dropgalaxy.com/4jlkn5vnhor8
185.178.208.187301 Moved Permanently 568 B URL HTTP/1.1 dropgalaxy.com/4jlkn5vnhor8
IP 185.178.208.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
GET /4jlkn5vnhor8 HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Sat, 04 Feb 2023 21:52:38 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://dropgalaxy.com/4jlkn5vnhor8
Content-Type: text/html; charset=utf8
Content-Length: 568
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18449
Expires: Sun, 05 Feb 2023 03:00:07 GMT
Date: Sat, 04 Feb 2023 21:52:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3284
Expires: Sat, 04 Feb 2023 22:47:22 GMT
Date: Sat, 04 Feb 2023 21:52:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 21:43:39 GMT
content-type: application/json
age: 539
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10987
Expires: Sun, 05 Feb 2023 00:55:45 GMT
Date: Sat, 04 Feb 2023 21:52:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LpQnMjF5yNbxcjK73gOssVz7CqBIRp9W1b8HSeMyzfjtCVNcKEmKnl0x90T09fxbDbl4s0yvtyA=
x-amz-request-id: Q3KNVP95853JVSAP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 20:52:58 GMT
age: 3580
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6dc33868462ab4ebb82c9e59d1a9a407
6a963e37735e6090b887e252ed845af7e143e0c2
cffc2f7a2f7df2e3ceb1d95f95c9ff6cb91c74ad4474bd20ef807f766e2650c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFFC2F7A2F7DF2E3CEB1D95F95C9FF6CB91C74AD4474BD20EF807F766E2650C1"
Last-Modified: Fri, 03 Feb 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2023
Expires: Sat, 04 Feb 2023 22:26:21 GMT
Date: Sat, 04 Feb 2023 21:52:38 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 21:52:38 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 21:07:19 GMT
age: 2719
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4af71a79443494e21c0f84fedac52e97
bb2decbde4ce735c72cfd1b29aa1e6c5100cc387
645f4d9b8dada14ae3246a42ca189e04e9f8fda21816e1eb171b28919f34f129
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "645F4D9B8DADA14AE3246A42CA189E04E9F8FDA21816E1EB171B28919F34F129"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3963
Expires: Sat, 04 Feb 2023 22:58:42 GMT
Date: Sat, 04 Feb 2023 21:52:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6aefb70fad66455d4639d0f3eb57f01b
fcaad323ea9292c1a6a33889af408ebddb1cba10
b62ee4abe6080c6a95543a48f3224eb31ef7a8fc200fac4a9874c8e54790e7bd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6507
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:39 GMT
Last-Modified: Sat, 04 Feb 2023 20:04:12 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/EWqpFgxXwY0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/EWqpFgxXwY0
IP 142.250.74.131:0
Hash e9fe0c784f7eae90ba74e4e5d5e12ab9
b1c902f2a884890b53447b27ba45f982c97f07d4
7f78e4eb9a9f3a7f4271e0b860b0fa1bcfa1b2535179d8faa496e21706e4c35e
POST /s/gts1p5/EWqpFgxXwY0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5ccc99b64638e9bb0937dd069710b6cb
757e453a14a9f4d54e015827f0c831f8eeebdf2a
9cb6e2a18a9d7c1418a0a2478a64b7d1623c6f19f49b1b9efb379c7a02a112a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4050
Cache-Control: max-age=124083
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:39 GMT
Etag: "63de0589-117"
Expires: Mon, 06 Feb 2023 08:20:42 GMT
Last-Modified: Sat, 04 Feb 2023 07:13:13 GMT
Server: ECS (amb/6B76)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash efd52a57c8ab9ea598c865d3fae88bb0
0376d832a9156dab07132cdb1a332094511f5dff
db14416592dbcce31b415fe5113af13cb1f4f85ad6905eba671c23f6ee23baaf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=155320
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:39 GMT
Etag: "63de8f5f-116"
Expires: Mon, 06 Feb 2023 17:01:19 GMT
Last-Modified: Sat, 04 Feb 2023 17:01:19 GMT
Server: nginx
Content-Length: 278
ocsp.pki.goog/s/gts1p5/EWqpFgxXwY0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/EWqpFgxXwY0
IP 142.250.74.131:0
Hash e9fe0c784f7eae90ba74e4e5d5e12ab9
b1c902f2a884890b53447b27ba45f982c97f07d4
7f78e4eb9a9f3a7f4271e0b860b0fa1bcfa1b2535179d8faa496e21706e4c35e
POST /s/gts1p5/EWqpFgxXwY0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dropgalaxy.com/images/buy_perfectmoney.png
185.178.208.187200 OK 10 kB URL HTTP/2 dropgalaxy.com/images/buy_perfectmoney.png
IP 185.178.208.187:0
File type PNG image data, 253 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 57191bf4d62582abdfdcff1bc83a0c8a
7f1947eb1e496766609611978141d44e56574803
8d4f2a373ade00acb3b86dcbe4ce3aa230919d7fe7d4cec13fa0c4c61e3493af
GET /images/buy_perfectmoney.png HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Thu, 06 Sep 2018 10:41:39 GMT
etag: "2828-57531892f9ec0"
accept-ranges: bytes
content-length: 10280
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
content-type: image/png
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/images/icon_tick_g.png
185.178.208.187200 OK 3.2 kB URL HTTP/2 dropgalaxy.com/images/icon_tick_g.png
IP 185.178.208.187:0
File type PNG image data, 25 x 21, 8-bit/color RGBA, non-interlaced\012- data
Hash 2ccfe378e05157926fd5bab1b17ce2aa
6f23bc9941ed83dc8c79659f62325383425c1254
4e0b0bb40bd4f5c073401e115bb1814de3169498e65676e2c6c7d70fbd582f41
GET /images/icon_tick_g.png HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Thu, 06 Sep 2018 10:41:39 GMT
etag: "c7f-57531892f9ec0"
accept-ranges: bytes
content-length: 3199
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
content-type: image/png
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/4jlkn5vnhor8
185.178.208.187200 OK 106 kB URL HTTP/2 dropgalaxy.com/4jlkn5vnhor8
IP 185.178.208.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (24595)
Size 106 kB (106381 bytes)
Hash 71e5bb2fc8cfeef29fc9e77ec31b493c
d0ca453ec70bb9b91963bd2d8c651edc49923960
2743c317749ef04bb109487d1e16615ea92ab1003cdd0df0b5ba3217ad56fb5f
GET /4jlkn5vnhor8 HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:38 GMT
expires: Fri, 03 Feb 2023 21:52:38 GMT
set-cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; Domain=.dropgalaxy.com; HttpOnly; Path=/; Expires=Sun, 04-Feb-2024 21:52:38 GMT
lastidfile=4jlkn5vnhor8; domain=.dropgalaxy.com; path=/; expires=Sun, 05-Feb-2023 21:52:38 GMT
lang=english; domain=.dropgalaxy.com; path=/
aff=25602; domain=.dropgalaxy.com; path=/; expires=Sat, 18-Feb-2023 21:52:38 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
cache-control: public
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
dropgalaxy.com/assets/js/jquery.nice-select.min.js
185.178.208.187200 OK 1.0 kB URL HTTP/2 dropgalaxy.com/assets/js/jquery.nice-select.min.js
IP 185.178.208.187:0
File type Unicode text, UTF-8 text, with very long lines (2822)
Hash 45ae1605b17ed145576a973d6779e979
841a35142dceac20f894809ec068544413e03c30
80261cfa5544a8c0a6849419a0bc94e7b7bdd5625a046cde5b57691ff82346b1
GET /assets/js/jquery.nice-select.min.js HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "b7e-59f4bb5063600-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 1036
content-type: application/javascript
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/images/icons-390.jpg
185.178.208.187200 OK 17 kB URL HTTP/2 dropgalaxy.com/images/icons-390.jpg
IP 185.178.208.187:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 195x130, components 3\012- data
Hash b56375b3236459ef4e69a20b241413a6
04ac821c19ffe8620e3768466b443168781df84c
cae41056f6ff9aae78e8b96c3fe05c860a107c12f5a221e299fe450f06bee817
GET /images/icons-390.jpg HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Fri, 04 Mar 2022 06:39:33 GMT
etag: "4307-5d95ec71338a9"
accept-ranges: bytes
content-length: 17159
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
content-type: image/jpeg
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/images/1593783858.png
185.178.208.187200 OK 24 kB URL HTTP/2 dropgalaxy.com/images/1593783858.png
IP 185.178.208.187:0
File type PNG image data, 220 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 6686848bd6c30efd3de7b20772c93e2e
cf16c3fe415ea23b3d1f4ae8e59632843f0d0096
f7d895032e5054dbbec9957df2b61c4573f2efc9bd5b9090aa9322e46116ca1f
GET /images/1593783858.png HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Fri, 04 Mar 2022 06:29:14 GMT
etag: "5ebb-5d95ea224ee5e"
accept-ranges: bytes
content-length: 24251
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
content-type: image/png
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/assets/js/paging.js?v=1130
185.178.208.187200 OK 1.4 kB URL HTTP/2 dropgalaxy.com/assets/js/paging.js?v=1130
IP 185.178.208.187:0
File type HTML document, ASCII text
Hash 5b306812ef7b5220074bce3edcf75dfe
6af16d8b63fd18dfa7cfcb32b781c95093bbef94
204c3a2dbb8c48daa1a8416e9bfb4fd14ebb32ea3b7ac873ce33a91002f2e8f1
GET /assets/js/paging.js?v=1130 HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Fri, 03 Jul 2020 05:09:14 GMT
etag: "10c3-5a98286aed280-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 1401
content-type: application/javascript
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/images/icon_cross_g.png
185.178.208.187200 OK 3.2 kB URL HTTP/2 dropgalaxy.com/images/icon_cross_g.png
IP 185.178.208.187:0
File type PNG image data, 17 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ca253f5953ab7092448388d5eafb5dc
4c703c73a03a7db508aeed5a4eec400d3fc5c2d4
7fecc3914781961baacac2abff3843449e9c7ac7d3bb93392cd905fe50a0fbc8
GET /images/icon_cross_g.png HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Thu, 06 Sep 2018 10:41:39 GMT
etag: "caf-57531892f9ec0"
accept-ranges: bytes
content-length: 3247
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
content-type: image/png
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/images/buy_bch.png
185.178.208.187200 OK 5.2 kB URL HTTP/2 dropgalaxy.com/images/buy_bch.png
IP 185.178.208.187:0
File type PNG image data, 105 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c320a2da9d37678c1e61279e3ce3ebc
6ea096edf605a1f8c9712dda9461911a8a168d2a
22a6f4bf24284685eb406d549abb091deee1552baeafa46639ca08bf63625d0e
GET /images/buy_bch.png HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Thu, 06 Sep 2018 10:41:39 GMT
etag: "143a-57531892f9ec0"
accept-ranges: bytes
content-length: 5178
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
content-type: image/png
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/images/inr-upi.jpg
185.178.208.187200 OK 42 kB URL HTTP/2 dropgalaxy.com/images/inr-upi.jpg
IP 185.178.208.187:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 749x410, components 3\012- data
Hash 57bf28578071a5b8f03dd096bd31f284
79035f9218d710cf80046ec49e7ea12028319e63
f67938c0bee8f5f87a8b47f5b244edf20bedc6d1efce0d4d0f343cfd3af53cb7
GET /images/inr-upi.jpg HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Tue, 01 Mar 2022 06:38:33 GMT
etag: "a2f7-5d92269f54801"
accept-ranges: bytes
content-length: 41719
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
content-type: image/jpeg
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13415
Expires: Sun, 05 Feb 2023 01:36:14 GMT
Date: Sat, 04 Feb 2023 21:52:39 GMT
Connection: keep-alive
dropgalaxy.com/js/dialogs.js
185.178.208.187200 OK 721 B URL HTTP/2 dropgalaxy.com/js/dialogs.js
IP 185.178.208.187:0
Hash 4b02fcb3fe731887c4ad684cd499ce74
f1242406e22731df29ad7e92159dc250c4da3070
557a8a66809fce295675933129d3b5638417155269c46e8e5894ee7effc553da
GET /js/dialogs.js HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Fri, 03 Jul 2020 12:15:19 GMT
etag: "95b-5a9887a79c3c0-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 721
content-type: application/javascript
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/images/buy_webmoney.gif
185.178.208.187200 OK 3.3 kB URL HTTP/2 dropgalaxy.com/images/buy_webmoney.gif
IP 185.178.208.187:0
File type GIF image data, version 89a, 150 x 52\012- data
Hash 32f6144633a500fc05c6b9283e7e0ab8
2fba4bcafcda412849a0b8e741aaf9d95ebcde8f
c0d263b73bc8aa2c8febee7d5db0ecb0de3cc61d34730a11def32af99daacf56
GET /images/buy_webmoney.gif HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Thu, 06 Sep 2018 10:41:39 GMT
etag: "d0b-57531892f9ec0"
accept-ranges: bytes
content-length: 3339
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
content-type: image/gif
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/js/bootstrap-confirm.js
185.178.208.187200 OK 1.1 kB URL HTTP/2 dropgalaxy.com/js/bootstrap-confirm.js
IP 185.178.208.187:0
Hash 02036444e950db2a06dbc2ea0c793f05
3691cd00dc76e67fc6fcc00a43be077c82e129bc
217dc9d007e4dcee24c717d414bb7fb2695a8683fe35e48c3efc1a63c509560c
GET /js/bootstrap-confirm.js HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Fri, 21 Feb 2020 11:11:29 GMT
etag: "c4c-59f14154bba40-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 1130
content-type: application/javascript
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/assets/js/jquery.cookie.js
185.178.208.187200 OK 802 B URL HTTP/2 dropgalaxy.com/assets/js/jquery.cookie.js
IP 185.178.208.187:0
File type ASCII text, with very long lines (1801), with no line terminators
Hash 389c6b78d7d731f2b4c1a04b763d4c06
9bd412c7ebe17472402ca867d6c7452f137c2239
2abf4b476431e647e7ad31145ae8abd104398397c17c81220438d0856149242a
GET /assets/js/jquery.cookie.js HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "709-59f4bb5063600-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 802
content-type: application/javascript
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/assets/js/jquery.paging.js
185.178.208.187200 OK 4.4 kB URL HTTP/2 dropgalaxy.com/assets/js/jquery.paging.js
IP 185.178.208.187:0
Hash 564c9e83f1395957f7b5592f039fd4e6
7f49fe4d8c5044932a67b17709647b1598e9f8ad
93d72d44361bd8973ad916d92e3c88e2668fe53f11b838afb2c3d01ea107b4e2
GET /assets/js/jquery.paging.js HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "4c23-59f4bb5063600-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 4384
content-type: application/javascript
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/images/buy_ltc.png
185.178.208.187200 OK 9.4 kB URL HTTP/2 dropgalaxy.com/images/buy_ltc.png
IP 185.178.208.187:0
File type PNG image data, 105 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 37d6e42e503157e2a89a8cadc4eb6478
320154baf290f5ae67a8d607b113ead68d2c576d
c8237c1024afc9b010ff81c2563a86c4a28d4c5486f9105aa2f06c4c5069e401
GET /images/buy_ltc.png HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Thu, 06 Sep 2018 10:41:39 GMT
etag: "24c1-57531892f9ec0"
accept-ranges: bytes
content-length: 9409
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
content-type: image/png
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/assets/js/vendor/popper.min.js
185.178.208.187200 OK 7.2 kB URL HTTP/2 dropgalaxy.com/assets/js/vendor/popper.min.js
IP 185.178.208.187:0
File type ASCII text, with very long lines (20164)
Hash 6b4ab05c56d9c91297a13c85a2118158
2baa472bdb8b4f8ce107a000c29eebf32861dbc5
94eeedde6d22fee66e4598e1389652925aed1176cd30233c3881495569e342fc
GET /assets/js/vendor/popper.min.js HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "4f71-59f4bb5063600-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 7239
content-type: application/javascript
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/images/buy_cc1.png
185.178.208.187200 OK 4.4 kB URL HTTP/2 dropgalaxy.com/images/buy_cc1.png
IP 185.178.208.187:0
File type PNG image data, 123 x 40, 8-bit colormap, non-interlaced\012- data
Hash 7cf644ad5049a9c1607e2e10c12e1fbd
6a70d8b4374b2f535e520f18f82777887fdfafad
faec35ffbb60f349f8961852f4c3f2ca495283c89fef601b685f44425244302e
GET /images/buy_cc1.png HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Thu, 06 Sep 2018 10:41:39 GMT
etag: "1100-57531892f9ec0"
accept-ranges: bytes
content-length: 4352
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
content-type: image/png
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/images/buy_btc.png
185.178.208.187200 OK 12 kB URL HTTP/2 dropgalaxy.com/images/buy_btc.png
IP 185.178.208.187:0
File type PNG image data, 210 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash c0dd0fd7b1913e30b09069b8568f154c
40e1643388680de4a4b4b9b76257c5bdac0071b6
87c2afdd719180b3f0352e4457bf060b04ef78bd446441616d9f393bfe9f9a64
GET /images/buy_btc.png HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Wed, 06 Apr 2022 03:27:08 GMT
etag: "2f9a-5dbf3efb5b734"
accept-ranges: bytes
content-length: 12186
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
content-type: image/png
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dropgalaxy.com/assets/js/clipboard.min.js
185.178.208.187200 OK 3.3 kB URL HTTP/2 dropgalaxy.com/assets/js/clipboard.min.js
IP 185.178.208.187:0
File type Unicode text, UTF-8 text, with very long lines (10553)
Hash 6eeffd5b36637e0407aacd4af612b077
649fc6195c8a793670b0747e01ea8c638bf78147
2119bf5bc859ac3f110775f5f7856dacc33e9c8f1d2f2bbf5b3ca998cf4265de
GET /assets/js/clipboard.min.js HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "29a5-59f4bb5063600-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 3285
content-type: application/javascript
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4af71a79443494e21c0f84fedac52e97
bb2decbde4ce735c72cfd1b29aa1e6c5100cc387
