aporntv.com/video/boy-fucks-dog-1-gaybeastcom-zoophilia-sex-video-with-dude-25689.html
301 Moved Permanently 0 B URL HTTP/1.1 aporntv.com/video/boy-fucks-dog-1-gaybeastcom-zoophilia-sex-video-with-dude-25689.html
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /video/boy-fucks-dog-1-gaybeastcom-zoophilia-sex-video-with-dude-25689.html HTTP/1.1
Host: aporntv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 03 Feb 2023 23:14:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 04 Feb 2023 00:14:38 GMT
Location: https://aporntv.com/video/boy-fucks-dog-1-gaybeastcom-zoophilia-sex-video-with-dude-25689.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9H0GEsVB8gSORlmY1jF%2Fdz8QIvTezypBrCBT2oOjmxJKMOJ1FWzcb0GM0QX7CavGCmn%2BT4trtRkEdNL7Yx8GcEk0BRloVKY2l55CN76NWMnXY2swlgNrQlLBGfc"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793edd2e5bd8b4f9-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6259
Expires: Sat, 04 Feb 2023 00:58:57 GMT
Date: Fri, 03 Feb 2023 23:14:38 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4704
Expires: Sat, 04 Feb 2023 00:33:02 GMT
Date: Fri, 03 Feb 2023 23:14:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 22:43:35 GMT
content-type: application/json
age: 1863
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5584
Expires: Sat, 04 Feb 2023 00:47:42 GMT
Date: Fri, 03 Feb 2023 23:14:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EpHLfk4T8GIMbyC/V6ljpqEE30/CCqPNT7Vatsrb4d4Aa5K4KqAvd6jUquAktUZkOr0Sp41FtY8=
x-amz-request-id: AXJ5BZQD1SZFYPNH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 22:23:44 GMT
age: 3054
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash a55ee4466b7ca7e82466b6fc6f20dbaa
da036b1abd0cc292cf11e0c1518d0cd5a3c448f5
5185c460095a83a58b38c701f68d8b043fc23fe1c1b31ab7d2bbc6c707bcb22b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6502
Cache-Control: max-age=97127
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:38 GMT
Etag: "63dc545f-117"
Expires: Sun, 05 Feb 2023 02:13:25 GMT
Last-Modified: Fri, 03 Feb 2023 00:25:03 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:14:38 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash a55ee4466b7ca7e82466b6fc6f20dbaa
da036b1abd0cc292cf11e0c1518d0cd5a3c448f5
5185c460095a83a58b38c701f68d8b043fc23fe1c1b31ab7d2bbc6c707bcb22b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6503
Cache-Control: max-age=97127
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:39 GMT
Etag: "63dc545f-117"
Expires: Sun, 05 Feb 2023 02:13:26 GMT
Last-Modified: Fri, 03 Feb 2023 00:25:03 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
js.wpncdn.com/pn.php
200 OK 6.3 kB IP
File type Unicode text, UTF-8 text, with very long lines (17743), with no line terminators
Hash b1b841e5dd35efee8a27fef6eeaffa2e
6ca01d4ce065573e367ea4ff800aa523413c98cb
b75b084f400e8cbe06610b8956caa2592c0546be1e9cce5c980fe6b3080e747e
Analyzer Verdict Alert fortinet Malware
GET /pn.php HTTP/1.1
Host: js.wpncdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aporntv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:14:39 GMT
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 6267
Content-Type: application/javascript
Accept-Ranges: bytes
Cache-Control: max-age=10800
Server: nginx
etag: W/"1c747948ecc58e4d3fc4aa4fc94"
X-HW: 1675466079.dop221.sk1.t,1675466079.cds225.sk1.shn,1675466079.cds225.sk1.c
Access-Control-Allow-Origin: *, *
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11776
Expires: Sat, 04 Feb 2023 02:30:55 GMT
Date: Fri, 03 Feb 2023 23:14:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 22:49:06 GMT
age: 1533
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash cb5a89aed4d1f505ebf7a406873f7255
a83892ccda277ee14a61672e62d82ab06cfb7ead
8563c0ac3ef7339b49cb68c2cb41f11efd3c94ce93c6502dd3e3ce0a4b7d58cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=96723
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:39 GMT
Etag: "63dc6c32-117"
Expires: Sun, 05 Feb 2023 02:06:42 GMT
Last-Modified: Fri, 03 Feb 2023 02:06:42 GMT
Server: nginx
Content-Length: 279
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ihdBDBDEhhhl7TbUGedb/Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: li9u1BjR8ylvZrAyzTMf3wCogd0=
ocsp.digicert.com/
200 OK 279 B IP
Hash cb5a89aed4d1f505ebf7a406873f7255
a83892ccda277ee14a61672e62d82ab06cfb7ead
8563c0ac3ef7339b49cb68c2cb41f11efd3c94ce93c6502dd3e3ce0a4b7d58cd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=96723
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:39 GMT
Etag: "63dc6c32-117"
Expires: Sun, 05 Feb 2023 02:06:42 GMT
Last-Modified: Fri, 03 Feb 2023 02:06:42 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11823
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Fri, 03 Feb 2023 23:14:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11823
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Fri, 03 Feb 2023 23:14:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 603 B IP
ASN #20940 Akamai International B.V.
Hash 5652a985983bb60276296a4bc62cdaa9
52071cfbab39085b9e0c29a2a018c28c44de07a4
c1f611ba60c41309cbc31c7c9c35a3d8ebd1175a5d6524f5395b7a2a6ff732b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11823
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Fri, 03 Feb 2023 23:14:40 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d719402de0cd695e55dab2767247da49
f12f4795987a284820f6785ec16b5032b9861d79
98a14bd950cec10aeb3d76fa956fe13514f52c742adbded7a0fcef218c7195ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98A14BD950CEC10AEB3D76FA956FE13514F52C742ADBDED7A0FCEF218C7195BA"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11823
Expires: Sat, 04 Feb 2023 02:31:43 GMT
Date: Fri, 03 Feb 2023 23:14:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 4454
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 518bba9a8770e8ff15229a68be5bddc3
139f944b3f4279e640901f7a6b993f1a49b51a22
0591e73dec2190752677f06525bc993dc8c7a5aa20984a5eda64c323188e2b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a517af0-06bb-4ad2-b66e-3627ca6b60a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9743
x-amzn-requestid: b6c1caa9-72e4-476f-9c3d-4a746c410ba3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHLJoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-1289ef383fbad59621eda6d0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i7ZNMlYetTGgoM0beS97MTxveM1H7CI4JdAvPhYdqe9pyCCQugjgNg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:58:58 GMT
age: 4542
etag: "139f944b3f4279e640901f7a6b993f1a49b51a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 4159
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f926cd4f39b1a10b152e5959b28ae29e
2b1982d21321071394e363888e007598e968fb35
a51b246a9aa5a2583cae7fd4f0a3bdf73f0b318b7838828d36ea5674a5f26753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F651be34f-d4ea-4a24-987c-b006e5f9a876.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13309
x-amzn-requestid: f6a3f0f3-d91b-4f4d-8265-0f87742ba5d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyFeBFX4oAMFfpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd82bf-5808ceec265756c702d212dc;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:55:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WWjzs8W8GmSAM0-Uc8XBTxz67RJJCIzp3fBYhkoIWZ26UrobmZV8mw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:14:12 GMT
etag: "2b1982d21321071394e363888e007598e968fb35"
content-type: image/jpeg
age: 3628
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg
200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 77e225775154732b55c206faa6fce355
126bdaa18d9a1650b5e3a4e883d89188e8bbf136
af7fb0e6cfe7082af183bd2ba5ef43ab3ef3f9e6df2761ed4534bd48aa078798
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F650fe1e4-0f8a-4306-9cff-2ad3248d13b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3868
x-amzn-requestid: 5ae7dc8b-55a8-4500-84ef-938727459c1d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqHskoAMFpyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-662f24ed24651faa2323de32;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mk-qCGW538M5F88fom6XC1UmuzHd7qqEDUQQBdu-tVFn7-I4r547sg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:42:12 GMT
age: 1948
etag: "126bdaa18d9a1650b5e3a4e883d89188e8bbf136"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: b7r7phj8i49RMSuWufxF1L34K9udWa0mJ4dY12izM9ofwAuCFBGEZQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:47:06 GMT
age: 5254
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 031be4d46456a983025a51dbafe041b8
028f4f0edcd725d7a87e785c595cb695defeb31f
668963244fb14a5bced5a013c2f8f7ff3aeec27695d402b3c1e07ae528f4e11f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:14:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 03:56:20 GMT
Expires: Wed, 08 Feb 2023 03:56:19 GMT
Etag: "028f4f0edcd725d7a87e785c595cb695defeb31f"
Cache-Control: max-age=361898,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793edd3a5c4b0b51-OSL
lcdn.tsyndicate.com/sdk/v1/bannerNativeTrackImpression.js
200 OK 372 B URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/bannerNativeTrackImpression.js
IP
File type ASCII text, with very long lines (520)
Hash be3cdbe4d0f092fee1683f527459600b
de2cd939e706b5c99516e9acafc4652ae03faba2
b241f4702289d99b4d0a65deb39e088243abf1c7c21a4957130089c720ff6a50
GET /sdk/v1/bannerNativeTrackImpression.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=ee9564c3-3381-490d-8db1-f2996a93de54; bfq=APeIECNCxxYZOGzAkEHjRhcWIsYU3BLjoYgyE2PYuFGjI0McMLr0URAQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: application/javascript
content-length: 372
last-modified: Wed, 01 Jun 2022 12:19:05 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"62975939-28f"
age: 21082902
accept-ranges: bytes
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/eeb47536fc0d450390affe4b9d801a58.html?
200 OK 12 kB URL HTTP/2 tsyndicate.com/iframes2/eeb47536fc0d450390affe4b9d801a58.html?
IP
ASN #24940 Hetzner Online GmbH
Hash a02dd4636ddf1f6c3786c374211533a7
9e0af4084a21e2fec24e468b101e2a4a37a02601
a3176b936a9e99dcaa3b2fba9b87ee3c4e6c2c8b87457f8a637baff54861aef4
GET /iframes2/eeb47536fc0d450390affe4b9d801a58.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://networkpb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script, <https://lcdn.tsyndicate.com/images/f/b/2c0e713c0761c4c20a0af89a5bd30389f9ee28/300x250.jpg>; rel=preload; as=image, <https://lcdn.tsyndicate.com/imges/backup/native/native_18.png>; rel=preload; as=image
x-request-id: 24137a5192b03dd9
set-cookie: ts_uid=ee9564c3-3381-490d-8db1-f2996a93de54; expires=Thu, 03 Aug 2023 23:14:40 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZOGzAkEHjRhcWIsYU3BLjoYgyE2PYuFGjI0McMLr0URAQ; expires=Sat, 04 Feb 2023 23:14:40 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/imges/backup/native/native_18.png
200 OK 143 kB URL HTTP/2 lcdn.tsyndicate.com/imges/backup/native/native_18.png
IP
File type PNG image data, 298 x 231, 8-bit/color RGBA, non-interlaced\012- data
Size 143 kB (142900 bytes)
Hash 7dd95689b7b95915ba3fd1ffdd344ae0
8bcee6e7204cfb5bf7b7c9f7d2551a804ea4d688
839b236565162208a6d6f7debee328e160424123c23ef252823b88f563037c9e
GET /imges/backup/native/native_18.png HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=ee9564c3-3381-490d-8db1-f2996a93de54; bfq=APeIECNCxxYZOGzAkEHjRhcWIsYU3BLjoYgyE2PYuFGjI0McMLr0URAQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: image/png
content-length: 142900
last-modified: Wed, 02 Nov 2022 12:53:51 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"6362685f-22e52"
age: 7982022
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.tsyndicate.com/sdk/v1/p.js
200 OK 8.0 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/p.js
IP
File type ASCII text, with very long lines (22149)
Hash 1912bd3e72922a3962cf7d8a98886a5c
692f31448af2a9881c9609d4587dcdbe20faf541
a3231fcd3deef59543f97a16f6c5de0cae4ecf0920e805ee26e6a474b8464be3
GET /sdk/v1/p.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aporntv.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: application/javascript
content-length: 7970
last-modified: Thu, 15 Dec 2022 13:13:07 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"639b1d63-56ce"
age: 4355359
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 031be4d46456a983025a51dbafe041b8
028f4f0edcd725d7a87e785c595cb695defeb31f
668963244fb14a5bced5a013c2f8f7ff3aeec27695d402b3c1e07ae528f4e11f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:14:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 03:56:20 GMT
Expires: Wed, 08 Feb 2023 03:56:19 GMT
Etag: "028f4f0edcd725d7a87e785c595cb695defeb31f"
Cache-Control: max-age=361898,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793edd3a5a61b523-OSL
tsyndicate.com/iframes2/0779d0033eb74b4aa46f2c884289723f.html?
