r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5fdb82e106b7e72c869263f3dae962bb
691d54b8bb6a1d11890e796fb18897a341d9df28
840b505bedb18961f3f39230d0c8963ad78a151946fe1817929064eea582edf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "840B505BEDB18961F3F39230D0C8963AD78A151946FE1817929064EEA582EDF8"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14171
Expires: Tue, 06 Dec 2022 15:32:13 GMT
Date: Tue, 06 Dec 2022 11:36:02 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18190
Expires: Tue, 06 Dec 2022 16:39:12 GMT
Date: Tue, 06 Dec 2022 11:36:02 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10544
Expires: Tue, 06 Dec 2022 14:31:46 GMT
Date: Tue, 06 Dec 2022 11:36:02 GMT
Connection: keep-alive
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 46 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 87087526256a34576a7fc6edce0d1669
a224004339f32d277c9e57219ccf7ef3d7aa6116
d91a504e065176da5a57a9c68f7151c14656d71ac04277eb6c4d5129eb50f690
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA19-C1
x-amz-cf-id: GKndmgc_nGRH1-9Cw1XsTbg05NeT6TLetn-kV7MIcIenssP76rO7tw==
content-encoding: gzip
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 11:22:32 GMT
content-type: application/json
content-length: 46092
age: 810
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pul7tbdMSCJ0yyimy5Opny5e2Rnvj+KHTJCOsZlDIJf29P5SntnM6RCWFziCs6ZKhkSFoBUFxmM=
x-amz-request-id: 3VJ2G2VTCG7437RZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 10:47:04 GMT
age: 2938
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3241
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:36:02 GMT
Last-Modified: Tue, 06 Dec 2022 10:42:01 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 11:20:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 939
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 11:36:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 11:11:20 GMT
cache-control: public,max-age=3600
age: 1483
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3229
Cache-Control: max-age=167076
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:36:03 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 10:00:39 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mSIxi7QTIp26Brw1GhEy9Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: U1RYZBQodCF9AsQW/JN+rqmE3Ko=
rhythm-toast.sieraddns.com/dkb/
162.241.115.131302 Found 0 B URL HTTP/1.1 rhythm-toast.sieraddns.com/dkb/
IP 162.241.115.131:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert openphish Deutsche Kreditbank
GET /dkb/ HTTP/1.1
Host: rhythm-toast.sieraddns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Date: Tue, 06 Dec 2022 11:36:02 GMT
Server: Apache
location: banking?session=geschaeftskunden/branchen/wohnungswirtschaft/wohnwirtschaftliche_bilanzanalyse/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5224
Expires: Tue, 06 Dec 2022 13:03:08 GMT
Date: Tue, 06 Dec 2022 11:36:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5224
Expires: Tue, 06 Dec 2022 13:03:08 GMT
Date: Tue, 06 Dec 2022 11:36:04 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5224
Expires: Tue, 06 Dec 2022 13:03:08 GMT
Date: Tue, 06 Dec 2022 11:36:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 48396
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b9928a3-5708-47a4-8d92-f3af8d54a81d.png
34.120.237.76200 OK 18 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b9928a3-5708-47a4-8d92-f3af8d54a81d.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4bbfe2037fd1658cad81b5b8e4d885c
9487451d24db59cc0f426410da2b55f94f3bb34b
2a124c75c6c90c5633f3538c8b84422262f81cb35d8f4cf4ed0032cc897a5ab9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b9928a3-5708-47a4-8d92-f3af8d54a81d.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 18490
x-amzn-requestid: f01c056f-b0bc-4833-9934-d0c37f4d701c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csS4wE5NIAMFQmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6504-1111ee0221c3c4165a9ef2ab;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:39:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L83k-5N1ntWkhPbKsReH19NWajYEVyQSBQIKM6aSZSovDKHTYeXhUQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:30:52 GMT
age: 47112
etag: "9487451d24db59cc0f426410da2b55f94f3bb34b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WDqUFMBT59kulx4WLxNh5XTsHzr4_u524juvZJnGMYBH-mUaJclnTg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:49:44 GMT
age: 49580
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:22 GMT
age: 49662
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T28mItwomGU8iDJ18lUF7ZrFuyh_P3ZTwUtA4AC5qZ5C5FQurDMgmQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:01 GMT
age: 49323
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fNsYsKfPUM8QaG7-F1tSBDdsNit1BfYpWddNssXwyFO2HgdA0RpjAQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:54:21 GMT
