad5f84a7ce62816ce7d106c4c452534fb
POST /s/gts1p5/NK8pNQwXpzI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:21 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.starfieldtech.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 79a2784590877462b86b7f0a33601af9
ad856fdf644f7d403697b442559ac0d856adc194
9548a32ab06ba91adac7bfd95322db97869075f71e85c30ef3b4d3ede057b3e2
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 04 Feb 2023 00:22:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 03 Feb 2023 20:47:17 GMT
Expires: Sat, 04 Feb 2023 20:47:17 GMT
ETag: "ad856fdf644f7d403697b442559ac0d856adc194"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.starfieldtech.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 79a2784590877462b86b7f0a33601af9
ad856fdf644f7d403697b442559ac0d856adc194
9548a32ab06ba91adac7bfd95322db97869075f71e85c30ef3b4d3ede057b3e2
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 04 Feb 2023 00:22:20 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 03 Feb 2023 20:47:17 GMT
Expires: Sat, 04 Feb 2023 20:47:17 GMT
ETag: "ad856fdf644f7d403697b442559ac0d856adc194"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_259541166654&jsTagObjCallback=__tagObject_callback_259541166654&num=6&ctx=1828362&cmp=115750&plc=5182866&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=259541166654&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=0.00&dvpx_strhd=0.00&brid=0&brver=&bridua=2&dup=null&turl=https://exeo.app/jr00w&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hqgMuIz--ae1xPrbTo5Thq&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&dvp_exetime=12.00&callbackName=__verify_callback_259541166654
34.149.12.213200 OK 265 B URL HTTP/1.1 rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_259541166654&jsTagObjCallback=__tagObject_callback_259541166654&num=6&ctx=1828362&cmp=115750&plc=5182866&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=259541166654&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=0.00&dvpx_strhd=0.00&brid=0&brver=&bridua=2&dup=null&turl=https://exeo.app/jr00w&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hqgMuIz--ae1xPrbTo5Thq&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&dvp_exetime=12.00&callbackName=__verify_callback_259541166654
IP 34.149.12.213:0
Hash 36d46d1596a90bc32235a1ba2759e73a
6d07c0855137cb432ca8f923b0adfdd5ccc71cd1
36e3a22bb1c8a2c362039ebdf2eea7501a5e95d2015a449e1b9ec669b24973ad
GET /verify.js?flvr=0&jsCallback=__verify_callback_259541166654&jsTagObjCallback=__tagObject_callback_259541166654&num=6&ctx=1828362&cmp=115750&plc=5182866&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=259541166654&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=0.00&dvpx_strhd=0.00&brid=0&brver=&bridua=2&dup=null&turl=https://exeo.app/jr00w&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hqgMuIz--ae1xPrbTo5Thq&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&dvp_exetime=12.00&callbackName=__verify_callback_259541166654 HTTP/1.1
Host: rtb0.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 00:22:21 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0
Content-Encoding: br
Expires: 02/03/2023 00:22:21
Pragma: no-cache
Vary: Accept-Encoding
X-DV-Response: 0
rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_457906859116&jsTagObjCallback=__tagObject_callback_457906859116&num=6&ctx=1828362&cmp=115750&plc=5182866&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=457906859116&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=0.00&dvpx_strhd=0.00&brid=0&brver=&bridua=2&dup=null&turl=https://exeo.app/jr00w&chro=0&hist=2&winh=280&winw=940&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gHLOyVWthQmaf4e69soPKO&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&dvp_exetime=5.00&callbackName=__verify_callback_457906859116
34.149.12.213200 OK 266 B URL HTTP/1.1 rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_457906859116&jsTagObjCallback=__tagObject_callback_457906859116&num=6&ctx=1828362&cmp=115750&plc=5182866&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=457906859116&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=0.00&dvpx_strhd=0.00&brid=0&brver=&bridua=2&dup=null&turl=https://exeo.app/jr00w&chro=0&hist=2&winh=280&winw=940&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gHLOyVWthQmaf4e69soPKO&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&dvp_exetime=5.00&callbackName=__verify_callback_457906859116
IP 34.149.12.213:0
Hash 841a96b2c067728b9cbbfa5ad3e91298
f83fe92a13b72129579c6d2c24036a0a2f129e7b
994e2a3d6688e502ab3527be5418e00eb3776ba45393ca74c345740290b7ff2d
GET /verify.js?flvr=0&jsCallback=__verify_callback_457906859116&jsTagObjCallback=__tagObject_callback_457906859116&num=6&ctx=1828362&cmp=115750&plc=5182866&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=457906859116&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=0.00&dvpx_strhd=0.00&brid=0&brver=&bridua=2&dup=null&turl=https://exeo.app/jr00w&chro=0&hist=2&winh=280&winw=940&wouh=1024&wouw=1280&scah=1002&scaw=1280&srcurlD=0&ssl=1&refD=2&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0gHLOyVWthQmaf4e69soPKO&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=6&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&dvp_exetime=5.00&callbackName=__verify_callback_457906859116 HTTP/1.1
Host: rtb0.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 00:22:21 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0
Content-Encoding: br
Expires: 02/03/2023 00:22:21
Pragma: no-cache
Vary: Accept-Encoding
X-DV-Response: 0
cdn.doubleverify.com/dv-measurements3497.js
95.101.11.115200 OK 109 kB URL HTTP/1.1 cdn.doubleverify.com/dv-measurements3497.js
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 109 kB (109099 bytes)
Hash 4773cb5cfa2ad0e71d21f43c56c76ae3
39d66090c14e1b5d2f0f3413a34e087b5969d054
76206ee41bcfae347cef25b03589639e616747c9f77e2b3378387ee9e14f3a00
GET /dv-measurements3497.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 08:37:17 GMT
Accept-Ranges: bytes
ETag: "809cf641836d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 109099
Date: Sat, 04 Feb 2023 00:22:21 GMT
Connection: keep-alive
servedby.flashtalking.com/imp/8/115750;5182866;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN728x90/?ftOBA=1&ft_domain=exeo.app&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fexeo.app%2F&us_privacy=${US_PRIVACY}&cachebuster=553177.1508396888&ft_dv=%5B%25ft_dv%25%5D
2.23.132.54200 OK 768 B URL HTTP/1.1 servedby.flashtalking.com/imp/8/115750;5182866;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN728x90/?ftOBA=1&ft_domain=exeo.app&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fexeo.app%2F&us_privacy=${US_PRIVACY}&cachebuster=553177.1508396888&ft_dv=%5B%25ft_dv%25%5D
IP 2.23.132.54:0
ASN #1299 Telia Company AB
File type ASCII text, with CRLF, CR, LF line terminators
Hash 647b34842ebe5419e7368d4d35c38a38
24752ab9ac0e956840d255c43de35b38086b10f8
ed08f86da42d58abaa840ae1c7ee3f384d487b1fba90fe22dad52ade3e13edc8
