pobedidijabetes.org/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: pobedidijabetes.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 15 Nov 2022 23:29:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 16 Nov 2022 00:29:25 GMT
Location: https://pobedidijabetes.org/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1IvWBV2oGrRXCa3D0BZ3kzskmoGuMnL2lUS1aDJ%2F0I69z7QZi99Ty9M%2FRnTNyU53LlKOvQj0l5ghMRck7xZXVSNYi9g9%2B3frMJLXQWYdUe91zOGmbDAT%2Bhvnfj5K%2Bm0vo0YFCMH"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76abc4d8ad0c0b49-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2695
Expires: Wed, 16 Nov 2022 00:14:21 GMT
Date: Tue, 15 Nov 2022 23:29:26 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 4fe5a11c3ca8a150aad830b739f24b58
898b730b1a66dd49c6f018333ba828410f63f347
2c3a2a8a3dfa29808bd550718025fdf355e4a88235cb50ae978abc00ee5fd23b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6440
Cache-Control: max-age=132541
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:26 GMT
Etag: "63736a6b-1d7"
Expires: Thu, 17 Nov 2022 12:18:27 GMT
Last-Modified: Tue, 15 Nov 2022 10:31:07 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 22:44:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2685
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3923
Expires: Wed, 16 Nov 2022 00:34:49 GMT
Date: Tue, 15 Nov 2022 23:29:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: j3EFnZ89Qoysf0hEN7kA39FUKlh6q6xWUOnHlC6msaTtfUg1F2OCSROONIFcYD4Br8NH3wn7WQ0=
x-amz-request-id: 4HKYMXCMSEW7MFPT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 22:51:46 GMT
age: 2260
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 23:29:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 78c2ac72a17fe46953cfc0db24c01a05
e08676c7539a97c949c5f51679b20184c9a22c8e
f575d0e7cef48e9bafec07797a761a8481b7d95e7b1c21222fae100ed7788c38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=141957
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:26 GMT
Etag: "6373a85b-118"
Expires: Thu, 17 Nov 2022 14:55:23 GMT
Last-Modified: Tue, 15 Nov 2022 14:55:23 GMT
Server: nginx
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Last-Modified, ETag, Alert, Backoff, Content-Type, Retry-After, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 22:44:48 GMT
cache-control: public,max-age=3600
age: 2678
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash de57a2d376db743a3987c454889f1f21
0defab699bdb1b158026f93c2dd105bcd65f6764
b1c47a81ac45af6f756a8eca8ef14a82f0113ea8f09dae7a285a4491963ae2ff
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3336
Cache-Control: max-age=124385
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:26 GMT
Etag: "637356af-1d7"
Expires: Thu, 17 Nov 2022 10:02:31 GMT
Last-Modified: Tue, 15 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VbCfgmVRryjdUu4UiBeMOw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7y/QJx5iJQR+whuxSSNOueurv4A=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8180
Expires: Wed, 16 Nov 2022 01:45:48 GMT
Date: Tue, 15 Nov 2022 23:29:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8180
Expires: Wed, 16 Nov 2022 01:45:48 GMT
Date: Tue, 15 Nov 2022 23:29:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8180
Expires: Wed, 16 Nov 2022 01:45:48 GMT
Date: Tue, 15 Nov 2022 23:29:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8180
Expires: Wed, 16 Nov 2022 01:45:48 GMT
Date: Tue, 15 Nov 2022 23:29:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d17b0a6-c7d4-4fde-a562-2c8a684badae.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d17b0a6-c7d4-4fde-a562-2c8a684badae.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d11bcb05f6d52f71125159b3b91cf95
8ac81c9371c361d9e67d8cb0dc56ce3986ff0c5c
11cd7bb8813d5b88bc9b48851fa0d33a4103e52c7bb6e4c9510ea7cc1b64f76f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d17b0a6-c7d4-4fde-a562-2c8a684badae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5869
x-amzn-requestid: dfef6fc8-6792-4393-9154-f58cf5c619c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEAEADIAMFpqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-3c3530c93c04782a2fd222e1;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vPlQer1X13LpjFGcD9whnFC8MyTkgEo4TTi4g3RSKakAyJkibyQH-A==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:01:24 GMT
age: 5284
etag: "8ac81c9371c361d9e67d8cb0dc56ce3986ff0c5c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CqIZqrKKIWszHFwass9Cd-GNxQ5Q9z3_2haPPGprjVDal71MQDurqw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:15:24 GMT
age: 4444
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edd6a84f848a83f4d1990f92b4807def
bc2bb7815b062941d51fde65574851db55be37dc
4d015538adfa6c61a5dfca3cbb224ae91ccbe1d82212e997e22f895a77387bed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc50c38bf-fe3d-4eec-be11-1e782b0f0bbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6629
x-amzn-requestid: ff03ae40-8d00-41ec-875f-b49b1b86151c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY6CG9IoAMF8rA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740840-7fdaa40f3ca9246045270665;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4i9jW2AQ8PhWl9i01KDda11PoSD1csf_Gs7nwME9o2Oxft0UldI6vQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:47:49 GMT
age: 6099
etag: "bc2bb7815b062941d51fde65574851db55be37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bcd9120-f81d-4ec1-9b84-ae23f33b9b8d.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bcd9120-f81d-4ec1-9b84-ae23f33b9b8d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c774a9a33f0c86087fe36fe18cf02db8
d81bf6504b30d50cf9cb14f8efca8e961f422a57
80f2913428758b1250218865a3e6697881ed3ed626f702c94fd0a5c7f354a2b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bcd9120-f81d-4ec1-9b84-ae23f33b9b8d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 4945a047-3048-4dfb-aba5-6cde2b52b240
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYEAG7roAMF30Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406e6-6928cd8c1439aac80444cd7b;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ls987SlzVbSWiZwE4ahKBdQ_vJknoy88LkGHnEYfie4M1l584VbB_w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:00:01 GMT
age: 5367
etag: "d81bf6504b30d50cf9cb14f8efca8e961f422a57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg
200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98802857df59f8eacd9211811cc59ae6
87e277a627c1085cad5c6e38bdd5100aa0a9ecee
102e73f690a972da6d3ab609ffab5f29884185d85c4230a19ec74d74c7320cf1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667acc-25d7-4d63-8fab-1711f6b4988c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8235
x-amzn-requestid: e8a91ec0-fa93-45b6-8dc8-a405c00242fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqY4_HANoAMFSvw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63740839-3ebbd38b0e3e774923ad019e;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:44:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: _u6Uhc-g_xPTRSYys5rD3GC00roubyJdBRuHruvoMLf-UEAB6_zdQw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 21:46:20 GMT
age: 6188
etag: "87e277a627c1085cad5c6e38bdd5100aa0a9ecee"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53d2d9380ba28ed0656b54c22bc56766
757f8e6306effbab70d99757c5672564cfc9f623
6d6c41527ae28cdce016470ec1eb87e0ed384f3ef721838724f29845f3bd8dac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b00960f-2d08-4518-83c0-1d7f0f3c973c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8990
x-amzn-requestid: cb142f4b-787e-4b3c-9d75-72579105db60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqYFOHi8IAMFpDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637406ee-504a14105d2be58b1ce71c18;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GLJACvZUJjLdl3O2HUkWjgr7MqT_SRigTSdweSaTxUc-gTDULbYliA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 22:14:18 GMT
age: 4510
etag: "757f8e6306effbab70d99757c5672564cfc9f623"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 78c2ac72a17fe46953cfc0db24c01a05
e08676c7539a97c949c5f51679b20184c9a22c8e
f575d0e7cef48e9bafec07797a761a8481b7d95e7b1c21222fae100ed7788c38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: max-age=141957
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:28 GMT
Etag: "6373a85b-118"
Expires: Thu, 17 Nov 2022 14:55:25 GMT
Last-Modified: Tue, 15 Nov 2022 14:55:23 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 73f5a5f64f86c457cc2558f44bbfbcd2
15c6a1f60ed86b20886f2b2025002b9392395880
04e20d91462edac11a6a3f2c9bb6a6de9ba23463f54a39c818d8f3f6d5d9be23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 4.6 kB IP
Hash 0279b070af469ccc28dd032071451a2c
a951061e0755d35e8f1003662d6122fafe54ccda
4b0189e9a859d19e5be33da01b41d8c10f778cb67c8767dd0e4c767b800d9d2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2
IP
Hash f5076db19f3a9084206195e40b24891c
6a7a5e801525623c2add5e0035f303e29fcc728f
2e3fcca96a45ac433262685b5af209ad4d0d0e0ed3cc96dc49dc564bf21db37b
GET /s/ptserif/v17/EJRVQgYoZZY2vCFuvAFWzr8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:45:19 GMT
expires: Thu, 09 Nov 2023 19:45:19 GMT
cache-control: public, max-age=31536000
age: 531849
last-modified: Wed, 27 Apr 2022 15:44:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
200 OK 40 kB URL HTTP/2 fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2
IP
Hash bb89fc4b1b046b3ccc80c41c64046626
2824052dbf08f2465b5a2dde045b8155e7ea6500
6843dd4aca597c39b3c597e33d047a5d171e4e3d7b72380ae893b201dd1cafc3
GET /s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNZaxM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27120
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 21:28:47 GMT
expires: Fri, 10 Nov 2023 21:28:47 GMT
cache-control: public, max-age=31536000
age: 439241
last-modified: Tue, 26 Apr 2022 16:42:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNXaxMICA.woff2
200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNXaxMICA.woff2
IP
Hash 2234fdac0f967bf875358e7ab924c74d
a3fe94f6446a27a7f9f294083c532498edc96e54
ad41017f54d437407f45ea7adccc804d1cf50b10aeb435ace5e71cf49e26af75
GET /s/librebaskerville/v14/kmKnZrc3Hgbbcjq75U4uslyuy4kn0qNXaxMICA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19956
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 20:19:01 GMT
expires: Tue, 14 Nov 2023 20:19:01 GMT
cache-control: public, max-age=31536000
age: 97827
last-modified: Tue, 26 Apr 2022 16:50:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2
IP
Hash a16b21655d90480b501c047f16346c33
ea8eef4be7429a6e67606fa565296ecb08e1ffae
445cb26019240cf028020a0934d6756cd70d06c930b1c3a33afb4fb7cf0e7ce6
GET /s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qcVyvHpA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 20:25:03 GMT
expires: Thu, 09 Nov 2023 20:25:03 GMT
cache-control: public, max-age=31536000
age: 529465
last-modified: Wed, 27 Apr 2022 16:29:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFYzr-tdg.woff2
200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/ptserif/v17/EJRVQgYoZZY2vCFuvAFYzr-tdg.woff2
IP
Hash 571958812d27c2c58f4fb6ea5a281e8b
290a6591e0c65947c5c3e68e8f0aa8436a797ac4
ccfa88aac6734afeea8775e1ffe0a2ee9b5a9ffe8a985ad4e09cf6a038b74e69
GET /s/ptserif/v17/EJRVQgYoZZY2vCFuvAFYzr-tdg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21232
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 18:51:07 GMT
expires: Thu, 09 Nov 2023 18:51:07 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 15:44:10 GMT
content-type: font/woff2
age: 535101
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2
IP
Hash 37cf09d79cb9e991d4ce398c65f06a96
98ccf78dd4ac5f2b86cf7f27e3616e330808a7b6
42c2cb554117aa005be2d3c771f65c3f1d77d6260c91ccaa4486ef2eec9ffe98
GET /s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY3KcA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 06:42:03 GMT
expires: Fri, 10 Nov 2023 06:42:03 GMT
cache-control: public, max-age=31536000
age: 492445
last-modified: Tue, 26 Apr 2022 15:45:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 8.9 kB IP
Hash cf7f17d16803d4c85e56d43d9a5242f0
d3f6569d03c7fe234a6502935863cb3bc28e5862
95b8256d069e0af37c18306323d585d018e0c11a245c55cc441ba6d79f90f449
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY5KcCsww.woff2
200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY5KcCsww.woff2
IP
Hash 3deb37f0e5de1aa13b100784eee9d81a
54e264f205d837d081a2f3f100194a5a43681980
1c2b3c1b86b13523d0cbadd3156e3129316db2cc10c223bd813585cf8a2ba936
GET /s/librebaskerville/v14/kmKiZrc3Hgbbcjq75U4uslyuy4kn0qviTgY5KcCsww.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19960
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 23:03:20 GMT
expires: Wed, 15 Nov 2023 23:03:20 GMT
cache-control: public, max-age=31536000
age: 1568
last-modified: Tue, 26 Apr 2022 15:49:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
IP
Hash c332d21cff221318d8aa6e2d333062d3
62d705f2e8d9ebdf73a95e8efd10fd71eb57da84
611e87cd5b6c7ac0532117f91e3787a15908d1669b7266cfe40a16d49fcb0136
GET /s/ptserif/v17/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 23:36:09 GMT
expires: Sat, 11 Nov 2023 23:36:09 GMT
cache-control: public, max-age=31536000
age: 345199
last-modified: Wed, 27 Apr 2022 16:29:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/xrj4Uk1ibQE
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/xrj4Uk1ibQE
IP
Hash b4f187fa4a5b147af4b31b78eb68bbd0
4b2f032b0b739a36d58221bc4e50a1eba3b4a906
10abc61dec9872368e0476138a9d3a130c8282085ee1405c30f4f5fb6337dd75
POST /s/gts1d4/xrj4Uk1ibQE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9d5969143195880d7709a0f3f5576204
e74d4541a542f33c166b65c85fdfd214532b047f
54a7922a4991b75876e23049310c6c4bc81b09a3083e04a576c97458e329a524
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54A7922A4991B75876E23049310C6C4BC81B09A3083E04A576C97458E329A524"
Last-Modified: Tue, 15 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6644
Expires: Wed, 16 Nov 2022 01:20:12 GMT
Date: Tue, 15 Nov 2022 23:29:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d606a852225e776fce0de043e1fc2f31
c50703bd58a1728e8ed464fb113edbd7f2b6bfa2
229bb91c4edb3ca7c6a2bc57a6c7cbae98ba67c63035a7efeb882a5cfc687c26
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "229BB91C4EDB3CA7C6A2BC57A6C7CBAE98BA67C63035A7EFEB882A5CFC687C26"
Last-Modified: Tue, 15 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16439
Expires: Wed, 16 Nov 2022 04:03:27 GMT
Date: Tue, 15 Nov 2022 23:29:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0122fc66ced396fb90fa71c06646a77a
f3c38174ec9d8e3f593c8821a4c3e78d6641423a
4f71ee5cf1a4f80f1f1a445a35644112116a1f2b1ab1856b5c743c134e006cc8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F71EE5CF1A4F80F1F1A445A35644112116A1F2B1AB1856B5C743C134E006CC8"
Last-Modified: Tue, 15 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12578
Expires: Wed, 16 Nov 2022 02:59:07 GMT
Date: Tue, 15 Nov 2022 23:29:29 GMT
Connection: keep-alive
click2.club/?pu=gmztimrsgu5ha3ddf4ztgobw
200 OK 4.6 kB URL HTTP/2 click2.club/?pu=gmztimrsgu5ha3ddf4ztgobw
IP
ASN #14061 DIGITALOCEAN-ASN
Hash 26e10da01041b648a2862daeff93f610
02720794dfbcc21494fa286a66d40b237a1455ca
eb38da8b83f05f3bfa9e353dc004cb71dfcb1061daf6ec6fb7fd76dc4d9625f1
Analyzer Verdict Alert fortinet Malware
GET /?pu=gmztimrsgu5ha3ddf4ztgobw HTTP/1.1
Host: click2.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 23:29:29 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=df91cbcb-acc4-46a1-b568-22cab8708ad7; expires=Thu, 15-Dec-2022 23:29:29 GMT; Max-Age=2592000; path=/; SameSite=None; domain=click2.club; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
js.wpadmngr.com/npc/sdk/wp-banners.js
200 OK 0 B URL HTTP/2 js.wpadmngr.com/npc/sdk/wp-banners.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npc/sdk/wp-banners.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 20 Aug 2021 15:14:31 GMT
etag: "611fc6d7-0"
expires: Tue, 15 Nov 2022 23:34:29 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2664d438bd28083756dbcdab36b3037
4a3ad4287e1f07a7e3aa9944aa76b360315c7946
c4fe64c23cb354bc2d012f5cd7edb7708b234b972f508d0510f264b684b41ebb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4FE64C23CB354BC2D012F5CD7EDB7708B234B972F508D0510F264B684B41EBB"
Last-Modified: Mon, 14 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5321
Expires: Wed, 16 Nov 2022 00:58:10 GMT
Date: Tue, 15 Nov 2022 23:29:29 GMT
Connection: keep-alive
js.wpadmngr.com/static/adManager.m.js
200 OK 45 kB URL HTTP/2 js.wpadmngr.com/static/adManager.m.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash 41266bca57df6d1634ff538a25c49969
9c174ddb4c7163bb6a01f15ab8c28a437b37f641
d508c98cdcc1bdb444442483b0cca4e59483d664ef7ed84e7d4b5de93cabbd7a
GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:29 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 15 Nov 2022 13:38:16 GMT
etag: W/"63739648-17810"
content-encoding: gzip
expires: Tue, 15 Nov 2022 23:34:29 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 1.4 kB IP
ASN #20940 Akamai International B.V.