age: 49303
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:36:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/948238967/?random=1645653114556&cv=9&fst=1645653114556&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/948238967/?random=1645653114556&cv=9&fst=1645653114556&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2435), with no line terminators
Hash 2f049e1988fc409642432bfd998070c6
4860341f556b10aef05cda9ab407ff3bc218a92f
ef4b193065c32fcedaf668f69795b8b13ace36759fba7ad128fb0e3a3330fcf5
GET /pagead/viewthroughconversion/948238967/?random=1645653114556&cv=9&fst=1645653114556&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 11:36:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1001
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 11:51:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/332531362/?random=1645653114554&cv=9&fst=1645653114554&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 986 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/332531362/?random=1645653114554&cv=9&fst=1645653114554&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2395), with no line terminators
Hash ca9cb032949581cc1659fa54ee5c6659
45c2aaf11caa94090ef6063fd13454e50df7877f
552ccff4dbbeec3c8fabfc7ace15d517613cae7739e563157e40c16b59cad6db
GET /pagead/viewthroughconversion/332531362/?random=1645653114554&cv=9&fst=1645653114554&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 11:36:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 986
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 11:51:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/332531362/?random=1645647994275&cv=9&fst=1645647994275&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/332531362/?random=1645647994275&cv=9&fst=1645647994275&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2483), with no line terminators
Hash 5ec17c495961396d8778b9cab8bd4a18
1ad227a7a177179eb2562cbb7ce1b2074fee3e61
7de665601a9cfb2a1ba4b8c1990ea4c3d36a0a0f5e37d713a6bc04d6cb57aa98
GET /pagead/viewthroughconversion/332531362/?random=1645647994275&cv=9&fst=1645647994275&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 11:36:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1010
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 11:51:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/319309780/?random=1645653114559&cv=9&fst=1645653114559&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 985 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/319309780/?random=1645653114559&cv=9&fst=1645653114559&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2395), with no line terminators
Hash ca5c66a5ccf589250286bec327ae6446
6e37b4d2eabb3a606877823e5e7fcb80c5f8b76e
92173c8c320ca2773b96b8a2008c9a634ee907abdd7621a1922b4bb6c008d22c
GET /pagead/viewthroughconversion/319309780/?random=1645653114559&cv=9&fst=1645653114559&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 11:36:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 985
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 11:51:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:36:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004668939/?random=1645653114552&cv=9&fst=1645653114552&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1004668939/?random=1645653114552&cv=9&fst=1645653114552&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2437), with no line terminators
Hash 9262b3bd5ca0ace2fb4beb9ea9e6dd23
6b555a023ab0fc8af58221d7e06ff17fd77bc47a
fa3e1754f1cc3ac133587c14db94f592b754678bfb7593d2cda388129d2726e4
GET /pagead/viewthroughconversion/1004668939/?random=1645653114552&cv=9&fst=1645653114552&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 11:36:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1002
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 11:51:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/925186924/?random=1645653114561&cv=9&fst=1645653114561&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 988 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/925186924/?random=1645653114561&cv=9&fst=1645653114561&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2395), with no line terminators
Hash 2152daf805d0482aa6fb0faef05ce32a
57d32bf21654fa5a96719c0e5a2cf55fca546f54
36925b9be6c1540582b4e43da276d49ad8fcd40ac8e151b34fd20e16a2fa8cfd
GET /pagead/viewthroughconversion/925186924/?random=1645653114561&cv=9&fst=1645653114561&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 11:36:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 988
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 11:51:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:36:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:36:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=DC-11236391
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-11236391
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 9a64e3b32f0b42ae6172454e9c30818b
