sharemods.com/bbrdpnvehffc/FS22_Renault_Magnum_Integral.zip.html
104.26.11.194301 Moved Permanently 0 B URL HTTP/1.1 sharemods.com/bbrdpnvehffc/FS22_Renault_Magnum_Integral.zip.html
IP 104.26.11.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bbrdpnvehffc/FS22_Renault_Magnum_Integral.zip.html HTTP/1.1
Host: sharemods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 31 Aug 2022 19:19:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 31 Aug 2022 20:19:50 GMT
Location: https://sharemods.com/bbrdpnvehffc/FS22_Renault_Magnum_Integral.zip.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrK4ApNcq9VkDFXriEbydD0M8TMXnxHLUC3hlcaYAuyOCmrtkNhMH736eOtYqjWqtcIfaQyg2tuiAqZrkSYhWkD%2BnHVykYxRqt%2FBSZaSSB3KKX1NNPa%2F9h4sDXVoHzM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74381ebbae2bb4f9-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19626
Expires: Thu, 01 Sep 2022 00:46:56 GMT
Date: Wed, 31 Aug 2022 19:19:50 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 31 Aug 2022 18:26:32 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1w0LJ3moryEIrAHlUoEi2Up4fJSmPC02-t41h5tzYSo0sEyYX64DWA==
Age: 3198
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 31 Aug 2022 02:27:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: DqT0gy0L_m2LNlFkT0CnNd8MyGSqynMnWenfSA7wHXOP2b3qm1-YpA==
age: 60766
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 19:19:50 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fe244465a99d48f257a3dda7ab28c6b8
69c89374520ca54adda7fd15ccb069def5fb3663
8f9938ffef09d02563d617ac9ff1ce97b05c5bf52b64f6724b9f19a5e90965f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b83a3c4061d317f24b443208b902ccb
299ca6fdb59e5bef98f79227da69c50b3eafe193
75fc52dd18d95af0be5f062e50c236abd87e0d114eafd7be4bfcd6496ac81f13
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "75FC52DD18D95AF0BE5F062E50C236ABD87E0D114EAFD7BE4BFCD6496AC81F13"
Last-Modified: Tue, 30 Aug 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14248
Expires: Wed, 31 Aug 2022 23:17:19 GMT
Date: Wed, 31 Aug 2022 19:19:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c0ecc168ee1d15cad86c76ba52cf70b
75a1959e16e39264c6b2e5963808cb4a5ea7228b
79d62e3dcb6f005f013e0dc4c09d2a5a9df75d01010b4fe56f04a64d870bfa6d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79D62E3DCB6F005F013E0DC4C09D2A5A9DF75D01010B4FE56F04A64D870BFA6D"
Last-Modified: Mon, 29 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14549
Expires: Wed, 31 Aug 2022 23:22:20 GMT
Date: Wed, 31 Aug 2022 19:19:51 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 19 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 504f6427e2f0186217843ed959b4b45f
d26dde48897b9f2b347534736b5cd0e308bb47e8
44f7981226c7b826db0bd4d05e2fa7ab9f0513adcac0c801dc1035a53c97521a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D812E8A35794B4C6CC9B3C96558FD706A3C2841DD8D0D63BBE941893840A0224"
Last-Modified: Tue, 30 Aug 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11534
Expires: Wed, 31 Aug 2022 22:32:05 GMT
Date: Wed, 31 Aug 2022 19:19:51 GMT
Connection: keep-alive
carchrisma.com/1clkn/16756
23.109.87.9200 OK 26 B URL HTTP/1.1 carchrisma.com/1clkn/16756
IP 23.109.87.9:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
Analyzer Verdict Alert quad9 Sinkholed
GET /1clkn/16756 HTTP/1.1
Host: carchrisma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 31 Aug 2022 19:19:51 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Thu, 01-Sep-2022 19:19:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Thu, 01-Sep-2022 19:19:51 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
video.onnetwork.tv/widget/widget_scrolllist.php?widget=808
137.74.20.12200 OK 2.7 kB URL HTTP/2 video.onnetwork.tv/widget/widget_scrolllist.php?widget=808
IP 137.74.20.12:0
Hash 5b5eb2c4a8ccec780905f3995dfa5ef0
e12663f332cd28b83bbf8013013e81933c9e7431
75ff6703a175d88994577022041ba4bc227e70938edfb64d0627f14f50eaba32
GET /widget/widget_scrolllist.php?widget=808 HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Wed, 31 Aug 2022 19:19:51 GMT
expires: Wed, 31 Aug 2022 19:19:52 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
strict-transport-security: max-age=31536000
content-length: 2706
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 19:19:51 GMT
server: XO.webservant
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fe244465a99d48f257a3dda7ab28c6b8
69c89374520ca54adda7fd15ccb069def5fb3663
8f9938ffef09d02563d617ac9ff1ce97b05c5bf52b64f6724b9f19a5e90965f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.premiumvertising.com/falcor.all.min.js
185.76.9.15200 OK 9.7 kB URL HTTP/2 www.premiumvertising.com/falcor.all.min.js
IP 185.76.9.15:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash a904ff5d228f8e357a6612a875f5378e
4dcb39bf7208355d7ba45068b93cdcff7d64d6ec
4254b92fde3a5c5291970e3e5501fa49dfe7d8d4f7b22c795549bcb12d27ef80
GET /falcor.all.min.js HTTP/1.1
Host: www.premiumvertising.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
expires: Tue, 06 Sep 2022 15:39:17 GMT
access-control-allow-origin: *
link: <https://premiumvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1662478757
server: CDN77-Turbo
x-77-nzt: AblMCQ3IOtX/MoUBAA
x-77-nzt-ray: NV2uUx2GV2E
x-cache: HIT
x-age: 99634
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef80a390dc7608c27e29fe3516eb0565
5062143217d04ed6de8fa77555d9a83938391c87
373c43367776cfcbb9f69a45443f59dfb774eab11241928134a25bcb7d75e83b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9829f3ffea1f304be0e54c722f9d5d40
f9609aa9bc142c1cff0788772b2bb1f9abc1dd70
1dcac98963add83d0646205786f56cc701574b69208cce02bb3ba1b080f8db73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9829f3ffea1f304be0e54c722f9d5d40
f9609aa9bc142c1cff0788772b2bb1f9abc1dd70
1dcac98963add83d0646205786f56cc701574b69208cce02bb3ba1b080f8db73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21696195204/sharemods.com_336x280_1_DFP&sz=336x280&t=Placement_type%3Dserving&1661973591119
142.250.74.66200 OK 16 kB URL HTTP/2 pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21696195204/sharemods.com_336x280_1_DFP&sz=336x280&t=Placement_type%3Dserving&1661973591119
IP 142.250.74.66:0
File type ASCII text, with very long lines (47583)
Hash 366a45158e0c4127347875dcf9c648c6