Hash 976f1e07b2050dcb7b1b5e0f45668c40
67999e745699a05bc7088ff572540ff8af874fcb
c397ad2af6cd58a295c07f4f9c85d8dc82976235b4eb79f6e1962dc2e568f6f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06835156204C31C9D176F4EB1E2CC232130B99A391130C27A71378CF95CAB616"
Last-Modified: Mon, 14 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9209
Expires: Wed, 16 Nov 2022 02:02:58 GMT
Date: Tue, 15 Nov 2022 23:29:29 GMT
Connection: keep-alive
allthebestsofts.com/rubik-times/wp-content/uploads/2018/06/1.jpg
200 OK 54 kB URL HTTP/2 allthebestsofts.com/rubik-times/wp-content/uploads/2018/06/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1536x1024, components 3\012- data
Hash 20f8c88cbd521da9fe957521533f23fb
ea6baae9acb66c86cb3a8acdcdf9dd845b65e614
7733e901ce4639c446a06c89071cca31e57b494ca45e1b25ef1c523caf6e4083
GET /rubik-times/wp-content/uploads/2018/06/1.jpg HTTP/1.1
Host: allthebestsofts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 22 Nov 2022 23:29:29 GMT
content-type: image/jpeg
last-modified: Mon, 14 Jan 2019 04:29:04 GMT
accept-ranges: bytes
content-length: 53756
date: Tue, 15 Nov 2022 23:29:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
adsrealpublic.ru/k35j.json
200 OK 64 B URL HTTP/2 adsrealpublic.ru/k35j.json
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 0d04ba4d2dcee1d26682f35d1c930f83
30839477bf52bf06c6e8d712ec3d6af2fe9be612
a1b118fe3ddcdd9356ab25b4c2b0a1d2154adb0527f34f9c156821734acbb5c9
POST /k35j.json HTTP/1.1
Host: adsrealpublic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 355
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 23:29:29 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=1426
204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=1426
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=1426 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://pobedidijabetes.org/
Origin: https://pobedidijabetes.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Tue, 15 Nov 2022 23:29:30 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://pobedidijabetes.org
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
jsc.mgid.com/f/a/farmforage.com.1115805.js
200 OK 1.8 kB URL HTTP/2 jsc.mgid.com/f/a/farmforage.com.1115805.js
IP
File type ASCII text, with very long lines (2372), with no line terminators
Hash aeae8faa5cf6c9d1be1d7a0e638041dd
4b6ded3e49058db1b17c18226a4fe9ff83626c53
aa60927872d71857082b5393349e8c5999b896a11503fa2e673b63098e5f6628
GET /f/a/farmforage.com.1115805.js HTTP/1.1
Host: jsc.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:29 GMT
content-type: text/javascript
cf-bgj: minify
cf-polished: origSize=2373
etag: W/"12ace4c934566761c8ce623d36b3988e"
last-modified: Thu, 03 Nov 2022 14:19:16 GMT
x-amz-id-2: JiX8gFO6XT1PqGpxoL7cI02BKqe2GL5B59//tMNJx37ek1M0sw+vB+HNYvHDHd4ea2kt+j0Mhn4=
x-amz-request-id: 9GV5B5VXWPMG764Z
x-amz-version-id: PbtDIUzqzivmq3AOQX8AJsCAf4xwg4M6
cf-cache-status: HIT
age: 3339
expires: Wed, 16 Nov 2022 02:29:29 GMT
cache-control: public, max-age=10800
set-cookie: __cf_bm=83Nqqb_JuOuke8H0eB2tpNj1bcGlVA8aorEyTZpPkCE-1668554969-0-Ae1Zndk3VJ4IncZdHgNh+zDwNNQvmqYgai74vReJgREg/OxlmP754cHk9/w/aA8OvkGjAlVRT3xz0zaE95qEZGY=; path=/; expires=Tue, 15-Nov-22 23:59:29 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 76abc4f1085dfac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=1426
200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=1426
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=1426 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22285
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Tue, 15 Nov 2022 23:29:30 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://pobedidijabetes.org
Set-Cookie: id=12930331022947270895; Expires=Wed, 15 Nov 2023 23:29:30 GMT; Secure; SameSite=None
Vary: Origin
s-img.mgid.com/g/14137471/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMDE5MjQvYWE0YTkzOWEwZjFmNzRkN2MzY2ZiNmNjMjQ3MmViMDguanBlZw.webp?v=1668554970-gvYKMX7nkdM6Kb-Wb3Gqp3x59yjw6gvIaINm_gHhwm0
200 OK 84 kB URL HTTP/2 s-img.mgid.com/g/14137471/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMDE5MjQvYWE0YTkzOWEwZjFmNzRkN2MzY2ZiNmNjMjQ3MmViMDguanBlZw.webp?v=1668554970-gvYKMX7nkdM6Kb-Wb3Gqp3x59yjw6gvIaINm_gHhwm0
IP
Hash 6b1df23d8af4ec69dbd9814db035bf8b
18017a10f1805f57e360861e450fcd035d3af02d
8d6660b7f6f45cf83e375ede0e0f41e8c0cb3ec086607b754ab514f681986d72
GET /g/14137471/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wOC8xMDE5MjQvYWE0YTkzOWEwZjFmNzRkN2MzY2ZiNmNjMjQ3MmViMDguanBlZw.webp?v=1668554970-gvYKMX7nkdM6Kb-Wb3Gqp3x59yjw6gvIaINm_gHhwm0 HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:30 GMT
content-type: image/webp
content-length: 5784
x-mg-request-uuid: 4caadb9f-853b-41b6-bfe4-609458855b77
access-control-allow-origin: *
last-modified: Thu, 22 Sep 2022 09:56:39 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 1819166
accept-ranges: bytes
set-cookie: __cf_bm=cOeT5ddGoO1pL_x0has6jz_PC8cjSxkCK8M3QmRQY7o-1668554970-0-Ae4qKtFf5/SzyBbGUV/TO211It2Oh5T5QfwuZYKD0V6Ro4hOY+p/qkDwwFwiosMwp6s1BQrynuRxQxElpguI5pE=; path=/; expires=Tue, 15-Nov-22 23:59:30 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 76abc4f3eee60b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s-img.mgid.com/g/3805533/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTQvMTAxOTI0L2U5M2JkMjcyOGU0ODlhOGJjMTlmNDJhOTYzYzRkMDAwLmpwZw.webp?v=1668554970-ncGQp7-8fgQX-BP7egLAKDP7OUgly-HM_Us5mfJ-8qA
200 OK 6.6 kB URL HTTP/2 s-img.mgid.com/g/3805533/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTQvMTAxOTI0L2U5M2JkMjcyOGU0ODlhOGJjMTlmNDJhOTYzYzRkMDAwLmpwZw.webp?v=1668554970-ncGQp7-8fgQX-BP7egLAKDP7OUgly-HM_Us5mfJ-8qA
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 492x277, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a6784a455129f32a2aa39cfb48afdba7
e628d49e3482c4a5a50f88a222ffb53fd9b155cf
0de1c58ad4b0b6e1a678e169ebf6acb541952853ddefe88fb7cb19b951c413a6
GET /g/3805533/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTQvMTAxOTI0L2U5M2JkMjcyOGU0ODlhOGJjMTlmNDJhOTYzYzRkMDAwLmpwZw.webp?v=1668554970-ncGQp7-8fgQX-BP7egLAKDP7OUgly-HM_Us5mfJ-8qA HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:30 GMT
content-type: image/webp
content-length: 6638
x-mg-request-uuid: 7ab939f1-9710-4c64-afa4-f9cb5daa996f
access-control-allow-origin: *
last-modified: Wed, 10 Aug 2022 14:06:00 GMT
cache-control: immutable, max-age=31536000
cf-cache-status: HIT
age: 1819191
accept-ranges: bytes
set-cookie: __cf_bm=seGwRQ6uWQRECFMEo_1Y1RUY6WGqUfA4KzRWDbE25.I-1668554970-0-Abh/qt5NgOeyXeTAWnM18i6XCuMudUYs6yiU+HRfOePsMpP1DBjiDs1SLz40RicA/UdFmCmJ6C1X57eRL0J6vz0=; path=/; expires=Tue, 15-Nov-22 23:59:30 GMT; domain=.mgid.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 76abc4f3eeed0b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 3a4d2b7f30892cc54990951fb00c68c4
e5e1a31ce552725cebb2f66117bf41fdb6ac7efa
bebcf4e804548106cbc7f4a47d719c62b2f00b7dbf31a16db01946a1746104a6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BEBCF4E804548106CBC7F4A47D719C62B2F00B7DBF31A16DB01946A1746104A6"
Last-Modified: Mon, 14 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4049
Expires: Wed, 16 Nov 2022 00:36:59 GMT
Date: Tue, 15 Nov 2022 23:29:30 GMT
Connection: keep-alive
eu-1-id5-sync.com/api/1.0/id5-api.js
200 OK 126 kB URL HTTP/2 eu-1-id5-sync.com/api/1.0/id5-api.js
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (30388)
Size 126 kB (125628 bytes)
Hash a537a51a4af2b1a16588bf918093ae30
f504d84913216f029452827a0516fad573a40597
5ee3f3230403d3c6954185247015439b602d502637d27af06c7308797c75a4d8
GET /api/1.0/id5-api.js HTTP/1.1
Host: eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:30 GMT
content-type: text/javascript;charset=utf-8
cf-ray: 76abc4f46f97b4ff-OSL
age: 1704
cache-control: public, max-age=14400
etag: W/"f56ac574619f997d4b0c211e79bcc3af"
last-modified: Thu, 10 Nov 2022 09:46:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-id-2: yCINyPDiN/cMKG98GAoUObdTBACufzvhdk5mx+dxyaAA4Oyzv6yvKd+CKXlAuHt/yDFQ3IFENsc=
x-amz-request-id: SQ7DCPB2PTG4Z03F
x-amz-server-side-encryption: AES256
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d3JNDryA0UxSGxOo1Co5audbjcw%2FY7wXrSBVjREIxNAqOfelWumN2VgH%2BHtNA2qhb%2FvOFBx5DTe%2B%2FuS8V9e7tOxdlL%2FbsC3yZ1RoIwmfZyZZ6nVY%2F%2BRR5pSFxUk%2FW%2ByubYyr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 7da5b048d15591ffe697e5b61b005ce8
e389b00ff1a867eabbbef0762bd70557f93630ef
953b4bcb61145969ce0beaac5279916da048c028b69eef5524d78ff6dafbc68f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4694
Cache-Control: max-age=154886
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:30 GMT
Etag: "6373c88a-117"
Expires: Thu, 17 Nov 2022 18:30:56 GMT
Last-Modified: Tue, 15 Nov 2022 17:12:42 GMT
Server: ECS (amb/6B7C)
X-Cache: HIT
Content-Length: 279
cm.idealmedia.io/setmuidn/?muidf=mafu1A2diRtf
200 OK 0 B URL HTTP/2 cm.idealmedia.io/setmuidn/?muidf=mafu1A2diRtf
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setmuidn/?muidf=mafu1A2diRtf HTTP/1.1
Host: cm.idealmedia.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:30 GMT
content-type: image/gif
content-length: 0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76abc4f58df2b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 7da5b048d15591ffe697e5b61b005ce8
e389b00ff1a867eabbbef0762bd70557f93630ef
953b4bcb61145969ce0beaac5279916da048c028b69eef5524d78ff6dafbc68f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4694
Cache-Control: max-age=154886
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:30 GMT
Etag: "6373c88a-117"
Expires: Thu, 17 Nov 2022 18:30:56 GMT
Last-Modified: Tue, 15 Nov 2022 17:12:42 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
ocsp.sectigo.com/
200 OK 472 B IP
Hash 9d64273df7eb44481fba8f6ba3daf47f
c25e6a7069910cf934fc218a54d2ad00eee28fc9
2d56484e8ce492693c80bab4dd76d6388168582da63c3bf332052ee0b827b0bd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 23:29:30 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 11:05:06 GMT
Expires: Tue, 22 Nov 2022 11:05:05 GMT
Etag: "c25e6a7069910cf934fc218a54d2ad00eee28fc9"
Cache-Control: max-age=559534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76abc4f55f15b503-OSL
zerossl.ocsp.sectigo.com/
200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash d9b94308963f6360fab6cd56fa84c02c
dea398dd534c2ba78c8ea4782538c509c70bd848
0817c446f9ec40d28e0cdc35c3fe327e542e17d9fd55a7288a5f761567e4ccbc
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 23:29:30 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 18:05:39 GMT
Expires: Tue, 22 Nov 2022 18:05:38 GMT
Etag: "dea398dd534c2ba78c8ea4782538c509c70bd848"
Cache-Control: max-age=584767,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76abc4f64ac4b51b-OSL
sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=mafu1A2diRtf