GET /imp/8/115750;5182866;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN728x90/?ftOBA=1&ft_domain=exeo.app&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fexeo.app%2F&us_privacy=${US_PRIVACY}&cachebuster=553177.1508396888&ft_dv=%5B%25ft_dv%25%5D HTTP/1.1
Host: servedby.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=ISO-8859-1
Server: prod-xre-app2.frk11
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 00:22:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 04 Feb 2023 00:22:21 GMT
Content-Length: 768
Connection: keep-alive
Strict-Transport-Security: max-age=86400
servedby.flashtalking.com/imp/8/115750;5182866;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN728x90/?ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2F9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&us_privacy=${US_PRIVACY}&cachebuster=339577.9212682677&ft_dv=%5B%25ft_dv%25%5D
2.23.132.54200 OK 818 B URL HTTP/1.1 servedby.flashtalking.com/imp/8/115750;5182866;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN728x90/?ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2F9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&us_privacy=${US_PRIVACY}&cachebuster=339577.9212682677&ft_dv=%5B%25ft_dv%25%5D
IP 2.23.132.54:0
ASN #1299 Telia Company AB
File type ASCII text, with CRLF, CR, LF line terminators
Hash 5dbf1208274abdf7e42ce741d07c4714
578eb1d18997fa013219a6e9b8a1d55a76a897b2
e944d1330f8a68f3a62e16935c76bc5c53bb6351829830a16e99ddb64fb9dda6
GET /imp/8/115750;5182866;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN728x90/?ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2F9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&us_privacy=${US_PRIVACY}&cachebuster=339577.9212682677&ft_dv=%5B%25ft_dv%25%5D HTTP/1.1
Host: servedby.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=ISO-8859-1
Server: prod-xre-app4.frk11
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 00:22:21 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 04 Feb 2023 00:22:21 GMT
Content-Length: 818
Connection: keep-alive
Strict-Transport-Security: max-age=86400
cdn.flashtalking.com/xre/518/5182866/4069576/js/j-5182866-4069576.js
205.185.216.10200 OK 17 kB URL HTTP/1.1 cdn.flashtalking.com/xre/518/5182866/4069576/js/j-5182866-4069576.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (2897), with CRLF, CR, LF line terminators
Hash a3bbb7eb6e07a11ebe599221998b0898
532c8d5b42b34fb258f56bd0c0d89261f2ae7abd
43e666441289348bd9d18e9385dd72bdbd38fb97850bae62fd0a236a4abc50b9
GET /xre/518/5182866/4069576/js/j-5182866-4069576.js HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 00:22:21 GMT
Connection: Keep-Alive
ETag: "1664998068"
Cache-Control: max-age=250
Content-Encoding: gzip
Content-Length: 17006
Content-Type: text/javascript; charset=utf-8
Last-Modified: Wed, 05 Oct 2022 19:27:48 GMT
Accept-Ranges: bytes
x-amz-id-2: X7WWBL9vEXVudbKR/T7YnWavvl85nBffBWDlDiN/TsU+NNNoTA6DX9BWQvzSH6FkH2eIIPNNGBY=
x-amz-request-id: X427F4E83W8TKFN1
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675470141.dop066.sk1.t,1675470141.cds229.sk1.shn,1675470141.dop066.sk1.t,1675470141.cds261.sk1.c
cdn.flashtalking.com/xre/518/5182866/3801681/js/j-5182866-3801681.js
205.185.216.10200 OK 15 kB URL HTTP/1.1 cdn.flashtalking.com/xre/518/5182866/3801681/js/j-5182866-3801681.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (2897), with CRLF, CR, LF line terminators
Hash feb5aa7245e198f2b173e1f673511766
5b49cb53694684474964a33d57bf48b57986fddd
bcd277a8c983a1ffb1c3826ddd8661a1746208a9dfa1200e0723e95bc81ea029
GET /xre/518/5182866/3801681/js/j-5182866-3801681.js HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 00:22:21 GMT
Connection: Keep-Alive
ETag: "1664967543"
Cache-Control: max-age=489
Content-Encoding: gzip
Content-Length: 15174
Content-Type: text/javascript; charset=utf-8
Last-Modified: Wed, 05 Oct 2022 10:59:03 GMT
Accept-Ranges: bytes
x-amz-id-2: t+UJVsPEN2O/e4HmRLfup9jSP8/uf7A21QbxVhyWWxW8Hub10mBMxNMwOntsC362NpWp3B++LS0=
x-amz-request-id: QFEMNESP6AHA7C6N
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675470141.dop226.sk1.t,1675470141.cds009.sk1.shn,1675470141.dop226.sk1.t,1675470141.cds232.sk1.c
cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182866&num=&adid=&advid=&adsrv=29&btreg=5182866&btadsrv=flashtalking&crt=4069576&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=0B6E7A15-FF8E-D317-542F-286090C36A6D&auevent=&22534708
95.101.11.115200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182866&num=&adid=&advid=&adsrv=29&btreg=5182866&btadsrv=flashtalking&crt=4069576&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=0B6E7A15-FF8E-D317-542F-286090C36A6D&auevent=&22534708
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash 558236d14c2aba66c3914c13a1854592
6f67ca562bf15c1a23254b80111d11d99260eff7
ae734998083e7b4a03942d17ae10e83c9d5ff2a75ad66fadfe7eb8acab3bf23f
GET /dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182866&num=&adid=&advid=&adsrv=29&btreg=5182866&btadsrv=flashtalking&crt=4069576&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=0B6E7A15-FF8E-D317-542F-286090C36A6D&auevent=&22534708 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 10:02:56 GMT
Accept-Ranges: bytes
ETag: "0c8245b2436d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3338
Date: Sat, 04 Feb 2023 00:22:21 GMT
Connection: keep-alive
cdn.flashtalking.com/116327/4069576/index.html
205.185.216.10200 OK 19 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069576/index.html
IP 205.185.216.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1453), with CRLF, LF line terminators
Hash 30b926c7796145ac24d4991241a8f2ee
e945b3ea3f707052b17a2ac17fe71dc046b73b64
abc7edc3b542d9d84563119646042401ce118992da7e5a60c397ebb82fa84a47
GET /116327/4069576/index.html HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 00:22:21 GMT
Connection: Keep-Alive
ETag: "1664411225"
Cache-Control: max-age=707
Content-Encoding: gzip
Content-Length: 19164
Content-Type: text/html
Last-Modified: Thu, 29 Sep 2022 00:27:05 GMT
Accept-Ranges: bytes
x-amz-id-2: RoMbOCX7YG3WgnkxXkEQDSY9CWAdIp1SB2YByUa65Fpj54+PxrpGGEgSxKIgoEvVvAqfz+GPTIM=
x-amz-request-id: VB0RRNNNX56KY1WK
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675470141.dop066.sk1.t,1675470141.cds229.sk1.shn,1675470141.dop066.sk1.t,1675470141.cds246.sk1.c
cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182866&num=&adid=&advid=&adsrv=29&btreg=5182866&btadsrv=flashtalking&crt=3801681&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=885D1CD2-2E96-59AF-8347-556D92879E34&auevent=&972678160
95.101.11.115200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182866&num=&adid=&advid=&adsrv=29&btreg=5182866&btadsrv=flashtalking&crt=3801681&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=885D1CD2-2E96-59AF-8347-556D92879E34&auevent=&972678160
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash 558236d14c2aba66c3914c13a1854592
6f67ca562bf15c1a23254b80111d11d99260eff7
ae734998083e7b4a03942d17ae10e83c9d5ff2a75ad66fadfe7eb8acab3bf23f