200 OK 5.5 kB URL HTTP/2 tsyndicate.com/iframes2/0779d0033eb74b4aa46f2c884289723f.html?
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4256)
Hash 069ade258baf49f4a030d2d86577db4c
88dba0e24d53cd8de5a721a17860fe1249c26009
47f75847a6ff57cee1401ecd508ffc98e814703891f54756bb879997ae9742af
GET /iframes2/0779d0033eb74b4aa46f2c884289723f.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://networkpb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 6b32e8d29f9ceb9a
set-cookie: ts_uid=09e36099-b88a-4b4c-97f7-bf90e215450d; expires=Thu, 03 Aug 2023 23:14:40 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash 031be4d46456a983025a51dbafe041b8
028f4f0edcd725d7a87e785c595cb695defeb31f
668963244fb14a5bced5a013c2f8f7ff3aeec27695d402b3c1e07ae528f4e11f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:14:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 03:56:20 GMT
Expires: Wed, 08 Feb 2023 03:56:19 GMT
Etag: "028f4f0edcd725d7a87e785c595cb695defeb31f"
Cache-Control: max-age=361898,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793edd3a5bc61c02-OSL
ocsp.sectigo.com/
200 OK 472 B IP
Hash 031be4d46456a983025a51dbafe041b8
028f4f0edcd725d7a87e785c595cb695defeb31f
668963244fb14a5bced5a013c2f8f7ff3aeec27695d402b3c1e07ae528f4e11f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:14:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 01 Feb 2023 03:56:20 GMT
Expires: Wed, 08 Feb 2023 03:56:19 GMT
Etag: "028f4f0edcd725d7a87e785c595cb695defeb31f"
Cache-Control: max-age=361898,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793edd3a592cb511-OSL
lcdn.tsyndicate.com/sdk/v1/b.b.js
304 Not Modified 0 B URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=ee9564c3-3381-490d-8db1-f2996a93de54; bfq=APeIECNCxxYZOGzAkEHjRhcWIsYU3BLjoYgyE2PYuFGjI0McMLr0URAQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
If-Modified-Since: Tue, 22 Feb 2022 13:07:15 GMT
If-None-Match: W/"6214e003-1eb1"
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 03 Feb 2023 23:14:40 GMT
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 28731817
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/sdk/v1/n.css
200 OK 72 kB URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/n.css
IP
Hash 9d0e89b2ebddb03221f1912c24b7cbe6
182a9844bf05458c99d7b0380d01b1c63f4a0012
51eaa38957cf1f0ebd9511c779a730aefa6e8ce83aece2019e45a6d58c32cd0a
GET /sdk/v1/n.css HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=ee9564c3-3381-490d-8db1-f2996a93de54; bfq=APeIECNCxxYZOGzAkEHjRhcWIsYU3BLjoYgyE2PYuFGjI0McMLr0URAQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/css
content-length: 19411
etag: "639c6765-4bd3"
last-modified: Fri, 16 Dec 2022 12:41:09 GMT
server: nginx
x-robots-tag: noindex, nofollow
age: 4271117
accept-ranges: bytes
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/sdk/v1/native-banner-default.css
200 OK 4.0 kB URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/native-banner-default.css
IP
File type ASCII text, with very long lines (4026), with no line terminators
Hash 1df9f39a5a093634d0eb36a0c05bdecd
6c296914236f24256018fdd02dccb5f0ec5af9be
16933ec5edea2ccaa38e2d5913406da7d00513d7ff6b1e967e6f19190be0643c
GET /sdk/v1/native-banner-default.css HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=ee9564c3-3381-490d-8db1-f2996a93de54; bfq=APeIECNCxxYZOGzAkEHjRhcWIsYU3BLjoYgyE2PYuFGjI0McMLr0URAQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/css
content-length: 4026
etag: "62975939-fba"
last-modified: Wed, 01 Jun 2022 12:19:05 GMT
server: nginx
x-robots-tag: noindex, nofollow
age: 20597537
accept-ranges: bytes
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/d5ec658bb6f8499890031968724d23c0.html?
200 OK 2.5 kB URL HTTP/2 tsyndicate.com/iframes2/d5ec658bb6f8499890031968724d23c0.html?
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3772)
Hash 803bed5547166847648f13034e583180
f56ab993a5a53cd269aef11e79f2c6450c27a1d4
46bac61b1c93aefffd430c9d5216d6a3fbc620899fb4eabca848e17798e49e92
GET /iframes2/d5ec658bb6f8499890031968724d23c0.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://networkpb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: 1134b4ec5a7a15cf
set-cookie: ts_uid=9f87667c-9e2d-4f42-b94a-38790387accf; expires=Thu, 03 Aug 2023 23:14:40 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZN3LIkEEjRhcWIsYU3OIQYpmJMWzcqMGRIQ4YXfoo; expires=Sat, 04 Feb 2023 23:14:40 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/sdk/v1/b.b.js
304 Not Modified 0 B URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=8e6f20f1-ebcd-4787-af84-725034cde8a5; bfq=APeIECNCxxYZN2zQUFijCwsRYwpuieFQRBmJMWzcqMFRBg0cMLr0URAQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
If-Modified-Since: Tue, 22 Feb 2022 13:07:15 GMT
If-None-Match: W/"6214e003-1eb1"
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 03 Feb 2023 23:14:40 GMT
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 28731817
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/sdk/v1/b.b.js
304 Not Modified 0 B URL HTTP/2 lcdn.tsyndicate.com/sdk/v1/b.b.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk/v1/b.b.js HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=8e6f20f1-ebcd-4787-af84-725034cde8a5; bfq=APeIECNCxxYZN2zQUFijCwsRYwpuieFQRBmJMWzcqMFRBg0cMLr0URAQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
If-Modified-Since: Tue, 22 Feb 2022 13:07:15 GMT
If-None-Match: W/"6214e003-1eb1"
TE: trailers
HTTP/2 304 Not Modified
date: Fri, 03 Feb 2023 23:14:40 GMT
last-modified: Tue, 22 Feb 2022 13:07:15 GMT
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
etag: W/"6214e003-1eb1"
age: 28731817
X-Firefox-Spdy: h2
lcdn.tsyndicate.com/error/banner.html
200 OK 355 B URL HTTP/2 lcdn.tsyndicate.com/error/banner.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8b1f15be621db10926fe9a4cf5e065a7
cbf25705dce9a6cdc92fca1b42924c31a4325b09
0a9c708f0537719d5a20bfaa8343363a0283320fb1776657d913a6a4f2030287
GET /error/banner.html HTTP/1.1
Host: lcdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=8e6f20f1-ebcd-4787-af84-725034cde8a5; bfq=APeIECNCxxYZN2zQUFijCwsRYwpuieFQRBmJMWzcqMFRBg0cMLr0URAQ
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/html
content-length: 355
last-modified: Thu, 28 Jul 2022 14:10:05 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"62e298bd-297"
age: 13388824
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.tsyndicate.com/sdk/v1/backup.banner.js
200 OK 1.2 kB URL HTTP/2 cdn.tsyndicate.com/sdk/v1/backup.banner.js
IP
File type ASCII text, with very long lines (563)
Hash aaa716b051d8f7e39379acf7dd390b58
a3e9ad6eb9c80ace589dc0fc5f1005f90374938a
8db10d074ca346ebf2267e92e83105ec60527d7e3b4e3f4ddb9157f83715402d
GET /sdk/v1/backup.banner.js HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcdn.tsyndicate.com/
Cookie: ts_uid=8e6f20f1-ebcd-4787-af84-725034cde8a5; bfq=APeIECNCxxYZN2zQUFijCwsRYwpuieFQRBmJMWzcqMFRBg0cMLr0URAQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: application/javascript
content-length: 1197
last-modified: Fri, 16 Dec 2022 12:41:09 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"639c6765-b48"
age: 4270872
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.tsyndicate.com/imges/backup/banner/300x250.png
200 OK 102 kB URL HTTP/2 cdn.tsyndicate.com/imges/backup/banner/300x250.png
IP
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 102 kB (102388 bytes)
Hash b761fe954e9423addda999b0975f1ee1
7baeb7f4b5824624fbe3f2dd6b8e8b291996fd89
824c9ecf5047e7d7f90fbc438be225dbc6c3e2513fca402294432c04667a8509
GET /imges/backup/banner/300x250.png HTTP/1.1
Host: cdn.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcdn.tsyndicate.com/