10239595c1ac84d20e7f717e526d840c4f62adc6
26c10eabb048daab755cec91be83335f06f3dab3bacfdabe62f1a556192def14
GET /gampad/adx?iu=/147246189,21696195204/sharemods.com_336x280_1_DFP&sz=336x280&t=Placement_type%3Dserving&1661973591119 HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
google-lineitem-id: 4898432152
google-creative-id: 138274894658
google-mediationgroup-id: -2
google-mediationtag-id: -2
date: Wed, 31 Aug 2022 19:19:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 15495
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 31-Aug-2022 19:34:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9829f3ffea1f304be0e54c722f9d5d40
f9609aa9bc142c1cff0788772b2bb1f9abc1dd70
1dcac98963add83d0646205786f56cc701574b69208cce02bb3ba1b080f8db73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap
216.58.211.10200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap
IP 216.58.211.10:0
Hash 3a8d77554094eab5ec8510a9104422cc
986f7690d33369f6f7a96919dc13b9b6f753f94d
b29bd76ec99ad5d1cd654463aabb8eae6eea24b665db738560bf64b17ed4ba09
GET /css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 31 Aug 2022 19:19:51 GMT
date: Wed, 31 Aug 2022 19:19:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
142.250.74.163200 OK 39 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
IP 142.250.74.163:0
Hash e4365cfed511e13cfa19d77afcc145ce
3bf8d410a4351afc21dda575eb9b9ed418658d60
cbd7d4632d7126fa79d9a20c1a2c02b13e16b10874417c91bcbb78fb0e1e44a2
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 38752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Aug 2022 19:35:13 GMT
expires: Thu, 24 Aug 2023 19:35:13 GMT
cache-control: public, max-age=31536000
age: 603878
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stpd.cloud/assets/hb/sharemods.js
104.18.31.49200 OK 176 kB URL HTTP/2 stpd.cloud/assets/hb/sharemods.js
IP 104.18.31.49:0
File type ASCII text, with very long lines (58673)
Size 176 kB (175456 bytes)
Hash 57b79911e2f0d0e46979749878351f0f
ab0402b791415ffb2b8878eaf3d74c1c42210dc1
e06ddc79ca2e32a2e3c210fe771a429680826b04d578a9fbe28742abee6d87d2
GET /assets/hb/sharemods.js HTTP/1.1
Host: stpd.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: application/javascript
content-md5: bWb7BtXWQtqkkPx7GJ/9MA==
last-modified: Fri, 26 Aug 2022 11:58:28 GMT
vary: Origin, Accept-Encoding
x-ms-request-id: cc12adc8-b01e-006b-7f43-b97863000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
age: 5408
expires: Wed, 31 Aug 2022 23:19:51 GMT
cache-control: public, max-age=14400
access-control-allow-origin: *
server: cloudflare
cf-ray: 74381ec16be31c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.163:0
Hash b854c4ebe7234521e6c9b0e91fc0f2f9
0bdecae227f363a58dce7de3bdfd672afc0e2a5a
d1b7f6968c82df078e28f32a8ae181e3757fda632c89cfc75ad312f1f538c86b
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 18:53:39 GMT
expires: Tue, 29 Aug 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 174372
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21696195204/sharemods.com_970x250_2_DFP&sz=300x250%7C336x280%7C970x250&t=Placement_type%3Dserving&1661973591117
142.250.74.66200 OK 13 kB URL HTTP/2 pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21696195204/sharemods.com_970x250_2_DFP&sz=300x250%7C336x280%7C970x250&t=Placement_type%3Dserving&1661973591117
IP 142.250.74.66:0
File type ASCII text, with very long lines (54524)
Hash 2dfbadf4046b63b8e2095caf259d56cf
0dda75f7c370fe37ff4cc103775b78187c0c2188
7ea09bef23d11539fb9965cbc18ae16f3aea5b46b71d5e3ca5d5a0e037be71ff
GET /gampad/adx?iu=/147246189,21696195204/sharemods.com_970x250_2_DFP&sz=300x250%7C336x280%7C970x250&t=Placement_type%3Dserving&1661973591117 HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
google-lineitem-id: 5909540546
google-creative-id: 138380363290
google-mediationgroup-id: -2
google-mediationtag-id: -2
date: Wed, 31 Aug 2022 19:19:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 13203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 31-Aug-2022 19:34:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
142.250.74.163200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Hash ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Aug 2022 07:00:19 GMT
expires: Fri, 25 Aug 2023 07:00:19 GMT
cache-control: public, max-age=31536000
age: 562772
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef80a390dc7608c27e29fe3516eb0565
5062143217d04ed6de8fa77555d9a83938391c87
373c43367776cfcbb9f69a45443f59dfb774eab11241928134a25bcb7d75e83b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16372, version 1.0\012- data
Hash e45478d4d6f15dafda1f25d9e0fb5fa1
52cb490cd0ee4442ede034085cda9652b206f91c
d1a17abb1a999842fe425e1a4ace9d90f9c18f3595c21a63d89f0611b90cfd72
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 19:03:28 GMT
expires: Tue, 29 Aug 2023 19:03:28 GMT
cache-control: public, max-age=31536000
age: 173783
last-modified: Mon, 15 Aug 2022 18:14:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9829f3ffea1f304be0e54c722f9d5d40
f9609aa9bc142c1cff0788772b2bb1f9abc1dd70
1dcac98963add83d0646205786f56cc701574b69208cce02bb3ba1b080f8db73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 31 Aug 2022 19:17:12 GMT
Cache-Control: max-age=3600
Expires: Wed, 31 Aug 2022 19:47:29 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: y9YpjNEVwVG-qKSGzTBQ6WrGi1ksQgjM5ISDHmfHONtTbBrbLUlHBg==
Age: 159
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc8ab005623fccad97ec544c1b7ff472
afb4a818db5137fc07b986aa4e5a62ff0032096b
20e90eaeefc4c5e091fd10088cbd47d7774010d1ec9bfa9e00b023919ff47c76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/R5w3tlCjoIM
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/R5w3tlCjoIM
IP 142.250.74.3:0
Hash e74ed068cb2ebb2f57ce8e9f1ff007cc
2186d392954c8d0e114b38da0a7c1e8774425a90
2dca215a851d2b6bf9fb74cb559418c55c8260cf40fe3db5047c202bf025e11a
POST /s/gts1d4/R5w3tlCjoIM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/R5w3tlCjoIM
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/R5w3tlCjoIM
IP 142.250.74.3:0
Hash e74ed068cb2ebb2f57ce8e9f1ff007cc
2186d392954c8d0e114b38da0a7c1e8774425a90
2dca215a851d2b6bf9fb74cb559418c55c8260cf40fe3db5047c202bf025e11a