302 Found 1.7 kB URL HTTP/1.1 sync.e-volution.ai/34b9aae5baa016b251b9fc488f4a97cd.gif?puid=mafu1A2diRtf
IP
Hash c2b036cb6b379651ad9b842e32040096
2bf1dc9d994ba3e999718fe629adbff64473506b
461cd641f41a4bde11baf85297585bcf12730b88cca0c2ce99d32bb99c4de31a
GET /34b9aae5baa016b251b9fc488f4a97cd.gif?puid=mafu1A2diRtf HTTP/1.1
Host: sync.e-volution.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 15 Nov 2022 23:29:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: v_usr=f30ab027-f35c-48ad-a41a-aa65b1b29e90; path=/; domain=.e-volution.ai; expires=Tue, 29 Nov 2022 23:29:30 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
s.adtelligent.com/sync.html?aid=754484
200 OK 1.3 kB URL HTTP/1.1 s.adtelligent.com/sync.html?aid=754484
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3467), with no line terminators
Hash ca024d542fcef434fb79b9c798743641
4a289708f167931bcbe9e5680e2635067b464d74
6c491225909ce0fd1441d1bd92f52303a3639143e8c4f74678b2f2ee8048558b
GET /sync.html?aid=754484 HTTP/1.1
Host: s.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Tue, 15 Nov 2022 23:29:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1278
Access-Control-Allow-Origin: https://pobedidijabetes.org
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=65354
expires: Wed, 16 Nov 2022 17:38:45 GMT
date: Tue, 15 Nov 2022 23:29:31 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
s.adtelligent.com/sync.html?aid=651796
200 OK 1.9 kB URL HTTP/1.1 s.adtelligent.com/sync.html?aid=651796
IP
Hash b93192e05d4444f6b3cc74aebed2c29f
b1aa2e89552992f2a80dacc744e6d2076cf1fff8
144cb4a09b7a6c7b65611f1f1817b675dac6d51cc9b78fff055ab9c8cd9b49a5
GET /sync.html?aid=651796 HTTP/1.1
Host: s.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/sync.html?aid=754484
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Adtelligent
Date: Tue, 15 Nov 2022 23:29:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 831
Access-Control-Allow-Origin: https://s.adtelligent.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
200 OK 5.5 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (15844), with no line terminators
Hash 7725e8e949141c8ded449d86975d4c04
8cd8c314a2002cc26f821d331ab9512f52a551a2
a0c49aacf6f552bce544eb8516404f696918253cd934a6404ebeafd71f8780ae
GET /AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5549
content-type: text/html; charset=UTF-8
cache-control: max-age=65354
expires: Wed, 16 Nov 2022 17:38:45 GMT
date: Tue, 15 Nov 2022 23:29:31 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b0a140a78b41bee676a264861191cd34
c26918585702868e96edd04d42c1538626d4e23f
00b426c3b55527c9a93e06a616fbbf13be81f4e95d2aee7a0e7cd2c6c2c0b63e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00B426C3B55527C9A93E06A616FBBF13BE81F4E95D2AEE7A0E7CD2C6C2C0B63E"
Last-Modified: Mon, 14 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11343
Expires: Wed, 16 Nov 2022 02:38:34 GMT
Date: Tue, 15 Nov 2022 23:29:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0bbe27ac5e622c7cf2a93d42c200cef6
69c3f6d5fcfe64de0e912e250d5e46715e8c837e
dc8e711b668157637ddb67bb7fa42e426e96331248f5c89209843709c6751f0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC8E711B668157637DDB67BB7FA42E426E96331248F5C89209843709C6751F0D"
Last-Modified: Mon, 14 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10125
Expires: Wed, 16 Nov 2022 02:18:16 GMT
Date: Tue, 15 Nov 2022 23:29:31 GMT
Connection: keep-alive
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=17184-d HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=17184-d
date: Tue, 15 Nov 2022 23:29:31 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
lbs.eu-1-id5-sync.com/lbs/v1
200 OK 553 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP
Hash e884a18c34334c06f086de41bad3f867
2e6353db3ac7ee228e9dd500a40db0a33865d583
ca557763f174c21908e57b5e01ba788a5caf76d0826b035b4963ae62b947af9e
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
access-control-allow-origin: https://pobedidijabetes.org
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d9bd2ab1659c07f8cf76850cb4ac9344
971e3db2dbe5219716fcbe7004e3ffa9846b3b4d
5c0d45f3fdb8cad2b77013ba901f8bf22986a7ae86a39952e0b4f0555d903c9e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C0D45F3FDB8CAD2B77013BA901F8BF22986A7AE86A39952E0B4F0555D903C9E"
Last-Modified: Tue, 15 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3872
Expires: Wed, 16 Nov 2022 00:34:03 GMT
Date: Tue, 15 Nov 2022 23:29:31 GMT
Connection: keep-alive
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 567966c749b3241bf865bf471cab5979
40de4169576c3087bc9fbc0f49d9716665928304
82fa212a9bd9355e7b74991ac98cafab1ea387eac439c6d4259b60b48225adf3
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
200 OK 313 B IP
Hash 674faf3c54d8751117ad0d96d94e1837
05790efe06ebb7f51aac5ade0a113939f17de5d5
7bcd960df23f969b5c84371956b40a3a85defe6e6ba989bacca34341d74d7f3b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4252
Cache-Control: max-age=93994
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:31 GMT
Etag: "6372dc69-139"
Expires: Thu, 17 Nov 2022 01:36:05 GMT
Last-Modified: Tue, 15 Nov 2022 00:25:13 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 313
ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
200 OK 13 B URL HTTP/2 ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
IP
ASN #49981 WorldStream B.V.
File type HTML document, ASCII text, with no line terminators
Hash c83301425b2ad1d496473a5ff3d9ecca
941efb7368e46b27b937d34b07fc4d41da01b002
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
GET /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP/1.1
Host: ads.us.e-planning.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: text/html
content-length: 13
x-sid: AMS-928
X-Firefox-Spdy: h2
lbs.eu-1-id5-sync.com/lbs/v1
200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 51795286bf51e3d1591beb3cee41351d
262f725c6aa33737e1affc52defc220f64513219
3872e881b8d2d4bb5d84faf4b53ea7f1bd097e3ae589fbd6c30d74a8e5925ddf
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
access-control-allow-origin: https://pobedidijabetes.org
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3f2ca3e8901576a9b2b05090e5a0c2a9
b3598388b1330e1b438593c30041c98eb9ab0580
fc5f6ee664541af2f0d1795396d84f7f059bc1090a2625a1fe692ab00c9439e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC5F6EE664541AF2F0D1795396D84F7F059BC1090A2625A1FE692AB00C9439E4"
Last-Modified: Tue, 15 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20907
Expires: Wed, 16 Nov 2022 05:17:58 GMT
Date: Tue, 15 Nov 2022 23:29:31 GMT
Connection: keep-alive
lbs.eu-1-id5-sync.com/lbs/v1
200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash bf95f1d4098d8289660658c08e334538
3c484addb6a31ff9d45f7d47987397ef81606a79
6c554e357264320a2002cedd5c074160b44aa8649e8eeeb9488f871f6c26e028
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
access-control-allow-origin: https://pobedidijabetes.org
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0bbe27ac5e622c7cf2a93d42c200cef6
69c3f6d5fcfe64de0e912e250d5e46715e8c837e
dc8e711b668157637ddb67bb7fa42e426e96331248f5c89209843709c6751f0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC8E711B668157637DDB67BB7FA42E426E96331248F5C89209843709C6751F0D"
Last-Modified: Mon, 14 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10125
Expires: Wed, 16 Nov 2022 02:18:16 GMT
Date: Tue, 15 Nov 2022 23:29:31 GMT
Connection: keep-alive
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash f8cb42b3337c8cabe0bf5c6393d1f24b
c8a9c6c3a07ff0980497101bf3d40b28fdf3c043
73d00b223ad355a251ac1e39e8e5521921d8fb4ba3dcea1c47c8048ead51aad5
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
onetag-sys.com/usync/?pubId=59a18369e249bfb
204 No Content 2.0 kB URL HTTP/2 onetag-sys.com/usync/?pubId=59a18369e249bfb
IP
Hash aa031d4b6de807811b82c2365a8a99df
f4770438632926972f7783a2da1208f7465afe83
de181fa52424ed34481822d8bfc00ef8765c4d3ebcf5282299234ccd82376def
GET /usync/?pubId=59a18369e249bfb HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
lbs.eu-1-id5-sync.com/lbs/v1
200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 4ffe0d171ef86d764719dbb20e7fc6ef
a32670a2aaf1b8e13ab820ae3b1ba11d0ce46872
b52b6ab70f452942f7e6e06a88c30aa0aeb025639875fe6829f9a9fed426078e
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
access-control-allow-origin: https://pobedidijabetes.org
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
lbs.eu-1-id5-sync.com/lbs/v1
200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash ce28aae0e887772ef3f943f9f8ea8dcb
ba084872333151796c7a8dc447dbcfb17934e7ea
649e95fa41e39d20ad626e51dd3b17635ed1fe4b00f0ea0b359183168e5ba33b
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
access-control-allow-origin: https://pobedidijabetes.org
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash ac5041263411536ac2d840644ed7a439
3a1cccf8a025abf4fcbba94a29896cea4f621baa
346bf12dc9f8783afccadfebb34b58a674d96b37fbdf7b6c2cf6000ce90a4862
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash eaaea94d236de48a9162e0bc67c2ec45
557b9e3d7664727998c9d73938819db8d15d1589
41bfab5c2e4de85e7a1e515ea5981ecfb89ecf7f838b1369b34e87fbe3b314ef
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
lbs.eu-1-id5-sync.com/lbs/v1
200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 64f496f86bb89d1ebe4c0e9b3a27f0da
1e6c711c13b91e0bfd1ec3078ddd8280de7bb3b2
b524817a4c73bf451bdf7a1ee341137b1e4be9cd8864ef0e6095a1aae9c4c0a5
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
access-control-allow-origin: https://pobedidijabetes.org
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 17aca2c83d19e2377e8f6a1c44b1f515
7e22d8ddda2cdf8466304783ffcabf0ca13995d1
b392203c9fb12efc06734ec081cef9e29c81f63a2b47ec5aab2893344a2def63
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
lbs.eu-1-id5-sync.com/lbs/v1
200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 854682b9388000178a5439d86c8379f4
37a6afa1cc971d828374f6058509d05fb710034d
2f17085fd70c04ac478c92f495b2045f02a9697b32e767420353e7ca9e80ef41
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
access-control-allow-origin: https://pobedidijabetes.org
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 4e42f371a06f1e22d4be6863ff537d84
8963a7d179efb878e94cfecb711a8eaf7cdf0ff1
624c4c483e7b5e3687518201f49aff2872c5153bfdd79ab75aab1cf4726b6993
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
eus.rubiconproject.com/usync.html?p=17184-d
200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=17184-d
IP
ASN #1299 Telia Company AB
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=17184-d HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 15 Nov 2022 23:29:31 GMT
Connection: keep-alive
Vary: Accept-Encoding
ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
302 Found 596 B URL HTTP/2 ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
IP
ASN #49981 WorldStream B.V.