Cookie: ts_uid=8e6f20f1-ebcd-4787-af84-725034cde8a5; bfq=APeIECNCxxYZN2zQUFijCwsRYwpuieFQRBmJMWzcqMFRBg0cMLr0URAQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: image/png
content-length: 102388
last-modified: Wed, 22 Jun 2022 09:24:43 GMT
server: nginx
x-robots-tag: noindex, nofollow
content-encoding: gzip
vary: Accept-Encoding
etag: W/"62b2dfdb-18fbf"
age: 19575294
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash fe99dce2d214fe1bba009ba0e075e018
238b45faf38b4f4c7483a049a21f065b19a976c1
952d4c7ed5c5eefbfdedd2fe8bcd76401cdce36352e911109eb35492484f7b61
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5874
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:40 GMT
Last-Modified: Fri, 03 Feb 2023 21:36:46 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 314 B IP
Hash fe99dce2d214fe1bba009ba0e075e018
238b45faf38b4f4c7483a049a21f065b19a976c1
952d4c7ed5c5eefbfdedd2fe8bcd76401cdce36352e911109eb35492484f7b61
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5874
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:40 GMT
Last-Modified: Fri, 03 Feb 2023 21:36:46 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
200 OK 279 B IP
Hash e69146b2b3cc4fedc68b10de5fa1c071
90d9d81bb5513e701edac6b93fea10d0d536e2f1
f3706f157fe37709ef692f56e8bbd7763e372b0a02926ce27892769860f7e9f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2586
Cache-Control: max-age=150450
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:40 GMT
Etag: "63dd33f8-117"
Expires: Sun, 05 Feb 2023 17:02:10 GMT
Last-Modified: Fri, 03 Feb 2023 16:19:04 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
pxl.tsyndicate.com/api/v1/backup.gif?t=native&tct=adult
200 OK 35 B URL HTTP/2 pxl.tsyndicate.com/api/v1/backup.gif?t=native&tct=adult
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/backup.gif?t=native&tct=adult HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=ee9564c3-3381-490d-8db1-f2996a93de54; bfq=APeIECNCxxYZOGzAkEHjRhcWIsYU3BLjoYgyE2PYuFGjI0McMLr0URAQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/plain; charset=utf-8
content-length: 35
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XciGEGBo0xOMa0iJGjjJkWNGSEORnmBg4bLWaMMTMGxoySNmmUEfEwTJ0xGWnkEEOGqA0aLcjkgJEDJRkaZFq0xBGjhYwxNG7W2Ooxhw2eEMnYWXjUoQg4dcQspBoDRk84cBbKOOpWxBw4E3XUwOHx4Zg2cXXQoNHQRsWwZsjKeCjGjRu5L2HIoHHjYRs3GAXTgIFj8dnLmUnatPGwjhw2C2fEkHEDhuvSMjKioUMHzhwdL17MKYMnT5syZejUse3ijZwzuue4gIMGzg8iZeykGVOmB_Q5a-i8gcOljuu5Q8IADpPmjJskRHoMLhyj-3cbU96Ypt6jCBb3km0ICeMYYY_23uXnxHQEWRcGHWlght9cVIRxXHD_fbGXRwvaEAQZRhjXxoE9OHFgGnaUUeEQb8xBRw8wVAiFHNMleEYTbxzERg9DQNFEhUQwgeKIb7hBRR5wVBcEE0zwWIcbdMiRR4dPVEiFHBGt4V9bYJHxRhsZuRHcHcatAYcYLoxxJVhjHLjQFjZ08RAccgDFUBktwGCWGInpAIMLMBw2BhxtfMGmm3e61tlDctgRWAw4PFTGnljaiedhddSRRkbA5VDDUWPMENMMVKG0VFQ4FFWVGTLk4FUYOcxwUA00gJVGYCLkEIMLS7mQkgsNtUroF69mJCutd96aK1h1hJERjHqkwQYbYbxQA54goHBFglbeMQcITlABQlt47gDCtG4c5S0e4oJQKENy4pkCCEcsusYbL8iQp2ttxQCCEWnIYdIbeLzQ1rMwkOmmCE48AZZxX4wxcMFgsTFwEU5UGd0X-qLGUA03uDSDDXzVddxjOsiwV2UiHGTHF2LIsVaiJU_cRoyQGfYQGXK8kdpDJS5Ew5o196YzoSbJRpttuL2gJR1cyuElmGK28QJYcxSaUc10HGhcC0emQcdIN7hAxhirVTnwQV98HbZFjcZgww2s2mADZ3XR0UZsDK3d9tt8reaZQRSXcdcXZtbNNg1uw3BDDoqeHAYbCNGhkA5bzCCDmhCJkVfLZvjExkRrOrxQXYyeDCWCNjPkV2gy9KFAQA%3D%3D&s=cb68fd0a7915002d168627c6a31d37a08cea3de02d2a20ea23d7f78986f6c1151675466080&w=t&r=1&d=3&priv=false
200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XciGEGBo0xOMa0iJGjjJkWNGSEORnmBg4bLWaMMTMGxoySNmmUEfEwTJ0xGWnkEEOGqA0aLcjkgJEDJRkaZFq0xBGjhYwxNG7W2Ooxhw2eEMnYWXjUoQg4dcQspBoDRk84cBbKOOpWxBw4E3XUwOHx4Zg2cXXQoNHQRsWwZsjKeCjGjRu5L2HIoHHjYRs3GAXTgIFj8dnLmUnatPGwjhw2C2fEkHEDhuvSMjKioUMHzhwdL17MKYMnT5syZejUse3ijZwzuue4gIMGzg8iZeykGVOmB_Q5a-i8gcOljuu5Q8IADpPmjJskRHoMLhyj-3cbU96Ypt6jCBb3km0ICeMYYY_23uXnxHQEWRcGHWlght9cVIRxXHD_fbGXRwvaEAQZRhjXxoE9OHFgGnaUUeEQb8xBRw8wVAiFHNMleEYTbxzERg9DQNFEhUQwgeKIb7hBRR5wVBcEE0zwWIcbdMiRR4dPVEiFHBGt4V9bYJHxRhsZuRHcHcatAYcYLoxxJVhjHLjQFjZ08RAccgDFUBktwGCWGInpAIMLMBw2BhxtfMGmm3e61tlDctgRWAw4PFTGnljaiedhddSRRkbA5VDDUWPMENMMVKG0VFQ4FFWVGTLk4FUYOcxwUA00gJVGYCLkEIMLS7mQkgsNtUroF69mJCutd96aK1h1hJERjHqkwQYbYbxQA54goHBFglbeMQcITlABQlt47gDCtG4c5S0e4oJQKENy4pkCCEcsusYbL8iQp2ttxQCCEWnIYdIbeLzQ1rMwkOmmCE48AZZxX4wxcMFgsTFwEU5UGd0X-qLGUA03uDSDDXzVddxjOsiwV2UiHGTHF2LIsVaiJU_cRoyQGfYQGXK8kdpDJS5Ew5o196YzoSbJRpttuL2gJR1cyuElmGK28QJYcxSaUc10HGhcC0emQcdIN7hAxhirVTnwQV98HbZFjcZgww2s2mADZ3XR0UZsDK3d9tt8reaZQRSXcdcXZtbNNg1uw3BDDoqeHAYbCNGhkA5bzCCDmhCJkVfLZvjExkRrOrxQXYyeDCWCNjPkV2gy9KFAQA%3D%3D&s=cb68fd0a7915002d168627c6a31d37a08cea3de02d2a20ea23d7f78986f6c1151675466080&w=t&r=1&d=3&priv=false
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0XciGEGBo0xOMa0iJGjjJkWNGSEORnmBg4bLWaMMTMGxoySNmmUEfEwTJ0xGWnkEEOGqA0aLcjkgJEDJRkaZFq0xBGjhYwxNG7W2Ooxhw2eEMnYWXjUoQg4dcQspBoDRk84cBbKOOpWxBw4E3XUwOHx4Zg2cXXQoNHQRsWwZsjKeCjGjRu5L2HIoHHjYRs3GAXTgIFj8dnLmUnatPGwjhw2C2fEkHEDhuvSMjKioUMHzhwdL17MKYMnT5syZejUse3ijZwzuue4gIMGzg8iZeykGVOmB_Q5a-i8gcOljuu5Q8IADpPmjJskRHoMLhyj-3cbU96Ypt6jCBb3km0ICeMYYY_23uXnxHQEWRcGHWlght9cVIRxXHD_fbGXRwvaEAQZRhjXxoE9OHFgGnaUUeEQb8xBRw8wVAiFHNMleEYTbxzERg9DQNFEhUQwgeKIb7hBRR5wVBcEE0zwWIcbdMiRR4dPVEiFHBGt4V9bYJHxRhsZuRHcHcatAYcYLoxxJVhjHLjQFjZ08RAccgDFUBktwGCWGInpAIMLMBw2BhxtfMGmm3e61tlDctgRWAw4PFTGnljaiedhddSRRkbA5VDDUWPMENMMVKG0VFQ4FFWVGTLk4FUYOcxwUA00gJVGYCLkEIMLS7mQkgsNtUroF69mJCutd96aK1h1hJERjHqkwQYbYbxQA54goHBFglbeMQcITlABQlt47gDCtG4c5S0e4oJQKENy4pkCCEcsusYbL8iQp2ttxQCCEWnIYdIbeLzQ1rMwkOmmCE48AZZxX4wxcMFgsTFwEU5UGd0X-qLGUA03uDSDDXzVddxjOsiwV2UiHGTHF2LIsVaiJU_cRoyQGfYQGXK8kdpDJS5Ew5o196YzoSbJRpttuL2gJR1cyuElmGK28QJYcxSaUc10HGhcC0emQcdIN7hAxhirVTnwQV98HbZFjcZgww2s2mADZ3XR0UZsDK3d9tt8reaZQRSXcdcXZtbNNg1uw3BDDoqeHAYbCNGhkA5bzCCDmhCJkVfLZvjExkRrOrxQXYyeDCWCNjPkV2gy9KFAQA%3D%3D&s=cb68fd0a7915002d168627c6a31d37a08cea3de02d2a20ea23d7f78986f6c1151675466080&w=t&r=1&d=3&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=8e6f20f1-ebcd-4787-af84-725034cde8a5; bfq=APeIECNCxxYZN2zQUFijCwsRYwpuieFQRBmJMWzcqMFRBg0cMLr0URAQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/backup.gif?t=banner&tct=adult
200 OK 35 B URL HTTP/2 pxl.tsyndicate.com/api/v1/backup.gif?t=banner&tct=adult
IP
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /api/v1/backup.gif?t=banner&tct=adult HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lcdn.tsyndicate.com/
Cookie: ts_uid=8e6f20f1-ebcd-4787-af84-725034cde8a5; bfq=APeIECNCxxYZN2zQUFijCwsRYwpuieFQRBmJMWzcqMFRBg0cMLr0URAQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/plain; charset=utf-8
content-length: 35
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
go.xlivrdr.com/smartpop/c3fa347280578e90a9e8ab1e6280c0e361524d151dcbfe6bb5b723fee947ce88?userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&sourceId=349012&memberId=YK5gWK7lg4MKzctLkvcNKPG-gs5V7O7p5t8cafCj0bYenamcteoPHzWeZ32UUhXMa5HXyqnKJwDHaZU3BpghYYvGL8jGwoNJO3-40z2a56HL_dcK_gUIDRUi&p1=3651380&tag=trans%2C-trans
302 Found 0 B URL HTTP/2 go.xlivrdr.com/smartpop/c3fa347280578e90a9e8ab1e6280c0e361524d151dcbfe6bb5b723fee947ce88?userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&sourceId=349012&memberId=YK5gWK7lg4MKzctLkvcNKPG-gs5V7O7p5t8cafCj0bYenamcteoPHzWeZ32UUhXMa5HXyqnKJwDHaZU3BpghYYvGL8jGwoNJO3-40z2a56HL_dcK_gUIDRUi&p1=3651380&tag=trans%2C-trans
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/c3fa347280578e90a9e8ab1e6280c0e361524d151dcbfe6bb5b723fee947ce88?userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&sourceId=349012&memberId=YK5gWK7lg4MKzctLkvcNKPG-gs5V7O7p5t8cafCj0bYenamcteoPHzWeZ32UUhXMa5HXyqnKJwDHaZU3BpghYYvGL8jGwoNJO3-40z2a56HL_dcK_gUIDRUi&p1=3651380&tag=trans%2C-trans HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 03 Feb 2023 23:14:40 GMT