GET /dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182866&num=&adid=&advid=&adsrv=29&btreg=5182866&btadsrv=flashtalking&crt=3801681&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=885D1CD2-2E96-59AF-8347-556D92879E34&auevent=&972678160 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 10:02:56 GMT
Accept-Ranges: bytes
ETag: "0c8245b2436d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3338
Date: Sat, 04 Feb 2023 00:22:21 GMT
Connection: keep-alive
cdn.flashtalking.com/xre/518/5182866/3801681/image/3801681.gif?84591186
205.185.216.10200 OK 16 kB URL HTTP/1.1 cdn.flashtalking.com/xre/518/5182866/3801681/image/3801681.gif?84591186
IP 205.185.216.10:0
File type JPEG image data, progressive, precision 8, 728x90, components 3\012- data
Hash eb35e98e3926392abf8c605e1d9f4511
8c2909a70d32ff02513f92468723c754ba77672d
2327217d364f6c612041682eb84372d236c121b9eb6cdedb0c5c02013b266f57
GET /xre/518/5182866/3801681/image/3801681.gif?84591186 HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 00:22:21 GMT
Connection: Keep-Alive
ETag: "1664967543"
Cache-Control: max-age=489
Content-Length: 15510
Content-Type: image/gif
Last-Modified: Wed, 05 Oct 2022 10:59:03 GMT
Accept-Ranges: bytes
x-amz-id-2: DNlNXKjB6jvdVx+91SGp1ndT8Kqdhi09QjZiYDdaII3GSOJWp7S1bF1mE8XNh8prX3LH2Ktajb8=
x-amz-request-id: M6E4QTMN7X265VM1
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675470141.dop226.sk1.t,1675470141.cds009.sk1.shn,1675470141.dop226.sk1.t,1675470141.cds208.sk1.c
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.205.35200 OK 2.9 kB URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.205.35:0
Hash 401b261ea8a5a22405e869e04bba3baa
0a0506461b66e091d31d93954e49a60cfca1d7be
91f7222f579abb337c06a36dddd6dbf856a05b09769d078523db1dd891366c42
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: iAXQUgYPMvcwwP8G9ToCKDwVDfVcNlDozt3w8mjjKbjlW4UtMXW3jHcGMxy6iAL2xm/0groz8OFdx6QxW1ImwA==
date: Sat, 04 Feb 2023 00:22:20 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.flashtalking.com/116327/4069576/images/acrobat_create_2.jpg
205.185.216.10200 OK 15 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069576/images/acrobat_create_2.jpg
IP 205.185.216.10:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 710x444, components 3\012- data
Hash 296f9ed86795c8b1f2a1554742a0485a
8899d835a9478a5161299ba357c50b3598501f40
f07b31ea4c345d978d4748fb71a680ef2861368279ccb491f78fc86380c0e37a
GET /116327/4069576/images/acrobat_create_2.jpg HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069576/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 00:22:22 GMT
Connection: Keep-Alive
ETag: "1664411224"
Cache-Control: max-age=707
Content-Length: 15071
Content-Type: image/jpeg
Last-Modified: Thu, 29 Sep 2022 00:27:04 GMT
Accept-Ranges: bytes
x-amz-id-2: vAl5bO1kI+eq7uSbH1G88h/smLj6xlVcd1SxeedgR91COuWWVTpZPVKLaJZMuKdU99xwHf6jkks=
x-amz-request-id: 81Z2JHJSXVGSP664
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675470141.dop066.sk1.t,1675470141.cds229.sk1.shn,1675470142.dop066.sk1.t,1675470142.cds219.sk1.c
secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
23.38.200.44200 OK 6.0 kB URL HTTP/1.1 secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
IP 23.38.200.44:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash d675694ab4d4d2eb56cca854c25d9c36
34174b9397a3cb289f892f1f98ccc51a63698360
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
GET /oba/icon/consumer-privacy-logo.png HTTP/1.1
Host: secure.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Content-Type: image/png
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-Varnish: 721542519 721664610
Accept-Ranges: bytes
Content-Length: 5953
Cache-Control: max-age=142
Expires: Sat, 04 Feb 2023 00:24:44 GMT
Date: Sat, 04 Feb 2023 00:22:22 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
cdn.flashtalking.com/116327/4069576/images/acrobat_screen_large_2.jpg
205.185.216.10200 OK 180 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069576/images/acrobat_screen_large_2.jpg
IP 205.185.216.10:0
File type JPEG image data, progressive, precision 8, 926x531, components 3\012- data
Size 180 kB (179684 bytes)
Hash 64376c876f34130eb00d7c0338667dcf
2d77b890330e48c93dac67fbcceb3a89fa7ad24e
7e1d65ca11e16f00cba0b4870172a6a854e7f6d73e88b4691e80e25ecdf3161c
GET /116327/4069576/images/acrobat_screen_large_2.jpg HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069576/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 00:22:22 GMT
Connection: Keep-Alive
ETag: "1664411224"
Cache-Control: max-age=707
Content-Length: 179684
Content-Type: image/jpeg
Last-Modified: Thu, 29 Sep 2022 00:27:04 GMT
Accept-Ranges: bytes
x-amz-id-2: H5XWK1PNFpW4tNGciRni+ZapgfSo6ohYBR7+5VRYO4i7flTt33iyiLrIUpMFGyVg9timfEv6XuU=
x-amz-request-id: 81ZFMRYSAWT0BQQ9
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675470141.dop066.sk1.t,1675470141.cds229.sk1.shn,1675470142.dop066.sk1.t,1675470142.cds227.sk1.c
cdn.flashtalking.com/116327/4069576/images/Image2.png
205.185.216.10200 OK 5.2 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069576/images/Image2.png
IP 205.185.216.10:0
File type PNG image data, 92 x 131, 8-bit/color RGBA, non-interlaced\012- data
Hash 36b54eb1631f1be795a0567fc7f6034f
c574b46865c60d9e654333e29b070ea802a54a2d
8856deebcedfa5f528c116f29edc1d31e54f16f7cc4841f9875b4910703d4445
GET /116327/4069576/images/Image2.png HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069576/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 00:22:22 GMT
Connection: Keep-Alive
ETag: "1664411224"
Cache-Control: max-age=707
Content-Length: 5192
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 00:27:04 GMT
Accept-Ranges: bytes
x-amz-id-2: mj+Rn2zb90Fim0qqtQlgwyzbqlVHUDMhifNh7AjY+KXhCY/aXRukXmO07hhlX2UGxeU8lO59Kto=
x-amz-request-id: 81Z1BACBTVGCMYH9
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675470141.dop066.sk1.t,1675470141.cds229.sk1.shn,1675470142.dop066.sk1.t,1675470142.cds262.sk1.c
cdn.flashtalking.com/116327/4069576/images/notebook.png
205.185.216.10200 OK 99 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069576/images/notebook.png
IP 205.185.216.10:0
File type PNG image data, 1102 x 1102, 8-bit/color RGBA, non-interlaced\012- data
Hash 6072c623d256e1ede016076a14baa64b
754753da0a2a3202d775f71277a77417466bef14
01f6632e73c7e0f8ab3448cc32d557a93f469a4bd2db2e6a1a128af59344f74d
GET /116327/4069576/images/notebook.png HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069576/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 00:22:22 GMT
Connection: Keep-Alive
ETag: "1664411224"
Cache-Control: max-age=708
Content-Length: 98859
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 00:27:04 GMT
Accept-Ranges: bytes
x-amz-id-2: vpjQf57YVXIvYcTATWaayw2QnRS78eCpma8r3JRyD5RQOaksWY1kPwALCkhXS1X0sYu5qSuK4SI=
x-amz-request-id: 81ZFM5F8EBX8AX5V
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675470141.dop066.sk1.t,1675470141.cds229.sk1.shn,1675470142.dop066.sk1.t,1675470142.cds255.sk1.c
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 8942bf05916c5f10137a678f61ab464f