POST /s/gts1d4/R5w3tlCjoIM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
142.250.74.40200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.40:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Wed, 31 Aug 2022 18:29:20 GMT
expires: Wed, 31 Aug 2022 20:29:20 GMT
cache-control: public, max-age=7200
age: 3031
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cloud.setupad.com/postbid/ldt3Y37cfk_190527.js
35.190.77.178200 OK 38 kB URL HTTP/2 cloud.setupad.com/postbid/ldt3Y37cfk_190527.js
IP 35.190.77.178:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6c6b8b3742e500bf5bc87eca37880f9f
adc80102493fcb3fe7c21e4f1caaca21c554a3a6
8c8f56614034794a37f8930c2dcd3382ca1a5ba439cce2bc2de75dd0c9a18dfd
GET /postbid/ldt3Y37cfk_190527.js HTTP/1.1
Host: cloud.setupad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.1
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
via: 1.1 google
content-length: 37956
date: Sat, 27 Aug 2022 12:44:47 GMT
expires: Mon, 26 Sep 2022 12:44:47 GMT
cache-control: max-age=2592000,public
age: 369304
last-modified: Fri, 28 Jun 2019 12:58:40 GMT
etag: W/"5d160f00-1ff27"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://sharemods.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381ec57f2fb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cloud.setupad.com/postbid/stpd190411.js
35.190.77.178200 OK 117 kB URL HTTP/2 cloud.setupad.com/postbid/stpd190411.js
IP 35.190.77.178:0
File type ASCII text, with very long lines (65487)
Size 117 kB (116703 bytes)
Hash ca31eff462524663fe21289b8e4ab464
140a522560992daae96c989cfeb444ed97c41a5b
92ab9a9da7cfa46536c4dc13b35484c2b7df0bad1cfba06518a39923a4bcf8cb
GET /postbid/stpd190411.js HTTP/1.1
Host: cloud.setupad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.1
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
via: 1.1 google
content-length: 116703
date: Mon, 08 Aug 2022 02:12:42 GMT
expires: Wed, 07 Sep 2022 02:12:42 GMT
cache-control: max-age=2592000,public
age: 2048829
last-modified: Wed, 17 Apr 2019 08:11:33 GMT
etag: W/"5cb6dfb5-4ca63"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570814_5m.jpg
178.33.50.233200 OK 22 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570814_5m.jpg
IP 178.33.50.233:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 408d928fdc630ebd5ad904b0499c7388
0e7e45f316289fb28b48398170e170eb55bf6fa9
d174b44385b81158573717412867bdde8c1641dbb83e086f7794aa3789e023aa
GET /poster/5/7/570814_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: image/jpeg
content-length: 22008
last-modified: Mon, 07 Feb 2022 09:30:47 GMT
etag: "6200e6c7-55f8"
expires: Sun, 19 Mar 2023 19:19:51 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570804_5m.jpg
178.33.50.233200 OK 11 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570804_5m.jpg
IP 178.33.50.233:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 2871fb03f440dedc5c98a39e3233ecca
cdab8fec4adf07e4fc0ed5f84e6b5f421242b37e
c00fd1fce75f8aaf02c223b7140caf4b537e7c5660c7bba78a63d799baaf5cbb
GET /poster/5/7/570804_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: image/jpeg
content-length: 10645
last-modified: Mon, 07 Feb 2022 09:22:50 GMT
etag: "6200e4ea-2995"
expires: Sun, 19 Mar 2023 19:19:51 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 83be4ca2ebb87af44323dd073807bc9e
3ef0ca2b0c351c7d1eb1b7f4daeba6453a632fc6
1ba9c4dbdbd577bf443bc6499ab1edb2e0ea3b382f529fdc2d98021276a3158b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6473
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:51 GMT
Last-Modified: Wed, 31 Aug 2022 17:31:58 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
cdnt.onnetwork.tv/poster/5/7/570858_5m.jpg
178.33.50.233200 OK 30 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570858_5m.jpg
IP 178.33.50.233:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 84a6a72d40f958ffeaf761d0883b38b2
de8e2ce426e7b03d202935b1c8b9caa0868c9731
43f7beebc22497f827ada6ee9c1f2e5b84264621a69bd47c9130709f3ce47f13
GET /poster/5/7/570858_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: image/jpeg
content-length: 29982
last-modified: Mon, 07 Feb 2022 09:58:20 GMT
etag: "6200ed3c-751e"
expires: Sun, 19 Mar 2023 19:19:51 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b19c11d22324e28d9a51a68db9d5da07
2258f0d56f7c7cf46870baf35a12019a7228b46c
d7bba453bb1b0872808e2033553445440f0073fbf5d50a08e9b37e95b2c68877
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7BBA453BB1B0872808E2033553445440F0073FBF5D50A08E9B37E95B2C68877"
Last-Modified: Mon, 29 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14072
Expires: Wed, 31 Aug 2022 23:14:23 GMT
Date: Wed, 31 Aug 2022 19:19:51 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0982b9e784a0a990d6318c92e33860a1
764377c393017e86d98a696da455509cba1806ac
27a19ec4ca0a052faface8ad45dca4d9a4a739c658d10f0e693aea065bdc607f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnt.onnetwork.tv/poster/5/7/570840_5m.jpg
178.33.50.233200 OK 27 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570840_5m.jpg
IP 178.33.50.233:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 24bbfc2efae8c74b6924bf1a5592d39d
9e0fa658e3bb252c65b474a8d0f64e73e7c0896e
c3eefd5595d59072bfa4e2fe0f26df33c1013b7eeb3f1176c0b411b14c14f8df
GET /poster/5/7/570840_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: image/jpeg
content-length: 26627
last-modified: Mon, 07 Feb 2022 09:47:37 GMT
etag: "6200eab9-6803"
expires: Sun, 19 Mar 2023 19:19:51 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/R5w3tlCjoIM
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/R5w3tlCjoIM
IP 142.250.74.3:0
Hash e74ed068cb2ebb2f57ce8e9f1ff007cc
2186d392954c8d0e114b38da0a7c1e8774425a90
2dca215a851d2b6bf9fb74cb559418c55c8260cf40fe3db5047c202bf025e11a
POST /s/gts1d4/R5w3tlCjoIM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:51 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnt.onnetwork.tv/poster/5/7/570832_1m.jpg
178.33.50.233200 OK 22 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570832_1m.jpg
IP 178.33.50.233:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash e89f8967d6c9e9e774ffe2d1acd0eb7b
3c31a2d1c270ea31232aea01df5044da8e63c3bc
971ee47efa3517204e4cf69c23c891f00cb2da7e88fd3381e5b6e12ccbb113b3