content-length: 0
location: https://creative.xliirdr.com/widgets/v4/Universal?campaignId=c3fa347280578e90a9e8ab1e6280c0e361524d151dcbfe6bb5b723fee947ce88&campaignType=smartpop&creativeId=f7d35c19e8363f8e59e197e6034e23aaac0f22600b273fb0cad1f12ae1c95358&iterationId=383554&masterSmartpopId=1605&memberId=YK5gWK7lg4MKzctLkvcNKPG-gs5V7O7p5t8cafCj0bYenamcteoPHzWeZ32UUhXMa5HXyqnKJwDHaZU3BpghYYvGL8jGwoNJO3-40z2a56HL_dcK_gUIDRUi&p1=3651380&quality=optimal&ruleId=3&smartpopId=1547&sourceId=349012&tag=trans%2C-trans&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=30029
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=808613.30029; Path=/; HttpOnly; SameSite=Strict
__cflb=02DiuDfsBaY2bRYJiCeRWUB3HBu9a5K9W449WSphbZpzY; SameSite=None; Secure; path=/; expires=Sat, 04-Feb-23 22:14:40 GMT; HttpOnly
server: cloudflare
cf-ray: 793edd3c79b51c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash e69146b2b3cc4fedc68b10de5fa1c071
90d9d81bb5513e701edac6b93fea10d0d536e2f1
f3706f157fe37709ef692f56e8bbd7763e372b0a02926ce27892769860f7e9f0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4049
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:40 GMT
Last-Modified: Fri, 03 Feb 2023 22:07:11 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
200 OK 5.0 kB URL HTTP/1.1 hw-cdn2.ang-content.com/delivery/vortex/vortex-simple-1.0.0.js
IP
File type ASCII text, with very long lines (5027), with no line terminators
Hash 5e5817bcf4c82c7c85d1d88636d221ce
b5c32cc6c931c33c1297884016e13d3b9a5bf261
6f0e50ac39121175ca0427c4e87cdfa2520b526c8497e23cffbca726eb6ca42c
GET /delivery/vortex/vortex-simple-1.0.0.js HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:14:40 GMT
Connection: Keep-Alive
ETag: "1541168231"
Content-Length: 5027
Content-Type: application/javascript
Last-Modified: Fri, 02 Nov 2018 14:17:11 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10397464
X-HW: 1675466080.dop213.sk1.t,1675466080.cds205.sk1.shn,1675466080.cds205.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
200 OK 17 kB URL HTTP/1.1 hw-cdn2.adtng.com/delivery/intersection_observer/IntersectionObserver.js
IP
File type ASCII text, with very long lines (16885), with no line terminators
Hash 48c80c7c28b5b00a8b4ff94a22b72fe3
d57303c2ad2fd5cedc5cb20f264a6965a7819cee
6e9be773031b3234fb9c2d6cf3d9740db1208f4351beca325ec34f76fd38f356
GET /delivery/intersection_observer/IntersectionObserver.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:14:40 GMT
Connection: Keep-Alive
ETag: "1649192094"
Content-Length: 16885
Content-Type: application/javascript
Last-Modified: Tue, 05 Apr 2022 20:54:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10407910
X-HW: 1675466080.dop225.sk1.t,1675466080.cds261.sk1.shn,1675466080.cds261.sk1.c
Access-Control-Allow-Origin: *
hw-cdn2.ang-content.com/a7/creatives/57/604/814687/1035652/1035652_logo.png
200 OK 6.4 kB URL HTTP/1.1 hw-cdn2.ang-content.com/a7/creatives/57/604/814687/1035652/1035652_logo.png
IP
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash cf9d069e9033a5cfe5a17fafd82e1292
5136087ba17c2797496426a7e58ee6469cb8ed01
d9f884a33f226f8b83d231e4d84f490c3ac8024034cb82cb27820d78032f0f07
GET /a7/creatives/57/604/814687/1035652/1035652_logo.png HTTP/1.1
Host: hw-cdn2.ang-content.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:14:40 GMT
Connection: Keep-Alive
ETag: "1655989733"
Content-Length: 6424
Content-Type: image/png
Last-Modified: Thu, 23 Jun 2022 13:08:53 GMT
Accept-Ranges: bytes
Cache-Control: max-age=10709905
X-HW: 1675466080.dop014.sk1.t,1675466080.cds259.sk1.shn,1675466080.dop014.sk1.t,1675466080.cds247.sk1.c
Access-Control-Allow-Origin: *
ocsp.pki.goog/s/gts1p5/BAk8LBNPLt0
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/BAk8LBNPLt0
IP
Hash c3561b7bbc02f3890e514c693fda79b0
7345fe4da5cb42dc8eaaa0d8fe427441480a68b7
e93cfbee86cf4631553d664ae4074a21fdefd363d7902216b443004e671130d8
POST /s/gts1p5/BAk8LBNPLt0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zCyHCmHHjhpkbM1rAoDEjRgsaNXKQaYFjzIwyLcLcgBHGRowYYcSMUSniYZg6YzLOqCmmBpkcMFrkuEHyZA0bOJTiuGFSBlMaG2mKoRHjRk-IZOwstJHDhoyHcOqIWYjjJgyfcOAslGED68M5cCbqoCEDBg4YMGw8HNNG7l4ZM2og9knGDMWHYty4mXsjhwwZXB-2cYNRh9UZZNFu7hwDKeiHdWJkREOHDpw5Ol68COPCIB3OLsa8afPiTBk6L2IAFo44xw86adqU6dHQMo0cwkHCKM2lDmC6YeiM6cE3MeLq122EgSOmBxYZVozMIJNkBg4oYdScyZHTyho5LexEKZODDpI1RtSRxxVuPJHDGnlAocdRTVARQxA1uPEGHW-0wIYcd1ihBxFWMLEEGW3cEIQM2U1BhRF0rOGEHnYgAQcRQ5RBxhFFfCFGHjRo8UQMeTwhBhEz0ICGE2EocQMeZxxhgxRpLJHDF3Xo8cQTUcQRRwtGFBGfEXY42EYTeLhhRxNfnFFFEkRIUUUaX8HRxlwPveEmnCKQsVtGbvx2xxtyrEFebncOlt1CW9jQBVpyBOXZWyLAEUYebbxBxkI1MCqGYzrA4MJ0D8lhh2Ex4IBaHWzqIEIOZkxlgw03jKFUGTKsRIMZfLUgRg40hNGCe5VtNFVEYzj2UBqGnRqDC0i5wJcLDdHwlRxfEJsRdMhqumyzX9URRkZNvKFHGmywEcYLNWwKAgpXpOGGnXfMAYITVIAg3KY7gJCuG3XVi0e-IHjKEAzlwpACCEeUMcYab7zQl3DTTQeCEWnIUYYZb-ARHMCbfjWGoiI48cRXfH6xcUYef8UGx0U48dVBdnwhMRsU1dARDqD9xagcZ0zmWQ1TPcSyjXKwJWqdZbQc6aSe4WCTz3K8sdAMcSq0F6IV57EQDZ1OvFprr8X2Qp507Nnnn7rx9tUcnmbUNB3Z8dlCHW6kQcdJmpIxRgwyrMzxQV_YjfdXdLzJEKs10LCqX4wGnvfgNxR--F-lVQSWy2Xg9cWgjDtuAwyV-SSGXkSb8RMbE6F18kKMjtEZDH0oEBA%3D&s=5145a64a939b0f5ca0a6cbdea07351eabad847e2cf0f7b1b718da123bca3eac11675466080&w=t&r=1&d=267&priv=false
200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zCyHCmHHjhpkbM1rAoDEjRgsaNXKQaYFjzIwyLcLcgBHGRowYYcSMUSniYZg6YzLOqCmmBpkcMFrkuEHyZA0bOJTiuGFSBlMaG2mKoRHjRk-IZOwstJHDhoyHcOqIWYjjJgyfcOAslGED68M5cCbqoCEDBg4YMGw8HNNG7l4ZM2og9knGDMWHYty4mXsjhwwZXB-2cYNRh9UZZNFu7hwDKeiHdWJkREOHDpw5Ol68COPCIB3OLsa8afPiTBk6L2IAFo44xw86adqU6dHQMo0cwkHCKM2lDmC6YeiM6cE3MeLq122EgSOmBxYZVozMIJNkBg4oYdScyZHTyho5LexEKZODDpI1RtSRxxVuPJHDGnlAocdRTVARQxA1uPEGHW-0wIYcd1ihBxFWMLEEGW3cEIQM2U1BhRF0rOGEHnYgAQcRQ5RBxhFFfCFGHjRo8UQMeTwhBhEz0ICGE2EocQMeZxxhgxRpLJHDF3Xo8cQTUcQRRwtGFBGfEXY42EYTeLhhRxNfnFFFEkRIUUUaX8HRxlwPveEmnCKQsVtGbvx2xxtyrEFebncOlt1CW9jQBVpyBOXZWyLAEUYebbxBxkI1MCqGYzrA4MJ0D8lhh2Ex4IBaHWzqIEIOZkxlgw03jKFUGTKsRIMZfLUgRg40hNGCe5VtNFVEYzj2UBqGnRqDC0i5wJcLDdHwlRxfEJsRdMhqumyzX9URRkZNvKFHGmywEcYLNWwKAgpXpOGGnXfMAYITVIAg3KY7gJCuG3XVi0e-IHjKEAzlwpACCEeUMcYab7zQl3DTTQeCEWnIUYYZb-ARHMCbfjWGoiI48cRXfH6xcUYef8UGx0U48dVBdnwhMRsU1dARDqD9xagcZ0zmWQ1TPcSyjXKwJWqdZbQc6aSe4WCTz3K8sdAMcSq0F6IV57EQDZ1OvFprr8X2Qp507Nnnn7rx9tUcnmbUNB3Z8dlCHW6kQcdJmpIxRgwyrMzxQV_YjfdXdLzJEKs10LCqX4wGnvfgNxR--F-lVQSWy2Xg9cWgjDtuAwyV-SSGXkSb8RMbE6F18kKMjtEZDH0oEBA%3D&s=5145a64a939b0f5ca0a6cbdea07351eabad847e2cf0f7b1b718da123bca3eac11675466080&w=t&r=1&d=267&priv=false
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zCyHCmHHjhpkbM1rAoDEjRgsaNXKQaYFjzIwyLcLcgBHGRowYYcSMUSniYZg6YzLOqCmmBpkcMFrkuEHyZA0bOJTiuGFSBlMaG2mKoRHjRk-IZOwstJHDhoyHcOqIWYjjJgyfcOAslGED68M5cCbqoCEDBg4YMGw8HNNG7l4ZM2og9knGDMWHYty4mXsjhwwZXB-2cYNRh9UZZNFu7hwDKeiHdWJkREOHDpw5Ol68COPCIB3OLsa8afPiTBk6L2IAFo44xw86adqU6dHQMo0cwkHCKM2lDmC6YeiM6cE3MeLq122EgSOmBxYZVozMIJNkBg4oYdScyZHTyho5LexEKZODDpI1RtSRxxVuPJHDGnlAocdRTVARQxA1uPEGHW-0wIYcd1ihBxFWMLEEGW3cEIQM2U1BhRF0rOGEHnYgAQcRQ5RBxhFFfCFGHjRo8UQMeTwhBhEz0ICGE2EocQMeZxxhgxRpLJHDF3Xo8cQTUcQRRwtGFBGfEXY42EYTeLhhRxNfnFFFEkRIUUUaX8HRxlwPveEmnCKQsVtGbvx2xxtyrEFebncOlt1CW9jQBVpyBOXZWyLAEUYebbxBxkI1MCqGYzrA4MJ0D8lhh2Ex4IBaHWzqIEIOZkxlgw03jKFUGTKsRIMZfLUgRg40hNGCe5VtNFVEYzj2UBqGnRqDC0i5wJcLDdHwlRxfEJsRdMhqumyzX9URRkZNvKFHGmywEcYLNWwKAgpXpOGGnXfMAYITVIAg3KY7gJCuG3XVi0e-IHjKEAzlwpACCEeUMcYab7zQl3DTTQeCEWnIUYYZb-ARHMCbfjWGoiI48cRXfH6xcUYef8UGx0U48dVBdnwhMRsU1dARDqD9xagcZ0zmWQ1TPcSyjXKwJWqdZbQc6aSe4WCTz3K8sdAMcSq0F6IV57EQDZ1OvFprr8X2Qp507Nnnn7rx9tUcnmbUNB3Z8dlCHW6kQcdJmpIxRgwyrMzxQV_YjfdXdLzJEKs10LCqX4wGnvfgNxR--F-lVQSWy2Xg9cWgjDtuAwyV-SSGXkSb8RMbE6F18kKMjtEZDH0oEBA%3D&s=5145a64a939b0f5ca0a6cbdea07351eabad847e2cf0f7b1b718da123bca3eac11675466