1f4f8b30d22f49e833133565ff2b5b7a3bd9bdf6
383585e62efee64903b22f49caaf03017521257c0b8001d20653f3f6fa345c04
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 04 Feb 2023 00:22:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 03 Feb 2023 02:58:35 GMT
Expires: Sat, 04 Feb 2023 02:58:35 GMT
ETag: "1f4f8b30d22f49e833133565ff2b5b7a3bd9bdf6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 8942bf05916c5f10137a678f61ab464f
1f4f8b30d22f49e833133565ff2b5b7a3bd9bdf6
383585e62efee64903b22f49caaf03017521257c0b8001d20653f3f6fa345c04
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 04 Feb 2023 00:22:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 03 Feb 2023 02:58:35 GMT
Expires: Sat, 04 Feb 2023 02:58:35 GMT
ETag: "1f4f8b30d22f49e833133565ff2b5b7a3bd9bdf6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 8942bf05916c5f10137a678f61ab464f
1f4f8b30d22f49e833133565ff2b5b7a3bd9bdf6
383585e62efee64903b22f49caaf03017521257c0b8001d20653f3f6fa345c04
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 04 Feb 2023 00:22:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 03 Feb 2023 02:58:35 GMT
Expires: Sat, 04 Feb 2023 02:58:35 GMT
ETag: "1f4f8b30d22f49e833133565ff2b5b7a3bd9bdf6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 8942bf05916c5f10137a678f61ab464f
1f4f8b30d22f49e833133565ff2b5b7a3bd9bdf6
383585e62efee64903b22f49caaf03017521257c0b8001d20653f3f6fa345c04
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 04 Feb 2023 00:22:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 03 Feb 2023 02:58:35 GMT
Expires: Sat, 04 Feb 2023 02:58:35 GMT
ETag: "1f4f8b30d22f49e833133565ff2b5b7a3bd9bdf6"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=147&ttfrms=15&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&srcurlD=0&aUrlD=-1&ssl=https:&dfs=1140&ddur=7&uid=1675470175203944&jsCallback=dvCallback_1675470175203401&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=2&fcifrms=5&brh=2&sdf=2&dvp_epl=84&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115750&sid=18330&plc=5182866&crt=3801681&btreg=5182866&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=885D1CD2-2E96-59AF-8347-556D92879E34&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=316001615255.34705&dvp_tukv=80162251333.88568&dvp_tuid=737397371605&jurtd=2491881798
213.254.244.106200 OK 1.2 kB URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=147&ttfrms=15&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&srcurlD=0&aUrlD=-1&ssl=https:&dfs=1140&ddur=7&uid=1675470175203944&jsCallback=dvCallback_1675470175203401&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=2&fcifrms=5&brh=2&sdf=2&dvp_epl=84&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115750&sid=18330&plc=5182866&crt=3801681&btreg=5182866&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=885D1CD2-2E96-59AF-8347-556D92879E34&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=316001615255.34705&dvp_tukv=80162251333.88568&dvp_tuid=737397371605&jurtd=2491881798
IP 213.254.244.106:0
File type ASCII text, with very long lines (3044), with no line terminators
Hash 01ccd9dd50c9c3760f1b5172d022747e
242c8a12bd3ea3086cd8b8d202817c9cd5d6e09d
90a193fff61741fa904500492fa3a81d47971fcc21df403725c3921c48685fa5
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=147&ttfrms=15&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&srcurlD=0&aUrlD=-1&ssl=https:&dfs=1140&ddur=7&uid=1675470175203944&jsCallback=dvCallback_1675470175203401&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=2&fcifrms=5&brh=2&sdf=2&dvp_epl=84&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115750&sid=18330&plc=5182866&crt=3801681&btreg=5182866&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=885D1CD2-2E96-59AF-8347-556D92879E34&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=316001615255.34705&dvp_tukv=80162251333.88568&dvp_tuid=737397371605&jurtd=2491881798 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 00:22:23 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=0
Content-Encoding: br
Expires: 02/03/2023 00:22:23
Pragma: no-cache
Vary: Accept-Encoding
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=170&ttfrms=32&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675470174654341&jsCallback=dvCallback_1675470174654413&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=1&fcifrms=6&brh=2&sdf=2&dvp_epl=84&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://exeo.app/jr00w&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hqgMuIz--ae1xPrbTo5Thq&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=270664540.29794437&dvp_tukv=23518912090.190186&dvp_tuid=207960561386&jurtd=642006928
213.254.244.106200 OK 681 B URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=170&ttfrms=32&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675470174654341&jsCallback=dvCallback_1675470174654413&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=1&fcifrms=6&brh=2&sdf=2&dvp_epl=84&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://exeo.app/jr00w&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hqgMuIz--ae1xPrbTo5Thq&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=270664540.29794437&dvp_tukv=23518912090.190186&dvp_tuid=207960561386&jurtd=642006928
IP 213.254.244.106:0
File type ASCII text, with very long lines (1184), with no line terminators
Hash d5ec9ef827cd5d54c50e6a5c72e9fdfe
8de43b1d827db0561e436ad01e1ba040f4ee4098
fe8dee8fc4cf8e85d15a451b3bc7a15bcd0cad3beb37dd6cf39f42872f1449c7
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=170&ttfrms=32&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675470174654341&jsCallback=dvCallback_1675470174654413&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=1&fcifrms=6&brh=2&sdf=2&dvp_epl=84&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://exeo.app/jr00w&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hqgMuIz--ae1xPrbTo5Thq&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=270664540.29794437&dvp_tukv=23518912090.190186&dvp_tuid=207960561386&jurtd=642006928 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 00:22:24 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=0
Content-Encoding: br
Expires: 02/03/2023 00:22:23
Pragma: no-cache
Vary: Accept-Encoding
cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=15cfdb944879477b80739f452d2df71b&dup=&eoid=1000&cbust=1675470176210932
95.101.11.115302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=15cfdb944879477b80739f452d2df71b&dup=&eoid=1000&cbust=1675470176210932
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-frc¶m=akipv6&impid=15cfdb944879477b80739f452d2df71b&dup=&eoid=1000&cbust=1675470176210932 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-frc.doubleverify.com/event.png?impid=15cfdb944879477b80739f452d2df71b&akipv6=&dup=&eoid=1000
Date: Sat, 04 Feb 2023 00:22:23 GMT
Connection: keep-alive
code.createjs.com/1.0.0/createjs.min.js
23.36.76.145200 OK 65 kB URL HTTP/2 code.createjs.com/1.0.0/createjs.min.js
IP 23.36.76.145:0
ASN #20940 Akamai International B.V.