Hash f8d18a6d6e841ab7a67945d7267ce869
328380670e491d1f0dabfaa6d8642110b89fb42b
1185efbac67e0476f633fa59a62424e4f6af093da065ee9143ed92012926ed4a
GET /uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP/1.1
Host: ads.us.e-planning.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: CT=1; path=/; SameSite=None; Secure
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
x-sid: AMS-928
X-Firefox-Spdy: h2
lbs.eu-1-id5-sync.com/lbs/v1
200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 688907789bb484ae9190f3ff861a38f4
a9bd08d0dd8b979bc1df69a730d7b36d2e24039b
92f2b22002e0e07605d6a9f000fb696f164896dcee00bbe070d03ad40946778f
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
access-control-allow-origin: https://pobedidijabetes.org
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash c8dabec6ff832f9969694e45272e4fc8
3ba9d9708178d126f3128da9ecf9c8e824cbdedb
2359860aaa29a9a6a77abfaa0d0f9abcf2f3536ce0e5e576402fcc5b79ae8eb5
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
csync.loopme.me/?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D
204 No Content 0 B URL HTTP/2 csync.loopme.me/?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pubid=11378&gdpr=$0&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bviewer_token%7D HTTP/1.1
Host: csync.loopme.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 15 Nov 2022 23:29:31 GMT
server: _
X-Firefox-Spdy: h2
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash a837a9c9643a0bc177b637fa6423f826
9ec3aab644e392de012d1c41393e29de91d7865d
867454a196dff1f14fe6a0a99f7a06607ff97e41721e0be0b86f92518f47d62a
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
200 OK 18 kB URL HTTP/2 vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
IP
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (50563)
Hash b3a1eaf22b7a134cb5d2ca5f99f6a30b
86328a78bbce41f92c402929c20be99e0297b24e
3c02a2f798b11f1b77fd2bb9bff0cbc1c9b8cfaf76ee338b704a1429cbd5e1d2
GET /sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D HTTP/1.1
Host: vid.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: text/html
last-modified: Mon, 27 Dec 2021 10:13:47 GMT
etag: W/"61c991db-c5bc"
access-control-allow-origin: *
x-accel-expires: @1668693976
server: CDN77-Turbo
x-77-nzt: AblMCQ2Tfur/A7MNAA
x-77-nzt-ray: c0a4cc281e368cfcdb207463f1b1dc08
x-cache: HIT
x-age: 897795
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
lbs.eu-1-id5-sync.com/lbs/v1
200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 9877979e317bc07b1840fbe92f0e670d
f6928d0eed4259da1a6b44bcc9f52f33579922a7
1e23843e001defffae80a6800afadfa1c81a156bba74f8f307eaee9a58a16703
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
access-control-allow-origin: https://pobedidijabetes.org
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash b1e9b2cc66fa197bc00701d05d3b613f
19a1dea08c86e12ced2dd3d1d7c7d05722795470
4b7f6a8bc19f517615a131106bf035a7d006820435e0eb19192b022079595e92
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
302 Found 166 B URL HTTP/2 a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D
IP
Hash a91e6e445ba9fd887f7be2d49faea03a
d4682a9f0b30f40401dd8dcd13b5a1bc77371bda
173cf481a8c5f2acbfdb31fa08f6b90d9106ce090b0f4f43d742b1ed8ec0c7aa
GET /ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D HTTP/1.1
Host: a4p.adpartner.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: text/html; charset=utf-8
content-length: 166
location: https://sync.adtelligent.com/csync?t=a&ep=307558&extuid=8a4fea32-549c-4d62-88a1-b01a90c45018
set-cookie: apuid=8a4fea32-549c-4d62-88a1-b01a90c45018; Path=/; Expires=Sat, 14 Jan 2023 23:29:31 GMT; Secure; SameSite=None
cache-control: no-store no-transform
X-Firefox-Spdy: h2
lb.eu-1-id5-sync.com/lb/v1
200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash f4bca449d7663b99bb1a2ac52782462e
2d3dcfb5e5f79100575471c3769df6feca2c5c62
0beeea9fb58bb6f0a8ac59b34e14ffc4eea3bbd2920a4d02e032f9886cc697cf
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
200 OK 471 B IP
Hash 554f6202f452ba057385f17efb0026d3
b52d2dab8868c96eac99dd41d35709b86816775b
ae1ce3cba6093d0aa313bb78291e7636ed9aa3feecbbaa2afe211293c9e4e997
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3689
Cache-Control: max-age=126525
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:31 GMT
Etag: "63735daf-1d7"
Expires: Thu, 17 Nov 2022 10:38:16 GMT
Last-Modified: Tue, 15 Nov 2022 09:36:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
eus.rubiconproject.com/usync.js
200 OK 10 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP
ASN #1299 Telia Company AB
File type ASCII text, with very long lines (18728)
Hash 5e3bfa483dc5a4f52139c2d4f40b5d26
72f02372d19bd1f69e9584c5b3323060f9e1f066
c2c82aae60cfa96f2cb9e8b6d4f37855752e4c5ff743c1d6053572ad6727e703
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=17184-d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Tue, 15 Nov 2022 13:20:10 GMT
Content-Encoding: gzip
Content-Length: 10066
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=49844
Expires: Wed, 16 Nov 2022 13:20:15 GMT
Date: Tue, 15 Nov 2022 23:29:31 GMT
Connection: keep-alive
Vary: Accept-Encoding
zerossl.ocsp.sectigo.com/
200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 5337f78f302cd51aef4a5ee6cec0eeaa
eb162d3d838162fc9b28e679974168a33bcef710
5266756d8562812fe82790ad3f2969118b48eeac8bc0be3f3a36d0fc29998aab
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 18:36:26 GMT
Expires: Sat, 19 Nov 2022 18:36:25 GMT
Etag: "eb162d3d838162fc9b28e679974168a33bcef710"
Cache-Control: max-age=327413,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76abc4fb2f22b51b-OSL
onetag-sys.com/usync/?pubId=75a1922f904cc20
204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=75a1922f904cc20
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=75a1922f904cc20 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP
File type ASCII text, with no line terminators
Hash 932b3f5d2b1cff903b8d21c96218ac05
c10ba8ebcf77d7c8cc17aadc33ad152bf7934c19
949f9101c21c229241cb9122bfb7dea9382ab2dbb8ba3bad4bdda967317912a3
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Mon, 13 Feb 2023 14:47:02 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Tue, 15 Nov 2022 23:29:30 GMT
content-length: 60
X-Firefox-Spdy: h2
sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
302 Found 0 B URL HTTP/1.1 sync.adtelligent.com/csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?redir=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D617666%26c%3D%7Buid%7D HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
Server: Adtelligent
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Length: 0
Etag: 1db654229d7eb638
Location: https://cm.mgid.com/m?cdsp=617666&c=1db654229d7eb638
Set-Cookie: vmuid=1db654229d7eb638; expires=Mon, 16 Jan 2023 23:29:31 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
status.geotrust.com/
200 OK 471 B IP
Hash 04c5a80143c95ac04c09c889a01b0a50
41f95a64edf0cb8a28daa5d269caa21e7109cd4b
e9b7225b0d35ad69d9eb5435fad320e32afae628dfaabd33c6b1a73a49fd7a29
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1706
Cache-Control: max-age=143625
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:31 GMT
Etag: "6373a83a-1d7"
Expires: Thu, 17 Nov 2022 15:23:16 GMT
Last-Modified: Tue, 15 Nov 2022 14:54:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a3764c12539f762ba5a4dc8cba9637af
d06cb9bc3b07f9506b1ed41dcb7598d621f4cab5
d64302c1b5eda28f73ab9a6e011a1d730efcab405e1f207d681d2eb5f4c3e1e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D64302C1B5EDA28F73AB9A6E011A1D730EFCAB405E1F207D681D2EB5F4C3E1E8"
Last-Modified: Mon, 14 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3236
Expires: Wed, 16 Nov 2022 00:23:27 GMT
Date: Tue, 15 Nov 2022 23:29:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ed24f6acc3b0f743f682214506df920a
07510299241dfa7ccdd005d9df04c8b2e613b830
9fae95b38503116233396e9cfbcb5e1429dbf1aefab432ba6a09ede52e33d061
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FAE95B38503116233396E9CFBCB5E1429DBF1AEFAB432BA6A09EDE52E33D061"
Last-Modified: Tue, 15 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13154
Expires: Wed, 16 Nov 2022 03:08:45 GMT
Date: Tue, 15 Nov 2022 23:29:31 GMT
Connection: keep-alive
rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
302 Found 0 B URL HTTP/2 rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP/1.1
Host: rtb.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
access-control-allow-credentials: true
access-control-allow-origin: null
access-control-expose-headers:
cache-control: private, max-age=0, no-cache, must-revalidate
content-length: 0
date: Tue, 15 Nov 2022 23:29:31 GMT
location: https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
p3p: CP="CUR ADM OUR NOR STA NID"
pragma: no-cache
server: Cowboy
set-cookie: i=ab63bfcb-2382-4197-b105-bd0c77ed16e5|1668554971; path=/; domain=.openx.net; expires=Wed, 15 Nov 2023 23:29:31 GMT; max-age=31536000
vary: Origin
x-request-id: 02fn8h9o5u9eka2l59e6sandntgo1c61
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3630cf553cb03871377ad839a4c050f4
02f5f8c1061683f552f58674e13e21d8530b2b71
26cd953578d70c7da063ec5b49a48328c4e8d6e40dc8038a4e7934df36ccc9b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "26CD953578D70C7DA063EC5B49A48328C4E8D6E40DC8038A4E7934DF36CCC9B1"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4129
Expires: Wed, 16 Nov 2022 00:38:20 GMT
Date: Tue, 15 Nov 2022 23:29:31 GMT
Connection: keep-alive
ffafb23ea4.bf34686748.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDMxMDgzMTc1NjAzNjc5MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjIiLCJ0YWdfaWQiOjE0MjYsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS45NCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiUG9yYXppdGUlMkNkaWphYmV0ZXMlMkNHbGF2bmklMkNQb3Jheml0ZSUyQ2RpamFiZXRlcyUyQ1BvcmF6aXRlJTJDZGlqYWJldGVzISUyMCJ9
200 OK 0 B URL HTTP/2 ffafb23ea4.bf34686748.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDMxMDgzMTc1NjAzNjc5MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjIiLCJ0YWdfaWQiOjE0MjYsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS45NCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiUG9yYXppdGUlMkNkaWphYmV0ZXMlMkNHbGF2bmklMkNQb3Jheml0ZSUyQ2RpamFiZXRlcyUyQ1BvcmF6aXRlJTJDZGlqYWJldGVzISUyMCJ9
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDMxMDgzMTc1NjAzNjc5MDAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjE3LjIiLCJ0YWdfaWQiOjE0MjYsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MS45NCwiaXNfdjIiOjEsImlzX3YyX2VtcHR5IjpudWxsLCJ1c2VyX2tleXdvcmRzIjoiUG9yYXppdGUlMkNkaWphYmV0ZXMlMkNHbGF2bmklMkNQb3Jheml0ZSUyQ2RpamFiZXRlcyUyQ1BvcmF6aXRlJTJDZGlqYWJldGVzISUyMCJ9 HTTP/1.1
Host: ffafb23ea4.bf34686748.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 884aaa2023967644a3991957b32a144a
45e4fc1734da80ce2897896852313730e4f75964
2c3c1bec39dbeb3e9ac92ed750f28ed5de134b1756b3efcab866608657ef866c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C3C1BEC39DBEB3E9AC92ED750F28ED5DE134B1756B3EFCAB866608657EF866C"
Last-Modified: Mon, 14 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3927
Expires: Wed, 16 Nov 2022 00:34:58 GMT
Date: Tue, 15 Nov 2022 23:29:31 GMT
Connection: keep-alive
id5-sync.com/g/v2/231.json
200 1.3 kB URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP
File type JSON data\012- , ASCII text, with very long lines (1315), with no line terminators
Hash 85bd5150c281ea7098a0762f5ced30dc
a0edf783e23b6ef1e9f9eae58262d76aa1747c78
6b9de427f70743e70f330a5313061570c11ab521fbf2c27d0f4b70a7c35d968f
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 751
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
set-cookie: id5=25fc4df9-af33-38ac-b5a4-930577723bff#1668554971594#1; Max-Age=7776000; Expires=Mon, 13-Feb-2023 23:29:31 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.sectigo.com/
200 OK 471 B IP
Hash c8a1402870ef40efde7e29671beff018
c8e2e2507eb6a07ff652d0b8336b645ddff50086
18abeb0fd880dff2c9400fefce8dd17618641ffc625e74904cfce8dda2dda9f8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 11:33:41 GMT
Expires: Sun, 20 Nov 2022 11:33:40 GMT
Etag: "c8e2e2507eb6a07ff652d0b8336b645ddff50086"
Cache-Control: max-age=388448,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76abc4fb6c26b503-OSL
zerossl.ocsp.sectigo.com/
200 OK 316 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 5337f78f302cd51aef4a5ee6cec0eeaa
eb162d3d838162fc9b28e679974168a33bcef710
5266756d8562812fe82790ad3f2969118b48eeac8bc0be3f3a36d0fc29998aab
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Type: application/ocsp-response
Content-Length: 316
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 18:36:26 GMT
Expires: Sat, 19 Nov 2022 18:36:25 GMT
Etag: "eb162d3d838162fc9b28e679974168a33bcef710"
Cache-Control: max-age=327413,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76abc4fb7f7ab4fd-OSL
id5-sync.com/g/v2/231.json
200 1.3 kB URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP
File type JSON data\012- , ASCII text, with very long lines (1315), with no line terminators
Hash b421baac81f88b8ec1607e88f02df808
bd4b8c6d62076194428f980103b276a5bc2b02ac
2abc7c2c1e4960570337f25dafd009212ead603f8c1f0e1c3c621bd9d962a6c8
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 751
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
set-cookie: id5=25fc4df9-af33-38ac-b5a4-930577723bff#1668554971622#1; Max-Age=7776000; Expires=Mon, 13-Feb-2023 23:29:31 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
status.geotrust.com/
200 OK 471 B IP