8b59e3dc82928042515499d75c355ff4e42295f8
e47eb2e1695b86ddfca1dfb685b6e763f29bc92bb606f7451c93f3dd67c7effc
GET /gtag/js?id=DC-11236391 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 11:36:11 GMT
expires: Tue, 06 Dec 2022 11:36:11 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44139
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:36:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004668939/?random=1645647994279&cv=9&fst=1645647994279&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1004668939/?random=1645647994279&cv=9&fst=1645647994279&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2485), with no line terminators
Hash 359c5a4f6dc9e9c87694ca94400f24ed
b8d3440bb4643f7b9530074e63ea0929145c089c
d376e637e721cd088cc48d55239e690afe28520794ef2f99ed3dc746d15a28f1
GET /pagead/viewthroughconversion/1004668939/?random=1645647994279&cv=9&fst=1645647994279&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 11:36:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1012
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 11:51:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-332531362
142.250.74.40200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-332531362
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash a8fccfc36754366cc9a86881a33d6675
db896c994f5ef67d0c0937e32079f57693fd1405
7aa8e82d7b5f6e0ff372c519f2f7324e6fd2ce010ef75b1259bd4abc82fa72d7
GET /gtag/js?id=AW-332531362 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 11:36:11 GMT
expires: Tue, 06 Dec 2022 11:36:11 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52882
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:36:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.trustcommander.net/privacy/5414/privacy_v2_2.js
192.229.233.55200 OK 20 kB URL HTTP/2 cdn.trustcommander.net/privacy/5414/privacy_v2_2.js
IP 192.229.233.55:0
File type C source, Unicode text, UTF-8 text, with very long lines (65339)
Hash 86e3dc970d481ed47bb711ca14ccf445
57ef9cebebd6a70c843b00d08eb7db1e119aa152
4729ac071a451abbc7ffe66287f510caf496f9ef6ad343c5a128ddee40dcc42c
GET /privacy/5414/privacy_v2_2.js HTTP/1.1
Host: cdn.trustcommander.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 31536000
age: 50542
cache-control: max-age=86400, must-revalidate
content-type: application/javascript
date: Tue, 06 Dec 2022 11:36:11 GMT
etag: "0ec10140b06db2fffd825a53c173861e+gzip"
last-modified: Fri, 29 Apr 2022 07:45:06 GMT
server: ECS (ska/F70C)
vary: Accept-Encoding
x-amz-id-2: Qf7V0xKySpwxBjj4MacJdSUoz8dflhTwIq4VTRNrVLFouZ3DVZIPyY0fCuZO/06Gx362CKjJGuM=
x-amz-request-id: TSZA1KHAF3WFWSE0
x-cache: HIT
x-cdn: VDMS
content-length: 19828
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/319309780/?random=1645647994281&cv=9&fst=1645647994281&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/319309780/?random=1645647994281&cv=9&fst=1645647994281&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2483), with no line terminators
Hash 5036a899886a623686cd978aa94a351f
5d0b2e5894236e5f5b2101ede274c3911d8a3d44
9290ccbf13d858f4312ce2334ae807600e1183877ddde1d3ba0e5770b1a4d923
GET /pagead/viewthroughconversion/319309780/?random=1645647994281&cv=9&fst=1645647994281&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 11:36:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1014
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 11:51:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rhythm-toast.sieraddns.com/dkb/banking?session=geschaeftskunden/branchen/wohnungswirtschaft/wohnwirtschaftliche_bilanzanalyse/
162.241.115.131200 OK 92 kB URL HTTP/1.1 rhythm-toast.sieraddns.com/dkb/banking?session=geschaeftskunden/branchen/wohnungswirtschaft/wohnwirtschaftliche_bilanzanalyse/
IP 162.241.115.131:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11132), with CRLF line terminators
Hash e2228eefca9b440b591700642823fada
dc7879fcd8327f4e0d9a0dc2b803173827c3f959
abf68b5dbf8a8001be52fa8df0024fcb29594fb9e960791b212f7761a579310b
GET /dkb/banking?session=geschaeftskunden/branchen/wohnungswirtschaft/wohnwirtschaftliche_bilanzanalyse/ HTTP/1.1
Host: rhythm-toast.sieraddns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 11:36:04 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=367ab0cf3ce2d3c7fa0287a74cb4abb5; path=/
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.googletagmanager.com/gtag/js?id=DC-10578597
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-10578597
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash ca6946612578cbb51fb84cd23e7fbdc1
5d2f8be3eb1a76e0b8166a4ad69530a7de0eef95
80f2cf5ea031b5c031617ef8e1125a64561c33461d30b0f999dbd21414180424
GET /gtag/js?id=DC-10578597 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 11:36:11 GMT
expires: Tue, 06 Dec 2022 11:36:11 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44136