Hash 45b83b4cfefd64216bb2d0be1eba132d
1da200273b95f2da50838d6972000b5d2910e3f2
c1f4a5539f402d982e0c1baa5d9828dcc07f2657b882d89898f8ea6758a23fc3
GET /1.0.0/createjs.min.js HTTP/1.1
Host: code.createjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=900
expires: Sat, 04 Feb 2023 00:37:22 GMT
date: Sat, 04 Feb 2023 00:22:22 GMT
x-n: S
X-Firefox-Spdy: h2
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=298&ttfrms=18&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675470174790717&jsCallback=dvCallback_1675470174790951&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=2&fcifrms=6&brh=2&sdf=2&dvp_epl=84&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://exeo.app/jr00w&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gHLOyVWthQmaf4e69soPKO&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=316001615255.34705&dvp_tukv=112063381771.10649&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=1283599876800&jurtd=2220116185
213.254.244.106200 OK 678 B URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=298&ttfrms=18&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675470174790717&jsCallback=dvCallback_1675470174790951&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=2&fcifrms=6&brh=2&sdf=2&dvp_epl=84&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://exeo.app/jr00w&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gHLOyVWthQmaf4e69soPKO&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=316001615255.34705&dvp_tukv=112063381771.10649&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=1283599876800&jurtd=2220116185
IP 213.254.244.106:0
File type ASCII text, with very long lines (1184), with no line terminators
Hash d3658642b7bc6bc48c4c6b762d50aeb0
6ca0f0f36667f4522f0ba203e47da7056af17545
d13a8ed7462e938bde2361a66e0dabf173c1dcd3e55aa4803f0b7cfc3eab5ab0
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=298&ttfrms=18&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau6I6%40%5D2AATauU2%26C%3Dl9EEADTbpTauTau6I6%40%5D2AATau%3BC__H&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675470174790717&jsCallback=dvCallback_1675470174790951&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=2&winh=90&winw=728&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=2&fcifrms=6&brh=2&sdf=2&dvp_epl=84&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://exeo.app/jr00w&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0gHLOyVWthQmaf4e69soPKO&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396440570&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=1928744274602&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=316001615255.34705&dvp_tukv=112063381771.10649&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=1283599876800&jurtd=2220116185 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 00:21:27 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Cache-Control: max-age=0
Content-Encoding: br
Expires: 02/03/2023 00:22:23
Pragma: no-cache
Vary: Accept-Encoding
cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=b43ce3439f354ad7860676fab73db5ec&dup=&eoid=1000&cbust=1675470176221693
95.101.11.115302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=b43ce3439f354ad7860676fab73db5ec&dup=&eoid=1000&cbust=1675470176221693
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-frc¶m=akipv6&impid=b43ce3439f354ad7860676fab73db5ec&dup=&eoid=1000&cbust=1675470176221693 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-frc.doubleverify.com/event.png?impid=b43ce3439f354ad7860676fab73db5ec&akipv6=&dup=&eoid=1000
Date: Sat, 04 Feb 2023 00:22:23 GMT
Connection: keep-alive
cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=3cc4206299fe41ed890d11d9cf009714&dup=&eoid=1000&cbust=1675470176231570
95.101.11.115302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=3cc4206299fe41ed890d11d9cf009714&dup=&eoid=1000&cbust=1675470176231570
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-frc¶m=akipv6&impid=3cc4206299fe41ed890d11d9cf009714&dup=&eoid=1000&cbust=1675470176231570 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-frc.doubleverify.com/event.png?impid=3cc4206299fe41ed890d11d9cf009714&akipv6=&dup=&eoid=1000
Date: Sat, 04 Feb 2023 00:22:23 GMT
Connection: keep-alive
cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=cb3a52acbf484c649a035d2531c3827e&dup=&eoid=1000&cbust=1675470176238329
95.101.11.115302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-frc¶m=akipv6&impid=cb3a52acbf484c649a035d2531c3827e&dup=&eoid=1000&cbust=1675470176238329
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-frc¶m=akipv6&impid=cb3a52acbf484c649a035d2531c3827e&dup=&eoid=1000&cbust=1675470176238329 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-frc.doubleverify.com/event.png?impid=cb3a52acbf484c649a035d2531c3827e&akipv6=&dup=&eoid=1000
Date: Sat, 04 Feb 2023 00:22:23 GMT
Connection: keep-alive
tpsc-frc.doubleverify.com/event.png?impid=15cfdb944879477b80739f452d2df71b&akipv6=&dup=&eoid=1000
213.254.244.106204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=15cfdb944879477b80739f452d2df71b&akipv6=&dup=&eoid=1000
IP 213.254.244.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=15cfdb944879477b80739f452d2df71b&akipv6=&dup=&eoid=1000 HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 04 Feb 2023 00:22:24 GMT
Cache-Control: max-age=0
Expires: 02/03/2023 00:22:23
Pragma: no-cache
tpsc-frc.doubleverify.com/event.png?impid=3cc4206299fe41ed890d11d9cf009714&akipv6=&dup=&eoid=1000
213.254.244.106204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=3cc4206299fe41ed890d11d9cf009714&akipv6=&dup=&eoid=1000
IP 213.254.244.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=3cc4206299fe41ed890d11d9cf009714&akipv6=&dup=&eoid=1000 HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 04 Feb 2023 00:22:20 GMT
Cache-Control: max-age=0
Expires: 02/03/2023 00:22:23
Pragma: no-cache
tpsc-frc.doubleverify.com/event.png?impid=b43ce3439f354ad7860676fab73db5ec&akipv6=&dup=&eoid=1000
213.254.244.106204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=b43ce3439f354ad7860676fab73db5ec&akipv6=&dup=&eoid=1000
IP 213.254.244.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=b43ce3439f354ad7860676fab73db5ec&akipv6=&dup=&eoid=1000 HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 04 Feb 2023 00:22:23 GMT
Cache-Control: max-age=0
Expires: 02/03/2023 00:22:23
Pragma: no-cache
tpsc-frc.doubleverify.com/event.png?impid=cb3a52acbf484c649a035d2531c3827e&akipv6=&dup=&eoid=1000
213.254.244.106204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=cb3a52acbf484c649a035d2531c3827e&akipv6=&dup=&eoid=1000
IP 213.254.244.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=cb3a52acbf484c649a035d2531c3827e&akipv6=&dup=&eoid=1000 HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 04 Feb 2023 00:22:20 GMT
Cache-Control: max-age=0
Expires: 02/03/2023 00:22:23
Pragma: no-cache
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1|https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?cbust=1675470178337569
216.58.207.230302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1|https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?cbust=1675470178337569