GET /poster/5/7/570832_1m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: image/jpeg
content-length: 21547
last-modified: Mon, 07 Feb 2022 09:41:25 GMT
etag: "6200e945-542b"
expires: Sun, 19 Mar 2023 19:19:51 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 19:19:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://sharemods.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
jdekiucotxir.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 jdekiucotxir.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: jdekiucotxir.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 19:19:52 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf3021c6d34af9be078c8a6c24565702
2beae8fffe6734a591f2d2d1a68edf560e6447c4
4ad9c1e1bbe3788333fe9a1e009e5f8ec20a28f2e70d4a6f69f1f9add55f003c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AD9C1E1BBE3788333FE9A1E009E5F8EC20A28F2E70D4A6F69F1F9ADD55F003C"
Last-Modified: Mon, 29 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10383
Expires: Wed, 31 Aug 2022 22:12:55 GMT
Date: Wed, 31 Aug 2022 19:19:52 GMT
Connection: keep-alive
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5S1Ade24SpXwFXfC2NzoxA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qi9F64n/TjtHzjf/h0AvgKLDx3w=
jdekiucotxir.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 jdekiucotxir.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: jdekiucotxir.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 19:19:52 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://video.onnetwork.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Aug 2022 19:34:08 GMT
expires: Thu, 24 Aug 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 603944
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a86dcc8b531a60881615aace4c60a1d7
210bd1f15a4a941f2292ae76fd9ed2ade65f489a
81c40954fe6e2421414bcc11993d3d273658580bba2c24328b35433cf85c80c3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6030
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:52 GMT
Last-Modified: Wed, 31 Aug 2022 17:39:22 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b97e77a31b00e17c48691635c3ce6280
d4dd54cec3f6463ff738eb6ab1936fb130481184
e09b95ee289e88c76fe5f116c4bcb276fecb433dd8ae17fe51ac141e50dd82fb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5752
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:52 GMT
Last-Modified: Wed, 31 Aug 2022 17:44:00 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fed97f88d9dec1c5f6b969742c2139f9
084cecb2c1ad292e1d6762eb7bd2f1f3227e3498
d1c641598ef4fc7a0a32bbb6328a550b0ba7b927277458b48755e4ca8436e001
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3204
Cache-Control: max-age=110787
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:52 GMT
Etag: "630eb597-1d7"
Expires: Fri, 02 Sep 2022 02:06:19 GMT
Last-Modified: Wed, 31 Aug 2022 01:12:55 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f673e915b4a022f9b26572bf63dabf9f
6d0faebe9e5247667096e56e487ff130468982f1
a58a4cfbe846bb517b3e328585ca79e96a5c3961877e9d39b6a52b45102553b8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3801
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:52 GMT
Last-Modified: Wed, 31 Aug 2022 18:16:31 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/ut/v3/prebid
185.89.210.90200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.90:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 986
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 31 Aug 2022 19:19:52 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
AN-X-Request-Uuid: 2fb3f960-70ee-4c80-bc8b-fcec5eb8bcbf
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 679
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 31 Aug 2022 19:19:52 GMT
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
2.21.206.244301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
IP 2.21.206.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date: Wed, 31 Aug 2022 19:19:52 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/jquery.dotdotdot.js
188.165.21.42200 OK 2.8 kB URL HTTP/2 cdn.onnetwork.tv/js/jquery.dotdotdot.js
IP 188.165.21.42:0
Hash 24673fc717523023479ae7b3a247f6a7
6b58a220605543f522aafb0c4d19c95aa294692d
d7319bb5807edcac569a1cd4c13f2111b8c431c9fad1dc1f8aa4a30bef486b97
GET /js/jquery.dotdotdot.js HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: application/javascript
last-modified: Fri, 21 Dec 2018 20:59:52 GMT
vary: Accept-Encoding
etag: W/"5c1d5448-19a1"
expires: Sun, 19 Mar 2023 19:19:51 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.190.77204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.190.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 990
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
date: Wed, 31 Aug 2022 19:19:52 GMT
X-Firefox-Spdy: h2
fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=174918&zone_id=845404&size_id=15&alt_size_ids=14%2C16%2C48%2C72&p_pos=unknown&gdpr=1&gdpr_consent=BPenQtvPenQtwAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&rf=https%3A%2F%2Fsharemods.com%2Fbbrdpnvehffc%2FFS22_Renault_Magnum_Integral.zip.html&tk_flint=pbjs_lite_v2.11.0-pre&x_source.tid=c966d5fc-a18b-4dac-b835-e482e72190dd&p_screen_res=1280x1024&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7751467367640448
213.19.162.31200 OK 312 B URL HTTP/1.1 fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13606&site_id=174918&zone_id=845404&size_id=15&alt_size_ids=14%2C16%2C48%2C72&p_pos=unknown&gdpr=1&gdpr_consent=BPenQtvPenQtwAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&rf=https%3A%2F%2Fsharemods.com%2Fbbrdpnvehffc%2FFS22_Renault_Magnum_Integral.zip.html&tk_flint=pbjs_lite_v2.11.0-pre&x_source.tid=c966d5fc-a18b-4dac-b835-e482e72190dd&p_screen_res=1280x1024&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7751467367640448
IP 213.19.162.31:0
File type JSON data\012- , ASCII text, with very long lines (312), with no line terminators
Hash b901569802aee923de85901090ff9a25
89361b3b82a2b9e8a1090a01dbfa7dcff0efbba1
0f6aa555a9a7cacc314f91b27de5cad8339f686868a9c33bcc4ed6a63804aa14