Hash 04c5a80143c95ac04c09c889a01b0a50
41f95a64edf0cb8a28daa5d269caa21e7109cd4b
e9b7225b0d35ad69d9eb5435fad320e32afae628dfaabd33c6b1a73a49fd7a29
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 854
Cache-Control: max-age=142773
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:31 GMT
Etag: "6373a83a-1d7"
Expires: Thu, 17 Nov 2022 15:09:04 GMT
Last-Modified: Tue, 15 Nov 2022 14:54:50 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
sync.adtelligent.com/csync?t=a&ep=307558&extuid=8a4fea32-549c-4d62-88a1-b01a90c45018
200 OK 0 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=307558&extuid=8a4fea32-549c-4d62-88a1-b01a90c45018
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?t=a&ep=307558&extuid=8a4fea32-549c-4d62-88a1-b01a90c45018 HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Length: 0
Etag: 1db654229d7eb638
Set-Cookie: vmuid=1db654229d7eb638; expires=Mon, 16 Jan 2023 23:29:31 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
a307558=8a4fea32-549c-4d62-88a1-b01a90c45018; expires=Mon, 16 Jan 2023 23:29:31 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
id5-sync.com/g/v2/231.json
200 1.3 kB URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP
File type JSON data\012- , ASCII text, with very long lines (1315), with no line terminators
Hash f96d5c2ce7cd6c1156fd0d675d58d44f
8aadb7ae69fc55ce6693d61cb478aa8d61cb273b
865cc73c7c2b9eb864d1cc7ace0e5f741cce2784d244697332e5db141f14a9ce
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 751
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
set-cookie: id5=25fc4df9-af33-38ac-b5a4-930577723bff#1668554971646#1; Max-Age=7776000; Expires=Mon, 13-Feb-2023 23:29:31 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.sca1b.amazontrust.com/
200 OK 2.8 kB URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash c59068250a23ec2c6f75c7b38a5f5cdc
8f04cd56ded3d59b8f8b29cfe6d113f1b68cc68b
e792b26bcc1d81a133422ce2fd7cc45cfc1c6b3de5e516dd719b1af33cf2812d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=95164
Date: Tue, 15 Nov 2022 23:29:31 GMT
Etag: "6372df35-1d7"
Expires: Thu, 17 Nov 2022 01:55:35 GMT
Last-Modified: Tue, 15 Nov 2022 00:37:09 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: yDYfSUe1y6apcMVkcb1SqLfldNcsavgzG4iyP4pzSEXbXyYYH3Gp_g==
Age: 4706
zerossl.ocsp.sectigo.com/
200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 8f80bea1ff3a08375b36d0e5a9958a70
79645a417590afdf1f205880e88d09d532395cb4
2ede926d20e55b6677f85e881673ecd0b2ee6c1a01842a3e59b9533a9dba9083
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Sat, 12 Nov 2022 21:02:51 GMT
Expires: Sat, 19 Nov 2022 21:02:50 GMT
Etag: "79645a417590afdf1f205880e88d09d532395cb4"
Cache-Control: max-age=336198,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76abc4fbbf99b51b-OSL
id5-sync.com/g/v2/231.json
200 1.3 kB URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP
File type JSON data\012- , ASCII text, with very long lines (1315), with no line terminators
Hash e384c9aaab54d438fad723e40e12b160
9b099dda02b0dd8f132dc94cc29f00b5c9b9f54b
85ff8de82e962ac2cb733a5182480678cd8713dfe02824aef2546cefb2b68793
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 751
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
set-cookie: id5=25fc4df9-af33-38ac-b5a4-930577723bff#1668554971656#1; Max-Age=7776000; Expires=Mon, 13-Feb-2023 23:29:31 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
id5-sync.com/g/v2/231.json
200 1.3 kB URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP
File type JSON data\012- , ASCII text, with very long lines (1315), with no line terminators
Hash b1bec37e652c54387bf8d5552a8072d6
1bb0885e62878c5a50a7c1adf87d63c90d89d748
5307f8ec460dc74ab4def958a716a5efabbaf2d8e14e16d12df94a1db701f787
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 751
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
set-cookie: id5=25fc4df9-af33-38ac-b5a4-930577723bff#1668554971670#1; Max-Age=7776000; Expires=Mon, 13-Feb-2023 23:29:31 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
adsrealpublic.ru/k35j.json
200 OK 108 B URL HTTP/2 adsrealpublic.ru/k35j.json
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash c775f93e08c251458057bd7cbe940863
4ed1c9d399514dc425c151b750e0e7d84a955ab4
d4d867476fc545e8868e546650f296537eda63d306c732418a9e30b3b11df6e3
POST /k35j.json HTTP/1.1
Host: adsrealpublic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 343
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 23:29:29 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
id5-sync.com/g/v2/231.json
200 1.3 kB URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP
File type JSON data\012- , ASCII text, with very long lines (1315), with no line terminators
Hash e0efdde442c1e346087a0a3ee3772829
0d03f721808ec2c1197b6f0b760d7cd2e768f9c4
bb8140ec29606644046be463d829b9c991be304d74053da8ca87d925e0bda2e4
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 751
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
set-cookie: id5=25fc4df9-af33-38ac-b5a4-930577723bff#1668554971677#1; Max-Age=7776000; Expires=Mon, 13-Feb-2023 23:29:31 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 135f3e02d240208f0a4830f34ee65a70
701de742fadc9e68e02c40d07a0b5434f49e5a30
fbfb9d005ef71e8af7a86b0e1fbbbf1a76cde165e8e2ceaf90b98746108a9a91
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 15 Nov 2022 20:18:27 GMT
Expires: Wed, 16 Nov 2022 20:18:27 GMT
ETag: "701de742fadc9e68e02c40d07a0b5434f49e5a30"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
302 Found 0 B URL HTTP/2 ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=194f38d6-f94f-40ce-9a9f-b7b737117dd2; Expires=Mon, 13 Feb 2023 23:29:31 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1668554971; Expires=Mon, 13 Feb 2023 23:29:31 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
s.console.adtarget.com.tr/sync.html?aid=755289
200 OK 781 B URL HTTP/1.1 s.console.adtarget.com.tr/sync.html?aid=755289
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1696), with no line terminators
Hash a2c729fb95776d492bc9c79d48868caa
e8829d1ace2748e2349e36c9dfa279d56f498bdb
3889d72d553fca754a9c050a08f586dfe321fe013e7292f4f7d5d872f80f4690
GET /sync.html?aid=755289 HTTP/1.1
Host: s.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 781
Access-Control-Allow-Origin: https://s.adtelligent.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Encoding: gzip
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D19E1C866-C9F5-46FD-AEF2-7FE37EF201B8%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
200 OK 953 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D19E1C866-C9F5-46FD-AEF2-7FE37EF201B8%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Hash 499546dec064c08e4c7c354bab138f7f
f155d071d071e4e7c1d45e22943915df9d9f2b75
1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4
GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D19E1C866-C9F5-46FD-AEF2-7FE37EF201B8%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
content-type: text/html; charset=UTF-8
cache-control: max-age=74295
expires: Wed, 16 Nov 2022 20:07:46 GMT
date: Tue, 15 Nov 2022 23:29:31 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
302 Found 562 B URL HTTP/2 ad.360yield.com/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
IP
Hash ee04fbc95d6f2113bac59c4158bcac81
ee7d7f8171ab5adc8723c731ceaefc33eac4905d
4c43eaf8a589333a5d50f4cdb01203e74d7fb15a42b15c0b9ac68058554d4229
GET /server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=71a41adc-d389-41dc-8743-432898304b83; Expires=Mon, 13 Feb 2023 23:29:31 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1668554971; Expires=Mon, 13 Feb 2023 23:29:31 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
204 No Content 0 B URL HTTP/2 ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Tue, 15 Nov 2022 23:29:31 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=156813&sc=1&pr=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID&umc=PM_UID&u=19E1C866-C9F5-46FD-AEF2-7FE37EF201B8&rs=3&gdpr=0&gdpr_consent=&us_privacy=
200 OK 595 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=156813&sc=1&pr=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID&umc=PM_UID&u=19E1C866-C9F5-46FD-AEF2-7FE37EF201B8&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP
Hash a4a798645b1bb67847e7aecba18cdf6c
44ca58e4c128eb80b684f74c067788af46984662
7f5998fb0052f8bf41834620bbd47449e5e71299fcc8cf48957e3e5c84fc0477
GET /AdServer/SPug?o=1&p=156813&sc=1&pr=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID&umc=PM_UID&u=19E1C866-C9F5-46FD-AEF2-7FE37EF201B8&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
204 No Content 0 B URL HTTP/1.1 ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP/1.1
Host: ap.lijit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 15 Nov 2022 23:29:31 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-Requested-With, Content-Type
X-Sovrn-Pod: ad_ap3ams1
ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
assets.pinterest.com/js/pinit_main.js?0.23933592478030907
200 OK 19 kB URL HTTP/2 assets.pinterest.com/js/pinit_main.js?0.23933592478030907
IP
File type Unicode text, UTF-8 text, with very long lines (32016)
Hash 3725764cf05d1a0938de73d398772331
abdc742d760ca9c8f28c8d44ca9796d9ad6c0bc7
f8c41f2f59fc9e9d088bc9002eef583c3cf256b4cd371619b18107b4abd92812
GET /js/pinit_main.js?0.23933592478030907 HTTP/1.1
Host: assets.pinterest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
etag: "3725764cf05d1a0938de73d398772331"
content-encoding: br
content-type: application/javascript; charset=utf-8
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 86400
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=300
date: Tue, 15 Nov 2022 23:29:31 GMT
content-length: 18679
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?partner_id=1944&r=https%3A%2F%2Fcm.mgid.com%2Fm%3Fcdsp%3D665953%26c%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pobedidijabetes.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
AN-X-Request-Uuid: da1e405c-f414-4eaa-9e7b-42e3828cdfc7
Set-Cookie: uuid2=3647811368512155209; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 13-Feb-2023 23:29:31 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
js.wpushsdk.com/npc/sdk/wpu/csub.m.js
200 OK 28 kB URL HTTP/2 js.wpushsdk.com/npc/sdk/wpu/csub.m.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash d4121db461f5ae732988f09e9566ef8e
5107014909a28ad7487af9a3eb5437c19fbac005
db236c13e22f10e2de2d1dd2bed580f28280c769b116660fc4b679baad2fd56c
GET /npc/sdk/wpu/csub.m.js HTTP/1.1
Host: js.wpushsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Thu, 13 Oct 2022 09:19:10 GMT
etag: W/"6347d80e-16007"
content-encoding: gzip
expires: Tue, 15 Nov 2022 23:34:31 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.adtelligent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
AN-X-Request-Uuid: 0b21df92-380f-46d4-a01a-56d880609928
Set-Cookie: uuid2=7749537614890340214; SameSite=None; Path=/; Max-Age=7776000; Expires=Mon, 13-Feb-2023 23:29:31 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
sync.adtelligent.com/csync?t=a&ep=309255&extuid=
200 OK 43 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=309255&extuid=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /csync?t=a&ep=309255&extuid= HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Cookie: vmuid=1db654229d7eb638; a307558=8a4fea32-549c-4d62-88a1-b01a90c45018
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Type: image/gif
Content-Length: 43
Etag: 1db654229d7eb638
Set-Cookie: vmuid=1db654229d7eb638; expires=Mon, 16 Jan 2023 23:29:31 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 68a04663a52ab4272c25f5afcc09a92d
48b0722227353d06cb1dfd4480b644be6e6fc030
892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id5-sync.com/g/v2/231.json
200 1.3 kB URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP
File type JSON data\012- , ASCII text, with very long lines (1315), with no line terminators
Hash 9e8accdeb0eea995a4505945db7434e6
9923e57ffbfc0bd4cf7004f1bbc74c603fede80d
7ed901ff86c0d9330d7cfd3fe81606e2a2c46e1b1dc0b3042430bbd4429a645a
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 751
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
set-cookie: id5=25fc4df9-af33-38ac-b5a4-930577723bff#1668554971855#1; Max-Age=7776000; Expires=Mon, 13-Feb-2023 23:29:31 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 68a04663a52ab4272c25f5afcc09a92d
48b0722227353d06cb1dfd4480b644be6e6fc030
892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 0023c9e12da933edcd3fa9961da199cb
fb70064944a19dadada8d4f7b84d45f5caf2aede
4604e8961c7d8dc49f35ab4e10aa53e21f74585a8d36272ac86003fec4ac7ee0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1858
Cache-Control: max-age=97348
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:31 GMT
Etag: "6372f2dd-1d7"
Expires: Thu, 17 Nov 2022 02:31:59 GMT
Last-Modified: Tue, 15 Nov 2022 02:01:01 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
id5-sync.com/g/v2/231.json
200 1.3 kB URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP
File type JSON data\012- , ASCII text, with very long lines (1315), with no line terminators
Hash 74a966be4be8372e83a2b114c443919c
70fb91e14408443d66825bb1f511c45dada3fdc4
06fa5d39be505f99ebb4c1ed6efc98432c0082a8ef975594004faef275c2205c
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 751
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