IP 216.58.207.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1|https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?cbust=1675470178337569 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 00:22:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1%7Chttps://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?cbust=1675470178337569&~oref=https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 00:37:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1|https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?cbust=1675470178319666
216.58.207.230302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1|https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?cbust=1675470178319666
IP 216.58.207.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1|https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?cbust=1675470178319666 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 00:22:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1%7Chttps://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?cbust=1675470178319666&~oref=https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 00:37:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1|https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1?cbust=1675470178317962
216.58.207.230302 Found 0 B URL HTTP/2 ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1|https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1?cbust=1675470178317962
IP 216.58.207.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1|https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1?cbust=1675470178317962 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 00:22:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1?cbust=1675470178317962&~oref=https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 00:37:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1|https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1?cbust=1675470178337263
216.58.207.230302 Found 0 B URL HTTP/2 ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1|https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1?cbust=1675470178337263
IP 216.58.207.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1|https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1?cbust=1675470178337263 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 00:22:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1?cbust=1675470178337263&~oref=https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 00:37:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 00:22:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpsc-frc.doubleverify.com/event.png?impid=15cfdb944879477b80739f452d2df71b&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=999&eoid=14&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=7&tetms=3&msltms=6&vltms=999&sei=146&vetms=11&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=456&msrcannum=4&ismms=23&isumms=22&nvr=6&isgmmims=23&isgmv4mims=23&elmtp=6&isbxdms=3102&b0=100&b11=3080&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=3180&sftb=3180&msrdp=1&naral=192&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=1066&isuiabvms=1066&isgmpims=172&isgmv4dpims=1066&ispmxpms=1066&engalms=21&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=4019&cbust=1675470179209883
213.254.244.106204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=15cfdb944879477b80739f452d2df71b&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=999&eoid=14&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=7&tetms=3&msltms=6&vltms=999&sei=146&vetms=11&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=456&msrcannum=4&ismms=23&isumms=22&nvr=6&isgmmims=23&isgmv4mims=23&elmtp=6&isbxdms=3102&b0=100&b11=3080&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=3180&sftb=3180&msrdp=1&naral=192&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=1066&isuiabvms=1066&isgmpims=172&isgmv4dpims=1066&ispmxpms=1066&engalms=21&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=4019&cbust=1675470179209883
IP 213.254.244.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event.png?impid=15cfdb944879477b80739f452d2df71b&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=999&eoid=14&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=7&tetms=3&msltms=6&vltms=999&sei=146&vetms=11&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=456&msrcannum=4&ismms=23&isumms=22&nvr=6&isgmmims=23&isgmv4mims=23&elmtp=6&isbxdms=3102&b0=100&b11=3080&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=3180&sftb=3180&msrdp=1&naral=192&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=1066&isuiabvms=1066&isgmpims=172&isgmv4dpims=1066&ispmxpms=1066&engalms=21&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=4019&cbust=1675470179209883 HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Date: Sat, 04 Feb 2023 00:22:23 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Expires: 02/03/2023 00:22:26
Pragma: no-cache
tpsc-frc.doubleverify.com/event.png?impid=b43ce3439f354ad7860676fab73db5ec&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=1550&eoid=15&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=9&tetms=6&msltms=20&vltms=1550&sei=145&vetms=19&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=1068&isumms=1067&nvr=6&isgmmims=1068&isgmv4mims=1068&elmtp=1&isbxdms=3675&b0=100&b11=2608&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=2708&sftb=2708&msrdp=2&naral=640&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=2151&isuiabvms=2151&isgmpims=1183&isgmv4dpims=2151&ispmxpms=2151&engalms=1066&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=4598&cbust=1675470179221433
213.254.244.106204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=b43ce3439f354ad7860676fab73db5ec&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=1550&eoid=15&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=9&tetms=6&msltms=20&vltms=1550&sei=145&vetms=19&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=1068&isumms=1067&nvr=6&isgmmims=1068&isgmv4mims=1068&elmtp=1&isbxdms=3675&b0=100&b11=2608&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=2708&sftb=2708&msrdp=2&naral=640&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=2151&isuiabvms=2151&isgmpims=1183&isgmv4dpims=2151&ispmxpms=2151&engalms=1066&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=4598&cbust=1675470179221433
IP 213.254.244.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event.png?impid=b43ce3439f354ad7860676fab73db5ec&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=1550&eoid=15&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=9&tetms=6&msltms=20&vltms=1550&sei=145&vetms=19&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=1068&isumms=1067&nvr=6&isgmmims=1068&isgmv4mims=1068&elmtp=1&isbxdms=3675&b0=100&b11=2608&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=2708&sftb=2708&msrdp=2&naral=640&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=2151&isuiabvms=2151&isgmpims=1183&isgmv4dpims=2151&ispmxpms=2151&engalms=1066&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=4598&cbust=1675470179221433 HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Date: Sat, 04 Feb 2023 00:21:31 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Expires: 02/03/2023 00:22:26
Pragma: no-cache