645f4d9b8dada14ae3246a42ca189e04e9f8fda21816e1eb171b28919f34f129
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "645F4D9B8DADA14AE3246A42CA189E04E9F8FDA21816E1EB171B28919F34F129"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3963
Expires: Sat, 04 Feb 2023 22:58:42 GMT
Date: Sat, 04 Feb 2023 21:52:39 GMT
Connection: keep-alive
dropgalaxy.com/assets/js/app.js
185.178.208.187200 OK 583 B URL HTTP/2 dropgalaxy.com/assets/js/app.js
IP 185.178.208.187:0
Hash 124d5519c81345ba73149ba072fb82cf
5bb2a2d52fcffa90087f954803a35b55a18a741b
1770b84e29c148cf4d68c287c1cf3f1cb05d23ab6f3adb3b4aa6024f1acece21
GET /assets/js/app.js HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Tue, 03 Mar 2020 08:48:12 GMT
etag: "656-59fef5d210b00-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 583
content-type: application/javascript
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/assets/js/dropdown-hover.js
185.178.208.187200 OK 2.3 kB URL HTTP/2 dropgalaxy.com/assets/js/dropdown-hover.js
IP 185.178.208.187:0
Hash e8e54d9461ead0df51dfe49ad25018d0
7365111bd3c53701a3ac4ba781153e12743e3c0f
9424a87e644734f3969facf39ba6423db2fa9d6a841f9e83891078a874fc5f50
GET /assets/js/dropdown-hover.js HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "1dff-59f4bb5063600-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 2250
content-type: application/javascript
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/assets/styles/white.min.css
185.178.208.187200 OK 25 kB URL HTTP/2 dropgalaxy.com/assets/styles/white.min.css
IP 185.178.208.187:0
File type ASCII text, with very long lines (58739), with CRLF line terminators
Hash 73fea2bbfbb1e8a08ff00939ae28e715
147b180ea2aede9ac9e3293f488e916898bafd5c
eaf5d8294c2a10e4feeace525239b7785abcb94ed8da4462f022f30136a814a5
GET /assets/styles/white.min.css HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "24a58-59f4bb5063600-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 25117
content-type: text/css
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/assets/js/slick.min.js
185.178.208.187200 OK 10 kB URL HTTP/2 dropgalaxy.com/assets/js/slick.min.js
IP 185.178.208.187:0
File type ASCII text, with very long lines (42862)
Hash a200e519b47aabb15179d3d44b42a20d
40f67edd6550052b130507ed1a56650c6bdb798f
ea316b7198f70a2c53e9f534e6c2b9f6e570e4a7369d5c0508cd38de275717db
GET /assets/js/slick.min.js HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "a76f-59f4bb5063600-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 10442
content-type: application/javascript
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/assets/styles/bootstrap.min.css
185.178.208.187200 OK 22 kB URL HTTP/2 dropgalaxy.com/assets/styles/bootstrap.min.css
IP 185.178.208.187:0
File type ASCII text, with very long lines (65324)
Hash f0df27a498041246719f14f27e203e68
d1b2e6b567cb2fd38d96b82794784574cef8a256
907f7b71f93c3548fa55f05c7f68e8d03d31287f7c72a57fe72dde4ec9a496df
GET /assets/styles/bootstrap.min.css HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 02 Mar 2020 09:20:02 GMT
etag: "23038-59fdbb121f480-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 21570
content-type: text/css
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/assets/js/theme3.js
185.178.208.187200 OK 1.1 kB URL HTTP/2 dropgalaxy.com/assets/js/theme3.js
IP 185.178.208.187:0
Hash b629fdb3dbcb0e9043c7e1815ba265b6
377edb36838d1c7aebe99e56d21a486f942f5649
523480b095ea16ae9d226d5f4ace36be09f1c39dfc5affd5c461b8c569cc0954
GET /assets/js/theme3.js HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Fri, 20 Nov 2020 11:58:59 GMT
etag: "ddc-5b48891d8a6c0-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 1105
content-type: application/javascript
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/assets/js/bootstrap.min.js
185.178.208.187200 OK 14 kB URL HTTP/2 dropgalaxy.com/assets/js/bootstrap.min.js
IP 185.178.208.187:0
File type ASCII text, with very long lines (50758)
Hash 2cb8caa8c251fe1763b6b2f447a6b169
0f9316b868e48b83ca40c4709c13cd6fff5c2eb5
c7904677b8b2f52c1e0d24522cea665310a3afc75f371fd3d226afd79110f332
GET /assets/js/bootstrap.min.js HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "c75f-59f4bb5063600-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 14085
content-type: application/javascript
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/assets/img/logoo.png
185.178.208.187200 OK 35 kB URL HTTP/2 dropgalaxy.com/assets/img/logoo.png
IP 185.178.208.187:0
File type PNG image data, 370 x 126, 8-bit/color RGBA, non-interlaced\012- data
Hash 94e79fb7357152db5c5a1ce7c87c3380
4ae8b4b417ead45b2363c9f59a02f5de378dd59a
c80e6b132b064f69a38b6f9738a70467e3495fac04f2d314d35fe78289630823
GET /assets/img/logoo.png HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Fri, 24 Jul 2020 07:54:51 GMT
etag: "872e-5ab2b49a448c0"
accept-ranges: bytes
content-length: 34606
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
content-type: image/png
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/images/buy_eth.png
185.178.208.187200 OK 1.2 kB URL HTTP/2 dropgalaxy.com/images/buy_eth.png
IP 185.178.208.187:0
File type PNG image data, 222 x 83, 8-bit colormap, non-interlaced\012- data
Hash 479f53c7a95b733a3f75549dc81911c0
08b0afdccd31497faa329c53305a33f961ee248c
dfe6abeb48711f23656d32822f8b2aedf5283c1d545bd4bcb31db12bb67d9087
GET /images/buy_eth.png HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Thu, 06 Sep 2018 10:41:39 GMT
etag: "4ca-57531892f9ec0"
accept-ranges: bytes
content-length: 1226
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
content-type: image/png
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5ccc99b64638e9bb0937dd069710b6cb
757e453a14a9f4d54e015827f0c831f8eeebdf2a
9cb6e2a18a9d7c1418a0a2478a64b7d1623c6f19f49b1b9efb379c7a02a112a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4050
Cache-Control: max-age=124083
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:39 GMT
Etag: "63de0589-117"
Expires: Mon, 06 Feb 2023 08:20:42 GMT
Last-Modified: Sat, 04 Feb 2023 07:13:13 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
dropgalaxy.com/assets/styles/nice-select.css?v=1
185.178.208.187200 OK 938 B URL HTTP/2 dropgalaxy.com/assets/styles/nice-select.css?v=1
IP 185.178.208.187:0
Hash be874bff6ece913319c6119fb37b1c79
002d48405e908b3f689379fe039dfc69fcf14c35
192f4b6018ed8d7f707617300546fb68f5d3454bec6959c243a1d6753d84ed0e
GET /assets/styles/nice-select.css?v=1 HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/assets/styles/white.min.css
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "cc9-59f4bb5063600-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 938
content-type: text/css
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/assets/styles/slick.css
185.178.208.187200 OK 569 B URL HTTP/2 dropgalaxy.com/assets/styles/slick.css
IP 185.178.208.187:0
Hash 8089b828484e2269d5dcb1089c4004ba
9b61a0f5bf48ef08890dbae954ee9b5a90015d2c
35c1c8741af6e18aa88caca3d060e26808e1103a29b3ee0415ae3e3b648bcd09
GET /assets/styles/slick.css HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/assets/styles/white.min.css
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "6f0-59f4bb5063600-gzip"
accept-ranges: bytes
cache-control: max-age=2678400, public
expires: Sun, 04 Feb 2024 21:52:39 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 569
content-type: text/css
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.38.227.80101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.227.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PSFFZlbGrAMYrpwhOOK7nQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HV/xhG2m2Yq4DgTh9zfZPFQQ5K4=
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.227200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dropgalaxy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 07:32:21 GMT
expires: Mon, 29 Jan 2024 07:32:21 GMT
cache-control: public, max-age=31536000
age: 570018
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dropgalaxy.com/assets/styles/webfonts/fa-regular-400.woff2
185.178.208.187200 OK 100 kB URL HTTP/2 dropgalaxy.com/assets/styles/webfonts/fa-regular-400.woff2
IP 185.178.208.187:0
File type Web Open Font Format (Version 2), TrueType, length 99900, version 1.0\012- data
Hash 2e82488238926404a9d7eec1022cf609
e44c79eba26349e95ede8ab490da29cf1ac4f99e
7fe6f6d662daf5cff3101520eef81c254b0419ea17cb8c0ae21acd6ab74eb74b
GET /assets/styles/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dropgalaxy.com/assets/styles/white.min.css
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "1863c-59f4bb5063600"
accept-ranges: bytes
content-length: 99900
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
access-control-allow-origin: *
content-type: application/font-woff2
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/assets/styles/webfonts/fa-solid-900.woff2
185.178.208.187200 OK 83 kB URL HTTP/2 dropgalaxy.com/assets/styles/webfonts/fa-solid-900.woff2
IP 185.178.208.187:0
File type Web Open Font Format (Version 2), TrueType, length 83144, version 1.0\012- data
Hash 3b944a15735413ab9c3c2bc0afb6fb46
95afa20a602f6b791119912f35cc3ab767b1676f
a007d9ddd44ab3e1dd643c487884c254d24fb30beeea1260eabe70153d018523
GET /assets/styles/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dropgalaxy.com/assets/styles/white.min.css
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "144c8-59f4bb5063600"
accept-ranges: bytes
content-length: 83144
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
access-control-allow-origin: *
content-type: application/font-woff2
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
dropgalaxy.com/assets/styles/webfonts/fa-light-300.woff2
185.178.208.187200 OK 107 kB URL HTTP/2 dropgalaxy.com/assets/styles/webfonts/fa-light-300.woff2
IP 185.178.208.187:0
File type Web Open Font Format (Version 2), TrueType, length 106624, version 1.0\012- data
Size 107 kB (106624 bytes)
Hash 5ff1542dcc475555920015f954d56ecd
579209fe663b347d31740e859de58f2fd0f4ce88
9e178abaada4c85b35e7d012f2d667beb22c83d6b4f42810efcf3731fd632979
GET /assets/styles/webfonts/fa-light-300.woff2 HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dropgalaxy.com/assets/styles/white.min.css
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:39 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "1a080-59f4bb5063600"
accept-ranges: bytes
content-length: 106624
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:39 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
access-control-allow-origin: *
content-type: application/font-woff2
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de8fa4952ed89a140b4cd92ac0fafc4a
fe4bf9602f8bc9112b7e11f00ec45897bd9e914d
c5bf1ca2fc79bcff2658af8022afee58d378409417d996057a9e25a5f2be9b69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5BF1CA2FC79BCFF2658AF8022AFEE58D378409417D996057A9E25A5F2BE9B69"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14482
Expires: Sun, 05 Feb 2023 01:54:02 GMT
Date: Sat, 04 Feb 2023 21:52:40 GMT
Connection: keep-alive
wednesdaynaked.com/7e2d4fe168a1e398773143463900f16f/invoke.js
192.243.61.225200 OK 9.8 kB URL HTTP/1.1 wednesdaynaked.com/7e2d4fe168a1e398773143463900f16f/invoke.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Hash c74bc9a8de6743fbc9b15ba1646e48ee
e3904c24384ad32db6c4b8b7e32c1b79fc1d029d
ab54614f0b064550d68e6c6ce86f5ed0e25b63e76f3724e72220d6e2506f62d3
GET /7e2d4fe168a1e398773143463900f16f/invoke.js HTTP/1.1
Host: wednesdaynaked.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 21:52:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8d8bd2344aeca34aaace021bd7f9865b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash dccebcfaad6c97d820364ec92d4a511b
a1adef127bad0f85751b5a7b47025c33d40083c4
6be12cee36873a68c71f277876470b5a3807acf44b39a92b575595e9aa95c973
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 21:52:40 GMT
Last-Modified: Sat, 04 Feb 2023 20:27:52 GMT
Server: ECS (bsa/EB1E)
X-Cache: Miss from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ajs7Zx3Dris9n5IvvPURbvN3upUCkZ5WkWCFQSU4D6AapL9SiegiLg==
Age: 5088
ocsp.sectigo.com/
104.18.32.68200 OK 280 B IP 104.18.32.68:0
Hash a276193a48c4e77877da81e099a3b504
a641e796e689acb14da9d8f820f6d3795bc69a06
07f6df38eec3e8357decd9388da978f0a43519a76d96be8d03be1a8b6cd64f67
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:52:40 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 04:43:15 GMT
Expires: Thu, 09 Feb 2023 04:43:14 GMT
Etag: "a641e796e689acb14da9d8f820f6d3795bc69a06"
Cache-Control: max-age=369633,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7946a27dac1ffac4-OSL
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 3198e596159aa513e932df852514ab1f
bd652d5d1b6f2560c588978ec393d7ee32eead54
1d6850c97ede09340d363ac5e409d64003b5154d2e118a9591e10415d5f73376
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropgalaxy.com
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dropgalaxy.com
access-control-allow-credentials: true
set-cookie: uid_id2=cfad1ff4-e169-4532-8f9c-58ac6461b8e9:1:1; expires=Tue, 01 Feb 2033 21:52:40 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 280 B IP 104.18.32.68:0
Hash a276193a48c4e77877da81e099a3b504
a641e796e689acb14da9d8f820f6d3795bc69a06
07f6df38eec3e8357decd9388da978f0a43519a76d96be8d03be1a8b6cd64f67
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:52:40 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 04:43:15 GMT
Expires: Thu, 09 Feb 2023 04:43:14 GMT
Etag: "a641e796e689acb14da9d8f820f6d3795bc69a06"
Cache-Control: max-age=369633,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7946a27da936b50f-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17075
Expires: Sun, 05 Feb 2023 02:37:15 GMT
Date: Sat, 04 Feb 2023 21:52:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17075
Expires: Sun, 05 Feb 2023 02:37:15 GMT
Date: Sat, 04 Feb 2023 21:52:40 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Nunito:300,400,600,700,800
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Nunito:300,400,600,700,800
IP 142.250.74.106:0
Hash 168786422ecae7ed096b0e25d7a9b743
478232a2b2760e5f136a6555c38701efe2063563
3a6a119008c735fe0b142725ba99e9d34838127fc0d4a16a5c57f22deab2e2ed
GET /css?family=Nunito:300,400,600,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 21:52:39 GMT
date: Sat, 04 Feb 2023 21:52:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 85327
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 6a1fd567-b34d-4787-aa05-5b7db3fc51c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fflRBHU4IAMFnsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61c06-2d1ec3206d2ebeb4780a84b4;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:11:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUloQ6xaRWpnvMRh7kFvFIWhFotmILLZHfD_YK01RmrQ2vmYKVh46w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 03:08:59 GMT
age: 67421
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:48:08 GMT
age: 272
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 85339
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 85328
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 85150
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ad.a-ads.com/1536089?size=300x250
78.46.32.91200 OK 5.2 kB URL HTTP/2 ad.a-ads.com/1536089?size=300x250
IP 78.46.32.91:0
ASN #24940 Hetzner Online GmbH
Hash d799526a39443091366900c016118d05
1f30d7a868145f5fea65ff1ae76e2210169bb09a
cd0cd94c62e4c84f0d69c72bcc5e30aed44a973a513ff802309a51916baa878f
GET /1536089?size=300x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 21:52:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://dropgalaxy.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8f9bacc08c889729984cc0c23a75c2d
85ad56996d5634a7f9493752e069ecd01aa41cc4
587757a2cfd9ecee0cadf57b1c40b8a0900de1f1b4eebfb7ee88b1a2aeff87b7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "587757A2CFD9ECEE0CADF57B1C40B8A0900DE1F1B4EEBFB7EE88B1A2AEFF87B7"
Last-Modified: Sat, 04 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11458
Expires: Sun, 05 Feb 2023 01:03:39 GMT
Date: Sat, 04 Feb 2023 21:52:41 GMT
Connection: keep-alive
static.a-ads.com/a-ads-banners/434753/300x250?region=eu-central-1
78.46.32.91200 OK 56 kB URL HTTP/2 static.a-ads.com/a-ads-banners/434753/300x250?region=eu-central-1
IP 78.46.32.91:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 300 x 250\012- data
Hash 84c3afa139ce4ebb61b3e1fbebac2bae
bc0b1bf77074915c7ee893edb5b0580f79d2054b
5bc91a0561aa22168aeed0b73e7be7c4015ecbe76c1075d72a3c5b49d15a6624
GET /a-ads-banners/434753/300x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 21:52:41 GMT
content-type: image/gif
content-length: 56185
x-amz-id-2: UX6Fwn5k4IpE24fqayBDr8gULcLIEB5UmiPljcbcVbkl12AqsDAPsua7sETXoeCUPAv3locNQt0=
x-amz-request-id: V58PJAQPE5VYMX1S
x-amz-replication-status: COMPLETED
last-modified: Mon, 16 Jan 2023 15:41:40 GMT
etag: "84c3afa139ce4ebb61b3e1fbebac2bae"
cache-control: max-age=315360000
x-amz-version-id: W7QAPBRU4QPGDMpD.JVs0eSZnSapec_H
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/426614/728x90?region=eu-central-1
78.46.32.91200 OK 367 kB URL HTTP/2 static.a-ads.com/a-ads-banners/426614/728x90?region=eu-central-1