set-cookie: id5=25fc4df9-af33-38ac-b5a4-930577723bff#1668554971866#1; Max-Age=7776000; Expires=Mon, 13-Feb-2023 23:29:31 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
200 OK 471 B IP
Hash 75a5aa06ec271cb6872b7e2a58d92ff4
d4eb773de5962398a9ed9342fe5ec5c545b09457
8e7d7380cafd97a46ed49e3ba23f435d11827409903c8e2d6b24f20343daaf68
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2926
Cache-Control: max-age=95171
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:31 GMT
Etag: "6372e630-1d7"
Expires: Thu, 17 Nov 2022 01:55:42 GMT
Last-Modified: Tue, 15 Nov 2022 01:06:56 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bWFmdTFBMmRpUnRm&muidn=mafu1A2diRtf
302 Found 358 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bWFmdTFBMmRpUnRm&muidn=mafu1A2diRtf
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 9d14be6d57888ff8a6b952483fe6e171
3aa8d1a45083d7418aba4dcbba92fb3c0f6d746d
b72e9df4d7d6b71a34a8f9756ba2105b1a6ccff3f4bf2e23cdce9135d8b34a9c
GET /pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bWFmdTFBMmRpUnRm&muidn=mafu1A2diRtf HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bWFmdTFBMmRpUnRm&muidn=mafu1A2diRtf&google_tc=
date: Tue, 15 Nov 2022 23:29:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 358
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 15-Nov-2022 23:44:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adsrealpublic.ru/k35j.json
200 OK 695 B URL HTTP/2 adsrealpublic.ru/k35j.json
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash fba69793b7ddc981bc806214a43b26ca
2f49f0e7f55340dace3988522d80d1629eb51b12
7165e82d62a2c14b3b6ca84850943fd3ae1ab7d9cbaa233c2ba42dc8703cfd4a
POST /k35j.json HTTP/1.1
Host: adsrealpublic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 479
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
sync.adtelligent.com/csync?t=a&ep=281178&extuid=19E1C866-C9F5-46FD-AEF2-7FE37EF201B8
200 OK 0 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=281178&extuid=19E1C866-C9F5-46FD-AEF2-7FE37EF201B8
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?t=a&ep=281178&extuid=19E1C866-C9F5-46FD-AEF2-7FE37EF201B8 HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Cookie: vmuid=1db654229d7eb638; a307558=8a4fea32-549c-4d62-88a1-b01a90c45018
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Length: 0
Etag: 1db654229d7eb638
Set-Cookie: vmuid=1db654229d7eb638; expires=Mon, 16 Jan 2023 23:29:31 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
a281178=19E1C866-C9F5-46FD-AEF2-7FE37EF201B8; expires=Mon, 16 Jan 2023 23:29:31 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
id5-sync.com/g/v2/231.json
200 1.3 kB URL HTTP/1.1 id5-sync.com/g/v2/231.json
IP
File type JSON data\012- , ASCII text, with very long lines (1315), with no line terminators
Hash e47b7d04bd54f180f161eb856b849eae
0fce7cb225b33bb6d81b70689d3650aff543c92a
56bc70d67ff02044f0b558e5eda1d6aa2ba3df24671b154643b15e39dbd8bf88
POST /g/v2/231.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 751
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://pobedidijabetes.org
access-control-allow-credentials: true
p3p: CP="CAO PSA OUR"
set-cookie: id5=25fc4df9-af33-38ac-b5a4-930577723bff#1668554971907#1; Max-Age=7776000; Expires=Mon, 13-Feb-2023 23:29:31 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Tue, 15 Nov 2022 23:29:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
pixel.rubiconproject.com/exchange/sync.php?p=mgid
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=mgid
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=mgid HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
Content-Type: image/gif
ocsp.globalsign.com/gseccovsslca2018
200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash bb9dd3952aa555d67dbc3d801acf2270
0353a0b30414f7b154ef80fc4245e5e608db38b8
b651dc347ba3ee7805d2d734ec48a0af4723a6c7d92e756f60eafa5664a35736
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:04:35 GMT
ETag: "0353a0b30414f7b154ef80fc4245e5e608db38b8"
Last-Modified: Tue, 15 Nov 2022 20:04:36 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2906
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76abc4fe8abdb4f3-OSL
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
200 OK 55 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
File type ASCII text, with very long lines (2776)
Hash 52a0037e9ae4474b9125e3b21f00b841
fd9d857efa0c24a7801c0707a54a4974e361cd9d
fde8c371b13e948f1dc37bc078d8dc4080534564d21bdd37bd02e2ce43de9c15
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 15 Nov 2022 23:29:31 GMT
expires: Tue, 15 Nov 2022 23:29:31 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 369707505943012948
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 54956
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash dcf48b877e322f5bf0f7c09011cfb462
5d4af557faa99a8995e7b20121f3fe235e089b62
fd66fc62318a29a9521cb51c3f20b12f46eb965f0ff418fafd01adbe8a672137
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Sat, 19 Nov 2022 20:53:41 GMT
ETag: "5d4af557faa99a8995e7b20121f3fe235e089b62"
Last-Modified: Tue, 15 Nov 2022 20:53:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1797
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76abc4febadfb4f3-OSL
cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bWFmdTFBMmRpUnRm&muidn=mafu1A2diRtf&google_tc=
302 Found 261 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bWFmdTFBMmRpUnRm&muidn=mafu1A2diRtf&google_tc=
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a9c00b604c2f9294b5fe3efc47f2dce4
85b4ddbc9b2530adf692a0c6046e6d5bd4f5d650
352ebbdd66d09d43113116a9e14d9f63db3a3c4790fb1dbe5f3106c1611044c7
GET /pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bWFmdTFBMmRpUnRm&muidn=mafu1A2diRtf&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pobedidijabetes.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://cm.mgid.com/google?muidn=mafu1A2diRtf&google_error=3
date: Tue, 15 Nov 2022 23:29:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 261
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=1&gdpr_consent=CPiiUh5PiiUh5AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1
200 OK 0 B URL HTTP/2 image8.pubmatic.com/AdServer/ImgSync?p=161673&gdpr=1&gdpr_consent=CPiiUh5PiiUh5AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdServer/ImgSync?p=161673&gdpr=1&gdpr_consent=CPiiUh5PiiUh5AHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D161673%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcm.mgid.com%252Fm%253Fcdsp%253D712807%2526c%253D%2523PMUID&rdf=1 HTTP/1.1
Host: image8.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pobedidijabetes.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:30 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 527aff0833de7d269d7317fdb3b87b63
3f45b78cc5568fc4c4cc1898e46181564c0e2d69
4f9e972e8c97837ac817324feae3e373669a6e8549818ebe56aaab52882c07d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2022
Cache-Control: max-age=143924
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:31 GMT
Etag: "6373a829-1d7"
Expires: Thu, 17 Nov 2022 15:28:15 GMT
Last-Modified: Tue, 15 Nov 2022 14:54:33 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 6fface84991bbd379c0110a55c4f476a
e107559b4ba99dda9c9c7198967ef308f6422906
0451db281db1316ed2d400b419a1029fecc749f6688be93188b5e576dd2e5817
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4156
Cache-Control: max-age=100373
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:31 GMT
Etag: "6372f5b4-1d7"
Expires: Thu, 17 Nov 2022 03:22:24 GMT
Last-Modified: Tue, 15 Nov 2022 02:13:08 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
200 OK 43 B URL HTTP/2 cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 7d766d97feb7979fc6002351253a7ad8
7e9d56848345650366f242aa619efae2207e2f1f
a37ec0755881d2545cd00c621912f6940483539520a12dcfa15b757572ec781a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3731
Cache-Control: max-age=149239
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:32 GMT
Etag: "6373b640-13a"
Expires: Thu, 17 Nov 2022 16:56:51 GMT
Last-Modified: Tue, 15 Nov 2022 15:54:40 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 314
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D297253%2526extuid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
AN-X-Request-Uuid: 4bab50fd-8257-4db5-be90-865e24de827f
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
creativecdn.com/cm-notify?pi=mgid
302 Found 0 B URL HTTP/2 creativecdn.com/cm-notify?pi=mgid
IP
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm-notify?pi=mgid HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 15 Nov 2022 23:29:32 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=X4WjtLxtfpFD2IatDNHy;Path=/;Domain=.creativecdn.com;Expires=Wed, 15-Nov-2023 23:29:32 GMT;Max-Age=31536000;Secure;SameSite=None
ts=1668554972;Path=/;Domain=.creativecdn.com;Expires=Wed, 15-Nov-2023 23:29:32 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://creativecdn.com/cm-notify?pi=mgid&tc=1
content-length: 0
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 6bb9990fc521832208f25ccf5261b719
be8acfb80dfc034d5cbd7dabb318ea8853762c10
677f03256dacdc519c12971fd422fe1afa0ecca3864f4e8f7aa0bed4eecd9c38
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73397
date: Tue, 15 Nov 2022 23:29:31 GMT
access-control-allow-origin: *
etag: "63575841-11eb5"
expires: Wed, 16 Nov 2022 00:29:31 GMT
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
302 Found 0 B URL HTTP/2 ssbsync.smartadserver.com/api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy=
IP
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/sync?callerId=24&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: ssbsync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pobedidijabetes.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
date: Tue, 15 Nov 2022 23:29:31 GMT
location: https://sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=8681234073702768950&gdpr=0&gdpr_consent=
set-cookie: pid=8681234073702768950; expires=Sat, 16 Dec 2023 23:28:32 GMT; domain=smartadserver.com; path=/; secure; samesite=none
X-Firefox-Spdy: h2
creativecdn.com/cm-notify?pi=mgid&tc=1
200 OK 42 B URL HTTP/2 creativecdn.com/cm-notify?pi=mgid&tc=1
IP
ASN #204995 Rtb House S.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /cm-notify?pi=mgid&tc=1 HTTP/1.1
Host: creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pobedidijabetes.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:32 GMT
content-type: image/gif
content-length: 42
X-Firefox-Spdy: h2
sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
200 OK 43 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=297253&extuid=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /csync?t=a&ep=297253&extuid=0 HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Cookie: vmuid=1db654229d7eb638; a307558=8a4fea32-549c-4d62-88a1-b01a90c45018; a281178=19E1C866-C9F5-46FD-AEF2-7FE37EF201B8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Type: image/gif
Content-Length: 43
Etag: 1db654229d7eb638
Set-Cookie: vmuid=1db654229d7eb638; expires=Mon, 16 Jan 2023 23:29:32 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D584890%2526extuid%253D%2524UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Tue, 15 Nov 2022 23:29:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
AN-X-Request-Uuid: f9aaffd5-dc03-48a4-bbf1-c722b7a5a84c
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
zerossl.ocsp.sectigo.com/
200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 1cf0ef0ba31d1d187774155dd7eab1e0
a3a018076c1bc584e881c39ec9721d3714ef461b
607e7df72137f3b2f8b8bc2457f0f7f9cc97cdaf3c4c9229523bc3d77508c775
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 23:29:32 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 14:42:28 GMT
Expires: Sun, 20 Nov 2022 14:42:27 GMT
Etag: "a3a018076c1bc584e881c39ec9721d3714ef461b"
Cache-Control: max-age=399774,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76abc4ff4a15b51b-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash a30b582a2573caa5e8bdbb23b2f09139
2f24807376faaa14ca2b67db13e9d5830a6086c9
ca749e187a0f56bff342818f212d6389919129bcdaea0a8c08b16e6727f51fc1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 23:29:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 13:56:49 GMT
Expires: Tue, 22 Nov 2022 13:56:48 GMT
Etag: "2f24807376faaa14ca2b67db13e9d5830a6086c9"
Cache-Control: max-age=569835,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76abc4fe6ed7b503-OSL
sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=8681234073702768950&gdpr=0&gdpr_consent=
302 Found 0 B URL HTTP/1.1 sync.e-volution.ai/a02d62607dea0c97e41ff36ebd422945.gif?puid=8681234073702768950&gdpr=0&gdpr_consent=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a02d62607dea0c97e41ff36ebd422945.gif?puid=8681234073702768950&gdpr=0&gdpr_consent= HTTP/1.1
Host: sync.e-volution.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pobedidijabetes.org/
Connection: keep-alive
Cookie: v_usr=f30ab027-f35c-48ad-a41a-aa65b1b29e90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 15 Nov 2022 23:29:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: v_usr=f30ab027-f35c-48ad-a41a-aa65b1b29e90; path=/; domain=.e-volution.ai; expires=Tue, 29 Nov 2022 23:29:32 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 68a04663a52ab4272c25f5afcc09a92d
48b0722227353d06cb1dfd4480b644be6e6fc030
892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 68a04663a52ab4272c25f5afcc09a92d
48b0722227353d06cb1dfd4480b644be6e6fc030