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.trustcommander.net/privacy/4911/privacy_v2_5.js
192.229.233.55200 OK 20 kB URL HTTP/2 cdn.trustcommander.net/privacy/4911/privacy_v2_5.js
IP 192.229.233.55:0
File type C source, Unicode text, UTF-8 text, with very long lines (65339)
Hash 2ce131167303ecdbc14d2ef2359cc08b
4f6491f8595f70dfb8f596c631ad3014d517784e
8211f1a77c47abdb72706cf5d5443916a0b6952b7abf21212eca4c77f42ba4e2
GET /privacy/4911/privacy_v2_5.js HTTP/1.1
Host: cdn.trustcommander.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 31536000
age: 50542
cache-control: max-age=86400, must-revalidate
content-type: application/javascript
date: Tue, 06 Dec 2022 11:36:11 GMT
etag: "a8b0fd87d2724695922ae92e272eb317+gzip"
last-modified: Thu, 30 Jun 2022 09:01:12 GMT
server: ECS (ska/F71D)
vary: Accept-Encoding
x-amz-id-2: cb/uUCpwZX9p0vhGzxsxZsHJyGzKSX+WMhot+txtVAHaEV3tUsqdPuV/E2w6/6MIhY9EmNUov0E=
x-amz-request-id: TSZ6RPHNCZ1MPM4T
x-cache: HIT
x-cdn: VDMS
content-length: 20206
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-319309780
142.250.74.40200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-319309780
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash b03661972c78ecc600abf8819ed911c8
2c4f56418757ae4e86ee778cc54e52dfdc78e28d
d36b3af5fd20c7b36964c957b7cb3be27a45fc25f7439fa4299e2adcf59afdcd
GET /gtag/js?id=AW-319309780 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 11:36:11 GMT
expires: Tue, 06 Dec 2022 11:36:11 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-1004668939
142.250.74.40200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-1004668939
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 0485f1e960c644c3b301b45e95320cef
01c9304d824313b8104f424bc01ee1b0d20b6781
8370bbacf0f38aa9cfdf1fff2e1f6f703ff0411530613db13cc8730d3e592d5d
GET /gtag/js?id=AW-1004668939 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 11:36:11 GMT
expires: Tue, 06 Dec 2022 11:36:11 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52921
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.trustcommander.net/privacy/4898/privacy_v2_17.js
192.229.233.55200 OK 20 kB URL HTTP/2 cdn.trustcommander.net/privacy/4898/privacy_v2_17.js
IP 192.229.233.55:0
File type C source, Unicode text, UTF-8 text, with very long lines (65338)
Hash 94f63e9b85b2a4bf18f1bc7966ee002c
aa64e1122adf9a54b25ea93b7d3107b8bf03ebb4
dd12428b2a0d1e5366ecfc74afb7bf3fde6bac26881706aa4fc22bfc3e8824be
GET /privacy/4898/privacy_v2_17.js HTTP/1.1
Host: cdn.trustcommander.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 31536000
cache-control: max-age=86400, must-revalidate
content-type: application/javascript
date: Tue, 06 Dec 2022 11:36:12 GMT
etag: "6978bbaf72d83ba73a4a4356819368c6+gzip"
last-modified: Fri, 01 Jul 2022 07:09:38 GMT
server: AmazonS3
vary: Accept-Encoding
x-amz-id-2: uvvoYWHySyGleURI/8t/x7u+ETpFT5jE9SqZp7ADGKwddSd201BWVpabJojHw7A8pzuY19ZvZ3M=
x-amz-request-id: P44K7AD45662A3VQ
x-cdn: VDMS
content-length: 20310
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/948238967/?random=1645647994287&cv=9&fst=1645647994287&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/948238967/?random=1645647994287&cv=9&fst=1645647994287&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2483), with no line terminators
Hash 503991e66f8ec5eb2a8058dba9cc7a12
7be6e4c5967ffc6f0a2c9251472c9a5fa61b52f7
cdf0ca025e12f5848a21555cc178c5f3596bbea37a9a766fb75bc570361c1fef
GET /pagead/viewthroughconversion/948238967/?random=1645647994287&cv=9&fst=1645647994287&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 11:36:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1013
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 11:51:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:36:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/925186924/?random=1645647994284&cv=9&fst=1645647994284&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.162200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/925186924/?random=1645647994284&cv=9&fst=1645647994284&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (2483), with no line terminators
Hash fb46246542a3f29b34a62a0303aac844
34e7400a9bba84c83f2142532041dbf840523013
8f0939d097ff4bf0e6db7125c3107f255466da1e7724128a1471c3dfcf074147
GET /pagead/viewthroughconversion/925186924/?random=1645647994284&cv=9&fst=1645647994284&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 11:36:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1012
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Dec-2022 11:51:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash efef027c78e23290419b6ad92ddcc081
f08211d8f7c57531bf56b31d1347df78d157ae57
445f61a673f6aa2dfe6ae5cff704401eebc7b1634fe67f446d0bb4cdce080ea8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 11:36:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Dec 2022 17:51:58 GMT
Expires: Mon, 12 Dec 2022 17:51:57 GMT