IP 78.46.32.91:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 728 x 90\012- data
Size 367 kB (367194 bytes)
Hash 94501fecb0e1ddeefd6b6acd9425ff4f
415ad3c87a12cfe4312072756938a3c631197f2c
c74f5e6d8b7fea6fb023f7d84ae88eb946ff4b2f0da00dd61b12c2c097401c7b
GET /a-ads-banners/426614/728x90?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 21:52:41 GMT
content-type: image/gif
content-length: 367194
x-amz-id-2: RHqf2wxJjhFqoPXg1f/LPh3Kx3Uv8zV8X3HFDkdAOwcC+idv+2oXVuBk0WiZ4QyIzndhOhbIkG0=
x-amz-request-id: DEBTPC0PFKEZE4WV
x-amz-replication-status: COMPLETED
last-modified: Sun, 20 Nov 2022 16:37:44 GMT
etag: "94501fecb0e1ddeefd6b6acd9425ff4f"
cache-control: max-age=315360000
x-amz-version-id: QQMdnn_ApkR6jiWCDa0h5EypcW7U5mVo
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3e4acd46b234f93b8f66bddfb049e7f1
f606219397d2684ccb9fe3daa394b00145d9ac6b
4cf65578835d4adc49e92099f07b3566d6e5f8a8406acfe7dd1fa4fc45df1033
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CF65578835D4ADC49E92099F07B3566D6E5F8A8406ACFE7DD1FA4FC45DF1033"
Last-Modified: Fri, 03 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19216
Expires: Sun, 05 Feb 2023 03:12:57 GMT
Date: Sat, 04 Feb 2023 21:52:41 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e8f9bacc08c889729984cc0c23a75c2d
85ad56996d5634a7f9493752e069ecd01aa41cc4
587757a2cfd9ecee0cadf57b1c40b8a0900de1f1b4eebfb7ee88b1a2aeff87b7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "587757A2CFD9ECEE0CADF57B1C40B8A0900DE1F1B4EEBFB7EE88B1A2AEFF87B7"
Last-Modified: Sat, 04 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11458
Expires: Sun, 05 Feb 2023 01:03:39 GMT
Date: Sat, 04 Feb 2023 21:52:41 GMT
Connection: keep-alive
adoto.net/dashboard/display/items.php?4010&1636&300&250&4&0&0
188.114.96.1200 OK 11 kB URL HTTP/2 adoto.net/dashboard/display/items.php?4010&1636&300&250&4&0&0
IP 188.114.96.1:0
File type ASCII text, with very long lines (376)
Hash 771a8c25ac5c1cbb498896d8d21c7723
ae43408ab7c643e2021d9f5a9c8528bb947d39dd
00406d4e7bfc361df7a170fb5b421181561add879ce143757b8f5fe68d39a141
GET /dashboard/display/items.php?4010&1636&300&250&4&0&0 HTTP/1.1
Host: adoto.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:39 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding,User-Agent
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Sat, 04 Feb 2023 21:52:39 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-server-powered-by: Engintron
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PmzGqnZRtzlD8EXt8WBTpfY83cynpgEABayMtnjHRh3aoXR2L%2FCRfuBL%2FNe7Fr51AQRQXLESYcbvT%2Fe2m14yRZ3YDt6ufsHbgUq96mz8ajTDTXJL8kTp6Ufkod4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7946a2751862b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rd.mobileoffers-5-p-download.com/b/1390
188.114.97.1200 OK 711 B URL HTTP/2 rd.mobileoffers-5-p-download.com/b/1390
IP 188.114.97.1:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (894), with no line terminators
Hash 71e87f3aea2cd3eec287ac6a6f051dbd
d7ad4ccb1a37d76e415c75fddc49d45e1a6b3e9a
fc5ff7426f89c22be8d6e4326e3997d02a2a948dd65f87a84d72da539474f92c
GET /b/1390 HTTP/1.1
Host: rd.mobileoffers-5-p-download.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropgalaxy.com
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:41 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
set-cookie: tr_1390=86336f37-64dc-46ab-9eb0-bb94f816fc2a; expires=Sat, 11-Feb-2023 21:52:41 GMT; Max-Age=604800; path=/
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: Origin, Accept, Access-Control-Allow-Headers, Access-Control-Request-Method, Access-Control-Request-Headers, Content-Type
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat, 04 Feb 2023 21:52:41 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFesHh5emhr%2Fnb%2FWY3hWO1BecdRLbPvsSGxgFirCOcR%2F%2FFEP8kkz8bVKsd7EIQ2WwLml%2B8HkcVtz2fjjcYyPu5vclMuFASJDiA0CA%2BC8Nt8LnQJLE2EpKGetYZX1yIP7o1d4S58Y3aAIC1PeVe6NfqdjoA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7946a281cccbb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dropgalaxy.com/assets/styles/webfonts/fa-brands-400.woff2
185.178.208.187200 OK 64 kB URL HTTP/2 dropgalaxy.com/assets/styles/webfonts/fa-brands-400.woff2
IP 185.178.208.187:0
File type Web Open Font Format (Version 2), TrueType, length 64224, version 1.0\012- data
Hash 3443cc888af3c04b49389a466cf74f0f
59f6a375dfa2f0669704fa8fef86b22aaf9701a0
a0923a4c80c1a64629cd6da1298fa57714919564d09aaf25b2c657d0e358368f
GET /assets/styles/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dropgalaxy.com/assets/styles/white.min.css
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602; 1a52-d4ca6b02=062874f5-8c86-4418-8589-071286ba5100; dom3ic8zudi28v8lr6fgphwffqoz0j6c=cfad1ff4-e169-4532-8f9c-58ac6461b8e9%3A1%3A1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:41 GMT
last-modified: Mon, 24 Feb 2020 05:33:12 GMT
etag: "fae0-59f4bb5063600"
accept-ranges: bytes
content-length: 64224
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:41 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
access-control-allow-origin: *
content-type: application/font-woff2
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fbe618e5210d1c5052d640d0213f5f18
862cb39cb91b0a33c187cef4114914aefa635690
f19f3a622b6410842d52cb9d1148c24d7d67b4771862372823a51a82f930431e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F19F3A622B6410842D52CB9D1148C24D7D67B4771862372823A51A82F930431E"
Last-Modified: Sat, 04 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=668
Expires: Sat, 04 Feb 2023 22:03:49 GMT
Date: Sat, 04 Feb 2023 21:52:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f519d94d9cc3532c46d472a394f2212b
667c673d7aae18a2f9390a0b2a58bd09f7c03df8
df641050419af0e74dd55ff56b1e620ff87941f4d26538ba64bb06f08c40ddb7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF641050419AF0E74DD55FF56B1E620FF87941F4D26538BA64BB06F08C40DDB7"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9171
Expires: Sun, 05 Feb 2023 00:25:32 GMT
Date: Sat, 04 Feb 2023 21:52:41 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c1d7fecc9cda1f33cfae619a4a703cc1
62865e7b22aef0e585c8fa33996520758df1f21d
192b4f06287a426d05b4fc4e97a4e4d2d5fc18f62ec262cf876e9163cca3d697
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "192B4F06287A426D05B4FC4E97A4E4D2D5FC18F62EC262CF876E9163CCA3D697"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12887
Expires: Sun, 05 Feb 2023 01:27:28 GMT
Date: Sat, 04 Feb 2023 21:52:41 GMT
Connection: keep-alive
outdilateinterrupt.com/watch.623416341383.js?key=7e2d4fe168a1e398773143463900f16f&kw=%5B%22download%22%2C%22word%22%2C%22learn%22%2C%22japanese%22%2C%22jlpt%22%2C%22vocabulary%22%2C%22patched%22%2C%22youarefinished%22%2C%22src%22%2C%22apk%22%2C%22-%22%2C%22dropgalaxy%22%2C%22free%22%2C%22file%22%2C%22upload%22%2C%22service%22%5D&refer=https%3A%2F%2Fdropgalaxy.com%2F4jlkn5vnhor8&tz=0&dev=e&res=12.1055&uuid=cfad1ff4-e169-4532-8f9c-58ac6461b8e9%3A1%3A1&shu=6554ca9a06dc1cd9ce94eea1432bb5e291c90b874bdb3fe7509e4b5a0cb6910029589773c81fdc2819f152fd7adb3dad99100926db609d3b58f33ab58a3936e76e43db8469b38200e20c6a95abc38f5d7b26a7f1&pst=1675547621&rmtc=t
192.243.59.12200 OK 2.0 kB URL HTTP/1.1 outdilateinterrupt.com/watch.623416341383.js?key=7e2d4fe168a1e398773143463900f16f&kw=%5B%22download%22%2C%22word%22%2C%22learn%22%2C%22japanese%22%2C%22jlpt%22%2C%22vocabulary%22%2C%22patched%22%2C%22youarefinished%22%2C%22src%22%2C%22apk%22%2C%22-%22%2C%22dropgalaxy%22%2C%22free%22%2C%22file%22%2C%22upload%22%2C%22service%22%5D&refer=https%3A%2F%2Fdropgalaxy.com%2F4jlkn5vnhor8&tz=0&dev=e&res=12.1055&uuid=cfad1ff4-e169-4532-8f9c-58ac6461b8e9%3A1%3A1&shu=6554ca9a06dc1cd9ce94eea1432bb5e291c90b874bdb3fe7509e4b5a0cb6910029589773c81fdc2819f152fd7adb3dad99100926db609d3b58f33ab58a3936e76e43db8469b38200e20c6a95abc38f5d7b26a7f1&pst=1675547621&rmtc=t
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2508)
Hash 9bf3843f11f2833aeaefd68d4d7710c7
33e668a7c996c0ff6d90590266a66b48d1c354aa
9ecdd0b6ec7412c6e63bf0c9598bb19969f4bf5f63e782434e92f520ca8cabc6
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.623416341383.js?key=7e2d4fe168a1e398773143463900f16f&kw=%5B%22download%22%2C%22word%22%2C%22learn%22%2C%22japanese%22%2C%22jlpt%22%2C%22vocabulary%22%2C%22patched%22%2C%22youarefinished%22%2C%22src%22%2C%22apk%22%2C%22-%22%2C%22dropgalaxy%22%2C%22free%22%2C%22file%22%2C%22upload%22%2C%22service%22%5D&refer=https%3A%2F%2Fdropgalaxy.com%2F4jlkn5vnhor8&tz=0&dev=e&res=12.1055&uuid=cfad1ff4-e169-4532-8f9c-58ac6461b8e9%3A1%3A1&shu=6554ca9a06dc1cd9ce94eea1432bb5e291c90b874bdb3fe7509e4b5a0cb6910029589773c81fdc2819f152fd7adb3dad99100926db609d3b58f33ab58a3936e76e43db8469b38200e20c6a95abc38f5d7b26a7f1&pst=1675547621&rmtc=t HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropgalaxy.com
Referer: https://dropgalaxy.com/
Connection: keep-alive
Cookie: u_pl=16978123; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjk3ODEyMywiayI6IjdlMmQ0ZmUxNjhhMWUzOTg3NzMxNDM0NjM5MDBmMTZmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMzg3MzIyLCJwaWQiOjU3MTcxLCJhbiI6dHJ1ZSwibGFuIjp0cnVlLCJjaWQiOjM0LCJhaWQiOjIzLCJwdCI6NCwicGsiOiJ3MWo4NWt5cDMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9kcm9wZ2FsYXh5LmNvbS80amxrbjV2bmhvcjgifX0.dwtXwSK8VtkuojgRetfkLF8wkTYy46-nzoj5Nx3tfS8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 04 Feb 2023 21:52:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dropgalaxy.com
Access-Control-Allow-Origin: https://dropgalaxy.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=cfad1ff4-e169-4532-8f9c-58ac6461b8e9:1:1; expires=Sat, 11 Feb 2023 21:52:41 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 Feb 2023 21:52:41 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 Feb 2023 21:52:41 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sun, 05 Feb 2023 21:52:41 GMT; secure; SameSite=None
uncs23=1; expires=Sun, 05 Feb 2023 21:52:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d1577b99836ffbd5aacbb64ce63fb7ad
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 7d70322f4f6af3289d4d7f4c22a4c179
f2abd2a7c1575ab0b362920699143dce3ff60d75
0e5b166c8e8d91421e0122ab3863a9cdd88ca4dffa1d9beb9cdf61aca0ac95f2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dropgalaxy.com/assets/img/favicon.png
185.178.208.187200 OK 535 B URL HTTP/2 dropgalaxy.com/assets/img/favicon.png
IP 185.178.208.187:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 95c9fab62ea4598b2dd8f46f38749209
21e2952a56fe22cdabe48090669209de30f34efe
ede57faea4e02bdc3e1d33c46763451a42fd05bb4e3e153a65fb7e1b7001cdf7
GET /assets/img/favicon.png HTTP/1.1
Host: dropgalaxy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/4jlkn5vnhor8
Cookie: __ddg1_=NU03ndbKi4h0iWkPE7S2; lastidfile=4jlkn5vnhor8; lang=english; aff=25602; 1a52-d4ca6b02=062874f5-8c86-4418-8589-071286ba5100; dom3ic8zudi28v8lr6fgphwffqoz0j6c=cfad1ff4-e169-4532-8f9c-58ac6461b8e9%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=2628000
content-security-policy: upgrade-insecure-requests;
date: Sat, 04 Feb 2023 21:52:41 GMT
last-modified: Wed, 22 Apr 2020 14:05:54 GMT
etag: "217-5a3e1a160d480"
accept-ranges: bytes
content-length: 535
cache-control: max-age=2678400, public
expires: Mon, 06 Mar 2023 21:52:41 GMT
vary: User-Agent
x-xss-protection: 1; mode=block
content-type: image/png
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2
mobileoffers-7-v-download.com/status
104.21.8.57200 OK 20 kB URL HTTP/2 mobileoffers-7-v-download.com/status
IP 104.21.8.57:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c7fd9ace706dced7dd605ad4e428c710
a33f1bedbbc49922fe50c871dc5963bdf6026513
3f47fd0bff31f16dd012c8581f971502fefe71bd5b2a9961f915ac0a4d07d777
POST /status HTTP/1.1
Host: mobileoffers-7-v-download.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropgalaxy.com
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:41 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: Origin, Accept, Access-Control-Allow-Headers, Access-Control-Request-Method, Access-Control-Request-Headers, Content-Type
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat, 04 Feb 2023 21:52:41 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbQP%2FAITwXjI507TdJDYaoQt7bn3ZRNjlirc23Pqlz5b9kNrL2Y7ZnIfCYnxLSdDNKbKB6Qn5LNcRYtBgvs65%2Fcd8rfP5m25LzRAioY%2BpQ5UfI1XhPtUoGqgT%2FKxACD9cOoOaKdUIgwmSKmraqgYsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7946a284ca07b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 173178f73b30dcae542a8d87e3dc718c
6371b093fbb92107fcfa160dd4655824f72c91d9
8f63e5a7116a2456f60943faf54e945bd498f982adf60ea8e005e24fbf689f32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8F63E5A7116A2456F60943FAF54E945BD498F982ADF60EA8E005E24FBF689F32"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6375
Expires: Sat, 04 Feb 2023 23:38:56 GMT
Date: Sat, 04 Feb 2023 21:52:41 GMT
Connection: keep-alive
tpc.googlesyndication.com/simgad/10068427869371561798?w=300&h=300
216.58.207.193200 OK 5.2 kB URL HTTP/2 tpc.googlesyndication.com/simgad/10068427869371561798?w=300&h=300
IP 216.58.207.193:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x77, components 3\012- data
Hash a122ce5d6ce0d5ebde799539d2112092
e3f8aeaf27b7172744b77b059f515e2702453816
a7f42b9d19f08a0c3a1c7624defb35ab036dcb60a92b671255bd0588e02eb822
GET /simgad/10068427869371561798?w=300&h=300 HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 5155
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 18:51:57 GMT
expires: Fri, 02 Feb 2024 18:51:57 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Oct 2019 11:19:41 GMT
content-type: image/jpeg
age: 183644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rd.mobileoffers-5-p-download.com/?a=1390&file=ReWord_%20Learn%20Japanese%20JLPT%20Vocabulary%20v3.15.3%20Patched%20by%20youarefinished_src.apk&tr_id=062874f5-8c86-4418-8589-071286ba5100
188.114.97.1200 OK 27 kB URL HTTP/2 rd.mobileoffers-5-p-download.com/?a=1390&file=ReWord_%20Learn%20Japanese%20JLPT%20Vocabulary%20v3.15.3%20Patched%20by%20youarefinished_src.apk&tr_id=062874f5-8c86-4418-8589-071286ba5100
IP 188.114.97.1:0
Hash cb3ac3e947e6b22cf647f42abd89df56
4c7d8fad994788be53db23bb18cfcbe681636fcb
7bddecf2d6b0a1f9b5edd98bfb9a6a360b10166f9b390acfe33a73f4c68be516
OPTIONS /?a=1390&file=ReWord_%20Learn%20Japanese%20JLPT%20Vocabulary%20v3.15.3%20Patched%20by%20youarefinished_src.apk&tr_id=062874f5-8c86-4418-8589-071286ba5100 HTTP/1.1
Host: rd.mobileoffers-5-p-download.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://dropgalaxy.com/
Origin: https://dropgalaxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:41 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET
access-control-allow-headers: Origin, Accept, Access-Control-Allow-Headers, Access-Control-Request-Method, Access-Control-Request-Headers, Content-Type
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Sat, 04 Feb 2023 21:52:41 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CGo3iuGGcD%2B27AgvsHBRfjTVSVwchdKub3croAXfpO1wGoO4HLf7%2BQcMs2i0Jjc%2FnlVofOZ97ahDkowiPkLcoXzxajriYvz6suKejvvR822zHJW5UoBDz0MExcMhJ2z3qQogasI8Z0IVICnXFAiRgigxqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7946a284c8c4b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:48:48 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 420776112
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j99&a=858986756&t=pageview&_s=1&dl=https%3A%2F%2Fdropgalaxy.com%2F4jlkn5vnhor8&ul=en-us&de=UTF-8&dt=Download%20Word%20Learn%20Japanese%20JLPT%20Vocabulary%20Patched%20youarefinished%20src%20apk%20-%20DropGalaxy%20(Free%20file%20upload%20service)&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=344045533&gjid=1602211129&cid=643118798.1675547599&tid=UA-70132428-1&_gid=647427447.1675547599&_r=1&_slc=1>m=2ou9m0&z=895129828
142.250.74.14200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=858986756&t=pageview&_s=1&dl=https%3A%2F%2Fdropgalaxy.com%2F4jlkn5vnhor8&ul=en-us&de=UTF-8&dt=Download%20Word%20Learn%20Japanese%20JLPT%20Vocabulary%20Patched%20youarefinished%20src%20apk%20-%20DropGalaxy%20(Free%20file%20upload%20service)&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=344045533&gjid=1602211129&cid=643118798.1675547599&tid=UA-70132428-1&_gid=647427447.1675547599&_r=1&_slc=1>m=2ou9m0&z=895129828
IP 142.250.74.14:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j99&a=858986756&t=pageview&_s=1&dl=https%3A%2F%2Fdropgalaxy.com%2F4jlkn5vnhor8&ul=en-us&de=UTF-8&dt=Download%20Word%20Learn%20Japanese%20JLPT%20Vocabulary%20Patched%20youarefinished%20src%20apk%20-%20DropGalaxy%20(Free%20file%20upload%20service)&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=344045533&gjid=1602211129&cid=643118798.1675547599&tid=UA-70132428-1&_gid=647427447.1675547599&_r=1&_slc=1>m=2ou9m0&z=895129828 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://dropgalaxy.com
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://dropgalaxy.com
date: Sat, 04 Feb 2023 21:52:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 98f0950ed03ec36f411e972a9c167b2a
f5da8f3faa05536769ce459ed3028a1f0bec4fb0
9db298b3908012b0310ffc50ae948424d0ec38a8f1f9b6ae09c36a64f596e91b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DB298B3908012B0310FFC50AE948424D0EC38A8F1F9B6AE09C36A64F596E91B"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12972