892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 23:29:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
x.bidswitch.net/sync?ssp=mgid
302 Found 562 B URL HTTP/2 x.bidswitch.net/sync?ssp=mgid
IP
Hash ee04fbc95d6f2113bac59c4158bcac81
ee7d7f8171ab5adc8723c731ceaefc33eac4905d
4c43eaf8a589333a5d50f4cdb01203e74d7fb15a42b15c0b9ac68058554d4229
GET /sync?ssp=mgid HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 15 Nov 2022 23:29:32 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=mgid
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=2818218e-a302-4e0e-a304-04019131237f; path=/; expires=Wed, 15-Nov-2023 23:29:32 GMT; domain=.bidswitch.net; samesite=none; secure
c=1668554972; path=/; expires=Wed, 15-Nov-2023 23:29:32 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1668554972; path=/; expires=Wed, 15-Nov-2023 23:29:32 GMT; domain=.bidswitch.net; samesite=none; secure
c=1668554972; path=/; expires=Wed, 15-Nov-2023 23:29:32 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Tue, 15 Nov 2022 17:59:00 GMT
expires: Tue, 29 Nov 2022 17:59:00 GMT
cache-control: public, max-age=1209600
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
age: 19832
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
302 Found 0 B URL HTTP/1.1 sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP/1.1
Host: sync.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.console.adtarget.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
Server: Adtelligent
Date: Tue, 15 Nov 2022 23:29:31 GMT
Content-Length: 0
Etag: f2229f8c5e883844
Location: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=f2229f8c5e883844
Set-Cookie: vmuid=f2229f8c5e883844; expires=Mon, 16 Jan 2023 23:29:32 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-pashadv&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pobedidijabetes.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 17c962550296893d145ef1b8078fc6d6
Content-Type: image/gif
x.bidswitch.net/ul_cb/sync?ssp=mgid
200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=mgid
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=mgid HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pobedidijabetes.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:32 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 1cf0ef0ba31d1d187774155dd7eab1e0
a3a018076c1bc584e881c39ec9721d3714ef461b
607e7df72137f3b2f8b8bc2457f0f7f9cc97cdaf3c4c9229523bc3d77508c775
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 23:29:32 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 14:42:28 GMT
Expires: Sun, 20 Nov 2022 14:42:27 GMT
Etag: "a3a018076c1bc584e881c39ec9721d3714ef461b"
Cache-Control: max-age=399774,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76abc4ff1ad0b4fd-OSL
sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
200 OK 43 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=584890&extuid=0
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /csync?t=a&ep=584890&extuid=0 HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.adtelligent.com/
Connection: keep-alive
Cookie: vmuid=1db654229d7eb638; a307558=8a4fea32-549c-4d62-88a1-b01a90c45018; a281178=19E1C866-C9F5-46FD-AEF2-7FE37EF201B8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Tue, 15 Nov 2022 23:29:32 GMT
Content-Type: image/gif
Content-Length: 43
Etag: 1db654229d7eb638
Set-Cookie: vmuid=1db654229d7eb638; expires=Mon, 16 Jan 2023 23:29:32 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 15 Nov 2022 23:29:32 GMT
access-control-allow-origin: *
etag: "63575841-2b"
expires: Wed, 16 Nov 2022 00:29:32 GMT
accept-ranges: bytes
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
sync.adtelligent.com/csync?t=a&ep=318342&extuid=f2229f8c5e883844
200 OK 0 B URL HTTP/1.1 sync.adtelligent.com/csync?t=a&ep=318342&extuid=f2229f8c5e883844
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?t=a&ep=318342&extuid=f2229f8c5e883844 HTTP/1.1
Host: sync.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://s.console.adtarget.com.tr/
Connection: keep-alive
Cookie: vmuid=1db654229d7eb638; a307558=8a4fea32-549c-4d62-88a1-b01a90c45018; a281178=19E1C866-C9F5-46FD-AEF2-7FE37EF201B8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Tue, 15 Nov 2022 23:29:32 GMT
Content-Length: 0
Etag: 1db654229d7eb638
Set-Cookie: vmuid=1db654229d7eb638; expires=Mon, 16 Jan 2023 23:29:32 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
a318342=f2229f8c5e883844; expires=Mon, 16 Jan 2023 23:29:32 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None
mc.yandex.ru/watch/56667622?wmode=7&page-url=https%3A%2F%2Fpobedidijabetes.org%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A3116%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A855792326310%3Ahid%3A357922625%3Az%3A0%3Ai%3A20221115232931%3Aet%3A1668554972%3Ac%3A1%3Arn%3A2627928%3Arqn%3A1%3Au%3A1668554972156527548%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C299%2C2100%2C0%2C257%2C0%2C%2C388%2C27%2C%2C%2C%2C3094%3Ans%3A1668554965309%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668554972%3At%3APorazite%20dijabetes!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/56667622?wmode=7&page-url=https%3A%2F%2Fpobedidijabetes.org%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A3116%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A855792326310%3Ahid%3A357922625%3Az%3A0%3Ai%3A20221115232931%3Aet%3A1668554972%3Ac%3A1%3Arn%3A2627928%3Arqn%3A1%3Au%3A1668554972156527548%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C299%2C2100%2C0%2C257%2C0%2C%2C388%2C27%2C%2C%2C%2C3094%3Ans%3A1668554965309%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668554972%3At%3APorazite%20dijabetes!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 061e7d6185638b9f73077f175b80516a
a364f129f8a4fc44f23505c32ace4c36a18d445c
8edf6d0b4056c74ac9d21ca4d7a27be977963089221c889ea90e542989dede8a
GET /watch/56667622?wmode=7&page-url=https%3A%2F%2Fpobedidijabetes.org%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A3116%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A855792326310%3Ahid%3A357922625%3Az%3A0%3Ai%3A20221115232931%3Aet%3A1668554972%3Ac%3A1%3Arn%3A2627928%3Arqn%3A1%3Au%3A1668554972156527548%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C299%2C2100%2C0%2C257%2C0%2C%2C388%2C27%2C%2C%2C%2C3094%3Ans%3A1668554965309%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668554972%3At%3APorazite%20dijabetes!&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/56667622/1?wmode=7&page-url=https%3A%2F%2Fpobedidijabetes.org%2F&charset=utf-8&site-info=%7B%22__ym%22%3A%7B%22isFromApi%22%3A%22yesIsFromApi%22%7D%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahc77qkb9hqc2jb24budq4%3Afp%3A3116%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A855792326310%3Ahid%3A357922625%3Az%3A0%3Ai%3A20221115232931%3Aet%3A1668554972%3Ac%3A1%3Arn%3A2627928%3Arqn%3A1%3Au%3A1668554972156527548%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C299%2C2100%2C0%2C257%2C0%2C%2C388%2C27%2C%2C%2C%2C3094%3Ans%3A1668554965309%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1668554972%3At%3APorazite%20dijabetes%21&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 15 Nov 2022 23:29:32 GMT
access-control-allow-origin: https://pobedidijabetes.org
set-cookie: yandexuid=9170357301668554972; Expires=Wed, 15-Nov-2023 23:29:32 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9170357301668554972; Expires=Wed, 15-Nov-2023 23:29:32 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=947699611668554972; Path=/; SameSite=None; Secure
i=qkYqgJjv9Ghy8/QoixUGKDNoHTTjPTXl4IenbIZJHlhQHd8deO8Fhd+nxB0eChAvA0l1qJGeHkvP2HTpHXZOHgsadvU=; Expires=Fri, 12-Nov-2032 23:29:08 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1700090972.yrts.1668554972#1700090972.yrtsi.1668554972; Expires=Wed, 15-Nov-2023 23:29:32 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 15-Nov-2022 23:29:32 GMT
last-modified: Tue, 15-Nov-2022 23:29:32 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=${UID}
200 OK 0 B URL HTTP/1.1 sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=${UID}
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?t=a&ep=307565&extuid=${UID} HTTP/1.1
Host: sync.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Tue, 15 Nov 2022 23:29:32 GMT
Content-Length: 0
Etag: f2229f8c5e883844
Set-Cookie: vmuid=f2229f8c5e883844; expires=Mon, 16 Jan 2023 23:29:32 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
a307565=${UID}; expires=Mon, 16 Jan 2023 23:29:32 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
ocsp.sectigo.com/
200 OK 471 B IP
Hash a30b582a2573caa5e8bdbb23b2f09139
2f24807376faaa14ca2b67db13e9d5830a6086c9
ca749e187a0f56bff342818f212d6389919129bcdaea0a8c08b16e6727f51fc1
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 23:29:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 13:56:49 GMT
Expires: Tue, 22 Nov 2022 13:56:48 GMT
Etag: "2f24807376faaa14ca2b67db13e9d5830a6086c9"
Cache-Control: max-age=569835,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76abc4fefd37fac8-OSL
zerossl.ocsp.sectigo.com/
200 OK 315 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 1cf0ef0ba31d1d187774155dd7eab1e0
a3a018076c1bc584e881c39ec9721d3714ef461b
607e7df72137f3b2f8b8bc2457f0f7f9cc97cdaf3c4c9229523bc3d77508c775
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 23:29:32 GMT
Content-Type: application/ocsp-response
Content-Length: 315
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 14:42:28 GMT
Expires: Sun, 20 Nov 2022 14:42:27 GMT
Etag: "a3a018076c1bc584e881c39ec9721d3714ef461b"
Cache-Control: max-age=399774,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76abc4ff6faa0b4d-OSL
x.bidswitch.net/sync?dsp_id=303&user_id=mafu1A2diRtf
302 Found 4.9 kB URL HTTP/2 x.bidswitch.net/sync?dsp_id=303&user_id=mafu1A2diRtf
IP
Hash 59787962345d1552363a83665099811a
e1c0a92c1cb3a738572ee03bbc64d8274516c59e
944acfc7d54cd9e10d1de7b511247d6f8822e202b31c5630f08d9ff5f474268c
GET /sync?dsp_id=303&user_id=mafu1A2diRtf HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 15 Nov 2022 23:29:32 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=mafu1A2diRtf
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=490000b4-0612-4105-828b-f6085e4192b9; path=/; expires=Wed, 15-Nov-2023 23:29:32 GMT; domain=.bidswitch.net; samesite=none; secure
c=1668554972; path=/; expires=Wed, 15-Nov-2023 23:29:32 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1668554972; path=/; expires=Wed, 15-Nov-2023 23:29:32 GMT; domain=.bidswitch.net; samesite=none; secure
c=1668554972; path=/; expires=Wed, 15-Nov-2023 23:29:32 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=mafu1A2diRtf
302 Found 0 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=mafu1A2diRtf
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/sync?dsp_id=303&user_id=mafu1A2diRtf HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pobedidijabetes.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 15 Nov 2022 23:29:32 GMT
content-length: 0
cache-control: no-cache, no-store, must-revalidate
location: //crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=mafu1A2diRtf&dsp_id=303&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
X-Firefox-Spdy: h2
sync.console.adtarget.com.tr/csync?t=a&ep=738101&extuid=${UID}
200 OK 0 B URL HTTP/1.1 sync.console.adtarget.com.tr/csync?t=a&ep=738101&extuid=${UID}
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?t=a&ep=738101&extuid=${UID} HTTP/1.1
Host: sync.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Tue, 15 Nov 2022 23:29:32 GMT
Content-Length: 0
Etag: f2229f8c5e883844
Set-Cookie: vmuid=f2229f8c5e883844; expires=Mon, 16 Jan 2023 23:29:32 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
a738101=${UID}; expires=Mon, 16 Jan 2023 23:29:32 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=${UID}
200 OK 0 B URL HTTP/1.1 sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=${UID}
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /csync?t=a&ep=307080&extuid=${UID} HTTP/1.1
Host: sync.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: Adtelligent
Date: Tue, 15 Nov 2022 23:29:32 GMT
Content-Length: 0
Etag: f2229f8c5e883844
Set-Cookie: vmuid=f2229f8c5e883844; expires=Mon, 16 Jan 2023 23:29:32 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
a307080=${UID}; expires=Mon, 16 Jan 2023 23:29:32 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 57dbbe5c7a9e81a5c1a6889df6ea1663
83fd3acc7d5af11ad9a908911c1c77d72c228cdb
380e56774382a4fcdbff5a956a6312380d80d192674ab68644ef574d494fe83c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144756
Date: Tue, 15 Nov 2022 23:29:32 GMT
Etag: "63739a3f-1d7"
Expires: Thu, 17 Nov 2022 15:42:08 GMT
Last-Modified: Tue, 15 Nov 2022 13:55:11 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OK2d2-2u-C30aTA7767Lya3Zc9_aMxowzwKKFn_3Ouc1nVB4Q3bopQ==
Age: 6417
crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=mafu1A2diRtf&dsp_id=303&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
200 OK 43 B URL HTTP/1.1 crb.kargo.com/api/v1/bswsync?bsw_uuid=&dsp_uuid=mafu1A2diRtf&dsp_id=303&krg_ids=&gdpr=&gdpr_consent=&us_privacy=
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /api/v1/bswsync?bsw_uuid=&dsp_uuid=mafu1A2diRtf&dsp_id=303&krg_ids=&gdpr=&gdpr_consent=&us_privacy= HTTP/1.1
Host: crb.kargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pobedidijabetes.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Content-Type: image/gif
Date: Tue, 15 Nov 2022 23:29:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Krk-Reject-Reason: consent