Etag: "f08211d8f7c57531bf56b31d1347df78d157ae57"
Cache-Control: max-age=540345,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7754b8ee5ff90b59-OSL
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 716796f726dc7df154896cac3af089b6
0c65362a7a7ffe91dd9258eabbe0ab3b61fe77ef
ff1961d969cc1ffbdcb008145a35b921bd6795e18a4d6ba467a4d63712093988
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1255
Cache-Control: max-age=129797
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:36:11 GMT
Etag: "638e7c49-139"
Expires: Wed, 07 Dec 2022 23:39:28 GMT
Last-Modified: Mon, 05 Dec 2022 23:18:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
responder.wt-safetag.com/resp/api/get/438500649507193?url=https%3A%2F%2Flocalhost%2F&v=5
185.54.150.22204 No Content 0 B URL HTTP/1.1 responder.wt-safetag.com/resp/api/get/438500649507193?url=https%3A%2F%2Flocalhost%2F&v=5
IP 185.54.150.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /resp/api/get/438500649507193?url=https%3A%2F%2Flocalhost%2F&v=5 HTTP/1.1
Host: responder.wt-safetag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Tue, 06 Dec 2022 11:36:11 GMT
Connection: keep-alive
Cache-Control: max-age: 0, must-revalidate
Content-Type: text/javascript
Vary: Accept-Encoding
Set-Cookie: ; SameSite=None
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 716796f726dc7df154896cac3af089b6
0c65362a7a7ffe91dd9258eabbe0ab3b61fe77ef
ff1961d969cc1ffbdcb008145a35b921bd6795e18a4d6ba467a4d63712093988
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1255
Cache-Control: max-age=129797
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 11:36:11 GMT
Etag: "638e7c49-139"
Expires: Wed, 07 Dec 2022 23:39:28 GMT
Last-Modified: Mon, 05 Dec 2022 23:18:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 313
analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o70ey&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4a5b03e1-bfbb-4ff6-832a-1410d701fb0f&tw_document_href=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&tpx_cb=twttr.conversion.loadPixels
104.244.42.67200 OK 57 B URL HTTP/2 analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o70ey&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4a5b03e1-bfbb-4ff6-832a-1410d701fb0f&tw_document_href=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&tpx_cb=twttr.conversion.loadPixels
IP 104.244.42.67:0
File type ASCII text, with no line terminators
Hash d6cff1cc2ef6dbf2da25fade3bab8c65
c96e2822fd1459b7f171d86d88dcd76bc167c113
8d5b13815d3883037c78495a28abfe1815bfc702cade0cd8a7592be793e72996
GET /i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o70ey&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4a5b03e1-bfbb-4ff6-832a-1410d701fb0f&tw_document_href=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&tpx_cb=twttr.conversion.loadPixels HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Tue, 06 Dec 2022 11:36:10 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_jwun8PLjppgh8c4L59ha9A=="; Max-Age=63072000; Expires=Thu, 05 Dec 2024 11:36:11 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 57
content-encoding: gzip
x-transaction-id: 77487dc6feb6277b
strict-transport-security: max-age=631138519
x-response-time: 112
x-connection-hash: 14649e62a24a659bd5c8a5f402cbb95f0f118a8ac4e4e5882db967a8d71f9718
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o70ey&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=6b84eec8-b93a-4cc4-a1d4-4648d57174bf&tw_document_href=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&tpx_cb=twttr.conversion.loadPixels
104.244.42.67200 OK 57 B URL HTTP/2 analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o70ey&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=6b84eec8-b93a-4cc4-a1d4-4648d57174bf&tw_document_href=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&tpx_cb=twttr.conversion.loadPixels
IP 104.244.42.67:0
File type ASCII text, with no line terminators
Hash d6cff1cc2ef6dbf2da25fade3bab8c65
c96e2822fd1459b7f171d86d88dcd76bc167c113
8d5b13815d3883037c78495a28abfe1815bfc702cade0cd8a7592be793e72996
GET /i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o70ey&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=6b84eec8-b93a-4cc4-a1d4-4648d57174bf&tw_document_href=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&tpx_cb=twttr.conversion.loadPixels HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rhythm-toast.sieraddns.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Tue, 06 Dec 2022 11:36:10 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_G//VrCHDYFV/ib9qTeXbIg=="; Max-Age=63072000; Expires=Thu, 05 Dec 2024 11:36:11 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 57
content-encoding: gzip
x-transaction-id: 80d81fe37c4fbbaa
strict-transport-security: max-age=631138519
x-response-time: 107
x-connection-hash: 14649e62a24a659bd5c8a5f402cbb95f0f118a8ac4e4e5882db967a8d71f9718
X-Firefox-Spdy: h2