Expires: Sun, 05 Feb 2023 01:28:54 GMT
Date: Sat, 04 Feb 2023 21:52:42 GMT
Connection: keep-alive
securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117
142.250.74.130200 OK 133 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2023013101.js?cb=31072117
IP 142.250.74.130:0
File type ASCII text, with very long lines (65395)
Size 133 kB (132970 bytes)
Hash d5c82d46530eac4ab5ed16ba65bdc5e2
84ad2ae028163b72ef16d9d175dc2a5d4cdb2f5d
d6824148d4d65fa29c6b6b32640c329584868f7319e15e93508ad6fcdbb6b965
GET /gpt/pubads_impl_2023013101.js?cb=31072117 HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 132970
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 11:55:51 GMT
expires: Thu, 01 Feb 2024 11:55:51 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 31 Jan 2023 09:37:24 GMT
content-type: text/javascript
age: 295011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dropgalaxy.com
142.250.74.130200 OK 498 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dropgalaxy.com
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with very long lines (2134), with no line terminators
Hash 03d04773b8f2411c955a38ab447ec300
611b98d400b0ed18e1970304da653392b867265f
4ca2d593637c250033f364c67938971ccc54add7f2ef36ab3756a4fc5a754242
GET /pagead/ppub_config?ippd=dropgalaxy.com HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropgalaxy.com
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Sat, 04 Feb 2023 21:52:42 GMT
expires: Sat, 04 Feb 2023 21:52:42 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 498
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 22:07:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cloudimagesb.com/bi/18/96/a2/1896a2ee23829c0577a0fa656f1b1fc9/1659457927.jpg
45.133.44.9200 OK 16 kB URL HTTP/2 cdn.cloudimagesb.com/bi/18/96/a2/1896a2ee23829c0577a0fa656f1b1fc9/1659457927.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 728x90, components 3\012- data
Hash f6f02ccb47cbdc579104c85a17191e7d
df4e1b8e0cc1fd6e07aadd6b341f6262f66791a4
173d58f6b6a37261a0dc985966e2918cfb5a761c6ea140899ade0f82a04ad768
GET /bi/18/96/a2/1896a2ee23829c0577a0fa656f1b1fc9/1659457927.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:42 GMT
content-type: image/jpeg
content-length: 16506
server: nginx/1.17.6
last-modified: Tue, 02 Aug 2022 16:32:15 GMT
etag: "62e9518f-407a"
expires: Mon, 06 Feb 2023 21:52:42 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=dropgalaxy.com
172.217.21.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=dropgalaxy.com
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dropgalaxy.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 21:52:42 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=dropgalaxy.com
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=dropgalaxy.com
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=dropgalaxy.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 21:52:42 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s4.histats.com/stats/0.php?4531111&@f16&@g1&@h1&@i1&@j1675547599382&@k0&@l1&@mDownload%20Word%20Learn%20Japanese%20JLPT%20Vocabulary%20Patched%20youarefinished%20src%20apk%20-%20DropGalaxy%20(Free%20file%20upload%20service)&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:54504818&@b3:1675547599&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdropgalaxy.com%2F4jlkn5vnhor8&@w
149.56.240.130200 OK 53 B URL HTTP/1.1 s4.histats.com/stats/0.php?4531111&@f16&@g1&@h1&@i1&@j1675547599382&@k0&@l1&@mDownload%20Word%20Learn%20Japanese%20JLPT%20Vocabulary%20Patched%20youarefinished%20src%20apk%20-%20DropGalaxy%20(Free%20file%20upload%20service)&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:54504818&@b3:1675547599&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdropgalaxy.com%2F4jlkn5vnhor8&@w
IP 149.56.240.130:0
File type ASCII text, with no line terminators
Hash 88c3b9dc41816bae2f8c286fcb09760c
326f4fde58d975f8a138b0fd6ed469888859c26f
bf70b0ec797a2067784ecd2d4e693a524415f55e9004d9bc1c30f2d18e35c03a
GET /stats/0.php?4531111&@f16&@g1&@h1&@i1&@j1675547599382&@k0&@l1&@mDownload%20Word%20Learn%20Japanese%20JLPT%20Vocabulary%20Patched%20youarefinished%20src%20apk%20-%20DropGalaxy%20(Free%20file%20upload%20service)&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1280&@b1:54504818&@b3:1675547599&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fdropgalaxy.com%2F4jlkn5vnhor8&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:52:42 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 53
Connection: close
60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 2.7 kB URL HTTP/2 60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sat, 04 Feb 2023 21:52:42 GMT
expires: Sun, 04 Feb 2024 21:52:42 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env
142.250.74.34200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env
IP 142.250.74.34:0
File type JSON data\012- , ASCII text, with very long lines (14713), with no line terminators
Hash 3892f2ee0ecc3bf70e15a08982018bf6
3b75bfbdd8e0d35e0088d552d4894267fbf2ddcc
e72f371dbb1fea4ec1c1945ee3e84db5e46590346201820a074c4f481f0105eb
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropgalaxy.com
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 04 Feb 2023 21:52:42 GMT
server: cafe
content-length: 11105
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cloudflareinsights.com/cdn-cgi/rum
104.16.56.101204 No Content 0 B URL HTTP/2 cloudflareinsights.com/cdn-cgi/rum
IP 104.16.56.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 20464
Origin: https://dropgalaxy.com
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 21:52:42 GMT
access-control-allow-origin: https://dropgalaxy.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7946a28b0c10b50c-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYtrmJvQEwAQ&v=APEucNW3vZh-kyLpcEf_MAYv1_j6BqvXLxRZNKWW0uLlWLEl5D88sKOm-H0t9lDe45lbH6hE_LDLZQoeoVt3qEyevG4pLkPRnzc75YcXuSuYT032eLHoIslb-jxFiP3SFFD-eopfVwcyesGfdAXJsjthffDk8I-k3JuyB9YzssiwjqnrHOytQcQ
216.58.207.194200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQpvPq4AIYtrmJvQEwAQ&v=APEucNW3vZh-kyLpcEf_MAYv1_j6BqvXLxRZNKWW0uLlWLEl5D88sKOm-H0t9lDe45lbH6hE_LDLZQoeoVt3qEyevG4pLkPRnzc75YcXuSuYT032eLHoIslb-jxFiP3SFFD-eopfVwcyesGfdAXJsjthffDk8I-k3JuyB9YzssiwjqnrHOytQcQ
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CJfnugEQpvPq4AIYtrmJvQEwAQ&v=APEucNW3vZh-kyLpcEf_MAYv1_j6BqvXLxRZNKWW0uLlWLEl5D88sKOm-H0t9lDe45lbH6hE_LDLZQoeoVt3qEyevG4pLkPRnzc75YcXuSuYT032eLHoIslb-jxFiP3SFFD-eopfVwcyesGfdAXJsjthffDk8I-k3JuyB9YzssiwjqnrHOytQcQ HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 21:52:42 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 22:07:42 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 21:52:42 GMT
cache-control: private
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.66200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.66:0
File type ASCII text, with very long lines (3504)
Hash 40b8ffdc606e81703c5f6a39df96f373
0a39b905fe6b8f947d256b01614abcdd27baef65
93cfc3bdb53008e8640dee5f3e7515b10a9b2959e69d8f2919f3d243cf547f36
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 49146
date: Sat, 04 Feb 2023 21:52:42 GMT
expires: Sat, 04 Feb 2023 21:52:42 GMT
cache-control: private, max-age=3000
etag: "1675254965429469"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182863&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iN87yT35xLBAsrQs9haSFd&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396516534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=888105777999&turl=https://dropgalaxy.com/4jlkn5vnhor8&DVP_PP_BUNDLE_ID=
95.101.11.115200 OK 1.9 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182863&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iN87yT35xLBAsrQs9haSFd&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396516534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=888105777999&turl=https://dropgalaxy.com/4jlkn5vnhor8&DVP_PP_BUNDLE_ID=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (536)
Hash 87b6182d03ee779aa68e37632f67656e
fac511e36df5215ae95ad7d03c4984e5ffcb7f6e
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
GET /dvbs_src.js?ctx=1828362&cmp=115750&plc=5182863&sid=18330&dvregion=0&unit=160x600&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iN87yT35xLBAsrQs9haSFd&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396516534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=888105777999&turl=https://dropgalaxy.com/4jlkn5vnhor8&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycds6p1jm1dM37ZrGE7degj1PHtVHSCOhkWg3tNxtDa8jls04Qf_pWilJX59SK2PF90mCXMWOvLDiSS4yJ4B9Ex0-uw
Cache-Control: max-age=86400
Expires: Wed, 18 Jan 2023 15:48:02 GMT
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1922
x-goog-meta-pipeline-id: 742670731
x-goog-meta-previous-generation-number: 1673253614982549
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
x-goog-storage-class: STANDARD
Accept-Ranges: bytes
Content-Length: 1922
Server: UploadServer
Date: Sat, 04 Feb 2023 21:52:42 GMT
Connection: keep-alive
cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iN87yT35xLBAsrQs9haSFd&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396516534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=888105777999&turl=https://dropgalaxy.com/4jlkn5vnhor8&DVP_PP_BUNDLE_ID=
95.101.11.115200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iN87yT35xLBAsrQs9haSFd&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396516534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=888105777999&turl=https://dropgalaxy.com/4jlkn5vnhor8&DVP_PP_BUNDLE_ID=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash 558236d14c2aba66c3914c13a1854592
6f67ca562bf15c1a23254b80111d11d99260eff7
ae734998083e7b4a03942d17ae10e83c9d5ff2a75ad66fadfe7eb8acab3bf23f
GET /dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iN87yT35xLBAsrQs9haSFd&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396516534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=888105777999&turl=https://dropgalaxy.com/4jlkn5vnhor8&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 10:02:56 GMT
Accept-Ranges: bytes
ETag: "0c8245b2436d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3338
Date: Sat, 04 Feb 2023 21:52:42 GMT
Connection: keep-alive
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
151.101.129.229200 OK 437 B URL HTTP/2 cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
IP 151.101.129.229:0
File type ASCII text, with very long lines (693)
Hash 3e32ff89cf939963a7d49f75342d6e8e
176bf2bf753a652fcd2b12721dfd72c50f424740
01f4ecc7a42b9fd7f72a334434871c05e97d09fb74451696e7bc59d3f28b9b27
GET /gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 21:52:43 GMT
age: 19433
x-served-by: cache-fra-eddf8230037-FRA, cache-bma1643-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 437
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
IP 142.250.74.131:0
Hash 54560d4504ea0e89bbdf8e2c6ead8ebb
1e22ba7e6466107c3020ed9cbea820a607abcb49
a9ac6d88fb573f4105ba05a706a48ea389f428bc0c624dad9d4bba8e9aa9daa9
POST /s/gts1d4/0-8iGxjpB1Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oa.openxcdn.net/esp.js
34.102.146.192200 OK 7.9 kB IP 34.102.146.192:0
File type ASCII text, with very long lines (24615), with no line terminators
Hash df5542b88bc0e368c6999754a5b9e2ba
54f17142faeb7c882fee3bf67d537733e75e43ae
b82da9703a35c5436f9e47711f5b95d5357f02d590cb39dba99355b9b073561f
GET /esp.js HTTP/1.1
Host: oa.openxcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvwMGFffHYQy8sTedcRnmfr30vomrx37NAP7bZvkKaQgR0ioehNSqlXKXkSFNMXK3psRf9hnClXiAB1o-nr_AZlPA
x-goog-generation: 1622140251693895
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7927
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7927
server: UploadServer
date: Wed, 18 Jan 2023 06:43:33 GMT
expires: Thu, 18 Jan 2024 06:43:33 GMT
cache-control: no-transform
last-modified: Thu, 27 May 2021 18:30:51 GMT
etag: "df5542b88bc0e368c6999754a5b9e2ba"
content-type: application/javascript
age: 1523350
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d5c1c16910d3863e0e96917075b0b675
9b971a2c0ff758ddd319b5c1373ab9a9e1144ed0
794ceb68060fe4281f128225b917a38b92c611b81156f7bd18bacecf1807e53a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d5c1c16910d3863e0e96917075b0b675
9b971a2c0ff758ddd319b5c1373ab9a9e1144ed0
794ceb68060fe4281f128225b917a38b92c611b81156f7bd18bacecf1807e53a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash c18abe2300d453a0723fc5c110f40de6
8998d532b5306598aad459a75486337ab849d125
f15f028d4c85e694860adfa154a4bf6f4235326fdc47f207af763efd79278ae7
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:52:43 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "B78FF6BC0E792F44DA4B9256BA1F7C3E0B4A1B44"
Expires: Sun, 05 Feb 2023 08:00:00 GMT
Last-Modified: Sat, 04 Feb 2023 20:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2895
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7946a28e6c1eb518-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d5c1c16910d3863e0e96917075b0b675
9b971a2c0ff758ddd319b5c1373ab9a9e1144ed0
794ceb68060fe4281f128225b917a38b92c611b81156f7bd18bacecf1807e53a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d5c1c16910d3863e0e96917075b0b675
9b971a2c0ff758ddd319b5c1373ab9a9e1144ed0
794ceb68060fe4281f128225b917a38b92c611b81156f7bd18bacecf1807e53a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs
216.58.207.193200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (65534)
Hash 71f3ba24b0a01ade500d97ad0b8f3617
508b7affbf3e3c2b8bf4f46ebcb69ea29855bf9a
34c90f195073264a8f3e51bb9582b73665f65d7b053a031400c48bf627ca9d69
GET /rtv/012301181928000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropgalaxy.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28817
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "6eb387830c268337"
content-type: text/javascript; charset=UTF-8
age: 445686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs
216.58.207.193200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (14751)
Hash 73e00d54af81c3fab604b50e24c8e9c3
69acac1ec53fcbcf886bb240adabd050520197f9
3347e49ea6e174315c1bee3660a9988e4c7fe184a7a1176cf2aceb307c73125a
GET /rtv/012301181928000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropgalaxy.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5218
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "47662644ea8653a3"
content-type: text/javascript; charset=UTF-8
age: 445686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs
216.58.207.193200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (41057)
Hash d002971e2ddb3b4efd4dc02db13ee630
da135f871d06963e22f3dc6ec251cfbaed9740ad
a464154b965a79018453f4b97ffa8412a5059b0b521472bfc0e84df5c74d8fac
GET /rtv/012301181928000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropgalaxy.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12960
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "f74ebce85e2cb18a"
content-type: text/javascript; charset=UTF-8
age: 445686
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
216.58.207.193200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash c84202220125aee9bd368d2036235130
a18a7c9251c3bc1a5a96de74db84ed5af86ba618
f2f5cf1534589a8934ca4ac301eb38863fc89c48648da9a8807656a2d4a22b94
GET /rtv/012301181928000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61734
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 13:07:14 GMT
expires: Fri, 02 Feb 2024 13:07:14 GMT
cache-control: public, max-age=31536000
etag: "5b4f5406239652c8"
content-type: text/javascript; charset=UTF-8
age: 204329
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.doubleverify.com/dvbs_src_internal117.js
95.101.11.115200 OK 19 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src_internal117.js
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2636), with CRLF, LF line terminators
Hash cf93b15de9d1c76c1bc6fdaee5382496
26e52f0a242bff375cc54d8d33a1a416d89e2813
c290ae68279e0685c13650d1534a0cd86997420399bb67288046e61b13defb53
GET /dvbs_src_internal117.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Accept-Ranges: bytes
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 18840
Date: Sat, 04 Feb 2023 21:52:43 GMT
Connection: keep-alive
cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs
216.58.207.193200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (5021)
Hash 15dbec6a43680f6683938949e1b50562
fd479e89a3460ca0e48b5001aad0a2836df31dab
d08eefabc738f11545330db83c2d3e9a855add08db6b9d9217a15dd783c4f5c8
GET /rtv/012301181928000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropgalaxy.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1914
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 18:22:17 GMT
expires: Fri, 02 Feb 2024 18:22:17 GMT
cache-control: public, max-age=31536000
etag: "f13d3e1d36b26a3d"
content-type: text/javascript; charset=UTF-8
age: 185426
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=dropgalaxy.com&s=dropgalaxy.com&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468