tpsc-frc.doubleverify.com/event.png?impid=3cc4206299fe41ed890d11d9cf009714&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=980&eoid=14&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=9&tetms=3&msltms=14&vltms=980&sei=146&vetms=16&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=968&msrcannum=4&ismms=21&isumms=20&nvr=6&isgmmims=21&isgmv4mims=21&elmtp=1&isbxdms=3066&b0=100&b11=3047&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=3147&sftb=3147&msrdp=0&naral=704&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=1038&isuiabvms=1038&isgmpims=140&isgmv4dpims=1038&ispmxpms=1038&engalms=20&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=4007&cbust=1675470179231318
213.254.244.106204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=3cc4206299fe41ed890d11d9cf009714&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=980&eoid=14&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=9&tetms=3&msltms=14&vltms=980&sei=146&vetms=16&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=968&msrcannum=4&ismms=21&isumms=20&nvr=6&isgmmims=21&isgmv4mims=21&elmtp=1&isbxdms=3066&b0=100&b11=3047&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=3147&sftb=3147&msrdp=0&naral=704&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=1038&isuiabvms=1038&isgmpims=140&isgmv4dpims=1038&ispmxpms=1038&engalms=20&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=4007&cbust=1675470179231318
IP 213.254.244.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event.png?impid=3cc4206299fe41ed890d11d9cf009714&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=980&eoid=14&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=9&tetms=3&msltms=14&vltms=980&sei=146&vetms=16&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=968&msrcannum=4&ismms=21&isumms=20&nvr=6&isgmmims=21&isgmv4mims=21&elmtp=1&isbxdms=3066&b0=100&b11=3047&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=3147&sftb=3147&msrdp=0&naral=704&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=1038&isuiabvms=1038&isgmpims=140&isgmv4dpims=1038&ispmxpms=1038&engalms=20&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=4007&cbust=1675470179231318 HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Date: Sat, 04 Feb 2023 00:22:26 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Expires: 02/03/2023 00:22:26
Pragma: no-cache
tpsc-frc.doubleverify.com/event.png?impid=cb3a52acbf484c649a035d2531c3827e&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=1426&eoid=14&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=7&tetms=4&msltms=27&vltms=1426&sei=145&vetms=22&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=1031&isumms=1030&nvr=6&isgmmims=1031&isgmv4mims=1031&elmtp=6&isbxdms=3526&b0=100&b11=2498&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=2598&sftb=2598&msrdp=3&naral=128&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=2104&isuiabvms=2104&isgmpims=1135&isgmv4dpims=2104&ispmxpms=2104&engalms=1030&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=4467&cbust=1675470179240616
213.254.244.106204 No Content 0 B URL HTTP/1.1 tpsc-frc.doubleverify.com/event.png?impid=cb3a52acbf484c649a035d2531c3827e&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=1426&eoid=14&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=7&tetms=4&msltms=27&vltms=1426&sei=145&vetms=22&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=1031&isumms=1030&nvr=6&isgmmims=1031&isgmv4mims=1031&elmtp=6&isbxdms=3526&b0=100&b11=2498&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=2598&sftb=2598&msrdp=3&naral=128&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=2104&isuiabvms=2104&isgmpims=1135&isgmv4dpims=2104&ispmxpms=2104&engalms=1030&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=4467&cbust=1675470179240616
IP 213.254.244.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event.png?impid=cb3a52acbf484c649a035d2531c3827e&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&vdur=1426&eoid=14&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=7&tetms=4&msltms=27&vltms=1426&sei=145&vetms=22&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=392&msrcannum=3&ismms=1031&isumms=1030&nvr=6&isgmmims=1031&isgmv4mims=1031&elmtp=6&isbxdms=3526&b0=100&b11=2498&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=5&dvp_vsosnmr=16&lftb=2598&sftb=2598&msrdp=3&naral=128&vct=512&vphgt=1024&vpwdth=1280&chgt=90&cwdth=728&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isiabvms=2104&isuiabvms=2104&isgmpims=1135&isgmv4dpims=2104&ispmxpms=2104&engalms=1030&dvp_dpr=1&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=4467&cbust=1675470179240616 HTTP/1.1
Host: tpsc-frc.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://9dcdba2bb3c64463de0b4b551b587c82.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Date: Sat, 04 Feb 2023 00:22:23 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Expires: 02/03/2023 00:22:26
Pragma: no-cache
exe.io/st?api=f7c1724294337686fddc64d196d06fbbaeed080f&url=ouo.io/qs/irsDdjT0?s=https://megaup.net/2xTpD/3.0.1.2046.X64.rar
188.114.97.1200 OK 0 B URL HTTP/2 exe.io/st?api=f7c1724294337686fddc64d196d06fbbaeed080f&url=ouo.io/qs/irsDdjT0?s=https://megaup.net/2xTpD/3.0.1.2046.X64.rar
IP 188.114.97.1:0
GET /st?api=f7c1724294337686fddc64d196d06fbbaeed080f&url=ouo.io/qs/irsDdjT0?s=https://megaup.net/2xTpD/3.0.1.2046.X64.rar HTTP/1.1
Host: exe.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:18 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-robots-tag: noindex, nofollow
vary: Accept-Encoding,User-Agent
set-cookie: AppSession=94d2c1110845a2fcb4de0d9240828bb0; path=/; HttpOnly
csrfToken=f72f366d1d597e9126ba5c479982c584d40cca565680b318a7d503da567aca92aa615f8650e7c4892035f855d7d18163d99a619797be1f434f38987aa3aae4cf; path=/; HttpOnly
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGezFndzWE73qHJ%2BPt7955azLziIXt2b9SF0idkt9o3x5uZRXtJz6JNmR2HS7ufnb0hCuHzdNsKGeR5woqXOCvDZhnYFIF4Qop5Xj4WyJ0L92e18qmDrmI8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793f404cfdf5fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S805345054%3A1675470139990818&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdX3n63P7mkoM10aepBvlRPe0R8IEHuzLnYx2i_aIAgyvlOovTPXmQ1nt434JZz5nNBTH0ZKQ
142.250.74.109403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S805345054%3A1675470139990818&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdX3n63P7mkoM10aepBvlRPe0R8IEHuzLnYx2i_aIAgyvlOovTPXmQ1nt434JZz5nNBTH0ZKQ
IP 142.250.74.109:0
GET /v3/signin/identifier?dsh=S805345054%3A1675470139990818&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWnogHdX3n63P7mkoM10aepBvlRPe0R8IEHuzLnYx2i_aIAgyvlOovTPXmQ1nt434JZz5nNBTH0ZKQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exeo.app/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Feb 2023 00:22:20 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin
content-security-policy: script-src 'nonce-PakQia2vW755v7aAYbAhwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
live.demand.supply/p4/v16-2-0/ZXhlby5hcHAvanIwMHc=
104.16.134.22200 OK 0 B URL HTTP/2 live.demand.supply/p4/v16-2-0/ZXhlby5hcHAvanIwMHc=
IP 104.16.134.22:0
GET /p4/v16-2-0/ZXhlby5hcHAvanIwMHc= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Cookie: demandSupplyTi=85a30571-9d9b-47de-9be6-3a30c4a245f5; __cf_bm=0fHk47L7gsaC9B1x5R7cyU.UfSMdXi.zpQ5j7tbZgOo-1675470139-0-Ac+T1qft/BcXMh4wF3c/lIrDFQgFvSA6YtDvRh6c46JREKmLSSL8K1dmnSxOiqww4J68/z+N7yXDTgh/ZGCeLr8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:19 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f40547d051c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/esp.js