GET /a/api/fastlane.json?account_id=13606&site_id=174918&zone_id=845404&size_id=15&alt_size_ids=14%2C16%2C48%2C72&p_pos=unknown&gdpr=1&gdpr_consent=BPenQtvPenQtwAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&rf=https%3A%2F%2Fsharemods.com%2Fbbrdpnvehffc%2FFS22_Renault_Magnum_Integral.zip.html&tk_flint=pbjs_lite_v2.11.0-pre&x_source.tid=c966d5fc-a18b-4dac-b835-e482e72190dd&p_screen_res=1280x1024&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7751467367640448 HTTP/1.1
Host: fastlane.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.4
Date: Wed, 31 Aug 2022 19:19:52 GMT
Content-Type: application/json
Content-Length: 312
Connection: keep-alive
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Wed, 17 Sep 1975 21:32:10 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Pragma: no-cache
Vary: Accept-Encoding
Set-Cookie: khaos=L7I05Z81-1B-LA6O; Domain=.rubiconproject.com; Path=/; Expires=Thu, 31-Aug-2023 19:19:52 GMT; Max-Age=31536000; SameSite=None; Secure
audit=1|naVuGyos1qogepKiVGFmY+9DtVM30fCg6PjGCOCzJnEUj+PczFfKN4jtAc1VXbW3wFCfoC+4IsXTufzwakb0jfj2EduF6CdH1UZj3ankRfwY/L2c9aa3gMKMh30HVcLk+M0G1ot9S/l7BzQvXD/UJbj2qQT7A7WpYMmS7jhpqt9Z1qc3uXe2L/9Oo3czYeSu72nQnlQm13XEPdpbgjplIkmeJog8nO2Zuhe0nsKcb56t8Wakcipq5q5m98/c7Ldr+6A/5IkvmjPrWQo5oynxxg==; Domain=.rubiconproject.com; Path=/; Expires=Thu, 31-Aug-2023 19:19:52 GMT; Max-Age=31536000; SameSite=None; Secure
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash e888880cb697808d2ca7ff843528cc22
708840e8720aa33620dfb2a46ab51213d19c7b63
fcbb30c4c4c15b8aa308e49be161729a2f95ea1c17a6c78f17170b7dc4bbfb03
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2817
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:52 GMT
Last-Modified: Wed, 31 Aug 2022 18:32:55 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 314
script.4dex.io/localstore.js
104.26.9.169200 OK 741 B URL HTTP/2 script.4dex.io/localstore.js
IP 104.26.9.169:0
File type ASCII text, with very long lines (482)
Hash c325c92108046296be61093d8dd1b5fd
47abf08dc2135095bc514b3e44090a1919b0382a
6912c2d09a72da73e759fa3169789a43ad5d0a068660694a21c1467c5f788322
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:52 GMT
content-type: application/javascript
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
etag: W/"922cffdd75f7192f75231d92684885aa"
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
cf-cache-status: HIT
age: 2009998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YycCKhXDOPSLxgA21JHE4exjYqK8gPacDYlBlkmb3D%2FiOEeOFMZl1ewRfmMJxP9%2FypJnTytugkgXBJcp0GGbqK5kOh7MrDPFHGaxXX%2FhYVPdavERr1r2DdPBVwYVhJLs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381ec8df1c0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
104.26.9.169304 Not Modified 0 B URL HTTP/2 script.4dex.io/localstore.js
IP 104.26.9.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 10 May 2022 09:57:32 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 31 Aug 2022 19:19:52 GMT
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
etag: "922cffdd75f7192f75231d92684885aa"
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
cf-cache-status: HIT
age: 2009998
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wbf9JcjXn3ZpDTZTQFYwQw66Gxj6tBQSjfuINk39w269Y9m3mlebJoecEeeNbM6P1mxSUs1POqn%2BIRK6xIpMbpCiyA9wewND%2FLSvY4y%2FEstVvJYQWZFh24w%2F9SHQw7aq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381ec93f9e0b06-OSL
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=pbs-setupad&endpoint=eu HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 31 Aug 2022 19:19:52 GMT
Connection: keep-alive
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f9ef55f3e6427b12e52350dc9eabedcf
6ac18d3d2830df980c4a61d083eafc0b957f84be
9ebf4697a5e08cea96a502ab7ef237c6bb459d22bfb813d50e5ca6fccdee2cfd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9EBF4697A5E08CEA96A502AB7EF237C6BB459D22BFB813D50E5CA6FCCDEE2CFD"
Last-Modified: Tue, 30 Aug 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16358
Expires: Wed, 31 Aug 2022 23:52:30 GMT
Date: Wed, 31 Aug 2022 19:19:52 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 75dec4dc3bd218cad8a6e96c3416628e
810d7c8b6109db9802105e7233df3358c10ceb4a
0d1cf3e621b774a123ec93788b41a47a7580f1a52fe047ee4807c15708feb216
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 19:19:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 30 Aug 2022 04:09:16 GMT
Expires: Tue, 06 Sep 2022 04:09:15 GMT
Etag: "810d7c8b6109db9802105e7233df3358c10ceb4a"
Cache-Control: max-age=463162,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74381ec90b50fac8-OSL
bidder.criteo.com/cdb?profileId=207&av=16&wv=2.11.0-pre&cb=76320783423
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=16&wv=2.11.0-pre&cb=76320783423
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=16&wv=2.11.0-pre&cb=76320783423 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 520
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:52 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://sharemods.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15082559-23&cid=927498267.1661973592&jid=196750943&_v=5.7.2&z=2070791206
142.251.1.157200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15082559-23&cid=927498267.1661973592&jid=196750943&_v=5.7.2&z=2070791206
IP 142.251.1.157:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15082559-23&cid=927498267.1661973592&jid=196750943&_v=5.7.2&z=2070791206 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 31 Aug 2022 19:19:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash a857570c8efe6a9308d4e7b462595377
4d59ddae3828f2ab9ec05dcb72e26b04c7ea762d
fa4ee3c9283dbbf2e0fed62c2d90915c0fc8e7edbd6375c78ce699b63d283209
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=104979
Date: Wed, 31 Aug 2022 19:19:52 GMT
Etag: "630e9f28-1d7"
Expires: Fri, 02 Sep 2022 00:29:31 GMT
Last-Modified: Tue, 30 Aug 2022 23:37:12 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JhpXUmmUo6IGz-OkrsDqluH-VOv5_rScMGQSErZXXkBQieOztjwZVQ==
Age: 3139
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b09d8565e64537c620e49093c141aae0
52b6dc0b3ad951c4f7aad22dc40ad86cff54911f
5708943e890fccf3a325a1eadaef77702bc2be3a7a6a8bb002731672c1fd26cf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4317
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:52 GMT
Last-Modified: Wed, 31 Aug 2022 18:07:55 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
script.4dex.io/adagio.js