104.16.200.58200 OK 1.2 kB URL HTTP/2 pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=dropgalaxy.com&s=dropgalaxy.com&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468
IP 104.16.200.58:0
File type ASCII text, with very long lines (2523)
Hash 4275f566000969a16d4e52febcccf90d
4eba066a29664a3cf9013c1bcb502d6ddef4a552
d915caab620059d8a3f1fbe4ee7f4c55a1f6d679ba7d4ab8c394993fc92f11a5
GET /fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=dropgalaxy.com&s=dropgalaxy.com&adtg=protag-before_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468 HTTP/1.1
Host: pixel.yabidos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:43 GMT
content-type: application/javascript
content-length: 1168
last-modified: Wed, 30 Nov 2022 23:32:03 GMT
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 6941
expires: Sat, 04 Feb 2023 23:52:43 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7946a28f2b430b41-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
IP 142.250.74.131:0
Hash 54560d4504ea0e89bbdf8e2c6ead8ebb
1e22ba7e6466107c3020ed9cbea820a607abcb49
a9ac6d88fb573f4105ba05a706a48ea389f428bc0c624dad9d4bba8e9aa9daa9
POST /s/gts1d4/0-8iGxjpB1Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 122d09f3c0e479664f7ed8ed3d4dbe74
91a4554bb5ba6a763ba9acbb712e2b57d1a1bd46
fca4655dd725b3d54840da0ab81bb7fafd628b82c56a897a1cd7f647fc4b8200
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2942
Cache-Control: max-age=163297
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:43 GMT
Etag: "63dea30e-139"
Expires: Mon, 06 Feb 2023 19:14:20 GMT
Last-Modified: Sat, 04 Feb 2023 18:25:18 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dropgalaxy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 14:34:21 GMT
expires: Fri, 02 Feb 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 199102
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dropgalaxy.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:52:41 GMT
expires: Tue, 30 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 442802
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=dropgalaxy.com&s=dropgalaxy.com&adtg=protag-in_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468
104.16.200.58200 OK 1.2 kB URL HTTP/2 pixel.yabidos.com/fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=dropgalaxy.com&s=dropgalaxy.com&adtg=protag-in_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468
IP 104.16.200.58:0
File type ASCII text, with very long lines (2523)
Hash 4275f566000969a16d4e52febcccf90d
4eba066a29664a3cf9013c1bcb502d6ddef4a552
d915caab620059d8a3f1fbe4ee7f4c55a1f6d679ba7d4ab8c394993fc92f11a5
GET /fltiu.js?qid=73533313f553633313f593630313&cid=1069&x=4404325371&p=dropgalaxy.com&s=dropgalaxy.com&adtg=protag-in_content&nci=2101210293&ci=&lon=&lat=&emh=&nai=4404325371&h=300&w=468 HTTP/1.1
Host: pixel.yabidos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:43 GMT
content-type: application/javascript
content-length: 1168
last-modified: Wed, 30 Nov 2022 23:32:03 GMT
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 6941
expires: Sat, 04 Feb 2023 23:52:43 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
server: cloudflare
cf-ray: 7946a28f4b7b0b41-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d5c1c16910d3863e0e96917075b0b675
9b971a2c0ff758ddd319b5c1373ab9a9e1144ed0
794ceb68060fe4281f128225b917a38b92c611b81156f7bd18bacecf1807e53a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 33b4dcac47176829c3f733cf485b00d8
2f0ca8dfa8106b51602e1c9cd6a5b1e31254c924
d258d8a0ec6ed7cf9fb2ee6de730c0380adde3a3c656e10f046a56f140307f2c
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3755
Cache-Control: max-age=151478
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:43 GMT
Etag: "63de71b6-1d7"
Expires: Mon, 06 Feb 2023 15:57:21 GMT
Last-Modified: Sat, 04 Feb 2023 14:54:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
oajs.openx.net/esp?url=https%3A%2F%2Fdropgalaxy.com%2F4jlkn5vnhor8&rid=esp
34.120.107.143200 OK 2 B URL HTTP/2 oajs.openx.net/esp?url=https%3A%2F%2Fdropgalaxy.com%2F4jlkn5vnhor8&rid=esp
IP 34.120.107.143:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /esp?url=https%3A%2F%2Fdropgalaxy.com%2F4jlkn5vnhor8&rid=esp HTTP/1.1
Host: oajs.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropgalaxy.com/
Origin: https://dropgalaxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: https://dropgalaxy.com
vary: Origin
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 2
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
date: Sat, 04 Feb 2023 21:52:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 33b4dcac47176829c3f733cf485b00d8
2f0ca8dfa8106b51602e1c9cd6a5b1e31254c924
d258d8a0ec6ed7cf9fb2ee6de730c0380adde3a3c656e10f046a56f140307f2c
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3755
Cache-Control: max-age=151478
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:43 GMT
Etag: "63de71b6-1d7"
Expires: Mon, 06 Feb 2023 15:57:21 GMT
Last-Modified: Sat, 04 Feb 2023 14:54:46 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 482952c319f6b341719e70726729734d
d562869196fe45ede7cf9d7b83643c020eae68b2
052ed0f05af6fa66b55a1e883536b6fc2743d32d56aa4b7c58f0b8202b67ee9b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1905
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:43 GMT
Last-Modified: Sat, 04 Feb 2023 21:20:58 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
google-bidout-d.openx.net/w/1.0/pd?plm=5
35.244.159.8200 OK 20 B URL HTTP/2 google-bidout-d.openx.net/w/1.0/pd?plm=5
IP 35.244.159.8:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /w/1.0/pd?plm=5 HTTP/1.1
Host: google-bidout-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
date: Sat, 04 Feb 2023 21:52:43 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tmp.a2zapk.com/js/badip.js?v=ghgh
104.26.4.212403 Forbidden 18 kB URL HTTP/2 tmp.a2zapk.com/js/badip.js?v=ghgh
IP 104.26.4.212:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (6507), with CRLF, LF line terminators
Hash 1ed2cb472d0bb95c66a72f059ab1871c
6095e77d2b0f3b1ae5ef42094420ee9c700f8d3b
b96e03f3e0d0ce7b5f86b057b4a07a63613674f994ef9099e3c9e29f2140087f
GET /js/badip.js?v=ghgh HTTP/1.1
Host: tmp.a2zapk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropgalaxy.com
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 04 Feb 2023 21:52:41 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Od64bl7dYSrW69SVPbU1mLdCwzDNpIWyHQ9cvgQHUUR6Hv21m0Z2JnO3v%2FEGNRmyjDrGXxnXgg3Ukuc8iTSmTJauBPqdrCmtpY4ZkQe0KTj94K1aP%2FAAHrQVArkG6w65"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7946a284acf50b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertagids&topUrl=dropgalaxy.com
178.250.2.146200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?origin=publishertagids&topUrl=dropgalaxy.com
IP 178.250.2.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 336d3e015f987a65d205999a49be4805
57a3f572cd89347b5ead196670776134f1f0f69e
9621f1cc5441ed0d364b0fb9986a8c6742af2c5c356e6e4edb432728fe319ff3
GET /syncframe?origin=publishertagids&topUrl=dropgalaxy.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:43 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=2239845e-173b-4059-8fd2-87c5e6628760; expires=Thu, 29 Feb 2024 21:52:43 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 739906
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash b53b7010588d381d85d951982b9413d9
3a37fdae6d9e03a083bf5844ac203ae1efb6f4af
a1c2b621e5f9289fa6907c8c07d7ce5a0a5f043551631f95dde9b7eb5d929ee7
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 04 Feb 2023 21:52:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 20:48:16 GMT
Expires: Sun, 05 Feb 2023 20:48:16 GMT
ETag: "3a37fdae6d9e03a083bf5844ac203ae1efb6f4af"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_477962164754&jsTagObjCallback=__tagObject_callback_477962164754&num=6&ctx=1828362&cmp=115750&plc=5182863&sid=18330&advid=&adsrv=&unit=160x600&isdvvid=&uid=477962164754&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://dropgalaxy.com/4jlkn5vnhor8&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iN87yT35xLBAsrQs9haSFd&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396516534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=888105777999&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=14&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauU2%26C%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauc%3B%3D%3C%3FdG%3F9%40Cg&dvp_exetime=13.00&callbackName=__verify_callback_477962164754
34.149.12.213200 OK 265 B URL HTTP/1.1 rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_477962164754&jsTagObjCallback=__tagObject_callback_477962164754&num=6&ctx=1828362&cmp=115750&plc=5182863&sid=18330&advid=&adsrv=&unit=160x600&isdvvid=&uid=477962164754&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://dropgalaxy.com/4jlkn5vnhor8&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iN87yT35xLBAsrQs9haSFd&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396516534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=888105777999&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=14&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauU2%26C%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauc%3B%3D%3C%3FdG%3F9%40Cg&dvp_exetime=13.00&callbackName=__verify_callback_477962164754
IP 34.149.12.213:0
Hash ba9d5a1d09e3f1b9e8ac09e45153ca8a
4d32ac1ec0a802b7380936e40a30d826ac97d54a
accdf67b9cebadc976efdb5f252ef5779fd38c17aaaf2a2e9d0b72c1463b1c11
GET /verify.js?flvr=0&jsCallback=__verify_callback_477962164754&jsTagObjCallback=__tagObject_callback_477962164754&num=6&ctx=1828362&cmp=115750&plc=5182863&sid=18330&advid=&adsrv=&unit=160x600&isdvvid=&uid=477962164754&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=https://dropgalaxy.com/4jlkn5vnhor8&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0iN87yT35xLBAsrQs9haSFd&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396516534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=888105777999&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=14&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauU2%26C%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauc%3B%3D%3C%3FdG%3F9%40Cg&dvp_exetime=13.00&callbackName=__verify_callback_477962164754 HTTP/1.1
Host: rtb0.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:52:43 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0
Content-Encoding: br
Expires: 02/03/2023 21:52:43
Pragma: no-cache
Vary: Accept-Encoding
X-DV-Response: 0
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2521dc6dc015025c26c7a1b08b3060a1
f5c7abc50c9229a4b198a5c0d5f6dfa8ac528b9f
6671bc387c8011ec55a9d023502189b997adeb18fc2f199747dec7d688f85bd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 427
Cache-Control: max-age=143456
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:44 GMT
Etag: "63de5f62-139"
Expires: Mon, 06 Feb 2023 13:43:40 GMT
Last-Modified: Sat, 04 Feb 2023 13:36:34 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.0.157200 OK 867 B IP 178.250.0.157:0
File type gzip compressed data, max compression\012- data
Hash 24851c0efa2c9b66158d70795ffc379d
1b05f46bd3d99d099590ba60bbe94531c263bbd7
148325b604c4796f351380447c89a07bd90e296b35f44e205180522ac8cf844c
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:43 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=1Ode5180M0RITmhlJTJCZkMwOUJGQlhaMUN2czNQblN6M1o4QkNGanF6Y2VwaWNNbjRoSG5VaFF5b1ZYYllqcGp5RTkyc3c; expires=Thu, 29 Feb 2024 21:52:44 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 297370
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.doubleverify.com/dv-measurements3497.js
95.101.11.115200 OK 109 kB URL HTTP/1.1 cdn.doubleverify.com/dv-measurements3497.js
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 109 kB (109099 bytes)
Hash 4773cb5cfa2ad0e71d21f43c56c76ae3
39d66090c14e1b5d2f0f3413a34e087b5969d054
76206ee41bcfae347cef25b03589639e616747c9f77e2b3378387ee9e14f3a00
GET /dv-measurements3497.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 08:37:17 GMT
Accept-Ranges: bytes
ETag: "809cf641836d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 109099
Date: Sat, 04 Feb 2023 21:52:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 6521d1238a4ed164bc6fe76707f28b96
cb61b728667d4cbaa6b8c237cc3149dd1b1e5347
879378a93eb2c9cb965791e7fd17de8568210fec4c8269f9c19aa28d28c2eec5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 315
Cache-Control: max-age=110264
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:44 GMT
Etag: "63ddde29-138"
Expires: Mon, 06 Feb 2023 04:30:28 GMT
Last-Modified: Sat, 04 Feb 2023 04:25:13 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 6521d1238a4ed164bc6fe76707f28b96
cb61b728667d4cbaa6b8c237cc3149dd1b1e5347
879378a93eb2c9cb965791e7fd17de8568210fec4c8269f9c19aa28d28c2eec5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 323
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:44 GMT
Last-Modified: Sat, 04 Feb 2023 21:47:21 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 312
ag.gbc.criteo.com/newidsd
185.235.84.23200 OK 543 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.23:0
Hash a4075aaeb82846065d518a9856c07deb
ee5d05553aeee0d7d8abe97c515957754daff03e
cddad4a1f9f6d49537fe306676fc7e4a6216d0bdf1b42b133abc35add4017824
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:43 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 344866
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 185b62fe607d5d833cc1717b68f3f7b7
ab6b571fdfcd1d1cdb923c48f53df4ecd74d85c2
656d98d306ebfcdea0dff590c34a6ce1496faa95ba05fb86f72a5e57e295f61b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
172.217.21.166200 OK 38 kB URL HTTP/2 s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
IP 172.217.21.166:0
File type ASCII text, with very long lines (3095)
Hash 4f9b890a6c4cfbbfd0fb7eff98bf4dde
2db204fb0ee448842b40f84463234ea496763130
8e0d4c67a688228e1ba10b1e1dc367c078edf7e9bc35be0bd4ae8c0ce980647c
GET /879366/express_html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 05:58:24 GMT
expires: Sun, 05 Feb 2023 05:58:24 GMT
cache-control: public, max-age=86400
age: 57260
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hal9000.redintelligence.net/zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIZGqq9PeY9bdAe-s7AOG4YWIB8m5opxpzK3NztUP8C4QASCtuvl9YMOEgICYGMgBCakC3nDN8XAcsj6oAwGqBO8BT9A10sxDiMssbnOX3KzvaqwPx72J5d2sJviAXherwghqHmj4WxLGJZQHP3d4qi9t5JouhSQ56y-FEqRbvcpOX-vfytvmCSMW3ni5_e-fC5YMTplJf6GEtK6zupO1RVzBzc2Q-sKuQJAUlV4BVvSJt4yo_hKhD3uoj-CqwkXvKrZekIOeiZlmzwwa2Rt8821no3wutpXHz1sSfU-bDS00TNdpke2CpvIyeWys88PVYRvAgBUmP0kUSUWGfCnmxzIEBhV514YVM4BYZwR5bhOSFMd4c3ILLARCoeR9nWe9vJAL3Ef0icO-lDCChkEJOD3ABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ym8ebV4Y0jeKdVQmbeegqOFXKFe_nWgeO4XjFunY0rZOGGBw0uh-nfK7iPUotxNOl5D2BqcZZFGpTu2yXz8iB12DU8dYPltDIYAQ%26sig%3DAOD64_3pqi0b2Si3NytzIuE_LdS-1IJJ6Q%26client%3Dca-pub-2585781838920458%26dbm_c%3DAKAmf-C0PqX7RoIwUFJffl6UXgLzWjvhXe265kCJxsswjrpTw1ib5t4i1aWYLLmj406UxvJKw32N2YF2HrUOdM-ywLdpINcO7Joe9FXr54Kpu8G5ZUZJJ5Nbf9OKU1JaADSEzRUgDZnlXRAOvnJ1KqVygxUfNB1lIB3vvrtVP4romQsU-ZuLFOk%26cry%3D1%26dbm_d%3DAKAmf-A3mJf55FBqcRJn4jkuWIxgjGkGXsrQzw3_m-IGWSPWEDYJQfW0j4R1Ff44uHmpgE80w7b5MjgR8PJdS1Xxxucv9TBemVaGVXMLsnPhYfU_epVvHLGDGUk27ZUSQKyYfzzpFvmQ4gscbFHCLYXMu9f50Ax1I0I1cCMa7S5neoWTrHu6ItZlA081WzstRHogjOVhLnJYPV8j5DeQtZZjppudin_HyRxdzruMfrpclNXDy3xxQjDFwZ8_sDRfEZvcWSqXE2RRIfmRPV4R6V_7NhMCMVXP-xqyGljeIcwwxbBJQAsctvkPKWgNgdXbFJIjB5SfkzD2WS2MriX1SESQ6TAUFGz7pX7QdhjBwVU7scaMdN161664lyQQHied4Gi3JgQGDEoSLSE2EBVcZeZL1YlKK8xqIHq2gXcizc7fIjDrbUG-nPotPkH29tldQWhpnKeUUaNYcvAs4Sf5ZTpG7jQ0Nvv3p58DOySBSjz9Fsx-eH04zkBapw3gRsP-M2Ce-_KfGeTQm9CfnRQnSdbJ3juZdM8VFxJGUPAbK6HsPSxNsvWxJwU%26adurl%3D
159.69.70.9200 OK 4.1 kB URL HTTP/1.1 hal9000.redintelligence.net/zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIZGqq9PeY9bdAe-s7AOG4YWIB8m5opxpzK3NztUP8C4QASCtuvl9YMOEgICYGMgBCakC3nDN8XAcsj6oAwGqBO8BT9A10sxDiMssbnOX3KzvaqwPx72J5d2sJviAXherwghqHmj4WxLGJZQHP3d4qi9t5JouhSQ56y-FEqRbvcpOX-vfytvmCSMW3ni5_e-fC5YMTplJf6GEtK6zupO1RVzBzc2Q-sKuQJAUlV4BVvSJt4yo_hKhD3uoj-CqwkXvKrZekIOeiZlmzwwa2Rt8821no3wutpXHz1sSfU-bDS00TNdpke2CpvIyeWys88PVYRvAgBUmP0kUSUWGfCnmxzIEBhV514YVM4BYZwR5bhOSFMd4c3ILLARCoeR9nWe9vJAL3Ef0icO-lDCChkEJOD3ABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ym8ebV4Y0jeKdVQmbeegqOFXKFe_nWgeO4XjFunY0rZOGGBw0uh-nfK7iPUotxNOl5D2BqcZZFGpTu2yXz8iB12DU8dYPltDIYAQ%26sig%3DAOD64_3pqi0b2Si3NytzIuE_LdS-1IJJ6Q%26client%3Dca-pub-2585781838920458%26dbm_c%3DAKAmf-C0PqX7RoIwUFJffl6UXgLzWjvhXe265kCJxsswjrpTw1ib5t4i1aWYLLmj406UxvJKw32N2YF2HrUOdM-ywLdpINcO7Joe9FXr54Kpu8G5ZUZJJ5Nbf9OKU1JaADSEzRUgDZnlXRAOvnJ1KqVygxUfNB1lIB3vvrtVP4romQsU-ZuLFOk%26cry%3D1%26dbm_d%3DAKAmf-A3mJf55FBqcRJn4jkuWIxgjGkGXsrQzw3_m-IGWSPWEDYJQfW0j4R1Ff44uHmpgE80w7b5MjgR8PJdS1Xxxucv9TBemVaGVXMLsnPhYfU_epVvHLGDGUk27ZUSQKyYfzzpFvmQ4gscbFHCLYXMu9f50Ax1I0I1cCMa7S5neoWTrHu6ItZlA081WzstRHogjOVhLnJYPV8j5DeQtZZjppudin_HyRxdzruMfrpclNXDy3xxQjDFwZ8_sDRfEZvcWSqXE2RRIfmRPV4R6V_7NhMCMVXP-xqyGljeIcwwxbBJQAsctvkPKWgNgdXbFJIjB5SfkzD2WS2MriX1SESQ6TAUFGz7pX7QdhjBwVU7scaMdN161664lyQQHied4Gi3JgQGDEoSLSE2EBVcZeZL1YlKK8xqIHq2gXcizc7fIjDrbUG-nPotPkH29tldQWhpnKeUUaNYcvAs4Sf5ZTpG7jQ0Nvv3p58DOySBSjz9Fsx-eH04zkBapw3gRsP-M2Ce-_KfGeTQm9CfnRQnSdbJ3juZdM8VFxJGUPAbK6HsPSxNsvWxJwU%26adurl%3D