104.22.52.86200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.52.86:0
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:20 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: FVMlFSmcD0Wn/+rph/xJPSMD8h1xLItGxMiFojs1e+J1f7LO28QsQCtM5wu1mlkwy4pwPQtZ0SQ=
x-amz-request-id: H5PSQWN45SZ0RJ5Q
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 1202
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 793f405acae40b49-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.172.27200 OK 0 B IP 172.64.172.27:0
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exeo.app/
Origin: https://exeo.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:19 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://exeo.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3853
last-modified: Fri, 03 Feb 2023 23:18:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3voN0%2FHFGco%2Fca%2BaCwpIttkMS%2FZzWhYRAb8U2wWX%2FzVWompmbcPJUQGwO1SHKElKyCjfa9XTwZSb45ZYYDSK9a0K67YpAYAsU2pJa3nJFqQecuCiRE3E2LPhONxtSoH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f40545cb671c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700
IP 142.250.74.74:0
GET /css?family=Open+Sans:300,400,400italic,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 00:22:19 GMT
date: Sat, 04 Feb 2023 00:22:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pogothere.xyz/
172.64.172.27200 OK 0 B IP 172.64.172.27:0
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exeo.app/
Origin: https://exeo.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:19 GMT
content-type: text/plain
set-cookie: csu=2188482771573567@1@1675470139; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://exeo.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHFvRvXnSdNzf3%2Fi8mJkGClgbC8YK%2F09CEBf%2FPwikIrJVzrkMWxJZUHws2a%2F1lbQPybsrqshV3yRnhKr6fWR7WpmeXsB65IEVCXfowkOjnVxEqKYnrL9XlJ36aWM7FMp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793f40545cb371c6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/ds.2.html
104.16.134.22200 OK 0 B URL HTTP/2 live.demand.supply/ds.2.html
IP 104.16.134.22:0
GET /ds.2.html HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:19 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *
x-nf-request-id: 01GPGAFB7A85YK1WPYW7SQCTTM
cf-cache-status: HIT
age: 1990265
set-cookie: __cf_bm=p7Zp_8lELzCvt9TAdMxt0tG4g42SdBsPK_AytHl2eBY-1675470139-0-AS359n3NszjfAwukKvzKfXPQklcP2MZ3dzAjXBG45wQwvn6N0eRWEQYuE1gvuKj8BWUNmj4oWa//bR4UCd2ampY=; path=/; expires=Sat, 04-Feb-23 00:52:19 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f40547d061c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/up.js
104.16.134.22200 OK 0 B IP 104.16.134.22:0
GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:19 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 793f40537ca61c12-OSL
age: 52
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"30cd4982b290dd406327b3dd39f1ea22-ssl-df"
link: <https://live.demand.supply/impl.v16.3.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v16-2-0/ZXhlby5hcHAv>; rel=preload; as=script
vary: Accept-Encoding
cf-cache-status: HIT
cf-bgj: minify
cf-polished: origSize=4391
timing-allow-origin: *
x-nf-request-id: 01GMX2WC7DDRK600SK19DPWQGC
set-cookie: demandSupplyTi=85a30571-9d9b-47de-9be6-3a30c4a245f5; demandSupplyTc = null; demandSupplyTcI = null; SameSite=None; Secure; Max-Age=63072000
__cf_bm=0fHk47L7gsaC9B1x5R7cyU.UfSMdXi.zpQ5j7tbZgOo-1675470139-0-Ac+T1qft/BcXMh4wF3c/lIrDFQgFvSA6YtDvRh6c46JREKmLSSL8K1dmnSxOiqww4J68/z+N7yXDTgh/ZGCeLr8=; path=/; expires=Sat, 04-Feb-23 00:52:19 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
live.demand.supply/impl.v16.3.0.js
104.16.134.22200 OK 0 B URL HTTP/2 live.demand.supply/impl.v16.3.0.js
IP 104.16.134.22:0
GET /impl.v16.3.0.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/
Cookie: demandSupplyTi=85a30571-9d9b-47de-9be6-3a30c4a245f5; __cf_bm=0fHk47L7gsaC9B1x5R7cyU.UfSMdXi.zpQ5j7tbZgOo-1675470139-0-Ac+T1qft/BcXMh4wF3c/lIrDFQgFvSA6YtDvRh6c46JREKmLSSL8K1dmnSxOiqww4J68/z+N7yXDTgh/ZGCeLr8=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:19 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=74953
etag: W/"b19940580c70e30455a2254a785a8919-ssl-df"
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01GMX2V689ENQZTBQ4NFCNSXD1
cf-cache-status: HIT
age: 1159764
server: cloudflare
cf-ray: 793f40547d021c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.172.27200 OK 0 B IP 172.64.172.27:0
Analyzer Verdict Alert quad9 Sinkholed
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://exeo.app/
Origin: https://exeo.app
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:19 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://exeo.app
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 3853
last-modified: Fri, 03 Feb 2023 23:18:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4wtgYHzXk6GyIQ21O1aiGaqpct30y4QEBAFWrcgMeOF6wsdjf3UQ%2FyF6zPqBfJiGIdK1hvrmWlniEqlwYJJXcnbmjqIxRGid%2BwwSgIp2HDWBbJmbFH1IBXvy3j8pnKf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f40546cc171c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.demand.supply/v16-2-0/a/exeo.app_fluid_lb+sq_continue_page_before_button_1?&dsReferer=ZXhlby5hcHAvanIwMHc=
104.16.134.22200 OK 0 B URL HTTP/2 api.demand.supply/v16-2-0/a/exeo.app_fluid_lb+sq_continue_page_before_button_1?&dsReferer=ZXhlby5hcHAvanIwMHc=
IP 104.16.134.22:0
GET /v16-2-0/a/exeo.app_fluid_lb+sq_continue_page_before_button_1?&dsReferer=ZXhlby5hcHAvanIwMHc= HTTP/1.1
Host: api.demand.supply
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://exeo.app
Connection: keep-alive
Referer: https://exeo.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:19 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
etag: W/"12f-aFZteA9zgnZw4R98/cYBNh/r5E0"
cf-cache-status: HIT
age: 5180
set-cookie: __cf_bm=e7ZEf7VKSm9Wjonl9TsYqgQPHylDSN2e943Umz_kpZM-1675470139-0-AXnc1NgvsPSJ4ZJ2eq0zOu09rkBTs1FA9Rt0elq+4n+MPiQ7QFymJH4CKuP/eCkgVGV54qibifKDMXj6DKL3VsM=; path=/; expires=Sat, 04-Feb-23 00:52:19 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 793f40554b9eb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
exeo.app/fv.ico
104.26.8.233200 OK 0 B IP 104.26.8.233:0
GET /fv.ico HTTP/1.1
Host: exeo.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://exeo.app/jr00w
Cookie: AppSession=76e6c901d4e3a17d66bf657131a5e42d; csrfToken=957cd9e7c30e7f099342537bb3d9461f7b3cdeca239105a31766c917a7e1f5c8a491fb2fd3dc9e2368cb0b90fb38837bc8dca0cb303e6091a23963cb1a7590d7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 00:22:19 GMT
content-type: image/x-icon
x-frame-options: SAMEORIGIN
last-modified: Tue, 13 Aug 2019 06:50:33 GMT
cache-control: max-age=31536000
expires: Tue, 12 Dec 2023 22:59:02 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4584197
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W642F%2BSwKuYg6e9cAuMxZM63ZskgmZAuTHE8tl6liki1cbf13n%2FhiN3QwvDDKxSlQ9F94NYpJXrJi9O%2Bxqnob9GxJ%2F9ugrfpO6KKuHQBVYAJZDSyq70HpQIn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793f40565c53b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2