104.26.9.169304 Not Modified 0 B IP 104.26.9.169:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 10 May 2022 09:57:31 GMT
If-None-Match: W/"2430496689c00115831347992a974246"
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 31 Aug 2022 19:19:52 GMT
access-control-allow-headers: Authorization
access-control-max-age: 3000
x-amz-id-2: tx07075c97c4c74d33905b4-00629f4bc8
access-control-allow-credentials: true
x-amz-request-id: tx07075c97c4c74d33905b4-00629f4bc8
last-modified: Tue, 10 May 2022 09:57:31 GMT
etag: "2430496689c00115831347992a974246"
cache-control: public, max-age=1800
x-amz-version-id: 1652176651393042
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: HIT
age: 2009882
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FhSsgL48QkU%2Fw1jiC4V%2FqGA0GEisSiPE8tVfcdKJVod4iyjach8rz88cWixFnMxgahHnlXRJErhzZKcI0Ra9hOyTbGAVbRxfJTldEfKpGXCpjrBkMaBnmE4JgRjdB%2B0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381ec97fed0b06-OSL
X-Firefox-Spdy: h2
id5-sync.com/g/v2/481.json
141.95.98.70200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 141.95.98.70:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b96d0182cc0fcfaa32e7cb46bd95a4f6
a74178ff3f3b7b700bd87cd0d3b369a67d528280
0cc21bc0cbce71906ab267a2ab3ad18a1b0c7a9285e202f32759cd16af0e9e14
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 293
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 31 Aug 2022 19:19:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%2223e51f593547aca8%22%2C%22version%22%3A%225.1.0-JS-5.3.0%22%2C%22gdpr%22%3A%22BPenQtvPenQtwAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212de9fb47aada2d8%22%2C%22pid%22%3A%221134957%22%2C%22tid%22%3A%22c966d5fc-a18b-4dac-b835-e482e72190dd%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%7D%2C%7B%22w%22%3A320%2C%22h%22%3A320%7D%5D%7D%7D%5D%7D%7D
18.185.190.16400 Bad Request 97 B URL HTTP/2 ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%2223e51f593547aca8%22%2C%22version%22%3A%225.1.0-JS-5.3.0%22%2C%22gdpr%22%3A%22BPenQtvPenQtwAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212de9fb47aada2d8%22%2C%22pid%22%3A%221134957%22%2C%22tid%22%3A%22c966d5fc-a18b-4dac-b835-e482e72190dd%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%7D%2C%7B%22w%22%3A320%2C%22h%22%3A320%7D%5D%7D%7D%5D%7D%7D
IP 18.185.190.16:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9abf780fab5bf97e504c5755aacc2e6e
911fe36d7cbe5e2255585f79b06347f17933e8ee
85719f7430e4be1d7660eb0075395b9b87c5daafbdd865db30c98c972dd43e00
GET /hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%2223e51f593547aca8%22%2C%22version%22%3A%225.1.0-JS-5.3.0%22%2C%22gdpr%22%3A%22BPenQtvPenQtwAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212de9fb47aada2d8%22%2C%22pid%22%3A%221134957%22%2C%22tid%22%3A%22c966d5fc-a18b-4dac-b835-e482e72190dd%22%2C%22banner%22%3A%7B%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%7D%2C%7B%22w%22%3A300%2C%22h%22%3A300%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%7D%2C%7B%22w%22%3A320%2C%22h%22%3A320%7D%5D%7D%7D%5D%7D%7D HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
date: Wed, 31 Aug 2022 19:19:52 GMT
content-type: application/json; charset=UTF-8
content-length: 97
access-control-allow-origin: https://sharemods.com
set-cookie: tuuid=ef6e609a-5d3b-476e-a69d-47981790286e; Expires=Tue, 29 Nov 2022 19:19:52 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1661973592; Expires=Tue, 29 Nov 2022 19:19:52 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?jst=hb&ord=8876051005481104&tz=0&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=222ade92705f443&transactionid=c966d5fc-a18b-4dac-b835-e482e72190dd&auctionid=44ec403d-3b20-4660-8b59-98b5e277d6e2&
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/adjson?jst=hb&ord=8876051005481104&tz=0&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=222ade92705f443&transactionid=c966d5fc-a18b-4dac-b835-e482e72190dd&auctionid=44ec403d-3b20-4660-8b59-98b5e277d6e2&
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adjson?jst=hb&ord=8876051005481104&tz=0&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=222ade92705f443&transactionid=c966d5fc-a18b-4dac-b835-e482e72190dd&auctionid=44ec403d-3b20-4660-8b59-98b5e277d6e2& HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /adjson?jst=hb&ord=8876051005481104&tz=0&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=222ade92705f443&transactionid=c966d5fc-a18b-4dac-b835-e482e72190dd&auctionid=44ec403d-3b20-4660-8b59-98b5e277d6e2&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 31 Aug 2023 19:19:52 GMT; Path=/; Domain=.betweendigital.com
tuuid=403173b3-97a9-52f3-9fd3-a5a7fcdc11ff; Max-Age=31536000; Expires=Thu, 31 Aug 2023 19:19:52 GMT; Path=/; Domain=.betweendigital.com
ut=Yw-0WAAI0dCKpAOhwKylVSWO2Wln1KvhtmG_tA==; Max-Age=31536000; Expires=Thu, 31 Aug 2023 19:19:52 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 9.4 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (17571)
Hash b6ccaf1fa7e16c5ab4e9fe5684843116
a4a773ee49ff30fd83e2634d16306a3d2fd35f0a
8ebf0177710a133cf8b114b20dd2f2a1bd606ef05772c52b4dc2c139e02c3e13
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Content-Encoding: gzip
Content-Length: 9378
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=57300
Expires: Thu, 01 Sep 2022 11:14:52 GMT
Date: Wed, 31 Aug 2022 19:19:52 GMT
Connection: keep-alive
Vary: Accept-Encoding
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7aa00cef08f5c781bcb0404f03794cf1
18cbef917c39066f9807c765a1d92b586475b3bb
c30b88defd0c7d73c37dcc9700d79b86a3d3bcb8f6c9b7307edbda68c2856e9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id5-sync.com/g/v2/481.json
141.95.98.70200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 141.95.98.70:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d7cbb960ef0509ff68206a181011f4dd
7131e3837c79ea34ddeab8d0f00cb71d3bb856b8
9e1deeefc83cd3bb464f5a29b4c0438abefb230f5f3b8a32c6384842297faf1a
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 293
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Wed, 31 Aug 2022 19:19:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.190.77204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.190.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1105