IP 159.69.70.9:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1673), with CRLF line terminators
Hash c88e27e6bb38500afe917843d607aae8
4fd3e3b78a3d8a22db14cf9361efe69b3bf7dea8
4d991aba20ee7a07583b09219b273f4a2674fc78c4c827d46d6a6f1067ee1938
GET /zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIZGqq9PeY9bdAe-s7AOG4YWIB8m5opxpzK3NztUP8C4QASCtuvl9YMOEgICYGMgBCakC3nDN8XAcsj6oAwGqBO8BT9A10sxDiMssbnOX3KzvaqwPx72J5d2sJviAXherwghqHmj4WxLGJZQHP3d4qi9t5JouhSQ56y-FEqRbvcpOX-vfytvmCSMW3ni5_e-fC5YMTplJf6GEtK6zupO1RVzBzc2Q-sKuQJAUlV4BVvSJt4yo_hKhD3uoj-CqwkXvKrZekIOeiZlmzwwa2Rt8821no3wutpXHz1sSfU-bDS00TNdpke2CpvIyeWys88PVYRvAgBUmP0kUSUWGfCnmxzIEBhV514YVM4BYZwR5bhOSFMd4c3ILLARCoeR9nWe9vJAL3Ef0icO-lDCChkEJOD3ABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ym8ebV4Y0jeKdVQmbeegqOFXKFe_nWgeO4XjFunY0rZOGGBw0uh-nfK7iPUotxNOl5D2BqcZZFGpTu2yXz8iB12DU8dYPltDIYAQ%26sig%3DAOD64_3pqi0b2Si3NytzIuE_LdS-1IJJ6Q%26client%3Dca-pub-2585781838920458%26dbm_c%3DAKAmf-C0PqX7RoIwUFJffl6UXgLzWjvhXe265kCJxsswjrpTw1ib5t4i1aWYLLmj406UxvJKw32N2YF2HrUOdM-ywLdpINcO7Joe9FXr54Kpu8G5ZUZJJ5Nbf9OKU1JaADSEzRUgDZnlXRAOvnJ1KqVygxUfNB1lIB3vvrtVP4romQsU-ZuLFOk%26cry%3D1%26dbm_d%3DAKAmf-A3mJf55FBqcRJn4jkuWIxgjGkGXsrQzw3_m-IGWSPWEDYJQfW0j4R1Ff44uHmpgE80w7b5MjgR8PJdS1Xxxucv9TBemVaGVXMLsnPhYfU_epVvHLGDGUk27ZUSQKyYfzzpFvmQ4gscbFHCLYXMu9f50Ax1I0I1cCMa7S5neoWTrHu6ItZlA081WzstRHogjOVhLnJYPV8j5DeQtZZjppudin_HyRxdzruMfrpclNXDy3xxQjDFwZ8_sDRfEZvcWSqXE2RRIfmRPV4R6V_7NhMCMVXP-xqyGljeIcwwxbBJQAsctvkPKWgNgdXbFJIjB5SfkzD2WS2MriX1SESQ6TAUFGz7pX7QdhjBwVU7scaMdN161664lyQQHied4Gi3JgQGDEoSLSE2EBVcZeZL1YlKK8xqIHq2gXcizc7fIjDrbUG-nPotPkH29tldQWhpnKeUUaNYcvAs4Sf5ZTpG7jQ0Nvv3p58DOySBSjz9Fsx-eH04zkBapw3gRsP-M2Ce-_KfGeTQm9CfnRQnSdbJ3juZdM8VFxJGUPAbK6HsPSxNsvWxJwU%26adurl%3D HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:52:44 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4095
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 185b62fe607d5d833cc1717b68f3f7b7
ab6b571fdfcd1d1cdb923c48f53df4ecd74d85c2
656d98d306ebfcdea0dff590c34a6ce1496faa95ba05fb86f72a5e57e295f61b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 21:52:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dnacdn.net/dna
178.250.0.157200 OK 1.8 kB IP 178.250.0.157:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CR, LF line terminators
Hash 30401124215777e761e9b608923660a7
891cde6b2b32a81fb7cfc0c24f8efef71853076f
9e9f9260a92bf45bae236aa6dd845cd1fec5e076009ffcfbe7f48f44326afc79
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=1Ode5180M0RITmhlJTJCZkMwOUJGQlhaMUN2czNQblN6M1o4QkNGanF6Y2VwaWNNbjRoSG5VaFF5b1ZYYllqcGp5RTkyc3c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:43 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=JAtfF180M0RITmhlJTJCZkMwOUJGQlhaMUN2czNQblN6M1o4QkNGanF6Y2VwaWNNbjVSWXM5UXFZQUtuc2p4ZDJqNDdvUTc; expires=Thu, 29 Feb 2024 21:52:44 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 314717
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
servedby.flashtalking.com/imp/8/115750;5182863;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN160x600/?ftOBA=1&ft_domain=dropgalaxy.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fdropgalaxy.com%2F&us_privacy=${US_PRIVACY}&cachebuster=679335.4115600915&ft_dv=%5B%25ft_dv%25%5D
2.23.132.54200 OK 886 B URL HTTP/1.1 servedby.flashtalking.com/imp/8/115750;5182863;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN160x600/?ftOBA=1&ft_domain=dropgalaxy.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fdropgalaxy.com%2F&us_privacy=${US_PRIVACY}&cachebuster=679335.4115600915&ft_dv=%5B%25ft_dv%25%5D
IP 2.23.132.54:0
ASN #1299 Telia Company AB
Hash d4702e5b88b635cdf8bf834cd2fa126d
02b1de12b99557f760a676d0d3bd06ffaba339e4
3dc4690d44a717f757e132c8b26134b77451aee8dbe75ddf1374a58e043c9b8c
GET /imp/8/115750;5182863;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN160x600/?ftOBA=1&ft_domain=dropgalaxy.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fdropgalaxy.com%2F&us_privacy=${US_PRIVACY}&cachebuster=679335.4115600915&ft_dv=%5B%25ft_dv%25%5D HTTP/1.1
Host: servedby.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=ISO-8859-1
Server: prod-xre-app9.frk11
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 21:52:44 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 04 Feb 2023 21:52:44 GMT
Content-Length: 773
Connection: keep-alive
Strict-Transport-Security: max-age=86400
hal900014.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=be7fe7c664&subid=&uid=6c58a2be531e60e9&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIZGqq9PeY9bdAe-s7AOG4YWIB8m5opxpzK3NztUP8C4QASCtuvl9YMOEgICYGMgBCakC3nDN8XAcsj6oAwGqBO8BT9A10sxDiMssbnOX3KzvaqwPx72J5d2sJviAXherwghqHmj4WxLGJZQHP3d4qi9t5JouhSQ56y-FEqRbvcpOX-vfytvmCSMW3ni5_e-fC5YMTplJf6GEtK6zupO1RVzBzc2Q-sKuQJAUlV4BVvSJt4yo_hKhD3uoj-CqwkXvKrZekIOeiZlmzwwa2Rt8821no3wutpXHz1sSfU-bDS00TNdpke2CpvIyeWys88PVYRvAgBUmP0kUSUWGfCnmxzIEBhV514YVM4BYZwR5bhOSFMd4c3ILLARCoeR9nWe9vJAL3Ef0icO-lDCChkEJOD3ABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ym8ebV4Y0jeKdVQmbeegqOFXKFe_nWgeO4XjFunY0rZOGGBw0uh-nfK7iPUotxNOl5D2BqcZZFGpTu2yXz8iB12DU8dYPltDIYAQ%26sig%3DAOD64_3pqi0b2Si3NytzIuE_LdS-1IJJ6Q%26client%3Dca-pub-2585781838920458%26dbm_c%3DAKAmf-C0PqX7RoIwUFJffl6UXgLzWjvhXe265kCJxsswjrpTw1ib5t4i1aWYLLmj406UxvJKw32N2YF2HrUOdM-ywLdpINcO7Joe9FXr54Kpu8G5ZUZJJ5Nbf9OKU1JaADSEzRUgDZnlXRAOvnJ1KqVygxUfNB1lIB3vvrtVP4romQsU-ZuLFOk%26cry%3D1%26dbm_d%3DAKAmf-A3mJf55FBqcRJn4jkuWIxgjGkGXsrQzw3_m-IGWSPWEDYJQfW0j4R1Ff44uHmpgE80w7b5MjgR8PJdS1Xxxucv9TBemVaGVXMLsnPhYfU_epVvHLGDGUk27ZUSQKyYfzzpFvmQ4gscbFHCLYXMu9f50Ax1I0I1cCMa7S5neoWTrHu6ItZlA081WzstRHogjOVhLnJYPV8j5DeQtZZjppudin_HyRxdzruMfrpclNXDy3xxQjDFwZ8_sDRfEZvcWSqXE2RRIfmRPV4R6V_7NhMCMVXP-xqyGljeIcwwxbBJQAsctvkPKWgNgdXbFJIjB5SfkzD2WS2MriX1SESQ6TAUFGz7pX7QdhjBwVU7scaMdN161664lyQQHied4Gi3JgQGDEoSLSE2EBVcZeZL1YlKK8xqIHq2gXcizc7fIjDrbUG-nPotPkH29tldQWhpnKeUUaNYcvAs4Sf5ZTpG7jQ0Nvv3p58DOySBSjz9Fsx-eH04zkBapw3gRsP-M2Ce-_KfGeTQm9CfnRQnSdbJ3juZdM8VFxJGUPAbK6HsPSxNsvWxJwU%26adurl%3D&documentReferer=https%3A%2F%2Fdropgalaxy.com%2F&ancestorOrigins=null&random=2138546841068&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
176.9.26.250302 Found 0 B URL HTTP/1.1 hal900014.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=be7fe7c664&subid=&uid=6c58a2be531e60e9&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIZGqq9PeY9bdAe-s7AOG4YWIB8m5opxpzK3NztUP8C4QASCtuvl9YMOEgICYGMgBCakC3nDN8XAcsj6oAwGqBO8BT9A10sxDiMssbnOX3KzvaqwPx72J5d2sJviAXherwghqHmj4WxLGJZQHP3d4qi9t5JouhSQ56y-FEqRbvcpOX-vfytvmCSMW3ni5_e-fC5YMTplJf6GEtK6zupO1RVzBzc2Q-sKuQJAUlV4BVvSJt4yo_hKhD3uoj-CqwkXvKrZekIOeiZlmzwwa2Rt8821no3wutpXHz1sSfU-bDS00TNdpke2CpvIyeWys88PVYRvAgBUmP0kUSUWGfCnmxzIEBhV514YVM4BYZwR5bhOSFMd4c3ILLARCoeR9nWe9vJAL3Ef0icO-lDCChkEJOD3ABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ym8ebV4Y0jeKdVQmbeegqOFXKFe_nWgeO4XjFunY0rZOGGBw0uh-nfK7iPUotxNOl5D2BqcZZFGpTu2yXz8iB12DU8dYPltDIYAQ%26sig%3DAOD64_3pqi0b2Si3NytzIuE_LdS-1IJJ6Q%26client%3Dca-pub-2585781838920458%26dbm_c%3DAKAmf-C0PqX7RoIwUFJffl6UXgLzWjvhXe265kCJxsswjrpTw1ib5t4i1aWYLLmj406UxvJKw32N2YF2HrUOdM-ywLdpINcO7Joe9FXr54Kpu8G5ZUZJJ5Nbf9OKU1JaADSEzRUgDZnlXRAOvnJ1KqVygxUfNB1lIB3vvrtVP4romQsU-ZuLFOk%26cry%3D1%26dbm_d%3DAKAmf-A3mJf55FBqcRJn4jkuWIxgjGkGXsrQzw3_m-IGWSPWEDYJQfW0j4R1Ff44uHmpgE80w7b5MjgR8PJdS1Xxxucv9TBemVaGVXMLsnPhYfU_epVvHLGDGUk27ZUSQKyYfzzpFvmQ4gscbFHCLYXMu9f50Ax1I0I1cCMa7S5neoWTrHu6ItZlA081WzstRHogjOVhLnJYPV8j5DeQtZZjppudin_HyRxdzruMfrpclNXDy3xxQjDFwZ8_sDRfEZvcWSqXE2RRIfmRPV4R6V_7NhMCMVXP-xqyGljeIcwwxbBJQAsctvkPKWgNgdXbFJIjB5SfkzD2WS2MriX1SESQ6TAUFGz7pX7QdhjBwVU7scaMdN161664lyQQHied4Gi3JgQGDEoSLSE2EBVcZeZL1YlKK8xqIHq2gXcizc7fIjDrbUG-nPotPkH29tldQWhpnKeUUaNYcvAs4Sf5ZTpG7jQ0Nvv3p58DOySBSjz9Fsx-eH04zkBapw3gRsP-M2Ce-_KfGeTQm9CfnRQnSdbJ3juZdM8VFxJGUPAbK6HsPSxNsvWxJwU%26adurl%3D&documentReferer=https%3A%2F%2Fdropgalaxy.com%2F&ancestorOrigins=null&random=2138546841068&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
IP 176.9.26.250:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=be7fe7c664&subid=&uid=6c58a2be531e60e9&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIZGqq9PeY9bdAe-s7AOG4YWIB8m5opxpzK3NztUP8C4QASCtuvl9YMOEgICYGMgBCakC3nDN8XAcsj6oAwGqBO8BT9A10sxDiMssbnOX3KzvaqwPx72J5d2sJviAXherwghqHmj4WxLGJZQHP3d4qi9t5JouhSQ56y-FEqRbvcpOX-vfytvmCSMW3ni5_e-fC5YMTplJf6GEtK6zupO1RVzBzc2Q-sKuQJAUlV4BVvSJt4yo_hKhD3uoj-CqwkXvKrZekIOeiZlmzwwa2Rt8821no3wutpXHz1sSfU-bDS00TNdpke2CpvIyeWys88PVYRvAgBUmP0kUSUWGfCnmxzIEBhV514YVM4BYZwR5bhOSFMd4c3ILLARCoeR9nWe9vJAL3Ef0icO-lDCChkEJOD3ABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ym8ebV4Y0jeKdVQmbeegqOFXKFe_nWgeO4XjFunY0rZOGGBw0uh-nfK7iPUotxNOl5D2BqcZZFGpTu2yXz8iB12DU8dYPltDIYAQ%26sig%3DAOD64_3pqi0b2Si3NytzIuE_LdS-1IJJ6Q%26client%3Dca-pub-2585781838920458%26dbm_c%3DAKAmf-C0PqX7RoIwUFJffl6UXgLzWjvhXe265kCJxsswjrpTw1ib5t4i1aWYLLmj406UxvJKw32N2YF2HrUOdM-ywLdpINcO7Joe9FXr54Kpu8G5ZUZJJ5Nbf9OKU1JaADSEzRUgDZnlXRAOvnJ1KqVygxUfNB1lIB3vvrtVP4romQsU-ZuLFOk%26cry%3D1%26dbm_d%3DAKAmf-A3mJf55FBqcRJn4jkuWIxgjGkGXsrQzw3_m-IGWSPWEDYJQfW0j4R1Ff44uHmpgE80w7b5MjgR8PJdS1Xxxucv9TBemVaGVXMLsnPhYfU_epVvHLGDGUk27ZUSQKyYfzzpFvmQ4gscbFHCLYXMu9f50Ax1I0I1cCMa7S5neoWTrHu6ItZlA081WzstRHogjOVhLnJYPV8j5DeQtZZjppudin_HyRxdzruMfrpclNXDy3xxQjDFwZ8_sDRfEZvcWSqXE2RRIfmRPV4R6V_7NhMCMVXP-xqyGljeIcwwxbBJQAsctvkPKWgNgdXbFJIjB5SfkzD2WS2MriX1SESQ6TAUFGz7pX7QdhjBwVU7scaMdN161664lyQQHied4Gi3JgQGDEoSLSE2EBVcZeZL1YlKK8xqIHq2gXcizc7fIjDrbUG-nPotPkH29tldQWhpnKeUUaNYcvAs4Sf5ZTpG7jQ0Nvv3p58DOySBSjz9Fsx-eH04zkBapw3gRsP-M2Ce-_KfGeTQm9CfnRQnSdbJ3juZdM8VFxJGUPAbK6HsPSxNsvWxJwU%26adurl%3D&documentReferer=https%3A%2F%2Fdropgalaxy.com%2F&ancestorOrigins=null&random=2138546841068&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP/1.1
Host: hal900014.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sat, 04 Feb 2023 21:52:44 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 04 Feb 2023 21:52:44 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=2550299ddb2e8788; expires=Fri, 05-May-2023 21:52:44 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=be7fe7c664&subid=&uid=6c58a2be531e60e9&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIZGqq9PeY9bdAe-s7AOG4YWIB8m5opxpzK3NztUP8C4QASCtuvl9YMOEgICYGMgBCakC3nDN8XAcsj6oAwGqBO8BT9A10sxDiMssbnOX3KzvaqwPx72J5d2sJviAXherwghqHmj4WxLGJZQHP3d4qi9t5JouhSQ56y-FEqRbvcpOX-vfytvmCSMW3ni5_e-fC5YMTplJf6GEtK6zupO1RVzBzc2Q-sKuQJAUlV4BVvSJt4yo_hKhD3uoj-CqwkXvKrZekIOeiZlmzwwa2Rt8821no3wutpXHz1sSfU-bDS00TNdpke2CpvIyeWys88PVYRvAgBUmP0kUSUWGfCnmxzIEBhV514YVM4BYZwR5bhOSFMd4c3ILLARCoeR9nWe9vJAL3Ef0icO-lDCChkEJOD3ABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ym8ebV4Y0jeKdVQmbeegqOFXKFe_nWgeO4XjFunY0rZOGGBw0uh-nfK7iPUotxNOl5D2BqcZZFGpTu2yXz8iB12DU8dYPltDIYAQ%26sig%3DAOD64_3pqi0b2Si3NytzIuE_LdS-1IJJ6Q%26client%3Dca-pub-2585781838920458%26dbm_c%3DAKAmf-C0PqX7RoIwUFJffl6UXgLzWjvhXe265kCJxsswjrpTw1ib5t4i1aWYLLmj406UxvJKw32N2YF2HrUOdM-ywLdpINcO7Joe9FXr54Kpu8G5ZUZJJ5Nbf9OKU1JaADSEzRUgDZnlXRAOvnJ1KqVygxUfNB1lIB3vvrtVP4romQsU-ZuLFOk%26cry%3D1%26dbm_d%3DAKAmf-A3mJf55FBqcRJn4jkuWIxgjGkGXsrQzw3_m-IGWSPWEDYJQfW0j4R1Ff44uHmpgE80w7b5MjgR8PJdS1Xxxucv9TBemVaGVXMLsnPhYfU_epVvHLGDGUk27ZUSQKyYfzzpFvmQ4gscbFHCLYXMu9f50Ax1I0I1cCMa7S5neoWTrHu6ItZlA081WzstRHogjOVhLnJYPV8j5DeQtZZjppudin_HyRxdzruMfrpclNXDy3xxQjDFwZ8_sDRfEZvcWSqXE2RRIfmRPV4R6V_7NhMCMVXP-xqyGljeIcwwxbBJQAsctvkPKWgNgdXbFJIjB5SfkzD2WS2MriX1SESQ6TAUFGz7pX7QdhjBwVU7scaMdN161664lyQQHied4Gi3JgQGDEoSLSE2EBVcZeZL1YlKK8xqIHq2gXcizc7fIjDrbUG-nPotPkH29tldQWhpnKeUUaNYcvAs4Sf5ZTpG7jQ0Nvv3p58DOySBSjz9Fsx-eH04zkBapw3gRsP-M2Ce-_KfGeTQm9CfnRQnSdbJ3juZdM8VFxJGUPAbK6HsPSxNsvWxJwU%26adurl%3D&documentReferer=https%3A%2F%2Fdropgalaxy.com%2F&ancestorOrigins=null&random=2138546841068&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
cdn.flashtalking.com/xre/518/5182863/4069568/js/j-5182863-4069568.js
23.38.200.44200 OK 17 kB URL HTTP/1.1 cdn.flashtalking.com/xre/518/5182863/4069568/js/j-5182863-4069568.js
IP 23.38.200.44:0
File type ASCII text, with very long lines (2897), with CRLF, CR, LF line terminators
Hash 9287a1755798e9a019fccf2b8b908f41
a89521d60e4174817138e83bc4a1da1831dea7bf
cf1da20763470fc3a847f957a53602ffeea37850a9385ca2feacd6c0881504bd
GET /xre/518/5182863/4069568/js/j-5182863-4069568.js HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 05 Oct 2022 19:26:09 GMT
Content-Type: text/javascript; charset=utf-8
ETag: W/"627918687b131af858eb5b6e026c3740"
X-Varnish: 439692061
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sat, 04 Feb 2023 22:12:45 GMT
Date: Sat, 04 Feb 2023 21:52:45 GMT
Content-Length: 17008
Connection: keep-alive
Server: Flashtalking (AKA)
cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182863&num=&adid=&advid=&adsrv=29&btreg=5182863&btadsrv=flashtalking&crt=4069568&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=8B119912-5F20-6203-748C-0258DAC89861&auevent=&432920302
95.101.11.115200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182863&num=&adid=&advid=&adsrv=29&btreg=5182863&btadsrv=flashtalking&crt=4069568&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=8B119912-5F20-6203-748C-0258DAC89861&auevent=&432920302
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash 558236d14c2aba66c3914c13a1854592
6f67ca562bf15c1a23254b80111d11d99260eff7
ae734998083e7b4a03942d17ae10e83c9d5ff2a75ad66fadfe7eb8acab3bf23f
GET /dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182863&num=&adid=&advid=&adsrv=29&btreg=5182863&btadsrv=flashtalking&crt=4069568&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=8B119912-5F20-6203-748C-0258DAC89861&auevent=&432920302 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 10:02:56 GMT
Accept-Ranges: bytes
ETag: "0c8245b2436d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3338
Date: Sat, 04 Feb 2023 21:52:45 GMT
Connection: keep-alive
cdn.flashtalking.com/116327/4069568/index.html
23.38.200.44200 OK 23 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069568/index.html
IP 23.38.200.44:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1430), with CRLF, LF line terminators
Hash 2ba327abed30af8fec099b4172510576
2598f4ce90d6ecc2eaaf043bf10e28527718944e
e64c04d49aa6b015337302cbda252fbcdbbecc0e3a2815bc88cc1e9f3b95f09c
GET /116327/4069568/index.html HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Last-Modified: Thu, 29 Sep 2022 00:26:58 GMT
Content-Type: text/html
ETag: W/"9385038a83bab86d033cb3a4c2971cac"
X-Varnish: 725782541
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sat, 04 Feb 2023 22:12:45 GMT
Date: Sat, 04 Feb 2023 21:52:45 GMT
Content-Length: 22975
Connection: keep-alive
Server: Flashtalking (AKA)
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstklSnM0EkYOaerLWHqbg-fXAOQcZeZtPfzAfyH6HGwNgPJlA0MJA1MuW3Iu45u5HP4CrYCZpRbqO9C_1Lz4jFq7LufES_SZ_W-Hgt62ZnITnIwXiwfjXL_lvE6gLCBOFQ_MgDALExu3qVjVOFCBMpLVVjN040Hqdpom7OUUciO8_ptxzYMtxUGXkzHnvmh7u5hUsNIq-MbnGMMllXeFIJ9HmHhAncsblGGpT4jfIrBkylYHND_XA1UFTNjY2S6Z9ja8CO9MWMg69Qw6ILCDiKG7CyhAwyA_c5n-IewC2K1U8F44J77CnSNYCBgWd-dmBaUDvPTeRIcmuKLZcZRBG_IoYxYWfvb4Xc6hwtABkXGSx2up2VG_TmwQRovBrjs7rWd11vzJ41xDBiKeAp_Ht_ku4Rx92hVaDBBTVbO2STmJXSv2ur3pgL47lUJsRMqINrM9OiUMJSYF5_YXUI9XkEtU2O4tZBhKInvcULNyBX62AXCMmaVoSLlmWGN-2AuivwtXmq8dGD3rvQYAm1Z8rR_ypSbt1zRbsx7Z2sVLVGoHktHc4SIo5UDWIPSZEBhwd5Y6gSRGIXrukwGq7c9RhJP2f_MmxScu4qTgtfBMcDf7k482oWx2NNpqvRL4arnDAukukRlB3331uPyVILS5Jg1u82SYCsSLU-NHpQ9oGr4kP4k8dO9WvFCDIZsTuhiANZ5NI7ZcxV8c16n3zHGuSnUFQr7PskpBDDWuBHAfyrK4FQ0Okoc20UNlVnBLEOl1Qamh59ns2uQPoyazuJ6-LBcnOe2sh1nn4WINNqE7Fz9MUDDz5lRuVp-QV82aY3v92yAL8sO5EaJVjomKLIGxt4gedzKor8A_3x8avO2nBY9EVK1syJyLZvawi5ElzRQIY6U34RNUN0BDjJ1gma2TBdjQ4AzKoBQi09bK6iPr-9wF4eF1TLiLvIKFSryLlas93QrNUZm8WhaCnpKS7P9VrMk_WqnesimkvQhk216it_et00IK3iP4Tk7lPmDu9MUNUAp6ktEFEK--1ELIo5DmhqwDp4FyYZyZJAWxHLT0P7RW-AKOxjg6VVptdIyyrp8N3EC72chPfkr1Vl1Ld3YDJ6C1MwBg9LNtvspxBYYyXi8o2SlXSVrD0-f_S7YkRV3-Le0mM1E5NJq5Ht49ePUxAx7F1fjOJ7Uu9lW3VqsbWS9Np8Pko2zqeTW4dW4qfM6gQFEFmYh_A&sai=AMfl-YS7qbyt2wPFCfQtvdVimR7ms-rZRBShr5780dlxuNL4WXdX-E1yDiJWi5nZ2fma6LLRQedH7aXQfmz7RhlVXjRslqj3abI_62YEDd5FhCvwzgsC-J3XHUGDRcWvH-ayJr17_x0G7fWH5fqqpYtFKCfiHMPzjnjx-q6O5lUSuIgZ7zbCuTHy0xcZ8sPPs0r08XDXaVw43-DhhgZldoqfYyJtsoMKP3KfMGoWmt4n3zKzr4DZ928_IH7wHE9kLr4ZynK_JDoKDoky0bmx0GNqyl93RnuYsN9l_Ne6tYBtM7O7SA&sig=Cg0ArKJSzPz3-JmL-_xOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=141&cbvp=1&cstd=135&cisv=r20230201.61574&arae=0&ftch=1&adurl=
142.250.74.130200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstklSnM0EkYOaerLWHqbg-fXAOQcZeZtPfzAfyH6HGwNgPJlA0MJA1MuW3Iu45u5HP4CrYCZpRbqO9C_1Lz4jFq7LufES_SZ_W-Hgt62ZnITnIwXiwfjXL_lvE6gLCBOFQ_MgDALExu3qVjVOFCBMpLVVjN040Hqdpom7OUUciO8_ptxzYMtxUGXkzHnvmh7u5hUsNIq-MbnGMMllXeFIJ9HmHhAncsblGGpT4jfIrBkylYHND_XA1UFTNjY2S6Z9ja8CO9MWMg69Qw6ILCDiKG7CyhAwyA_c5n-IewC2K1U8F44J77CnSNYCBgWd-dmBaUDvPTeRIcmuKLZcZRBG_IoYxYWfvb4Xc6hwtABkXGSx2up2VG_TmwQRovBrjs7rWd11vzJ41xDBiKeAp_Ht_ku4Rx92hVaDBBTVbO2STmJXSv2ur3pgL47lUJsRMqINrM9OiUMJSYF5_YXUI9XkEtU2O4tZBhKInvcULNyBX62AXCMmaVoSLlmWGN-2AuivwtXmq8dGD3rvQYAm1Z8rR_ypSbt1zRbsx7Z2sVLVGoHktHc4SIo5UDWIPSZEBhwd5Y6gSRGIXrukwGq7c9RhJP2f_MmxScu4qTgtfBMcDf7k482oWx2NNpqvRL4arnDAukukRlB3331uPyVILS5Jg1u82SYCsSLU-NHpQ9oGr4kP4k8dO9WvFCDIZsTuhiANZ5NI7ZcxV8c16n3zHGuSnUFQr7PskpBDDWuBHAfyrK4FQ0Okoc20UNlVnBLEOl1Qamh59ns2uQPoyazuJ6-LBcnOe2sh1nn4WINNqE7Fz9MUDDz5lRuVp-QV82aY3v92yAL8sO5EaJVjomKLIGxt4gedzKor8A_3x8avO2nBY9EVK1syJyLZvawi5ElzRQIY6U34RNUN0BDjJ1gma2TBdjQ4AzKoBQi09bK6iPr-9wF4eF1TLiLvIKFSryLlas93QrNUZm8WhaCnpKS7P9VrMk_WqnesimkvQhk216it_et00IK3iP4Tk7lPmDu9MUNUAp6ktEFEK--1ELIo5DmhqwDp4FyYZyZJAWxHLT0P7RW-AKOxjg6VVptdIyyrp8N3EC72chPfkr1Vl1Ld3YDJ6C1MwBg9LNtvspxBYYyXi8o2SlXSVrD0-f_S7YkRV3-Le0mM1E5NJq5Ht49ePUxAx7F1fjOJ7Uu9lW3VqsbWS9Np8Pko2zqeTW4dW4qfM6gQFEFmYh_A&sai=AMfl-YS7qbyt2wPFCfQtvdVimR7ms-rZRBShr5780dlxuNL4WXdX-E1yDiJWi5nZ2fma6LLRQedH7aXQfmz7RhlVXjRslqj3abI_62YEDd5FhCvwzgsC-J3XHUGDRcWvH-ayJr17_x0G7fWH5fqqpYtFKCfiHMPzjnjx-q6O5lUSuIgZ7zbCuTHy0xcZ8sPPs0r08XDXaVw43-DhhgZldoqfYyJtsoMKP3KfMGoWmt4n3zKzr4DZ928_IH7wHE9kLr4ZynK_JDoKDoky0bmx0GNqyl93RnuYsN9l_Ne6tYBtM7O7SA&sig=Cg0ArKJSzPz3-JmL-_xOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=141&cbvp=1&cstd=135&cisv=r20230201.61574&arae=0&ftch=1&adurl=