Pragma: no-cache
Vary: Origin
X-Accel-Expires: 0
Content-Length: 43
Connection: keep-alive
adsrealpublic.ru/k35j.json
200 OK 128 B URL HTTP/2 adsrealpublic.ru/k35j.json
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 92448b940780e70c84a89b4129170825
5f28d976555bf9088ec4e210b344bc6eac2199cd
0aebb18f8eae4f962202e47d69e0131c028a27d4341a30f5b5d53d81674b018c
POST /k35j.json HTTP/1.1
Host: adsrealpublic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 460
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 23:29:32 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1e2b45d39cbb7a74936736cc0e63eb63
3616785c28bb75195dee9bdfbffbee55b3666672
4cd43795b9030fc72032a9ddc57ad4696c7ee0ad4beb49e2d35577bc6f1e5d82
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CD43795B9030FC72032A9DDC57AD4696C7EE0AD4BEB49E2D35577BC6F1E5D82"
Last-Modified: Mon, 14 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4290
Expires: Wed, 16 Nov 2022 00:41:04 GMT
Date: Tue, 15 Nov 2022 23:29:34 GMT
Connection: keep-alive
958499aca6.d2141eb2dc.com/health/
200 OK 0 B URL HTTP/2 958499aca6.d2141eb2dc.com/health/
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /health/ HTTP/1.1
Host: 958499aca6.d2141eb2dc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Tue, 15 Nov 2022 23:29:34 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30efee28-35ab-4b55-b685-02cbd4c5c8c8.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30efee28-35ab-4b55-b685-02cbd4c5c8c8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b31091803f98744f4da3b311467300a7
d829c5d23a494bc901d925dd02b84c470a0de479
c1cb88b82d8b5a82019da970f812cd31e13086c2da8498a21a57e7238aa34fe8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30efee28-35ab-4b55-b685-02cbd4c5c8c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8971
x-amzn-requestid: b5dd68c5-7146-4d31-a7fd-4ac4c474119a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnb6bGeyoAMFV9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372d9dc-2ca4003e65d69039389bc676;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 00:14:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8TqIvhJUq_yG_iMFds_btqtYsrNzoaZeIQgOP0-Kc60yuQFOPYEXRA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 10:37:00 GMT
age: 46354
etag: "d829c5d23a494bc901d925dd02b84c470a0de479"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
958499aca6.d2141eb2dc.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IlBvcmF6aXRlJTJDZGlqYWJldGVzJTJDR2xhdm5pJTJDUG9yYXppdGUlMkNkaWphYmV0ZXMlMkNQb3Jheml0ZSUyQ2RpamFiZXRlcyElMjAiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDkiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI5MDgxMDE2MjIiLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoxMDQxNSwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMDQxNSIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cHM6Ly9wb2JlZGlkaWphYmV0ZXMub3JnLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCIsImZwIjpudWxsfSwiZXh0Ijp7ImR0IjoxNjY4NTU0OTc0NDE4fX0=
302 Found 0 B URL HTTP/2 958499aca6.d2141eb2dc.com/get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IlBvcmF6aXRlJTJDZGlqYWJldGVzJTJDR2xhdm5pJTJDUG9yYXppdGUlMkNkaWphYmV0ZXMlMkNQb3Jheml0ZSUyQ2RpamFiZXRlcyElMjAiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDkiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI5MDgxMDE2MjIiLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoxMDQxNSwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMDQxNSIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cHM6Ly9wb2JlZGlkaWphYmV0ZXMub3JnLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCIsImZwIjpudWxsfSwiZXh0Ijp7ImR0IjoxNjY4NTU0OTc0NDE4fX0=
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /get/?go=1&data=eyJpbXAiOlt7InNlY3VyZSI6MSwiZXh0Ijp7InRhZ19hYiI6ImMiLCJtdWx0aSI6ZmFsc2UsInVzZXJfa2V5d29yZHMiOiIiLCJpZCI6MTY5NSwic3BhY2VpZCI6MTY5NSwidHlwZSI6InBvcCIsImlkem9uZSI6bnVsbCwiYWRfdGFncyI6IlBvcmF6aXRlJTJDZGlqYWJldGVzJTJDR2xhdm5pJTJDUG9yYXppdGUlMkNkaWphYmV0ZXMlMkNQb3Jheml0ZSUyQ2RpamFiZXRlcyElMjAiLCJsYWJlbHMiOiI0LDUsNiw3LDgsOSw0Niw0Nyw1NCw1NSw2MSwxMDkiLCJhbGxvd2VkX2xhYmVscyI6IiIsInRpdGxlIjoiIiwic3ViaWQiOiI5MDgxMDE2MjIiLCJ1dG0xIjoiIiwidXRtMiI6IiIsInV0bTQiOiIiLCJzcG90X2lkIjoxMDQxNSwibXVsdGlwbGUiOmZhbHNlLCJpc19pZnJhbWUiOmZhbHNlLCJyZWZkb21haW4iOiIiLCJwbCI6MCwic3RyYXRhZ2VtIjpudWxsLCJneXIiOjAsImFjY2VsIjowLCJzc3AiOjM5NzIsImJ0eXBlIjowfSwiYmFubmVyIjp7InciOjEsImgiOjF9fV0sInNpdGUiOnsiaWQiOiIxMDQxNSIsImNhdCI6WyJJQUIyNCJdLCJwYWdlIjoiaHR0cHM6Ly9wb2JlZGlkaWphYmV0ZXMub3JnLyJ9LCJkZXZpY2UiOnsidyI6MTI4MCwiaCI6MTAyNH0sInVzZXIiOnsiaWQiOiI5ZTQ5NDdmMzU3NTE0NjU0MTFmZDFhNGY1YzM1OGM3OCIsImZwIjpudWxsfSwiZXh0Ijp7ImR0IjoxNjY4NTU0OTc0NDE4fX0= HTTP/1.1
Host: 958499aca6.d2141eb2dc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx/1.18.0
date: Tue, 15 Nov 2022 23:29:34 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
location: https://rtbrennab.com/banner/in/show/?mid=136835512&pid=0&site=10415&sc=NO&usage_type=DCH&subid=908101622&sid=0&cid=0&price=0&is_cpm=0&cpm=0&ecpm=0&crid=&crtid=&tcid=0&out_id=&ver=&ver_c=&refdom=pobedidijabetes.org&hostname=auc-banner-hz-1&site_id=0&spot_id=10415&utm_source=&utm_medium=&utm_campaign=&utm_content=&expiration_timestamp=0&created_at=0000-00-00&is_native=0&auction_queue=0&pop_winurl=&ip=91.90.42.154&testab=&px_id=0&adblock=0&auction_host=&mm=&yc=&render_type=&campaign_type=&uniq=&exp=&resp_type=default&iabcat=IAB24&min_cpm=0.0001&placement_type_id=&skin_test=&verify_hash=&score=100&ml=&tag_ab=c&ttl=&space_id=1695&banner_width=1&banner_height=1&accel=0&gyr=0&iabcat=IAB24&url=https%3A%2F%2Fbtds.zog.link%2Fin%2F912%2F%3Fsid%3D10415%26source%3D908101622%26idzone%3D0%26w%3D1%26h%3D1%26mo%3D%26ve%3D%26site_id%3D10415%26utm1%3D%26utm2%3D%26utm3%3D%26utm4%3D%26ad_tags%3DPorazite%252Cdijabetes%252CGlavni%252CPorazite%252Cdijabetes%252CPorazite%252Cdijabetes%21%2520%26spot_id%3D10415%26p%3Dhttps%253A%252F%252Fpobedidijabetes.org%252F%26katds_labels%3D4%2C5%2C6%2C7%2C8%2C9%2C46%2C47%2C54%2C55%2C61%2C109%26btype%3D0%26score%3D100%26bf%3D0.0001&pr=&bid_crid=&bid_cid=&is_iframe=0&ad_tags=Porazite%2Cdijabetes%2CGlavni%2CPorazite%2Cdijabetes%2CPorazite%2Cdijabetes!%20&stratagem=&ssp=3972
X-Firefox-Spdy: h2
mc.yandex.ru/webvisor/56667622?wv-check=57826&wv-type=0&wmode=0&wv-part=1&wv-hit=357922625&page-url=https%3A%2F%2Fpobedidijabetes.org%2F&rn=832816757&browser-info=gdpr%3A14%3Aet%3A1668554974%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221115232934%3Au%3A1668554972156527548%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668554974&t=gdpr(14)ti(2)
200 OK 43 B URL HTTP/2 mc.yandex.ru/webvisor/56667622?wv-check=57826&wv-type=0&wmode=0&wv-part=1&wv-hit=357922625&page-url=https%3A%2F%2Fpobedidijabetes.org%2F&rn=832816757&browser-info=gdpr%3A14%3Aet%3A1668554974%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221115232934%3Au%3A1668554972156527548%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668554974&t=gdpr(14)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /webvisor/56667622?wv-check=57826&wv-type=0&wmode=0&wv-part=1&wv-hit=357922625&page-url=https%3A%2F%2Fpobedidijabetes.org%2F&rn=832816757&browser-info=gdpr%3A14%3Aet%3A1668554974%3Aw%3A1268x939%3Av%3A921%3Az%3A0%3Ai%3A20221115232934%3Au%3A1668554972156527548%3Avf%3Ahc77qkb9hqc2jb24budq4%3Awe%3A1%3Ast%3A1668554974&t=gdpr(14)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 44
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 15 Nov 2022 23:29:34 GMT
access-control-allow-origin: https://pobedidijabetes.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 15-Nov-2022 23:29:34 GMT
last-modified: Tue, 15-Nov-2022 23:29:34 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a1b2225664817101edd868a1b8c8dd5
4aa566afd3d98555f54a5127d961e8e631dcd8bd
992ffec6aba0ae00e7d3050f8741c754e6f295a7bdc6ddd788e97481fc9be303
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "992FFEC6ABA0AE00E7D3050F8741C754E6F295A7BDC6DDD788E97481FC9BE303"
Last-Modified: Tue, 15 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3577
Expires: Wed, 16 Nov 2022 00:29:12 GMT
Date: Tue, 15 Nov 2022 23:29:35 GMT
Connection: keep-alive
s-img.mgid.com/g/3805460/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzEwZjkyNjFlYTNiZmFhMTFlMTQ5ODZmYTk1Y2I0MmU4LmpwZw.webp?v=1668554970-Q6-7hzei5IPsylM3WJJex7CuhUDhOLCOS96scH0qXs4
0 B URL s-img.mgid.com/g/3805460/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzEwZjkyNjFlYTNiZmFhMTFlMTQ5ODZmYTk1Y2I0MmU4LmpwZw.webp?v=1668554970-Q6-7hzei5IPsylM3WJJex7CuhUDhOLCOS96scH0qXs4
IP
GET /g/3805460/492x277/0x0x492x277/aHR0cDovL2ltZ2hvc3RzLmNvbS90ZW1wLzIwMTctMDQtMTIvMTAxOTI0LzEwZjkyNjFlYTNiZmFhMTFlMTQ5ODZmYTk1Y2I0MmU4LmpwZw.webp?v=1668554970-Q6-7hzei5IPsylM3WJJex7CuhUDhOLCOS96scH0qXs4 HTTP/1.1
Host: s-img.mgid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
js.cabnnr.com/banner-admanager/build.m.js
200 OK 0 B URL HTTP/2 js.cabnnr.com/banner-admanager/build.m.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /banner-admanager/build.m.js HTTP/1.1
Host: js.cabnnr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 02 Nov 2022 11:11:00 GMT
etag: W/"63625044-befa"
content-encoding: gzip
expires: Tue, 15 Nov 2022 23:34:31 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
pobedidijabetes.org/
200 OK 0 B IP
GET / HTTP/1.1
Host: pobedidijabetes.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0RkyoCWiUk88K9l%2BuCXaatpk420fUysi7M4cmybJmE8AqrQx0NkCyiGC2bo6yHfRXANMmffjeQQw1g6incZM7dfX%2B3FBgbEHWzYfaNGtBfMMYIJaQYXObLo1WfEugQFbeI%2B3CS5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76abc4dbf985b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adsrealpublic.ru/k35j.json
200 OK 0 B URL HTTP/2 adsrealpublic.ru/k35j.json
IP
ASN #24940 Hetzner Online GmbH
POST /k35j.json HTTP/1.1
Host: adsrealpublic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 475
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
adsrealpublic.ru/k35j.json
200 OK 0 B URL HTTP/2 adsrealpublic.ru/k35j.json
IP
ASN #24940 Hetzner Online GmbH
POST /k35j.json HTTP/1.1
Host: adsrealpublic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 379
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 23:29:31 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
adsrealpublic.ru/k35j.min.js
200 OK 0 B URL HTTP/2 adsrealpublic.ru/k35j.min.js
IP
ASN #24940 Hetzner Online GmbH
GET /k35j.min.js HTTP/1.1
Host: adsrealpublic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 23:29:28 GMT
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
cache-control: max-age=300
expires: Wed, 16-Nov-2022 01:34:28 EET
duration: 1127989
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
cst.cstwpush.com/static/adManager.js
200 OK 0 B URL HTTP/2 cst.cstwpush.com/static/adManager.js
IP
ASN #39572 DataWeb Global Group B.V.
GET /static/adManager.js HTTP/1.1
Host: cst.cstwpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 23:29:28 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 13 Jul 2022 06:52:04 GMT
etag: W/"62ce6b94-4e2"
content-encoding: gzip
expires: Tue, 15 Nov 2022 23:34:28 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.zx-adnet.com/consent/cookies_gdpr.js?0.8141135148439802
200 OK 0 B URL HTTP/2 cdn.zx-adnet.com/consent/cookies_gdpr.js?0.8141135148439802
IP
GET /consent/cookies_gdpr.js?0.8141135148439802 HTTP/1.1
Host: cdn.zx-adnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "6d9479856d34b784a695cf827606b5512cda2503d6ed62ebe429f4ef02dd9fef-br"
last-modified: Wed, 09 Nov 2022 12:55:44 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Tue, 15 Nov 2022 23:29:28 GMT
x-served-by: cache-bma1633-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668554969.841836,VS0,VE52
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
X-Firefox-Spdy: h2
adsrealpublic.ru/k35j.json
200 OK 0 B URL HTTP/2 adsrealpublic.ru/k35j.json
IP
ASN #24940 Hetzner Online GmbH
POST /k35j.json HTTP/1.1
Host: adsrealpublic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 375
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 23:29:29 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
adsrealpublic.ru/k35j.json
200 OK 0 B URL HTTP/2 adsrealpublic.ru/k35j.json
IP
ASN #24940 Hetzner Online GmbH
POST /k35j.json HTTP/1.1
Host: adsrealpublic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 466
Origin: https://pobedidijabetes.org
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 23:29:32 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C700%2C400italic%7COpen+Sans%3A300%2C400%2C600%2C700%2C800%2C300italic%2C400italic%2C600italic%2C700italic%2C800italic%7CPT+Serif%3A400%2C700%2C400italic%2C700italic&ver=1549941966
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Libre+Baskerville%3A400%2C700%2C400italic%7COpen+Sans%3A300%2C400%2C600%2C700%2C800%2C300italic%2C400italic%2C600italic%2C700italic%2C800italic%7CPT+Serif%3A400%2C700%2C400italic%2C700italic&ver=1549941966
IP
GET /css?family=Libre+Baskerville%3A400%2C700%2C400italic%7COpen+Sans%3A300%2C400%2C600%2C700%2C800%2C300italic%2C400italic%2C600italic%2C700italic%2C800italic%7CPT+Serif%3A400%2C700%2C400italic%2C700italic&ver=1549941966 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pobedidijabetes.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 23:29:28 GMT
date: Tue, 15 Nov 2022 23:29:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
104.21.83.210
137.74.6.209
185.86.139.103
116.202.60.158
23.36.76.226
104.18.32.68
185.64.190.78
151.101.84.84
68.67.160.26
185.172.90.251
62.149.1.122
87.250.250.119
37.157.2.234