080&w=t&r=1&d=267&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=8e6f20f1-ebcd-4787-af84-725034cde8a5; bfq=APeIECNCxxYZN2zQUFijCwsRYwpuieFQRBmJMWzcqMFRBg0cMLr0URAQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WUgSEmRgwzN260GDMmhowWNGiIOZkjxowxLTqGgUEjRhkbOcyoFPEwTJ0xGcfksFFmRgwaOFoctREGJY2hMcXMoNGizA2QZGQcnJEDRg2eEMnYWYjThoyHcOqIWYjDI4yecOAslGGDxlsRc-BM1EFDBgwcMLw-HNNGLt8YNkJWDGuG4kMxbtzMvVG3rkMRbdxg1CHjxgycaDNvjtH188M6MTKioUMHzhwdL16EcWGQjmYXY960eXGmDJ0XMQIHl8H1B500bcr0aJhDxtPgnmGQ5lInMN0wdMb0qJn4Rgzq1pnCEdOjzRMpN2Q8EfJlyAwsMb4UecOGSgs6duAU-TKlyZUoaFChxx1CUHFFDC3MYIQcTThRQxlCnHFHGi0QEYQUaTnRRhpTCKEGfGuo8cYdObBBRBNR2IEGDUpQgQQeur3BxBV6LJFFC2s4QRAbRsyxBhtN5HEFES3kccMSVKCBRhpSjLHGDU7YkQYZV3xxRhVJECFFFWmABUcbjonwxpdhkqFbRm74dscbcqwxHm5nDobdQlvY0AVacgClAwwuCPdYY3v2udgYX34BR54L8WkdDDnQ8JAc-VGEw0NlEApmoNbVUIOjItRRR5c6iIDDTWb4ZQaCZYgxBhko3YCDSGGYgQNV6dUAw1SrloFDGF89lIZhIrTkQlcu9OVCQzSAJccXv2YkLLHGIgtWHWFk1MQbeqTBBhthvFBDnyCgcEUabph5xxwgOEEFCMH1uQMI47pR17t4zAsCpAx51WcKIBxR6RpvvOBXcNJJB4IRachRhhlv4AGcvjCARVJGTjwBFptfTBxqxWCxoacIRTgB1kF2fKEwGxTVEBIOnwF2lxxnSMZZDa8-RPIXYsjB1qQi3NzGG2TMhYMNi5EhxxsLzfDQGwrxhWfDeSzEqcKADsSaa7C9kCYda7b5Zm67gTUHpBkdTQd2bLZQhxtp0NGCDDi4QEZJMoz88UFfzG0SWHRcitgNm9pgw1939V03Q4kFPjhgzt1lkMll5PXFnIgDToPgMNyQA6Ulh8EGQnQ0vcVUd0Ikxl49L-wTGxOh5XGig20GQx8KBAQ%3D&s=77228614776d23a733e181aaa00d3d6e45fec960cc8690175efdefa6b6f681221675466080&w=t&r=1&d=268&priv=false
200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WUgSEmRgwzN260GDMmhowWNGiIOZkjxowxLTqGgUEjRhkbOcyoFPEwTJ0xGcfksFFmRgwaOFoctREGJY2hMcXMoNGizA2QZGQcnJEDRg2eEMnYWYjThoyHcOqIWYjDI4yecOAslGGDxlsRc-BM1EFDBgwcMLw-HNNGLt8YNkJWDGuG4kMxbtzMvVG3rkMRbdxg1CHjxgycaDNvjtH188M6MTKioUMHzhwdL16EcWGQjmYXY960eXGmDJ0XMQIHl8H1B500bcr0aJhDxtPgnmGQ5lInMN0wdMb0qJn4Rgzq1pnCEdOjzRMpN2Q8EfJlyAwsMb4UecOGSgs6duAU-TKlyZUoaFChxx1CUHFFDC3MYIQcTThRQxlCnHFHGi0QEYQUaTnRRhpTCKEGfGuo8cYdObBBRBNR2IEGDUpQgQQeur3BxBV6LJFFC2s4QRAbRsyxBhtN5HEFES3kccMSVKCBRhpSjLHGDU7YkQYZV3xxRhVJECFFFWmABUcbjonwxpdhkqFbRm74dscbcqwxHm5nDobdQlvY0AVacgClAwwuCPdYY3v2udgYX34BR54L8WkdDDnQ8JAc-VGEw0NlEApmoNbVUIOjItRRR5c6iIDDTWb4ZQaCZYgxBhko3YCDSGGYgQNV6dUAw1SrloFDGF89lIZhIrTkQlcu9OVCQzSAJccXv2YkLLHGIgtWHWFk1MQbeqTBBhthvFBDnyCgcEUabph5xxwgOEEFCMH1uQMI47pR17t4zAsCpAx51WcKIBxR6RpvvOBXcNJJB4IRachRhhlv4AGcvjCARVJGTjwBFptfTBxqxWCxoacIRTgB1kF2fKEwGxTVEBIOnwF2lxxnSMZZDa8-RPIXYsjB1qQi3NzGG2TMhYMNi5EhxxsLzfDQGwrxhWfDeSzEqcKADsSaa7C9kCYda7b5Zm67gTUHpBkdTQd2bLZQhxtp0NGCDDi4QEZJMoz88UFfzG0SWHRcitgNm9pgw1939V03Q4kFPjhgzt1lkMll5PXFnIgDToPgMNyQA6Ulh8EGQnQ0vcVUd0Ikxl49L-wTGxOh5XGig20GQx8KBAQ%3D&s=77228614776d23a733e181aaa00d3d6e45fec960cc8690175efdefa6b6f681221675466080&w=t&r=1&d=268&priv=false
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WUgSEmRgwzN260GDMmhowWNGiIOZkjxowxLTqGgUEjRhkbOcyoFPEwTJ0xGcfksFFmRgwaOFoctREGJY2hMcXMoNGizA2QZGQcnJEDRg2eEMnYWYjThoyHcOqIWYjDI4yecOAslGGDxlsRc-BM1EFDBgwcMLw-HNNGLt8YNkJWDGuG4kMxbtzMvVG3rkMRbdxg1CHjxgycaDNvjtH188M6MTKioUMHzhwdL16EcWGQjmYXY960eXGmDJ0XMQIHl8H1B500bcr0aJhDxtPgnmGQ5lInMN0wdMb0qJn4Rgzq1pnCEdOjzRMpN2Q8EfJlyAwsMb4UecOGSgs6duAU-TKlyZUoaFChxx1CUHFFDC3MYIQcTThRQxlCnHFHGi0QEYQUaTnRRhpTCKEGfGuo8cYdObBBRBNR2IEGDUpQgQQeur3BxBV6LJFFC2s4QRAbRsyxBhtN5HEFES3kccMSVKCBRhpSjLHGDU7YkQYZV3xxRhVJECFFFWmABUcbjonwxpdhkqFbRm74dscbcqwxHm5nDobdQlvY0AVacgClAwwuCPdYY3v2udgYX34BR54L8WkdDDnQ8JAc-VGEw0NlEApmoNbVUIOjItRRR5c6iIDDTWb4ZQaCZYgxBhko3YCDSGGYgQNV6dUAw1SrloFDGF89lIZhIrTkQlcu9OVCQzSAJccXv2YkLLHGIgtWHWFk1MQbeqTBBhthvFBDnyCgcEUabph5xxwgOEEFCMH1uQMI47pR17t4zAsCpAx51WcKIBxR6RpvvOBXcNJJB4IRachRhhlv4AGcvjCARVJGTjwBFptfTBxqxWCxoacIRTgB1kF2fKEwGxTVEBIOnwF2lxxnSMZZDa8-RPIXYsjB1qQi3NzGG2TMhYMNi5EhxxsLzfDQGwrxhWfDeSzEqcKADsSaa7C9kCYda7b5Zm67gTUHpBkdTQd2bLZQhxtp0NGCDDi4QEZJMoz88UFfzG0SWHRcitgNm9pgw1939V03Q4kFPjhgzt1lkMll5PXFnIgDToPgMNyQA6Ulh8EGQnQ0vcVUd0Ikxl49L-wTGxOh5XGig20GQx8KBAQ%3D&s=77228614776d23a733e181aaa00d3d6e45fec960cc8690175efdefa6b6f681221675466080&w=t&r=1&d=268&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=8e6f20f1-ebcd-4787-af84-725034cde8a5; bfq=APeIECNCxxYZN2zQUFijCwsRYwpuieFQRBmJMWzcqMFRBg0cMLr0URAQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/BAk8LBNPLt0
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/BAk8LBNPLt0
IP
Hash c3561b7bbc02f3890e514c693fda79b0
7345fe4da5cb42dc8eaaa0d8fe427441480a68b7
e93cfbee86cf4631553d664ae4074a21fdefd363d7902216b443004e671130d8
POST /s/gts1p5/BAk8LBNPLt0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WYEXMDRg4YMcK0KDMjjJgWNMTgyNFCTIwyNlrgmDGGRkcxY26MiTFGxMMwdXrqEJFDjMcaZsawrHGjKEocZsrIxDFGRoucMcjI0JljBlUZPiGSsUMRB40cOB7CqSNmIY4YMWD8hANnoQwbNOSKmANnoo4ZNmrE8Kp3TJu6f8-ClPGTjBm7Mx6KcePGLo27NGzceNjGDUaGM2TI0Aun8-cYHwE_rBMjIxo6dODM0fHixZk3LvCwSWNHDhk5Lsa8afNiTpswcmK_gfNizAwzYWbYlIEDBlMcZT6GyVEGh8mXNqjDGAODpI2GMmiQaZh1jJioNsSIqcFRxvMy2W2O6Y7jR505CCVBRg9lkEEDSTScNZoMYSQYBnRvzdAQDDdstx6DPOUQXmgx4GBDeSklVVUYYcQgxgwldbjSDWJ8WAYXdcAAw11zvFGHHPsJ2IN0H8UgA4wy3tVGGW2IEeCANoThxBc24EDGEV8QYQUbQnyBBBlYNCHHGzcwcQcNVVgxxw03CNHCDHUoUQQeOahRgwxS0GCFEXBYUUUTWNgRhxRjnEGEG3jQsUYMbsiRhBxxRDEHFnDggYcNegwRRBJEJHjGF00MgQZccYQxBwx0WIHGHNgdkcYRceSwxBOOmSjDHEOo8cYXZ1RBqRRVpAHkjDbAEcOOgQ1W3a530RHGGT3QIUcYbsxRggxDtKAsswo9RMZwGblRBh13vCHHGnCIERy2D40Rhl9b2NCFZI_pAIMLID0khx2IdbhaHWlk5JF5HrGkkncoiUHDGC3kcIMZN7RkxkdlyNAQDTXAQEZYaSBGVAwufOTCZS48HJYcX1ScUQ4Ya8yxx6uFkVETb-iRBhtshPFCDfCCgMIVabhx7R1zgOAEFSDEBe8OIODsBl5EP0oD0fMyZB28KYBwRBljrPHGC6PFBRJIIBiRhhxlmPEGHi_ERTMMYY0hlAhOPBGWt1-onVHbYbGxdhFOhHWQHV-AzQZFTN0wU5MyyntGZTrIUAMOm4mw9xdiyOFWWo6XwXcbb0ycuIcVOb7lQpGJ8IZCOtCg1pZ45LGQ6SKA3e5AsMlG2wvacustuOIKR1xYc8yb0ZbG0uFtC3W4kQYdZ8rgAhk7gWXt2gd9wbyPYdHRBkWa1ZDZh9VZ1AZYDGW_PQzVad1Y32Xw9cW52N-gvQ0fNvWQ5euzgRAdpG8h3boQieFX5dCpAxsmoha7LaQwn4FBHxQQEA%3D%3D&s=076357e2766cd3c396c243678ec2452bcb8a385158d80557c70b3412ec98648b1675466080&w=t&r=1&d=450&priv=false
200 OK 24 B URL HTTP/2 pxl.tsyndicate.com/api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WYEXMDRg4YMcK0KDMjjJgWNMTgyNFCTIwyNlrgmDGGRkcxY26MiTFGxMMwdXrqEJFDjMcaZsawrHGjKEocZsrIxDFGRoucMcjI0JljBlUZPiGSsUMRB40cOB7CqSNmIY4YMWD8hANnoQwbNOSKmANnoo4ZNmrE8Kp3TJu6f8-ClPGTjBm7Mx6KcePGLo27NGzceNjGDUaGM2TI0Aun8-cYHwE_rBMjIxo6dODM0fHixZk3LvCwSWNHDhk5Lsa8afNiTpswcmK_gfNizAwzYWbYlIEDBlMcZT6GyVEGh8mXNqjDGAODpI2GMmiQaZh1jJioNsSIqcFRxvMy2W2O6Y7jR505CCVBRg9lkEEDSTScNZoMYSQYBnRvzdAQDDdstx6DPOUQXmgx4GBDeSklVVUYYcQgxgwldbjSDWJ8WAYXdcAAw11zvFGHHPsJ2IN0H8UgA4wy3tVGGW2IEeCANoThxBc24EDGEV8QYQUbQnyBBBlYNCHHGzcwcQcNVVgxxw03CNHCDHUoUQQeOahRgwxS0GCFEXBYUUUTWNgRhxRjnEGEG3jQsUYMbsiRhBxxRDEHFnDggYcNegwRRBJEJHjGF00MgQZccYQxBwx0WIHGHNgdkcYRceSwxBOOmSjDHEOo8cYXZ1RBqRRVpAHkjDbAEcOOgQ1W3a530RHGGT3QIUcYbsxRggxDtKAsswo9RMZwGblRBh13vCHHGnCIERy2D40Rhl9b2NCFZI_pAIMLID0khx2IdbhaHWlk5JF5HrGkkncoiUHDGC3kcIMZN7RkxkdlyNAQDTXAQEZYaSBGVAwufOTCZS48HJYcX1ScUQ4Ya8yxx6uFkVETb-iRBhtshPFCDfCCgMIVabhx7R1zgOAEFSDEBe8OIODsBl5EP0oD0fMyZB28KYBwRBljrPHGC6PFBRJIIBiRhhxlmPEGHi_ERTMMYY0hlAhOPBGWt1-onVHbYbGxdhFOhHWQHV-AzQZFTN0wU5MyyntGZTrIUAMOm4mw9xdiyOFWWo6XwXcbb0ycuIcVOb7lQpGJ8IZCOtCg1pZ45LGQ6SKA3e5AsMlG2wvacustuOIKR1xYc8yb0ZbG0uFtC3W4kQYdZ8rgAhk7gWXt2gd9wbyPYdHRBkWa1ZDZh9VZ1AZYDGW_PQzVad1Y32Xw9cW52N-gvQ0fNvWQ5euzgRAdpG8h3boQieFX5dCpAxsmoha7LaQwn4FBHxQQEA%3D%3D&s=076357e2766cd3c396c243678ec2452bcb8a385158d80557c70b3412ec98648b1675466080&w=t&r=1&d=450&priv=false
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with no line terminators
Hash 0959ba36d476b6dc1994ba3c678b07c4
d30b94da72daa02766965206a85b7e0356375f5e
897410b87e27e3dfba3a7d6caab315a5e69cc941bb96d91fc74878a9b051843a