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjstklSnM0EkYOaerLWHqbg-fXAOQcZeZtPfzAfyH6HGwNgPJlA0MJA1MuW3Iu45u5HP4CrYCZpRbqO9C_1Lz4jFq7LufES_SZ_W-Hgt62ZnITnIwXiwfjXL_lvE6gLCBOFQ_MgDALExu3qVjVOFCBMpLVVjN040Hqdpom7OUUciO8_ptxzYMtxUGXkzHnvmh7u5hUsNIq-MbnGMMllXeFIJ9HmHhAncsblGGpT4jfIrBkylYHND_XA1UFTNjY2S6Z9ja8CO9MWMg69Qw6ILCDiKG7CyhAwyA_c5n-IewC2K1U8F44J77CnSNYCBgWd-dmBaUDvPTeRIcmuKLZcZRBG_IoYxYWfvb4Xc6hwtABkXGSx2up2VG_TmwQRovBrjs7rWd11vzJ41xDBiKeAp_Ht_ku4Rx92hVaDBBTVbO2STmJXSv2ur3pgL47lUJsRMqINrM9OiUMJSYF5_YXUI9XkEtU2O4tZBhKInvcULNyBX62AXCMmaVoSLlmWGN-2AuivwtXmq8dGD3rvQYAm1Z8rR_ypSbt1zRbsx7Z2sVLVGoHktHc4SIo5UDWIPSZEBhwd5Y6gSRGIXrukwGq7c9RhJP2f_MmxScu4qTgtfBMcDf7k482oWx2NNpqvRL4arnDAukukRlB3331uPyVILS5Jg1u82SYCsSLU-NHpQ9oGr4kP4k8dO9WvFCDIZsTuhiANZ5NI7ZcxV8c16n3zHGuSnUFQr7PskpBDDWuBHAfyrK4FQ0Okoc20UNlVnBLEOl1Qamh59ns2uQPoyazuJ6-LBcnOe2sh1nn4WINNqE7Fz9MUDDz5lRuVp-QV82aY3v92yAL8sO5EaJVjomKLIGxt4gedzKor8A_3x8avO2nBY9EVK1syJyLZvawi5ElzRQIY6U34RNUN0BDjJ1gma2TBdjQ4AzKoBQi09bK6iPr-9wF4eF1TLiLvIKFSryLlas93QrNUZm8WhaCnpKS7P9VrMk_WqnesimkvQhk216it_et00IK3iP4Tk7lPmDu9MUNUAp6ktEFEK--1ELIo5DmhqwDp4FyYZyZJAWxHLT0P7RW-AKOxjg6VVptdIyyrp8N3EC72chPfkr1Vl1Ld3YDJ6C1MwBg9LNtvspxBYYyXi8o2SlXSVrD0-f_S7YkRV3-Le0mM1E5NJq5Ht49ePUxAx7F1fjOJ7Uu9lW3VqsbWS9Np8Pko2zqeTW4dW4qfM6gQFEFmYh_A&sai=AMfl-YS7qbyt2wPFCfQtvdVimR7ms-rZRBShr5780dlxuNL4WXdX-E1yDiJWi5nZ2fma6LLRQedH7aXQfmz7RhlVXjRslqj3abI_62YEDd5FhCvwzgsC-J3XHUGDRcWvH-ayJr17_x0G7fWH5fqqpYtFKCfiHMPzjnjx-q6O5lUSuIgZ7zbCuTHy0xcZ8sPPs0r08XDXaVw43-DhhgZldoqfYyJtsoMKP3KfMGoWmt4n3zKzr4DZ928_IH7wHE9kLr4ZynK_JDoKDoky0bmx0GNqyl93RnuYsN9l_Ne6tYBtM7O7SA&sig=Cg0ArKJSzPz3-JmL-_xOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=141&cbvp=1&cstd=135&cisv=r20230201.61574&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 21:52:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 22:07:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 21:52:45 GMT
X-Firefox-Spdy: h2
hal900014.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=be7fe7c664&subid=&uid=6c58a2be531e60e9&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIZGqq9PeY9bdAe-s7AOG4YWIB8m5opxpzK3NztUP8C4QASCtuvl9YMOEgICYGMgBCakC3nDN8XAcsj6oAwGqBO8BT9A10sxDiMssbnOX3KzvaqwPx72J5d2sJviAXherwghqHmj4WxLGJZQHP3d4qi9t5JouhSQ56y-FEqRbvcpOX-vfytvmCSMW3ni5_e-fC5YMTplJf6GEtK6zupO1RVzBzc2Q-sKuQJAUlV4BVvSJt4yo_hKhD3uoj-CqwkXvKrZekIOeiZlmzwwa2Rt8821no3wutpXHz1sSfU-bDS00TNdpke2CpvIyeWys88PVYRvAgBUmP0kUSUWGfCnmxzIEBhV514YVM4BYZwR5bhOSFMd4c3ILLARCoeR9nWe9vJAL3Ef0icO-lDCChkEJOD3ABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ym8ebV4Y0jeKdVQmbeegqOFXKFe_nWgeO4XjFunY0rZOGGBw0uh-nfK7iPUotxNOl5D2BqcZZFGpTu2yXz8iB12DU8dYPltDIYAQ%26sig%3DAOD64_3pqi0b2Si3NytzIuE_LdS-1IJJ6Q%26client%3Dca-pub-2585781838920458%26dbm_c%3DAKAmf-C0PqX7RoIwUFJffl6UXgLzWjvhXe265kCJxsswjrpTw1ib5t4i1aWYLLmj406UxvJKw32N2YF2HrUOdM-ywLdpINcO7Joe9FXr54Kpu8G5ZUZJJ5Nbf9OKU1JaADSEzRUgDZnlXRAOvnJ1KqVygxUfNB1lIB3vvrtVP4romQsU-ZuLFOk%26cry%3D1%26dbm_d%3DAKAmf-A3mJf55FBqcRJn4jkuWIxgjGkGXsrQzw3_m-IGWSPWEDYJQfW0j4R1Ff44uHmpgE80w7b5MjgR8PJdS1Xxxucv9TBemVaGVXMLsnPhYfU_epVvHLGDGUk27ZUSQKyYfzzpFvmQ4gscbFHCLYXMu9f50Ax1I0I1cCMa7S5neoWTrHu6ItZlA081WzstRHogjOVhLnJYPV8j5DeQtZZjppudin_HyRxdzruMfrpclNXDy3xxQjDFwZ8_sDRfEZvcWSqXE2RRIfmRPV4R6V_7NhMCMVXP-xqyGljeIcwwxbBJQAsctvkPKWgNgdXbFJIjB5SfkzD2WS2MriX1SESQ6TAUFGz7pX7QdhjBwVU7scaMdN161664lyQQHied4Gi3JgQGDEoSLSE2EBVcZeZL1YlKK8xqIHq2gXcizc7fIjDrbUG-nPotPkH29tldQWhpnKeUUaNYcvAs4Sf5ZTpG7jQ0Nvv3p58DOySBSjz9Fsx-eH04zkBapw3gRsP-M2Ce-_KfGeTQm9CfnRQnSdbJ3juZdM8VFxJGUPAbK6HsPSxNsvWxJwU%26adurl%3D&documentReferer=https%3A%2F%2Fdropgalaxy.com%2F&ancestorOrigins=null&random=2138546841068&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
176.9.26.250200 OK 514 B URL HTTP/1.1 hal900014.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=be7fe7c664&subid=&uid=6c58a2be531e60e9&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIZGqq9PeY9bdAe-s7AOG4YWIB8m5opxpzK3NztUP8C4QASCtuvl9YMOEgICYGMgBCakC3nDN8XAcsj6oAwGqBO8BT9A10sxDiMssbnOX3KzvaqwPx72J5d2sJviAXherwghqHmj4WxLGJZQHP3d4qi9t5JouhSQ56y-FEqRbvcpOX-vfytvmCSMW3ni5_e-fC5YMTplJf6GEtK6zupO1RVzBzc2Q-sKuQJAUlV4BVvSJt4yo_hKhD3uoj-CqwkXvKrZekIOeiZlmzwwa2Rt8821no3wutpXHz1sSfU-bDS00TNdpke2CpvIyeWys88PVYRvAgBUmP0kUSUWGfCnmxzIEBhV514YVM4BYZwR5bhOSFMd4c3ILLARCoeR9nWe9vJAL3Ef0icO-lDCChkEJOD3ABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ym8ebV4Y0jeKdVQmbeegqOFXKFe_nWgeO4XjFunY0rZOGGBw0uh-nfK7iPUotxNOl5D2BqcZZFGpTu2yXz8iB12DU8dYPltDIYAQ%26sig%3DAOD64_3pqi0b2Si3NytzIuE_LdS-1IJJ6Q%26client%3Dca-pub-2585781838920458%26dbm_c%3DAKAmf-C0PqX7RoIwUFJffl6UXgLzWjvhXe265kCJxsswjrpTw1ib5t4i1aWYLLmj406UxvJKw32N2YF2HrUOdM-ywLdpINcO7Joe9FXr54Kpu8G5ZUZJJ5Nbf9OKU1JaADSEzRUgDZnlXRAOvnJ1KqVygxUfNB1lIB3vvrtVP4romQsU-ZuLFOk%26cry%3D1%26dbm_d%3DAKAmf-A3mJf55FBqcRJn4jkuWIxgjGkGXsrQzw3_m-IGWSPWEDYJQfW0j4R1Ff44uHmpgE80w7b5MjgR8PJdS1Xxxucv9TBemVaGVXMLsnPhYfU_epVvHLGDGUk27ZUSQKyYfzzpFvmQ4gscbFHCLYXMu9f50Ax1I0I1cCMa7S5neoWTrHu6ItZlA081WzstRHogjOVhLnJYPV8j5DeQtZZjppudin_HyRxdzruMfrpclNXDy3xxQjDFwZ8_sDRfEZvcWSqXE2RRIfmRPV4R6V_7NhMCMVXP-xqyGljeIcwwxbBJQAsctvkPKWgNgdXbFJIjB5SfkzD2WS2MriX1SESQ6TAUFGz7pX7QdhjBwVU7scaMdN161664lyQQHied4Gi3JgQGDEoSLSE2EBVcZeZL1YlKK8xqIHq2gXcizc7fIjDrbUG-nPotPkH29tldQWhpnKeUUaNYcvAs4Sf5ZTpG7jQ0Nvv3p58DOySBSjz9Fsx-eH04zkBapw3gRsP-M2Ce-_KfGeTQm9CfnRQnSdbJ3juZdM8VFxJGUPAbK6HsPSxNsvWxJwU%26adurl%3D&documentReferer=https%3A%2F%2Fdropgalaxy.com%2F&ancestorOrigins=null&random=2138546841068&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
IP 176.9.26.250:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash abb68e941fb434db02490df038b7be75
066ac5a14aa7fa9333f5502ca6e045b1fdbc37f2
0f1ebec2e8d8eebdd505bfe43e7c29c39f117b38297ed17f0153528a92cd0bcf
GET /request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=be7fe7c664&subid=&uid=6c58a2be531e60e9&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIZGqq9PeY9bdAe-s7AOG4YWIB8m5opxpzK3NztUP8C4QASCtuvl9YMOEgICYGMgBCakC3nDN8XAcsj6oAwGqBO8BT9A10sxDiMssbnOX3KzvaqwPx72J5d2sJviAXherwghqHmj4WxLGJZQHP3d4qi9t5JouhSQ56y-FEqRbvcpOX-vfytvmCSMW3ni5_e-fC5YMTplJf6GEtK6zupO1RVzBzc2Q-sKuQJAUlV4BVvSJt4yo_hKhD3uoj-CqwkXvKrZekIOeiZlmzwwa2Rt8821no3wutpXHz1sSfU-bDS00TNdpke2CpvIyeWys88PVYRvAgBUmP0kUSUWGfCnmxzIEBhV514YVM4BYZwR5bhOSFMd4c3ILLARCoeR9nWe9vJAL3Ef0icO-lDCChkEJOD3ABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE5yizQ7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADUE5ym8ebV4Y0jeKdVQmbeegqOFXKFe_nWgeO4XjFunY0rZOGGBw0uh-nfK7iPUotxNOl5D2BqcZZFGpTu2yXz8iB12DU8dYPltDIYAQ%26sig%3DAOD64_3pqi0b2Si3NytzIuE_LdS-1IJJ6Q%26client%3Dca-pub-2585781838920458%26dbm_c%3DAKAmf-C0PqX7RoIwUFJffl6UXgLzWjvhXe265kCJxsswjrpTw1ib5t4i1aWYLLmj406UxvJKw32N2YF2HrUOdM-ywLdpINcO7Joe9FXr54Kpu8G5ZUZJJ5Nbf9OKU1JaADSEzRUgDZnlXRAOvnJ1KqVygxUfNB1lIB3vvrtVP4romQsU-ZuLFOk%26cry%3D1%26dbm_d%3DAKAmf-A3mJf55FBqcRJn4jkuWIxgjGkGXsrQzw3_m-IGWSPWEDYJQfW0j4R1Ff44uHmpgE80w7b5MjgR8PJdS1Xxxucv9TBemVaGVXMLsnPhYfU_epVvHLGDGUk27ZUSQKyYfzzpFvmQ4gscbFHCLYXMu9f50Ax1I0I1cCMa7S5neoWTrHu6ItZlA081WzstRHogjOVhLnJYPV8j5DeQtZZjppudin_HyRxdzruMfrpclNXDy3xxQjDFwZ8_sDRfEZvcWSqXE2RRIfmRPV4R6V_7NhMCMVXP-xqyGljeIcwwxbBJQAsctvkPKWgNgdXbFJIjB5SfkzD2WS2MriX1SESQ6TAUFGz7pX7QdhjBwVU7scaMdN161664lyQQHied4Gi3JgQGDEoSLSE2EBVcZeZL1YlKK8xqIHq2gXcizc7fIjDrbUG-nPotPkH29tldQWhpnKeUUaNYcvAs4Sf5ZTpG7jQ0Nvv3p58DOySBSjz9Fsx-eH04zkBapw3gRsP-M2Ce-_KfGeTQm9CfnRQnSdbJ3juZdM8VFxJGUPAbK6HsPSxNsvWxJwU%26adurl%3D&documentReferer=https%3A%2F%2Fdropgalaxy.com%2F&ancestorOrigins=null&random=2138546841068&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 HTTP/1.1
Host: hal900014.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=2550299ddb2e8788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:52:45 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 04 Feb 2023 21:52:45 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=2550299ddb2e8788; expires=Fri, 05-May-2023 21:52:45 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
X-NEORY-SubId: 82187500168237904438336012225014
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 514
Connection: close
Content-Type: application/x-javascript; charset=utf-8
csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~ldqhs26i&c=3812075475901690&e=31072022%2C31072039%2C31072117%2C31061691%2C31061692&ctx=1&met.9=1.2w8~2.30c~13.33v~9.0~9.0~9.0~9.0~9.0~9.0~9.0~9.0~3_1.39q~3_2.39q~3_4.39q~3_7.39q~3_11.39q~3_16.39q~3_22.39q~3_29.39q~7_1.0~7_2.0~7_4.0~7_7.0~7_11.0~7_16.0~7_22.0~7_29.0~7_30.0~7_31.0~7_32.0~7_33.0~4_1.3hs~5_1.3i1~4_16.3in~5_16.3is~4_11.3n7~5_11.3nc~4_29.3pk~5_32.3qh~5_30.3qw~5_29.3rd~4_2.3so~5_2.3sw~4_4.3xb~5_4.3yv~4_7.45d~5_7.46a~6_29.46s~6_30.46t~6_2.46u&met.10=1_2.IIQfEMCyBAjAsgQY_NVIKAE~1_22.IIQfEAAIABj81UgoAQ~1_1.IIQfEMCyBAjAsgQY_NVIKAE~1_4.IIQfELyMBgi8jAYY_NVIKAE~1_7.IIQfENCMAQjQjAEY_NVIKAE~1_16.IIQfEAAIABj81UgoAA~1_11.IIQfEAAIABj81UgoAA~1_2.IJcmEMDzBAiA7gUY_NVIKAE~1_1.IJcmEMDzBAiA7gUY_NVIKAE~1_2.IJ4nEMDkBAiA7gUY_NVIKAE~1_1.IJ4nEMDkBAiA7gUY_NVIKAE~1_4.IKYoEIzJHwj8-jcY_NVIKAE~1_7.IKYoEAAIhKoFGPzVSCgA&met.3=112.336_1~113.3do_3&met.1=1.ldqhrz3b~6.81~7.8j~8.8k~9.8k~10.b9~11.9g~12.b9~13.jj~14.l7~15.k6~16.2mw~17.2n9~18.2nw~19.3d9~20.3d9~21.3da~23.y2&qqid.1=CMj2lYrt_PwCFRVVGAodwekCnw&qqid.16=CO2flYrt_PwCFccUewodzYsFLA&qqid.11=CJGilYrt_PwCFa8LewodN1MN2Q&qqid.29=CLTgl4rt_PwCFbAMewod6bIN6A&qqid.30=CLXgl4rt_PwCFbAMewod6bIN6A&qqid.31=CLbgl4rt_PwCFbAMewod6bIN6A&qqid.32=CMPdlYrt_PwCFbAMewod6bIN6A&qqid.33=CLjgl4rt_PwCFbAMewod6bIN6A&qqid.2=CNuaoort_PwCFQamGAodEg0K4w&qqid.4=CJbfsYrt_PwCFW8WewodhnABcQ&qqid.7=CJOLwYrt_PwCFbEJogMdWZYA3Q
142.250.195.67204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~ldqhs26i&c=3812075475901690&e=31072022%2C31072039%2C31072117%2C31061691%2C31061692&ctx=1&met.9=1.2w8~2.30c~13.33v~9.0~9.0~9.0~9.0~9.0~9.0~9.0~9.0~3_1.39q~3_2.39q~3_4.39q~3_7.39q~3_11.39q~3_16.39q~3_22.39q~3_29.39q~7_1.0~7_2.0~7_4.0~7_7.0~7_11.0~7_16.0~7_22.0~7_29.0~7_30.0~7_31.0~7_32.0~7_33.0~4_1.3hs~5_1.3i1~4_16.3in~5_16.3is~4_11.3n7~5_11.3nc~4_29.3pk~5_32.3qh~5_30.3qw~5_29.3rd~4_2.3so~5_2.3sw~4_4.3xb~5_4.3yv~4_7.45d~5_7.46a~6_29.46s~6_30.46t~6_2.46u&met.10=1_2.IIQfEMCyBAjAsgQY_NVIKAE~1_22.IIQfEAAIABj81UgoAQ~1_1.IIQfEMCyBAjAsgQY_NVIKAE~1_4.IIQfELyMBgi8jAYY_NVIKAE~1_7.IIQfENCMAQjQjAEY_NVIKAE~1_16.IIQfEAAIABj81UgoAA~1_11.IIQfEAAIABj81UgoAA~1_2.IJcmEMDzBAiA7gUY_NVIKAE~1_1.IJcmEMDzBAiA7gUY_NVIKAE~1_2.IJ4nEMDkBAiA7gUY_NVIKAE~1_1.IJ4nEMDkBAiA7gUY_NVIKAE~1_4.IKYoEIzJHwj8-jcY_NVIKAE~1_7.IKYoEAAIhKoFGPzVSCgA&met.3=112.336_1~113.3do_3&met.1=1.ldqhrz3b~6.81~7.8j~8.8k~9.8k~10.b9~11.9g~12.b9~13.jj~14.l7~15.k6~16.2mw~17.2n9~18.2nw~19.3d9~20.3d9~21.3da~23.y2&qqid.1=CMj2lYrt_PwCFRVVGAodwekCnw&qqid.16=CO2flYrt_PwCFccUewodzYsFLA&qqid.11=CJGilYrt_PwCFa8LewodN1MN2Q&qqid.29=CLTgl4rt_PwCFbAMewod6bIN6A&qqid.30=CLXgl4rt_PwCFbAMewod6bIN6A&qqid.31=CLbgl4rt_PwCFbAMewod6bIN6A&qqid.32=CMPdlYrt_PwCFbAMewod6bIN6A&qqid.33=CLjgl4rt_PwCFbAMewod6bIN6A&qqid.2=CNuaoort_PwCFQamGAodEg0K4w&qqid.4=CJbfsYrt_PwCFW8WewodhnABcQ&qqid.7=CJOLwYrt_PwCFbEJogMdWZYA3Q
IP 142.250.195.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~ldqhs26i&c=3812075475901690&e=31072022%2C31072039%2C31072117%2C31061691%2C31061692&ctx=1&met.9=1.2w8~2.30c~13.33v~9.0~9.0~9.0~9.0~9.0~9.0~9.0~9.0~3_1.39q~3_2.39q~3_4.39q~3_7.39q~3_11.39q~3_16.39q~3_22.39q~3_29.39q~7_1.0~7_2.0~7_4.0~7_7.0~7_11.0~7_16.0~7_22.0~7_29.0~7_30.0~7_31.0~7_32.0~7_33.0~4_1.3hs~5_1.3i1~4_16.3in~5_16.3is~4_11.3n7~5_11.3nc~4_29.3pk~5_32.3qh~5_30.3qw~5_29.3rd~4_2.3so~5_2.3sw~4_4.3xb~5_4.3yv~4_7.45d~5_7.46a~6_29.46s~6_30.46t~6_2.46u&met.10=1_2.IIQfEMCyBAjAsgQY_NVIKAE~1_22.IIQfEAAIABj81UgoAQ~1_1.IIQfEMCyBAjAsgQY_NVIKAE~1_4.IIQfELyMBgi8jAYY_NVIKAE~1_7.IIQfENCMAQjQjAEY_NVIKAE~1_16.IIQfEAAIABj81UgoAA~1_11.IIQfEAAIABj81UgoAA~1_2.IJcmEMDzBAiA7gUY_NVIKAE~1_1.IJcmEMDzBAiA7gUY_NVIKAE~1_2.IJ4nEMDkBAiA7gUY_NVIKAE~1_1.IJ4nEMDkBAiA7gUY_NVIKAE~1_4.IKYoEIzJHwj8-jcY_NVIKAE~1_7.IKYoEAAIhKoFGPzVSCgA&met.3=112.336_1~113.3do_3&met.1=1.ldqhrz3b~6.81~7.8j~8.8k~9.8k~10.b9~11.9g~12.b9~13.jj~14.l7~15.k6~16.2mw~17.2n9~18.2nw~19.3d9~20.3d9~21.3da~23.y2&qqid.1=CMj2lYrt_PwCFRVVGAodwekCnw&qqid.16=CO2flYrt_PwCFccUewodzYsFLA&qqid.11=CJGilYrt_PwCFa8LewodN1MN2Q&qqid.29=CLTgl4rt_PwCFbAMewod6bIN6A&qqid.30=CLXgl4rt_PwCFbAMewod6bIN6A&qqid.31=CLbgl4rt_PwCFbAMewod6bIN6A&qqid.32=CMPdlYrt_PwCFbAMewod6bIN6A&qqid.33=CLjgl4rt_PwCFbAMewod6bIN6A&qqid.2=CNuaoort_PwCFQamGAodEg0K4w&qqid.4=CJbfsYrt_PwCFW8WewodhnABcQ&qqid.7=CJOLwYrt_PwCFbEJogMdWZYA3Q HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropgalaxy.com
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Sat, 04 Feb 2023 21:52:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1675547601393&c=3812075475901690&qqid=CLXgl4rt_PwCFbAMewod6bIN6A&rt=any.script.9.4x.e.b.28.z.nfd.m8h~any.script.9.4z.1.a.2k.11.57t.40y~any.link.9.62.d.t.2n.13.1ctq.1bmu~any.script.a.5m.9.k.2l.w.b6w.a00~any.script.a.6t.2.1n.2n.x.2o1.1h6~any.link.b.1r.0.v.0.0.zx.j0~any.img.c.8m.0.c.0.0.2bv.1wn~any.img.c.8l.0.b.0.0.nc.87~any.img.e.8t.0.k.0.0.ll.0~any.other.61.26.9.b.0.0.z94.ym0~any.other.61.2c.a.22.0.0.0.ym0~any.other.61.2d.b.22.0.0.0.ym0&met.a4a=dcl.142~ol.~nvs.1675547600480~ini.1675547601396
142.250.195.67204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1675547601393&c=3812075475901690&qqid=CLXgl4rt_PwCFbAMewod6bIN6A&rt=any.script.9.4x.e.b.28.z.nfd.m8h~any.script.9.4z.1.a.2k.11.57t.40y~any.link.9.62.d.t.2n.13.1ctq.1bmu~any.script.a.5m.9.k.2l.w.b6w.a00~any.script.a.6t.2.1n.2n.x.2o1.1h6~any.link.b.1r.0.v.0.0.zx.j0~any.img.c.8m.0.c.0.0.2bv.1wn~any.img.c.8l.0.b.0.0.nc.87~any.img.e.8t.0.k.0.0.ll.0~any.other.61.26.9.b.0.0.z94.ym0~any.other.61.2c.a.22.0.0.0.ym0~any.other.61.2d.b.22.0.0.0.ym0&met.a4a=dcl.142~ol.~nvs.1675547600480~ini.1675547601396
IP 142.250.195.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?s=ampad&ctx=2&puid=1~1675547601393&c=3812075475901690&qqid=CLXgl4rt_PwCFbAMewod6bIN6A&rt=any.script.9.4x.e.b.28.z.nfd.m8h~any.script.9.4z.1.a.2k.11.57t.40y~any.link.9.62.d.t.2n.13.1ctq.1bmu~any.script.a.5m.9.k.2l.w.b6w.a00~any.script.a.6t.2.1n.2n.x.2o1.1h6~any.link.b.1r.0.v.0.0.zx.j0~any.img.c.8m.0.c.0.0.2bv.1wn~any.img.c.8l.0.b.0.0.nc.87~any.img.e.8t.0.k.0.0.ll.0~any.other.61.26.9.b.0.0.z94.ym0~any.other.61.2c.a.22.0.0.0.ym0~any.other.61.2d.b.22.0.0.0.ym0&met.a4a=dcl.142~ol.~nvs.1675547600480~ini.1675547601396 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropgalaxy.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://dropgalaxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
date: Sat, 04 Feb 2023 21:52:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1675547601800&c=3812075475901690&qqid=CLTgl4rt_PwCFbAMewod6bIN6A&rt=any.link.9.67.7.60.0.0.0.1bmu~any.script.a.54.2.52.0.0.0.m8h~any.script.a.55.2.53.0.0.0.40y~any.script.a.6i.1.6h.0.0.0.1h6~any.script.b.60.b.5p.0.0.0.a00~any.link.d.19.2.l.0.0.14z.o2~any.img.e.7u.0.9.0.0.2cq.1xi~any.img.h.85.0.n.0.0.ll.0~any.other.5m.1p.1.b.0.0.mgw.lts~any.other.5m.1u.3.1r.0.0.0.lts~any.img.fr.53.ku.0.0.0.0.0&met.a4a=dcl.131~ol.~nvs.1675547600497~ini.1675547601804
142.250.195.67204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1675547601800&c=3812075475901690&qqid=CLTgl4rt_PwCFbAMewod6bIN6A&rt=any.link.9.67.7.60.0.0.0.1bmu~any.script.a.54.2.52.0.0.0.m8h~any.script.a.55.2.53.0.0.0.40y~any.script.a.6i.1.6h.0.0.0.1h6~any.script.b.60.b.5p.0.0.0.a00~any.link.d.19.2.l.0.0.14z.o2~any.img.e.7u.0.9.0.0.2cq.1xi~any.img.h.85.0.n.0.0.ll.0~any.other.5m.1p.1.b.0.0.mgw.lts~any.other.5m.1u.3.1r.0.0.0.lts~any.img.fr.53.ku.0.0.0.0.0&met.a4a=dcl.131~ol.~nvs.1675547600497~ini.1675547601804
IP 142.250.195.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?s=ampad&ctx=2&puid=1~1675547601800&c=3812075475901690&qqid=CLTgl4rt_PwCFbAMewod6bIN6A&rt=any.link.9.67.7.60.0.0.0.1bmu~any.script.a.54.2.52.0.0.0.m8h~any.script.a.55.2.53.0.0.0.40y~any.script.a.6i.1.6h.0.0.0.1h6~any.script.b.60.b.5p.0.0.0.a00~any.link.d.19.2.l.0.0.14z.o2~any.img.e.7u.0.9.0.0.2cq.1xi~any.img.h.85.0.n.0.0.ll.0~any.other.5m.1p.1.b.0.0.mgw.lts~any.other.5m.1u.3.1r.0.0.0.lts~any.img.fr.53.ku.0.0.0.0.0&met.a4a=dcl.131~ol.~nvs.1675547600497~ini.1675547601804 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropgalaxy.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://dropgalaxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
date: Sat, 04 Feb 2023 21:52:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
code.createjs.com/1.0.0/createjs.min.js
23.36.76.98200 OK 64 kB URL HTTP/2 code.createjs.com/1.0.0/createjs.min.js
IP 23.36.76.98:0
ASN #20940 Akamai International B.V.