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
date: Wed, 31 Aug 2022 19:19:52 GMT
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 582
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 31 Aug 2022 19:19:52 GMT
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.0.157200 OK 162 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.0.157:0
Hash 838822371c98221332846ff8415338e4
946d9ca832c2208cd634b67ccd1e329d67d475ea
5802d07389fdbdbba2847d54c5dac18481ec42b2a333c9fe6059e9bd226a27f8
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 448865
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
bid.contextweb.com/header/ortb
198.148.27.134204 No Content 0 B URL HTTP/2 bid.contextweb.com/header/ortb
IP 198.148.27.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /header/ortb HTTP/1.1
Host: bid.contextweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 552
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-no-bid-reason: Passback by decision
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-expose-headers: Access-Control-Allow-Origin
x-envoy-upstream-service-time: 8
date: Wed, 31 Aug 2022 19:19:52 GMT
server: envoy
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=81974582285
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=81974582285
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=32&wv=4.21.0-pre&cb=81974582285 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 342
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:52 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://sharemods.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.90200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.90:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 900
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 31 Aug 2022 19:19:52 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
AN-X-Request-Uuid: 59a19c20-e783-4a70-bee2-7f5fb80f512d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aee681b1e24f5948f6e0a0dc1e949df8
50e94e021905f9b6307ad7bd9925f263e37ed9b5
a014071dd5d03371555c5019741ae8b993afe546a21b9112fd115c6726f0e775
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A014071DD5D03371555C5019741AE8B993AFE546A21B9112FD115C6726F0E775"
Last-Modified: Mon, 29 Aug 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6012
Expires: Wed, 31 Aug 2022 21:00:04 GMT
Date: Wed, 31 Aug 2022 19:19:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f8988f25b9c08e87e5066d6ae57ab52a
636d386c125c83b0b1e2746cd5c6e976854a57af
5d3d75e6fb354ccbd00ae0d2c2da354e16e532b2437bc20809b15116da7ec2e1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D3D75E6FB354CCBD00AE0D2C2DA354E16E532B2437BC20809B15116DA7EC2E1"
Last-Modified: Wed, 31 Aug 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18793
Expires: Thu, 01 Sep 2022 00:33:05 GMT
Date: Wed, 31 Aug 2022 19:19:52 GMT
Connection: keep-alive
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.190.77204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.190.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1824
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
date: Wed, 31 Aug 2022 19:19:51 GMT
X-Firefox-Spdy: h2
bid.contextweb.com/header/ortb?src=prebid
198.148.27.134204 No Content 0 B URL HTTP/2 bid.contextweb.com/header/ortb?src=prebid
IP 198.148.27.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /header/ortb?src=prebid HTTP/1.1
Host: bid.contextweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 774
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
x-no-bid-reason: Passback by decision
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-expose-headers: Access-Control-Allow-Origin
x-envoy-upstream-service-time: 1
date: Wed, 31 Aug 2022 19:19:52 GMT
server: envoy
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=87653795512
178.250.2.131200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=87653795512
IP 178.250.2.131:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=32&wv=4.21.0-pre&cb=87653795512 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 928
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:52 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://sharemods.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.90200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.90:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1741
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 31 Aug 2022 19:19:52 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
AN-X-Request-Uuid: f9368a48-867f-4da8-8d58-0b7eddb10d57
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1118
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Wed, 31 Aug 2022 19:19:52 GMT
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
adsco.re/p
162.252.214.5200 OK 170 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 0b86967b7a003c55e9b2d75776464b16
f4933158303168915421dd479b959fc139798a42
458798ac07c55da4ede0420db901386c366b0bb8c26d8698c615362c6c6d2359
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1814
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 19:19:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
AS-P-4: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://sharemods.com
Access-Control-Allow-Credentials: true
AS-P-5: OK
AS-P-6: OK
AS-P-7: OK
AS-P-8: OK
AS-P-9: OK
AS-P-A: OK
AS-P-B: OK
AS-P-C: OK
AS-P-D: OK
AS-P-E: OK
AS-P-F: OK
AS-P-G: OK
AS-P-H: OK
Content-Encoding: gzip
bid.contextweb.com/header/ortb?src=prebid
198.148.27.134204 No Content 0 B URL HTTP/2 bid.contextweb.com/header/ortb?src=prebid
IP 198.148.27.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /header/ortb?src=prebid HTTP/1.1
Host: bid.contextweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1377
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
x-no-bid-reason: Passback by decision
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-expose-headers: Access-Control-Allow-Origin
x-envoy-upstream-service-time: 0
date: Wed, 31 Aug 2022 19:19:52 GMT
server: envoy
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
185.89.210.90200 OK 477 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.90:0
File type JSON data\012- , ASCII text, with very long lines (477), with no line terminators