GET /api/v1/p/p.js?p=APeIQFMmDJkycuaI0BGjBgsRYcbQWRjjIZ0zC0WYEXMDRg4YMcK0KDMjjJgWNMTgyNFCTIwyNlrgmDGGRkcxY26MiTFGxMMwdXrqEJFDjMcaZsawrHGjKEocZsrIxDFGRoucMcjI0JljBlUZPiGSsUMRB40cOB7CqSNmIY4YMWD8hANnoQwbNOSKmANnoo4ZNmrE8Kp3TJu6f8-ClPGTjBm7Mx6KcePGLo27NGzceNjGDUaGM2TI0Aun8-cYHwE_rBMjIxo6dODM0fHixZk3LvCwSWNHDhk5Lsa8afNiTpswcmK_gfNizAwzYWbYlIEDBlMcZT6GyVEGh8mXNqjDGAODpI2GMmiQaZh1jJioNsSIqcFRxvMy2W2O6Y7jR505CCVBRg9lkEEDSTScNZoMYSQYBnRvzdAQDDdstx6DPOUQXmgx4GBDeSklVVUYYcQgxgwldbjSDWJ8WAYXdcAAw11zvFGHHPsJ2IN0H8UgA4wy3tVGGW2IEeCANoThxBc24EDGEV8QYQUbQnyBBBlYNCHHGzcwcQcNVVgxxw03CNHCDHUoUQQeOahRgwxS0GCFEXBYUUUTWNgRhxRjnEGEG3jQsUYMbsiRhBxxRDEHFnDggYcNegwRRBJEJHjGF00MgQZccYQxBwx0WIHGHNgdkcYRceSwxBOOmSjDHEOo8cYXZ1RBqRRVpAHkjDbAEcOOgQ1W3a530RHGGT3QIUcYbsxRggxDtKAsswo9RMZwGblRBh13vCHHGnCIERy2D40Rhl9b2NCFZI_pAIMLID0khx2IdbhaHWlk5JF5HrGkkncoiUHDGC3kcIMZN7RkxkdlyNAQDTXAQEZYaSBGVAwufOTCZS48HJYcX1ScUQ4Ya8yxx6uFkVETb-iRBhtshPFCDfCCgMIVabhx7R1zgOAEFSDEBe8OIODsBl5EP0oD0fMyZB28KYBwRBljrPHGC6PFBRJIIBiRhhxlmPEGHi_ERTMMYY0hlAhOPBGWt1-onVHbYbGxdhFOhHWQHV-AzQZFTN0wU5MyyntGZTrIUAMOm4mw9xdiyOFWWo6XwXcbb0ycuIcVOb7lQpGJ8IZCOtCg1pZ45LGQ6SKA3e5AsMlG2wvacustuOIKR1xYc8yb0ZbG0uFtC3W4kQYdZ8rgAhk7gWXt2gd9wbyPYdHRBkWa1ZDZh9VZ1AZYDGW_PQzVad1Y32Xw9cW52N-gvQ0fNvWQ5euzgRAdpG8h3boQieFX5dCpAxsmoha7LaQwn4FBHxQQEA%3D%3D&s=076357e2766cd3c396c243678ec2452bcb8a385158d80557c70b3412ec98648b1675466080&w=t&r=1&d=450&priv=false HTTP/1.1
Host: pxl.tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Cookie: ts_uid=8e6f20f1-ebcd-4787-af84-725034cde8a5; bfq=APeIECNCxxYZN2zQUFijCwsRYwpuieFQRBmJMWzcqMFRBg0cMLr0URAQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:14:41 GMT
content-type: text/plain; charset=utf-8
content-length: 24
x-robots-tag: noindex, nofollow
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash cad2cbbea1ce1230e86b9e7a892b56f8
81e79b16a92501828fc595fefb99ef628e35b3fb
3303b6ba1771ad887bf7de1aa9063018d03a2fee929992b3c0c7964e13c4c079
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 991
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:41 GMT
Etag: "63dc735b-117"
Last-Modified: Fri, 03 Feb 2023 22:58:10 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
creative.xliirdr.com/widgets/v4/Universal/main.33831b792a3809ba493a.js
200 OK 79 kB URL HTTP/2 creative.xliirdr.com/widgets/v4/Universal/main.33831b792a3809ba493a.js
IP
File type Unicode text, UTF-8 text, with very long lines (35319), with LF, NEL line terminators
Hash 6893490be6533aae7fbcaf746a025cb7
09f2cbb526624d6497a7fa447c7a868fadea26c8
d81ee7ed1e77776dda8e95f1ef7738089f177a1fd1cb59dbd466bb4abb123211
GET /widgets/v4/Universal/main.33831b792a3809ba493a.js HTTP/1.1
Host: creative.xliirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xliirdr.com/widgets/v4/Universal?campaignId=c3fa347280578e90a9e8ab1e6280c0e361524d151dcbfe6bb5b723fee947ce88&campaignType=smartpop&creativeId=f7d35c19e8363f8e59e197e6034e23aaac0f22600b273fb0cad1f12ae1c95358&iterationId=383554&masterSmartpopId=1605&memberId=YK5gWK7lg4MKzctLkvcNKPG-gs5V7O7p5t8cafCj0bYenamcteoPHzWeZ32UUhXMa5HXyqnKJwDHaZU3BpghYYvGL8jGwoNJO3-40z2a56HL_dcK_gUIDRUi&p1=3651380&quality=optimal&ruleId=3&smartpopId=1547&sourceId=349012&tag=trans%2C-trans&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=30029
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 31 Jan 2023 09:52:08 GMT
etag: W/"63d8e4c8-42f63"
expires: Fri, 03 Feb 2023 23:14:26 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 8
vary: Accept-Encoding
server: cloudflare
cf-ray: 793edd3dd9e2b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash cad2cbbea1ce1230e86b9e7a892b56f8
81e79b16a92501828fc595fefb99ef628e35b3fb
3303b6ba1771ad887bf7de1aa9063018d03a2fee929992b3c0c7964e13c4c079
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 991
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:41 GMT
Etag: "63dc735b-117"
Last-Modified: Fri, 03 Feb 2023 22:58:10 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
creative.xliirdr.com/widgets/v4/Universal/main.33831b792a3809ba493a.css
200 OK 34 kB URL HTTP/2 creative.xliirdr.com/widgets/v4/Universal/main.33831b792a3809ba493a.css
IP
File type ASCII text, with very long lines (13315), with no line terminators
Hash 95da7bfbb0fb9d63352b6288daadf01b
70aaa686382dd2622639b9faff378fcf00c7eb9c
7f56fa72f4355439c829ddc2684edc3ba59b4b86260b46ccc4c8f13a6b7399ac
GET /widgets/v4/Universal/main.33831b792a3809ba493a.css HTTP/1.1
Host: creative.xliirdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xliirdr.com/widgets/v4/Universal?campaignId=c3fa347280578e90a9e8ab1e6280c0e361524d151dcbfe6bb5b723fee947ce88&campaignType=smartpop&creativeId=f7d35c19e8363f8e59e197e6034e23aaac0f22600b273fb0cad1f12ae1c95358&iterationId=383554&masterSmartpopId=1605&memberId=YK5gWK7lg4MKzctLkvcNKPG-gs5V7O7p5t8cafCj0bYenamcteoPHzWeZ32UUhXMa5HXyqnKJwDHaZU3BpghYYvGL8jGwoNJO3-40z2a56HL_dcK_gUIDRUi&p1=3651380&quality=optimal&ruleId=3&smartpopId=1547&sourceId=349012&tag=trans%2C-trans&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&variationId=30029
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/css
last-modified: Tue, 31 Jan 2023 09:52:08 GMT
etag: W/"63d8e4c8-3403"
expires: Fri, 03 Feb 2023 23:14:33 GMT
cache-control: max-age=10
pragma: public
cf-cache-status: HIT
age: 8
vary: Accept-Encoding
server: cloudflare
cf-ray: 793edd3dc9dfb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.adtng.com/get/10010239?time=1592491073019&atc=423523&apb=MARzlAIUE9DzzXVhjRveOQzzerUFtpeAGIio9x1PV6rvpIY77IgMM0jVdsNujJ3vQhSceF-gf09O9klSUeqZuFZzvSShFOENb7yTsrhSteEjoNlZHyG1afwagzGApvah0fw_gUIDRUi
200 OK 32 kB URL HTTP/2 a.adtng.com/get/10010239?time=1592491073019&atc=423523&apb=MARzlAIUE9DzzXVhjRveOQzzerUFtpeAGIio9x1PV6rvpIY77IgMM0jVdsNujJ3vQhSceF-gf09O9klSUeqZuFZzvSShFOENb7yTsrhSteEjoNlZHyG1afwagzGApvah0fw_gUIDRUi
IP
Hash eefb9660e978455f91d385dea40ac99a
937b0c49e602aa34d090c72f93d4c6c01493d058
30ad1d4dcd98e81f950f8184aa7df43ab6ad0b5a3d65ae3d958211b6c63de815
GET /get/10010239?time=1592491073019&atc=423523&apb=MARzlAIUE9DzzXVhjRveOQzzerUFtpeAGIio9x1PV6rvpIY77IgMM0jVdsNujJ3vQhSceF-gf09O9klSUeqZuFZzvSShFOENb7yTsrhSteEjoNlZHyG1afwagzGApvah0fw_gUIDRUi HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KEmPdlWBaiSh7ehb9Ag==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7041; path=/; HttpOnly; Secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63DD9560-42FE72AB01BB0A25-32678F3
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 0d32467b2072d17bc565348479da0b77
3fa64c7f279aaf94c7c80bf72ea00bbb3eef4a52
32bb7ace231ca091d2a97f40cd0fff99f922d16dbf16b5b1cff6fd4d33531aa6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 23:14:41 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 05:56:26 GMT
Expires: Fri, 10 Feb 2023 05:56:25 GMT
Etag: "3fa64c7f279aaf94c7c80bf72ea00bbb3eef4a52"
Cache-Control: max-age=541903,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 793edd349befb511-OSL
ocsp.digicert.com/
200 OK 279 B IP
Hash 8df5ddf201e54283a25881c0f3f76082
c0915ec39a113a65908e4956ae0f1e9919dfd992
fdb686441eb7b5b55c915bf8fc5200a0173bfc2a0949cdef442368c1b2809a18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1795
Cache-Control: max-age=112596
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:41 GMT
Etag: "63dca332-117"
Expires: Sun, 05 Feb 2023 06:31:17 GMT
Last-Modified: Fri, 03 Feb 2023 06:01:22 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 8df5ddf201e54283a25881c0f3f76082
c0915ec39a113a65908e4956ae0f1e9919dfd992
fdb686441eb7b5b55c915bf8fc5200a0173bfc2a0949cdef442368c1b2809a18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1790
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:41 GMT
Last-Modified: Fri, 03 Feb 2023 22:44:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 8df5ddf201e54283a25881c0f3f76082
c0915ec39a113a65908e4956ae0f1e9919dfd992