Hash b07792e40950d61c78f78855c259c7bd
258a82eba06e79d4f50fa7c4b831d703d585c11a
0819045785ac286336a4f4202076c1a0f12a8f5a9aabb7a43b4bcda067a3e8d2
GET /1.0.0/createjs.min.js HTTP/1.1
Host: code.createjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
accept-ranges: bytes
content-type: text/javascript
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=900
expires: Sat, 04 Feb 2023 22:07:45 GMT
date: Sat, 04 Feb 2023 21:52:45 GMT
x-n: S
X-Firefox-Spdy: h2
csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1675547602047&c=3812075475901690&qqid=CNuaoort_PwCFQamGAodEg0K4w&rt=any.link.9.4o.6.4i.0.0.0.1bmu~any.script.a.3n.4.3j.0.0.0.m8h~any.script.a.3o.2.3m.0.0.0.40y~any.script.a.4j.a.49.0.0.0.a00~any.script.a.51.2.4z.0.0.0.1h6~any.img.e.6o.0.k.0.0.ll.0~any.other.45.1v.4.1r.0.0.0.lts~any.other.45.1v.4.1r.0.0.0.lts&met.a4a=dcl.82~ol.~nvs.1675547600552~ini.1675547602052
142.250.195.67204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1675547602047&c=3812075475901690&qqid=CNuaoort_PwCFQamGAodEg0K4w&rt=any.link.9.4o.6.4i.0.0.0.1bmu~any.script.a.3n.4.3j.0.0.0.m8h~any.script.a.3o.2.3m.0.0.0.40y~any.script.a.4j.a.49.0.0.0.a00~any.script.a.51.2.4z.0.0.0.1h6~any.img.e.6o.0.k.0.0.ll.0~any.other.45.1v.4.1r.0.0.0.lts~any.other.45.1v.4.1r.0.0.0.lts&met.a4a=dcl.82~ol.~nvs.1675547600552~ini.1675547602052
IP 142.250.195.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?s=ampad&ctx=2&puid=1~1675547602047&c=3812075475901690&qqid=CNuaoort_PwCFQamGAodEg0K4w&rt=any.link.9.4o.6.4i.0.0.0.1bmu~any.script.a.3n.4.3j.0.0.0.m8h~any.script.a.3o.2.3m.0.0.0.40y~any.script.a.4j.a.49.0.0.0.a00~any.script.a.51.2.4z.0.0.0.1h6~any.img.e.6o.0.k.0.0.ll.0~any.other.45.1v.4.1r.0.0.0.lts~any.other.45.1v.4.1r.0.0.0.lts&met.a4a=dcl.82~ol.~nvs.1675547600552~ini.1675547602052 HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropgalaxy.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://dropgalaxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
date: Sat, 04 Feb 2023 21:52:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 68cf08d77af8279898bf9ddad7b9b223
efda878c11b075ca24541c593e3e4146a8f7b4a5
d291469433a8ce2b9663f96789e5d7df3e1d1ae2d7258bf1835e126b2957e5ea
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 04 Feb 2023 21:52:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 02:59:35 GMT
Expires: Sun, 05 Feb 2023 02:59:35 GMT
ETag: "efda878c11b075ca24541c593e3e4146a8f7b4a5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=202&ttfrms=14&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauU2%26C%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauc%3B%3D%3C%3FdG%3F9%40Cg&srcurlD=0&aUrlD=-1&ssl=https:&dfs=2325&ddur=11&uid=1675547603151125&jsCallback=dvCallback_1675547603151231&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=600&winw=160&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=1&fcifrms=17&brh=1&sdf=2&dvp_epl=125&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115750&sid=18330&plc=5182863&crt=4069568&btreg=5182863&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=8B119912-5F20-6203-748C-0258DAC89861&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=736279169.0388824&dvp_tukv=34671178.147322774&dvp_tuid=18610234054&jurtd=3304202775
34.149.12.213200 OK 1.2 kB URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=202&ttfrms=14&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauU2%26C%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauc%3B%3D%3C%3FdG%3F9%40Cg&srcurlD=0&aUrlD=-1&ssl=https:&dfs=2325&ddur=11&uid=1675547603151125&jsCallback=dvCallback_1675547603151231&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=600&winw=160&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=1&fcifrms=17&brh=1&sdf=2&dvp_epl=125&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115750&sid=18330&plc=5182863&crt=4069568&btreg=5182863&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=8B119912-5F20-6203-748C-0258DAC89861&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=736279169.0388824&dvp_tukv=34671178.147322774&dvp_tuid=18610234054&jurtd=3304202775
IP 34.149.12.213:0
File type ASCII text, with very long lines (3044), with no line terminators
Hash 9a1e83c77549ba13d27515b0cc6a96c1
0ab7e509c8c16fcb031ebe03c5f55051c3b7c18d
fabc9d9716c0347dce51e36eb71fc6fada5a5bfc5b1e2d6c4aaaa9743244467c
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=202&ttfrms=14&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauU2%26C%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauc%3B%3D%3C%3FdG%3F9%40Cg&srcurlD=0&aUrlD=-1&ssl=https:&dfs=2325&ddur=11&uid=1675547603151125&jsCallback=dvCallback_1675547603151231&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=600&winw=160&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=1&fcifrms=17&brh=1&sdf=2&dvp_epl=125&noc=16&nav_pltfrm=Linux%20x86_64&ctx=1828362&cmp=115750&sid=18330&plc=5182863&crt=4069568&btreg=5182863&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=8B119912-5F20-6203-748C-0258DAC89861&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=736279169.0388824&dvp_tukv=34671178.147322774&dvp_tuid=18610234054&jurtd=3304202775 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:52:45 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0
Content-Encoding: br
Expires: 02/03/2023 21:52:45
Pragma: no-cache
Vary: Accept-Encoding
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=372&ttfrms=22&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauU2%26C%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauc%3B%3D%3C%3FdG%3F9%40Cg&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675547601953518&jsCallback=dvCallback_1675547601953853&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=600&winw=160&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=1&fcifrms=18&brh=1&sdf=2&dvp_epl=125&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://dropgalaxy.com/4jlkn5vnhor8&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iN87yT35xLBAsrQs9haSFd&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396516534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=888105777999&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=736279169.0388824&dvp_tukv=93047910.61227421&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=493381647499&jurtd=660952649
34.149.12.213200 OK 680 B URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=372&ttfrms=22&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauU2%26C%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauc%3B%3D%3C%3FdG%3F9%40Cg&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675547601953518&jsCallback=dvCallback_1675547601953853&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=600&winw=160&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=1&fcifrms=18&brh=1&sdf=2&dvp_epl=125&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://dropgalaxy.com/4jlkn5vnhor8&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iN87yT35xLBAsrQs9haSFd&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396516534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=888105777999&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=736279169.0388824&dvp_tukv=93047910.61227421&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=493381647499&jurtd=660952649
IP 34.149.12.213:0
File type ASCII text, with very long lines (1184), with no line terminators
Hash 2a3dd9371c3015d32f261c19267efd3b
52a63017e2c24a13f9226e3daef294569075b65a
b3761b9a0917c074728cade7dd22404b5e6bd1eecb679fb2bcaf055ebbfb164c
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=372&ttfrms=22&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauU2%26C%3Dl9EEADTbpTauTau5C%40A82%3D2IJ%5D4%40%3ETauc%3B%3D%3C%3FdG%3F9%40Cg&srcurlD=0&aUrlD=-1&ssl=https:&uid=1675547601953518&jsCallback=dvCallback_1675547601953853&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=600&winw=160&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=1&fcifrms=18&brh=1&sdf=2&dvp_epl=125&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://dropgalaxy.com/4jlkn5vnhor8&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0iN87yT35xLBAsrQs9haSFd&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396516534&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=888105777999&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=736279169.0388824&dvp_tukv=93047910.61227421&dvp_strhd=1&dvpx_strhd=1&dvp_tuid=493381647499&jurtd=660952649 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:52:46 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0
Content-Encoding: br
Expires: 02/03/2023 21:52:45
Pragma: no-cache
Vary: Accept-Encoding
cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=09d82edef8f04034a4c8c640afea845a&dup=&eoid=1000&cbust=1675547603505916
95.101.11.115302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=09d82edef8f04034a4c8c640afea845a&dup=&eoid=1000&cbust=1675547603505916
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-eu3¶m=akipv6&impid=09d82edef8f04034a4c8c640afea845a&dup=&eoid=1000&cbust=1675547603505916 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-eu3.doubleverify.com/event.png?impid=09d82edef8f04034a4c8c640afea845a&akipv6=&dup=&eoid=1000
Date: Sat, 04 Feb 2023 21:52:46 GMT
Connection: keep-alive
cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=138c0253ef9044398ccb86c14dc614bd&dup=&eoid=1000&cbust=1675547603511541
95.101.11.115302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=138c0253ef9044398ccb86c14dc614bd&dup=&eoid=1000&cbust=1675547603511541
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-eu3¶m=akipv6&impid=138c0253ef9044398ccb86c14dc614bd&dup=&eoid=1000&cbust=1675547603511541 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-eu3.doubleverify.com/event.png?impid=138c0253ef9044398ccb86c14dc614bd&akipv6=&dup=&eoid=1000
Date: Sat, 04 Feb 2023 21:52:46 GMT
Connection: keep-alive
cdn.flashtalking.com/116327/4069568/images/Desktop_Acrobat_ARed_FullBleedVERB.png
23.38.200.44200 OK 95 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069568/images/Desktop_Acrobat_ARed_FullBleedVERB.png
IP 23.38.200.44:0
File type PNG image data, 1006 x 1006, 8-bit/color RGBA, non-interlaced\012- data
Hash 695c1135a71d9f47be5bea22f8a3e395
e4ee15bf06fef14da8cd470e5ae17869589a6ef9
8af048fc6059e8ce070092514e22e40a3ea792479247e9c8eb78fa6e483aeb4e
GET /116327/4069568/images/Desktop_Acrobat_ARed_FullBleedVERB.png HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069568/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Last-Modified: Thu, 29 Sep 2022 00:26:57 GMT
Content-Type: image/png
ETag: W/"695c1135a71d9f47be5bea22f8a3e395"
X-Varnish: 725879867
Accept-Ranges: bytes
Content-Length: 95163
Cache-Control: max-age=938
Expires: Sat, 04 Feb 2023 22:08:24 GMT
Date: Sat, 04 Feb 2023 21:52:46 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
cdn.flashtalking.com/116327/4069568/images/Group171472.png
23.38.200.44200 OK 48 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069568/images/Group171472.png
IP 23.38.200.44:0
File type gzip compressed data, max compression\012- data
Hash dff0b7f4fd2cbd65caf08028ae5532d0
e133b0827f15b90d8346463ee4d0d96a33d7d21d
c0b9b072437fefffcccaf63e713c7c63ba849958fd9139e8f4cde95b429b279d
GET /116327/4069568/images/Group171472.png HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069568/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Last-Modified: Thu, 29 Sep 2022 00:26:57 GMT
Content-Type: image/png
ETag: W/"9c628e9acdc55344312932fc53e51890"
X-Varnish: 438665308
Accept-Ranges: bytes
Content-Length: 47662
Cache-Control: max-age=938
Expires: Sat, 04 Feb 2023 22:08:24 GMT
Date: Sat, 04 Feb 2023 21:52:46 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
tpsc-eu3.doubleverify.com/event.png?impid=09d82edef8f04034a4c8c640afea845a&akipv6=&dup=&eoid=1000
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=09d82edef8f04034a4c8c640afea845a&akipv6=&dup=&eoid=1000
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=09d82edef8f04034a4c8c640afea845a&akipv6=&dup=&eoid=1000 HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 04 Feb 2023 21:52:46 GMT
Connection: keep-alive
Cache-Control: max-age=0
Expires: 02/03/2023 21:52:46
Pragma: no-cache
tpsc-eu3.doubleverify.com/event.png?impid=138c0253ef9044398ccb86c14dc614bd&akipv6=&dup=&eoid=1000
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=138c0253ef9044398ccb86c14dc614bd&akipv6=&dup=&eoid=1000
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=138c0253ef9044398ccb86c14dc614bd&akipv6=&dup=&eoid=1000 HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 04 Feb 2023 21:52:46 GMT
Connection: keep-alive
Cache-Control: max-age=0
Expires: 02/03/2023 21:52:46
Pragma: no-cache
cdn.flashtalking.com/116327/4069568/images/MaskGroup171153.png
23.38.200.44200 OK 82 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069568/images/MaskGroup171153.png
IP 23.38.200.44:0
File type PNG image data, 642 x 674, 8-bit/color RGB, non-interlaced\012- data
Hash aa80b743045113baa5a45756cc258c01
d1ec09f5074cd7612fb0cc06e5a02eab6ef40d19
d3b39584486be12795fc5a5e3b7184ffc43f9ce6995f8a27b535f589d46af75b
GET /116327/4069568/images/MaskGroup171153.png HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069568/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Last-Modified: Thu, 29 Sep 2022 00:26:58 GMT
Content-Type: image/png
ETag: W/"aa80b743045113baa5a45756cc258c01"
X-Varnish: 728470667
Accept-Ranges: bytes
Content-Length: 82376
Cache-Control: max-age=938
Expires: Sat, 04 Feb 2023 22:08:24 GMT
Date: Sat, 04 Feb 2023 21:52:46 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
23.38.200.44200 OK 6.0 kB URL HTTP/1.1 secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
IP 23.38.200.44:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash d675694ab4d4d2eb56cca854c25d9c36
34174b9397a3cb289f892f1f98ccc51a63698360
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
GET /oba/icon/consumer-privacy-logo.png HTTP/1.1
Host: secure.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Content-Type: image/png
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-Varnish: 721542519 721664610
Accept-Ranges: bytes
Content-Length: 5953
Cache-Control: max-age=786
Expires: Sat, 04 Feb 2023 22:05:52 GMT
Date: Sat, 04 Feb 2023 21:52:46 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
hal900014.redintelligence.net/request_content.php?s=82187500168237904438336012225014&a=cd13a4e3
176.9.26.250200 OK 1.4 kB URL HTTP/1.1 hal900014.redintelligence.net/request_content.php?s=82187500168237904438336012225014&a=cd13a4e3
IP 176.9.26.250:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash e28ff96db32eed51b2d1138bb748957b
0989418a3e6e5a2e0e21434654b8c6c8ba69fcc0
5b9df2b5ad8293264780dc6e3b806bf73dfbf53259549bf38aa6b4227f63dda7
GET /request_content.php?s=82187500168237904438336012225014&a=cd13a4e3 HTTP/1.1
Host: hal900014.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Cookie: 8lcfmzhxc8d6_uid=2550299ddb2e8788
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:52:46 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Sat, 04 Feb 2023 21:52:46 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1414
Connection: close
Content-Type: text/html; charset=utf-8
hal900014.redintelligence.net/viewability?s=82187500168237904438336012225014&a=08fbdd83&vb=m
176.9.26.250200 OK 0 B URL HTTP/1.1 hal900014.redintelligence.net/viewability?s=82187500168237904438336012225014&a=08fbdd83&vb=m
IP 176.9.26.250:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=82187500168237904438336012225014&a=08fbdd83&vb=m HTTP/1.1
Host: hal900014.redintelligence.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900014.redintelligence.net/request_content.php?s=82187500168237904438336012225014&a=cd13a4e3
Cookie: 8lcfmzhxc8d6_uid=2550299ddb2e8788
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 21:52:46 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
cdn.contentspread.net/24i/content/soberfb/EN/S-970x250.gif
85.114.131.234200 OK 87 kB URL HTTP/1.1 cdn.contentspread.net/24i/content/soberfb/EN/S-970x250.gif
IP 85.114.131.234:0
ASN #24961 myLoc managed IT AG
File type GIF image data, version 89a, 970 x 250\012- data
Hash 0e28e66e2adf8c90c21d5be5fb9e6fa6
1a0381040dccb97e0cbdd872d1a83b84356b9132
b597da368fd908257c568452ca805b3fb9023d6ad26b7675c5afc1fffb46fea9
GET /24i/content/soberfb/EN/S-970x250.gif HTTP/1.1
Host: cdn.contentspread.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900014.redintelligence.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 21:52:46 GMT
Content-Type: image/gif
Content-Length: 86664
Last-Modified: Mon, 23 Jul 2018 15:20:13 GMT
Connection: close
ETag: "5b55f22d-15288"
Accept-Ranges: bytes
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 68cf08d77af8279898bf9ddad7b9b223
efda878c11b075ca24541c593e3e4146a8f7b4a5
d291469433a8ce2b9663f96789e5d7df3e1d1ae2d7258bf1835e126b2957e5ea
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 04 Feb 2023 21:52:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 02:59:35 GMT
Expires: Sun, 05 Feb 2023 02:59:35 GMT
ETag: "efda878c11b075ca24541c593e3e4146a8f7b4a5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1|https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?cbust=1675547604855545
216.58.207.230302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1|https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?cbust=1675547604855545
IP 216.58.207.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1|https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?cbust=1675547604855545 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 21:52:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1%7Chttps://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1?cbust=1675547604855545&~oref=https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 22:07:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1|https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1?cbust=1675547604854260
216.58.207.230302 Found 0 B URL HTTP/2 ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1|https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1?cbust=1675547604854260
IP 216.58.207.230:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1|https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1?cbust=1675547604854260 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 04 Feb 2023 21:52:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115750;u15=18330;u16=%5BDVP_ADID%5D;ord=1?cbust=1675547604854260&~oref=https://60413c781bc98036e2d92fbf1cad076e.safeframe.googlesyndication.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 22:07:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/search?q=Premium+site:https://educatiocenter.online/
142.250.74.164200 OK 0 B URL HTTP/2 www.google.com/search?q=Premium+site:https://educatiocenter.online/
IP 142.250.74.164:0
GET /search?q=Premium+site:https://educatiocenter.online/ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dropgalaxy.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Sat, 04 Feb 2023 21:52:42 GMT
expires: -1
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-gZY9yc63NhTTcpv9ap4-1w' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/fff
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/fff"}]}
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: AEC=ARSKqsJw-xMAn4ld7XFjOtQSiqP_WpeJDOfKfmdSTHPGk8UqWOAIoN-kR7g; expires=Thu, 03-Aug-2023 21:52:42 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
__Secure-ENID=10.SE=h9TwTuKhktTGMft-kSuxG5jQ_loOJNXtkMPfUpcbWXkWUQdlD_OEZteSpH_wPnbUc4KT5uZFOUTgKz8QEc0td9iOvinE943CUUxPC5s3okScpheerR4VMjeydUMLQzkRh7kjhr_rqFAFVs4r8YJOzj1za8is3AOQwD8gBsfndSI; expires=Wed, 06-Mar-2024 14:10:59 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
CONSENT=PENDING+186; expires=Mon, 03-Feb-2025 21:52:41 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cloudflareinsights.com/cdn-cgi/rum
104.16.56.101200 OK 0 B URL HTTP/2 cloudflareinsights.com/cdn-cgi/rum
IP 104.16.56.101:0
OPTIONS /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dropgalaxy.com/
Origin: https://dropgalaxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:47 GMT
content-type: text/plain
access-control-allow-origin: https://dropgalaxy.com
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7946a2aa184cb50c-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
claimtokens.net/terra.js
188.114.96.1200 OK 0 B IP 188.114.96.1:0
GET /terra.js HTTP/1.1
Host: claimtokens.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:39 GMT
content-type: application/javascript
last-modified: Sat, 03 Sep 2022 08:31:13 GMT
etag: W/"253-5e7c1ab61320c-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 390
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srRYxZjh1eXTtACp%2B%2BKpneL0jDdtPHs7A8G0YBDfIzdbOJoH2iVHmLfoZHtv5MwSgJbSFg2xHr2sMgjxe7Vvz1Y6dJQQ%2FYMtY45rXSrWZ75%2B8pPu92x0dDFetdG0%2Bbk0AgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7946a2772f93b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.102200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.102:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:43 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 89397
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertagids&domain=dropgalaxy.com&sn=FirefoxSyncframe&so=0&topUrl=dropgalaxy.com&info=JAtfF180M0RITmhlJTJCZkMwOUJGQlhaMUN2czNQblN6M1o4QkNGanF6Y2VwaWNNbjVSWXM5UXFZQUtuc2p4ZDJqNDdvUTc&idsd=-1395786780,-718205627&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertagids&domain=dropgalaxy.com&sn=FirefoxSyncframe&so=0&topUrl=dropgalaxy.com&info=JAtfF180M0RITmhlJTJCZkMwOUJGQlhaMUN2czNQblN6M1o4QkNGanF6Y2VwaWNNbjVSWXM5UXFZQUtuc2p4ZDJqNDdvUTc&idsd=-1395786780,-718205627&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=publishertagids&domain=dropgalaxy.com&sn=FirefoxSyncframe&so=0&topUrl=dropgalaxy.com&info=JAtfF180M0RITmhlJTJCZkMwOUJGQlhaMUN2czNQblN6M1o4QkNGanF6Y2VwaWNNbjVSWXM5UXFZQUtuc2p4ZDJqNDdvUTc&idsd=-1395786780,-718205627&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=dropgalaxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:44 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1114734
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
js.mobileoffers-ac-download.com/70dea1d9a398a668.js
172.67.189.155200 OK 0 B URL HTTP/2 js.mobileoffers-ac-download.com/70dea1d9a398a668.js
IP 172.67.189.155:0
GET /70dea1d9a398a668.js HTTP/1.1
Host: js.mobileoffers-ac-download.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:39 GMT
content-type: application/javascript
last-modified: Mon, 28 Mar 2022 13:24:52 GMT
vary: Accept-Encoding
etag: W/"6241b724-e03c"
cache-control: max-age=120
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UsrZNzrqn4UADmgqVCZJ4UnBypGccsKEaggrl8n3nHb9OkovYzq7u0SB9rgPm4qXaVRBsblwRky5koaOfHxChdDqBNHu0z%2BMM6RQ%2B3Bhagi59xx4H54vXBJFb2F%2FxPL%2FrlL1RBtxJ%2FsjuKLQ34lv1hK3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7946a2754b3fb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ad.a-ads.com/1640813?size=728x90
78.46.32.91200 OK 0 B URL HTTP/2 ad.a-ads.com/1640813?size=728x90
IP 78.46.32.91:0
ASN #24940 Hetzner Online GmbH
GET /1640813?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 21:52:40 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://dropgalaxy.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
tmp.a2zapk.com/js/badip.js?v=ghgh
104.26.4.212403 Forbidden 0 B URL HTTP/2 tmp.a2zapk.com/js/badip.js?v=ghgh
IP 104.26.4.212:0
GET /js/badip.js?v=ghgh HTTP/1.1
Host: tmp.a2zapk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sat, 04 Feb 2023 21:52:39 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggm4WyH0Jc%2Fxx55JftMs%2FFH63CdMhL5UR5%2F%2B2Ly1JyHrr4yxTyEwieaYgsBPzL5G21mjM3mYVLW9awjimK6iLojbgbR4NDm0RSaXxn%2FKI%2F9hWqtLMfZAlw92m2BBnp%2FN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7946a2755f180b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
tmp.a2zapk.com/js/badip.js?v=ghgh
104.26.4.212403 Forbidden 0 B URL HTTP/2 tmp.a2zapk.com/js/badip.js?v=ghgh
IP 104.26.4.212:0
GET /js/badip.js?v=ghgh HTTP/1.1
Host: tmp.a2zapk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 04 Feb 2023 21:52:40 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anBJcWj%2F%2Fpv40z4lqyAkSIsKhamfiTRAY2lE8nXuRkV%2BT70vgd3%2BzWzaJAgQDEdwc6XChdtvEKxVVgJC13Yfx0iA2%2Fb%2FsMFocn3MX6l9OMk7sxSE%2BzNtWiqgIgJ7Kd59"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=2592000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7946a27e0edd0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js
104.16.57.101200 OK 0 B URL HTTP/2 static.cloudflareinsights.com/beacon.min.js
IP 104.16.57.101:0
GET /beacon.min.js HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:39 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2022.10.1
last-modified: Fri, 21 Oct 2022 01:56:09 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7946a2748db2b4ff-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
protagcdn.com/s/dropgalaxy.com/site.js
104.26.6.142200 OK 0 B URL HTTP/2 protagcdn.com/s/dropgalaxy.com/site.js
IP 104.26.6.142:0
GET /s/dropgalaxy.com/site.js HTTP/1.1
Host: protagcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:39 GMT
content-type: application/javascript
cache-control: public, max-age=1800
cf-bgj: minify
cf-polished: origSize=416790
expires: Sat, 04 Feb 2023 22:22:39 GMT
last-modified: Wed, 25 Jan 2023 09:48:36 GMT
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLS8MtToxxbd2iqvsq4OjRVTqT%2FrXckKJ5yQ%2FDV%2Bu04rDCgIH6FdCEmd3tDb%2FrLBZOUQvbkoinrOYnWybR%2BbVxVfOjx7QDtXYKzOmaruNItPhvCx9%2BfG77kW0FgtVBk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7946a27469f3b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
inpage-push.com/400/4258748
139.45.197.239200 OK 0 B URL HTTP/2 inpage-push.com/400/4258748
IP 139.45.197.239:0
GET /400/4258748 HTTP/1.1
Host: inpage-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dropgalaxy.com
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 21:52:41 GMT
content-type: application/javascript
x-trace-id: 685960e7fe33202bd114134653ff6353
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://dropgalaxy.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=cbe8b78e72b74fafa6fd26a22d1613dc; expires=Sun, 04 Feb 2024 21:52:41 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.ids.js
178.250.2.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.ids.js
IP 178.250.2.130:0
GET /js/ld/publishertag.ids.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 21:52:43 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-9c1f"
expires: Sun, 05 Feb 2023 21:52:43 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
adoto.net/dashboard/display/serve.js
188.114.96.1200 OK 0 B URL HTTP/2 adoto.net/dashboard/display/serve.js
IP 188.114.96.1:0
GET /dashboard/display/serve.js HTTP/1.1
Host: adoto.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dropgalaxy.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:39 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sat, 02 Jul 2022 16:40:17 GMT
expires: Wed, 15 Feb 2023 09:29:35 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
cf-cache-status: HIT
age: 1686184
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zSHogyNAkCWs6DV3L3baLa9TyoELmCZdAhdqlvbxD8pEzmzYpXjdgMWC%2B4t36%2BiFwjsTPJrUFU8E9Am0WQPMCtUaZVc4igWRjxEqZcyW0gF3ijNLRAbsaU3KSMA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7946a27548aab505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cloudflareinsights.com/cdn-cgi/rum
104.16.56.101200 OK 0 B URL HTTP/2 cloudflareinsights.com/cdn-cgi/rum
IP 104.16.56.101:0
OPTIONS /cdn-cgi/rum HTTP/1.1
Host: cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://dropgalaxy.com/
Origin: https://dropgalaxy.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 21:52:42 GMT
content-type: text/plain
access-control-allow-origin: https://dropgalaxy.com
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7946a28afbeeb50c-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2