fdb686441eb7b5b55c915bf8fc5200a0173bfc2a0949cdef442368c1b2809a18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1794
Cache-Control: max-age=112595
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:41 GMT
Etag: "63dca332-117"
Expires: Sun, 05 Feb 2023 06:31:16 GMT
Last-Modified: Fri, 03 Feb 2023 06:01:22 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 8df5ddf201e54283a25881c0f3f76082
c0915ec39a113a65908e4956ae0f1e9919dfd992
fdb686441eb7b5b55c915bf8fc5200a0173bfc2a0949cdef442368c1b2809a18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1795
Cache-Control: max-age=112596
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:41 GMT
Etag: "63dca332-117"
Expires: Sun, 05 Feb 2023 06:31:17 GMT
Last-Modified: Fri, 03 Feb 2023 06:01:22 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 8df5ddf201e54283a25881c0f3f76082
c0915ec39a113a65908e4956ae0f1e9919dfd992
fdb686441eb7b5b55c915bf8fc5200a0173bfc2a0949cdef442368c1b2809a18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1790
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:41 GMT
Last-Modified: Fri, 03 Feb 2023 22:44:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiNjA0Iiwic2lkIjoiMTAwMTAyMzkiLCJuaWRzIjoiNTQyOTQiLCJkeW5fZG1uIjoiIiwiY3JpZCI6IjEwMzU2NTIiLCJzdiI6IjI0MSIsInJlZl9kbW4iOiJ0c3luZGljYXRlLmNvbSIsImV4dF9jaWQiOiIiLCJ0c25hbWUiOiJBRkYiLCJjcmMiOiIzIiwiY24iOiIzMDBYMjUwX1RSQU5TX1MyMDIwIiwibmlkIjoiNTQyOTQiLCJleHRfcHViIjoiIiwiY3JwIjoiNDAiLCJ0aWQiOiIyIiwiaXQiOiIwM1wvRmViXC8yMDIzOjIzOjE0OjQwICswMDAwIiwiY2MiOiIxIiwic25jaWQiOiI5NzIwMyIsImNpZCI6IjM0OTg3IiwiZXh0X3VpZCI6IiIsImNwIjoiMTAwIiwic25jY2lkIjoiMTkxOTYyNyIsImlpZCI6Ijc3OWQyYmI4ZWE2MTc3MzFiYmZmNTA0NGQwNzdmODU4IiwiZXh0X2lpZCI6IiJ9?unique_view=1
200 OK 47 kB URL HTTP/2 a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiNjA0Iiwic2lkIjoiMTAwMTAyMzkiLCJuaWRzIjoiNTQyOTQiLCJkeW5fZG1uIjoiIiwiY3JpZCI6IjEwMzU2NTIiLCJzdiI6IjI0MSIsInJlZl9kbW4iOiJ0c3luZGljYXRlLmNvbSIsImV4dF9jaWQiOiIiLCJ0c25hbWUiOiJBRkYiLCJjcmMiOiIzIiwiY24iOiIzMDBYMjUwX1RSQU5TX1MyMDIwIiwibmlkIjoiNTQyOTQiLCJleHRfcHViIjoiIiwiY3JwIjoiNDAiLCJ0aWQiOiIyIiwiaXQiOiIwM1wvRmViXC8yMDIzOjIzOjE0OjQwICswMDAwIiwiY2MiOiIxIiwic25jaWQiOiI5NzIwMyIsImNpZCI6IjM0OTg3IiwiZXh0X3VpZCI6IiIsImNwIjoiMTAwIiwic25jY2lkIjoiMTkxOTYyNyIsImlpZCI6Ijc3OWQyYmI4ZWE2MTc3MzFiYmZmNTA0NGQwNzdmODU4IiwiZXh0X2lpZCI6IiJ9?unique_view=1
IP
Hash ae9f0e1c6bd52c6c58f6cc86fe7bc74e
d53e3362865b5151689012df03b8d2325e446f89
52a140806310ac0d139b74ab2755a94320a978b0bdeee8a52b77d2f9a4efb397
GET /track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiNjA0Iiwic2lkIjoiMTAwMTAyMzkiLCJuaWRzIjoiNTQyOTQiLCJkeW5fZG1uIjoiIiwiY3JpZCI6IjEwMzU2NTIiLCJzdiI6IjI0MSIsInJlZl9kbW4iOiJ0c3luZGljYXRlLmNvbSIsImV4dF9jaWQiOiIiLCJ0c25hbWUiOiJBRkYiLCJjcmMiOiIzIiwiY24iOiIzMDBYMjUwX1RSQU5TX1MyMDIwIiwibmlkIjoiNTQyOTQiLCJleHRfcHViIjoiIiwiY3JwIjoiNDAiLCJ0aWQiOiIyIiwiaXQiOiIwM1wvRmViXC8yMDIzOjIzOjE0OjQwICswMDAwIiwiY2MiOiIxIiwic25jaWQiOiI5NzIwMyIsImNpZCI6IjM0OTg3IiwiZXh0X3VpZCI6IiIsImNwIjoiMTAwIiwic25jY2lkIjoiMTkxOTYyNyIsImlpZCI6Ijc3OWQyYmI4ZWE2MTc3MzFiYmZmNTA0NGQwNzdmODU4IiwiZXh0X2lpZCI6IiJ9?unique_view=1 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/get/10010239?time=1592491073019&atc=416771&apb=qYkTST5hCociM_btOFnnyvwzvgf47L7GNnDUAS7WSquWPRm2dOY3rn68wJnGGcgRWHh6O5xj6_yRXz7CqjJcTezYiYsoHzFPsxnox5Qf-GbpD1gloQzW_gUIDRUi
Cookie: adtool_guid=Ch5KEmPdlWBaiSh7ehb9Ag==; RNLBSERVERID=ded7041
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63DD9560-42FE72AB01BB0A25-326791E
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1675465981/102429937
200 OK 48 kB URL HTTP/2 img.strpst.com/thumbs/1675465981/102429937
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash db9667381e5fe4bcd323d2bb9a4cfd03
9dcaf010ded245ba8652a021aa9634c2a71f3a9a
80fe3dc0e7427076b110ac52ff075f63d72313dabee3249eaf43b39adb9f7d6d
GET /thumbs/1675465981/102429937 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xliirdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:41 GMT
content-type: image/jpeg
content-length: 48503
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=50079, status=webp_bigger
etag: "669964987f5da37ecd290ed43022dd50"
last-modified: Fri, 03 Feb 2023 23:13:08 GMT
cf-cache-status: HIT
age: 35
expires: Fri, 03 Feb 2023 23:44:41 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 793edd40c9840b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1675465981/89945902
200 OK 20 kB URL HTTP/2 img.strpst.com/thumbs/1675465981/89945902
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash fce09b2ca2502231826a75c41b5dfa47
63187b56a39a64805753d517eaedc6ea6537167a
8415bbb4acc7e4950676432334d3812f564f047be166b617862d59e9d3e7c4e1
GET /thumbs/1675465981/89945902 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xliirdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:41 GMT
content-type: image/jpeg
content-length: 20331
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=21275, status=webp_bigger
etag: "73c0e257b4aa687b9514fa9fd62ff539"
last-modified: Fri, 03 Feb 2023 23:13:30 GMT
cf-cache-status: HIT
age: 29
expires: Fri, 03 Feb 2023 23:44:41 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 793edd40c9800b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1675465981/91575942
200 OK 26 kB URL HTTP/2 img.strpst.com/thumbs/1675465981/91575942
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 270x360, components 3\012- data
Hash 5e5f0a1c936f5cfea3563052d12c5c63
c7610dab0017fdc8419a39a85be604296a50796e
f611746c31897ee28e5cd44a675294dcef4c11eee5f00f5a574c12f631321b60
GET /thumbs/1675465981/91575942 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xliirdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:41 GMT
content-type: image/jpeg
content-length: 26465
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=27767, status=webp_bigger
etag: "125cbc5e6a823bb35af4182daa60487c"
last-modified: Fri, 03 Feb 2023 23:13:13 GMT
cf-cache-status: HIT
age: 42
expires: Fri, 03 Feb 2023 23:44:41 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 793edd40c9850b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
a.adtng.com/get/10010239?time=1592491073019&atc=416771&apb=qYkTST5hCociM_btOFnnyvwzvgf47L7GNnDUAS7WSquWPRm2dOY3rn68wJnGGcgRWHh6O5xj6_yRXz7CqjJcTezYiYsoHzFPsxnox5Qf-GbpD1gloQzW_gUIDRUi
200 OK 52 kB URL HTTP/2 a.adtng.com/get/10010239?time=1592491073019&atc=416771&apb=qYkTST5hCociM_btOFnnyvwzvgf47L7GNnDUAS7WSquWPRm2dOY3rn68wJnGGcgRWHh6O5xj6_yRXz7CqjJcTezYiYsoHzFPsxnox5Qf-GbpD1gloQzW_gUIDRUi
IP
Hash ce7f08060b0302e452296697295e27ee
2a73a58bb1de8f42fbe7caf9078170c340857ac8
5bf2263ea0324a3352a318856c99143bd877d1fd05d37257b18d9bb87a156625
GET /get/10010239?time=1592491073019&atc=416771&apb=qYkTST5hCociM_btOFnnyvwzvgf47L7GNnDUAS7WSquWPRm2dOY3rn68wJnGGcgRWHh6O5xj6_yRXz7CqjJcTezYiYsoHzFPsxnox5Qf-GbpD1gloQzW_gUIDRUi HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tsyndicate.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
set-cookie: adtool_guid=Ch5KGmPdlWBQCz7u/aVCAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/; Secure; HTTPOnly; SameSite=None;
RNLBSERVERID=ded7077; path=/; HttpOnly; Secure; SameSite=None
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63DD9560-42FE72AB01BB0A25-32678EF
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1675465981/53794503
200 OK 27 kB URL HTTP/2 img.strpst.com/thumbs/1675465981/53794503
IP
Hash c09f4b8a6b722114da7b6f16c9ff2d70
ae80b15f15ad44ee0d86c55f816a980045e44a2e
08a60cadda1bc56ffdc206a83a99a3d7e24441a24da035c46ffadeeed13825a2
GET /thumbs/1675465981/53794503 HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://creative.xliirdr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:41 GMT
content-type: image/jpeg
content-length: 24352
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cf-bgj: imgq:100,h2pri
cf-polished: origSize=25287, status=webp_bigger
etag: "58eff8d1188cd764b4b7e27a2c45136b"
last-modified: Fri, 03 Feb 2023 23:13:42 GMT
cf-cache-status: HIT
age: 30
expires: Fri, 03 Feb 2023 23:44:41 GMT
cache-control: public, max-age=1800
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 793edd40d9920b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 8df5ddf201e54283a25881c0f3f76082
c0915ec39a113a65908e4956ae0f1e9919dfd992
fdb686441eb7b5b55c915bf8fc5200a0173bfc2a0949cdef442368c1b2809a18
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1795
Cache-Control: max-age=112596
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 23:14:41 GMT
Etag: "63dca332-117"
Expires: Sun, 05 Feb 2023 06:31:17 GMT
Last-Modified: Fri, 03 Feb 2023 06:01:22 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ac51fd6789cbe19c2d484c9022b0e39
bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9
300b5e50cb910f9f4905ee7313d98763b68f85f5874db499cc94469fb14cabfe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b2d6920-2a79-45a8-b007-d36cc875c52f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9500
x-amzn-requestid: 8fe94388-e8d9-4329-b73a-e9a356df76bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9QEA1IAMF3Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8054-51f954ac4bec16d1055e38f5;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FkTJ6wQ4eFYBPDyS0l5vLeWvHHiQIx-cYyFzT4ggHJ8M5Gg3dozFxQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:59:51 GMT
age: 4496
etag: "bcba22a7b7f5dd1f59fffd1027e5d7002cecb6e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
aporntv.com/video/boy-fucks-dog-1-gaybeastcom-zoophilia-sex-video-with-dude-25689.html
200 OK 0 B URL HTTP/2 aporntv.com/video/boy-fucks-dog-1-gaybeastcom-zoophilia-sex-video-with-dude-25689.html
IP
GET /video/boy-fucks-dog-1-gaybeastcom-zoophilia-sex-video-with-dude-25689.html HTTP/1.1
Host: aporntv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:39 GMT
content-type: text/html; charset: iso-8859-1; charset=utf-8
x-powered-by: PHP/5.4.45-0+deb7u14
set-cookie: PHPSESSID=g6d1ce1i3o9gqk9g06d0132qn5; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: User-Agent,Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdOzg0ZK93fSxY0XqkIB%2FtSJL2eb5vBM14kABlqbB7L6EWG2gkreIzZ%2F2Nx%2B5ze2%2FzKta91HKh1lKXSk%2FJYw7ndpc1RvevZbgasuHVBXXZbkc4rlgcAUQzOV6J%2Fa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793edd306982b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/1bde3ed598e848b2b4fe460486aa99fc.html?
200 OK 0 B URL HTTP/2 tsyndicate.com/iframes2/1bde3ed598e848b2b4fe460486aa99fc.html?
IP
ASN #24940 Hetzner Online GmbH
GET /iframes2/1bde3ed598e848b2b4fe460486aa99fc.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://networkpb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: f82079e1ae39e501
set-cookie: ts_uid=8e6f20f1-ebcd-4787-af84-725034cde8a5; expires=Thu, 03 Aug 2023 23:14:40 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
bfq=APeIECNCxxYZN2zQUFijCwsRYwpuieFQRBmJMWzcqMFRBg0cMLr0URAQ; expires=Sat, 04 Feb 2023 23:14:40 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
networkpb.com/general/desk/invideo.php
200 OK 0 B URL HTTP/2 networkpb.com/general/desk/invideo.php
IP
GET /general/desk/invideo.php HTTP/1.1
Host: networkpb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aporntv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:39 GMT
content-type: text/html
x-powered-by: PHP/5.4.45-0+deb7u14
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7Kta5ROOqxtrZ7aKBSxg6OKFVbf3dZ%2BwttplaDAAcg8bLSLosFBtSeKFizFbctgRxWemmfVIkqJXKjanCvbz8vGXpaa%2FhE0JoIDnZlwnY9NQq2jBfzXzkxF7mC%2B7%2F4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793edd35e84bb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
networkpb.com/general/desk/undervideo.php
200 OK 0 B URL HTTP/2 networkpb.com/general/desk/undervideo.php
IP
GET /general/desk/undervideo.php HTTP/1.1
Host: networkpb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aporntv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 03 Feb 2023 23:14:39 GMT
content-type: text/html
x-powered-by: PHP/5.4.45-0+deb7u14
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jabud71azSQvxHV2ON7WCJ5SHmeisSwtXgAxuD3EfFq0LcWNdKjxUQwjh%2Fq%2F9hS9U8Cm%2B7T5yvVq8U4Cy6AbfngNY1kPBI3YxsVCZFTjxviGpwOC4uvLNEPkFXuEkx4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 793edd360861b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tsyndicate.com/iframes2/93e45e6cd3e54702a1df70b3eb08c87a.html?
200 OK 0 B URL HTTP/2 tsyndicate.com/iframes2/93e45e6cd3e54702a1df70b3eb08c87a.html?
IP
ASN #24940 Hetzner Online GmbH
GET /iframes2/93e45e6cd3e54702a1df70b3eb08c87a.html? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://networkpb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/html; charset=utf-8
pragma: no-cache
expires: 0
vary: Accept-Encoding, *
x-api-version: 2
link: <https://lcdn.tsyndicate.com/sdk/v1/b.b.js>; rel=preload; as=script
x-request-id: a2772e97ce3c7f8e
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-encoding: gzip
X-Firefox-Spdy: h2
a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiNjA0Iiwic2lkIjoiMTAwMTAyMzkiLCJuaWRzIjoiNTQyOTQiLCJkeW5fZG1uIjoiIiwiY3JpZCI6IjEwMzU2NTIiLCJzdiI6IjI0MSIsInJlZl9kbW4iOiJ0c3luZGljYXRlLmNvbSIsImV4dF9jaWQiOiIiLCJ0c25hbWUiOiJBRkYiLCJjcmMiOiIzIiwiY24iOiIzMDBYMjUwX1RSQU5TX1MyMDIwIiwibmlkIjoiNTQyOTQiLCJleHRfcHViIjoiIiwiY3JwIjoiNDAiLCJ0aWQiOiIyIiwiaXQiOiIwM1wvRmViXC8yMDIzOjIzOjE0OjQwICswMDAwIiwiY2MiOiIxIiwic25jaWQiOiI5NzIwMyIsImNpZCI6IjM0OTg3IiwiZXh0X3VpZCI6IiIsImNwIjoiMTAwIiwic25jY2lkIjoiMTkxOTYyNyIsImlpZCI6ImVmYWJkZGJmM2Q1YWU4NzcwYTJjMDc2Njc0MGViZTkyIiwiZXh0X2lpZCI6IiJ9?unique_view=1
200 OK 0 B URL HTTP/2 a.adtng.com/track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiNjA0Iiwic2lkIjoiMTAwMTAyMzkiLCJuaWRzIjoiNTQyOTQiLCJkeW5fZG1uIjoiIiwiY3JpZCI6IjEwMzU2NTIiLCJzdiI6IjI0MSIsInJlZl9kbW4iOiJ0c3luZGljYXRlLmNvbSIsImV4dF9jaWQiOiIiLCJ0c25hbWUiOiJBRkYiLCJjcmMiOiIzIiwiY24iOiIzMDBYMjUwX1RSQU5TX1MyMDIwIiwibmlkIjoiNTQyOTQiLCJleHRfcHViIjoiIiwiY3JwIjoiNDAiLCJ0aWQiOiIyIiwiaXQiOiIwM1wvRmViXC8yMDIzOjIzOjE0OjQwICswMDAwIiwiY2MiOiIxIiwic25jaWQiOiI5NzIwMyIsImNpZCI6IjM0OTg3IiwiZXh0X3VpZCI6IiIsImNwIjoiMTAwIiwic25jY2lkIjoiMTkxOTYyNyIsImlpZCI6ImVmYWJkZGJmM2Q1YWU4NzcwYTJjMDc2Njc0MGViZTkyIiwiZXh0X2lpZCI6IiJ9?unique_view=1
IP
GET /track/adviews/eyJleHRfemlkIjoiIiwiZXh0X2MiOiIiLCJleHRfYWlkIjoiIiwicGlkIjoiNjA0Iiwic2lkIjoiMTAwMTAyMzkiLCJuaWRzIjoiNTQyOTQiLCJkeW5fZG1uIjoiIiwiY3JpZCI6IjEwMzU2NTIiLCJzdiI6IjI0MSIsInJlZl9kbW4iOiJ0c3luZGljYXRlLmNvbSIsImV4dF9jaWQiOiIiLCJ0c25hbWUiOiJBRkYiLCJjcmMiOiIzIiwiY24iOiIzMDBYMjUwX1RSQU5TX1MyMDIwIiwibmlkIjoiNTQyOTQiLCJleHRfcHViIjoiIiwiY3JwIjoiNDAiLCJ0aWQiOiIyIiwiaXQiOiIwM1wvRmViXC8yMDIzOjIzOjE0OjQwICswMDAwIiwiY2MiOiIxIiwic25jaWQiOiI5NzIwMyIsImNpZCI6IjM0OTg3IiwiZXh0X3VpZCI6IiIsImNwIjoiMTAwIiwic25jY2lkIjoiMTkxOTYyNyIsImlpZCI6ImVmYWJkZGJmM2Q1YWU4NzcwYTJjMDc2Njc0MGViZTkyIiwiZXh0X2lpZCI6IiJ9?unique_view=1 HTTP/1.1
Host: a.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.adtng.com/get/10010239?time=1592491073019&atc=423523&apb=MARzlAIUE9DzzXVhjRveOQzzerUFtpeAGIio9x1PV6rvpIY77IgMM0jVdsNujJ3vQhSceF-gf09O9klSUeqZuFZzvSShFOENb7yTsrhSteEjoNlZHyG1afwagzGApvah0fw_gUIDRUi
Cookie: adtool_guid=Ch5KEmPdlWBaiSh7ehb9Ag==; RNLBSERVERID=ded7041
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 03 Feb 2023 23:14:40 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63DD9560-42FE72AB01BB0A25-326791C
X-Firefox-Spdy: h2
104.26.7.171
104.18.51.106
46.4.114.55
93.184.220.29
23.36.76.226