Hash 6eef54c4453ccce4f062298935ec48b9
7a30890a6474bb516d0de0e4dd5ba46cb041fbc5
630190e723c5a0fbab3576c0d1fa786c2a85df30277bbbec11865838aad952b7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1740
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 31 Aug 2022 19:19:52 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 477
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
AN-X-Request-Uuid: 4f94131d-38c9-41ae-ba73-9ddd959b362a
Set-Cookie: icu=ChgIordHEAoYASABKAEw2Oi-mAY4AUABSAEQ2Oi-mAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 29-Nov-2022 19:19:52 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=7928183873283161542; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 29-Nov-2022 19:19:52 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-setupad HTTP/1.1
Host: pixel-eu.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 19600bc21eacf9565125744d917cac10
Content-Type: image/gif
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1661973592657&d=9784&wsc=00&typ=embed&mobile=0&c=40
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1661973592657&d=9784&wsc=00&typ=embed&mobile=0&c=40
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1661973592657&d=9784&wsc=00&typ=embed&mobile=0&c=40 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:52 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Wednesday, 31-Aug-2022 19:19:52 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
jdekiucotxir.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 jdekiucotxir.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: jdekiucotxir.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 19:19:52 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 27bfc621417aea1ea14fcb3694b6e5b2
81d0273041010eb8551907b5626c61aad9cca30e
125558081a93b610dd7b222a7b3dfe910fa194ce6b9a483416e828004f99868a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 19:19:53 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 15:49:55 GMT
Expires: Wed, 07 Sep 2022 15:49:54 GMT
Etag: "81d0273041010eb8551907b5626c61aad9cca30e"
Cache-Control: max-age=591600,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74381ecc0ef1fac8-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cb57f70cc3dfd408affeddac5e51ce2c
85fe4cd5f546cdf2c2834ac5665becb84de93b6a
d377d0292cd789fa483c883b04aeee09c0ac26a1e8834fdce23f7fdfbffe3028
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
video.onnetwork.tv/embed.php?mid=NTcwODU4LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA=&iid=1661973591124&cId=pid1661973591124&widget=808
137.74.20.12200 OK 14 kB URL HTTP/2 video.onnetwork.tv/embed.php?mid=NTcwODU4LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA=&iid=1661973591124&cId=pid1661973591124&widget=808
IP 137.74.20.12:0
Hash 0e3cc8be913694c70c2f9d2e456a454f
428ff05d3cb206426754ea4b671b1368799d15cb
786072787f735c48d0e5f8b2bfb20ec80bcc18aa4c5ecfcb3dee8ffef78f62e2
GET /embed.php?mid=NTcwODU4LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA=&iid=1661973591124&cId=pid1661973591124&widget=808 HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Wed, 31 Aug 2022 19:19:51 GMT
expires: Wed, 31 Aug 2022 19:19:51 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
feature-policy: fullscreen *; autoplay;
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/javascript;charset=utf-8
date: Wed, 31 Aug 2022 19:19:52 GMT
server: XO.webservant
X-Firefox-Spdy: h2
premiumvertising.com/u.aspx?_=BAYAYw-0WAFjD7RYgAGBAsAAINwKpaal8AeP7zmxQQUprZHzT-S7TikaaRa62MCqnhGiwQBHMEUCIQD0GMxm9rDN4i4jhgqypBEOPrY_l-XUx0skyyoyRCzDcwIgKROK75Ag-n_hPukK0Ea_A_WfKc-R0Lk5syIFryFwSxc&v=4&hJnWzDyx=2143800&minBid=&pXleiPRI=0,0&tyonSZPH=&NXfAoydB=&s=1280,1024,1,1280,1024,0
162.252.214.11200 OK 776 B URL HTTP/2 premiumvertising.com/u.aspx?_=BAYAYw-0WAFjD7RYgAGBAsAAINwKpaal8AeP7zmxQQUprZHzT-S7TikaaRa62MCqnhGiwQBHMEUCIQD0GMxm9rDN4i4jhgqypBEOPrY_l-XUx0skyyoyRCzDcwIgKROK75Ag-n_hPukK0Ea_A_WfKc-R0Lk5syIFryFwSxc&v=4&hJnWzDyx=2143800&minBid=&pXleiPRI=0,0&tyonSZPH=&NXfAoydB=&s=1280,1024,1,1280,1024,0
IP 162.252.214.11:0
File type ASCII text, with very long lines (1089), with no line terminators
Hash 0b883812a40da1111992f984c154ef22
39d8ca637d619e6bbd6ec493af4d82e8f1480782
b15d7baeaeb022e9debff2e3d31ce1e5f7fc3c964e7434132cda7ef96fa61be3
GET /u.aspx?_=BAYAYw-0WAFjD7RYgAGBAsAAINwKpaal8AeP7zmxQQUprZHzT-S7TikaaRa62MCqnhGiwQBHMEUCIQD0GMxm9rDN4i4jhgqypBEOPrY_l-XUx0skyyoyRCzDcwIgKROK75Ag-n_hPukK0Ea_A_WfKc-R0Lk5syIFryFwSxc&v=4&hJnWzDyx=2143800&minBid=&pXleiPRI=0,0&tyonSZPH=&NXfAoydB=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: premiumvertising.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Wed, 31-Aug-2022 20:19:53 GMT; Max-Age=3600
fraudcheck=fde27816221845df774af69d2f88bdcc; expires=Fri, 30-Sep-2022 19:19:53 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Thu, 01-Sep-2022 01:19:53 GMT; Max-Age=21600
link: <https://www.profitablecpmgate.com>;rel=preconnect
content-length: 776
content-encoding: br
vary: Accept-Encoding
date: Wed, 31 Aug 2022 19:19:53 GMT
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=sharemods.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=sharemods.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharemods.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 31 Aug 2022 19:19:53 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=sharemods.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=sharemods.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharemods.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 31 Aug 2022 19:19:53 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d8bfaaa0e6ee8aab42d1fcdb6957e059
d3009b886a0d5b42d310edcaeae931e81ec38054
d2cc413115a4c7449bf3c0f722dae0a5940969038c46bc529b46f6261a6547fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d540bb36b9dd961eb542506943f01784
fc85b89327b75d3d6643766a70f343f6ea0b7a30
1bcfead20bfe1a9677f25dbcec756dbb3244f6e53069b2a830529fd991baabce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
473b0c451ae6a8d4f098714d57540f10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
142.250.74.65200 OK 3.1 kB URL HTTP/2 473b0c451ae6a8d4f098714d57540f10.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Hash 3fa5e95a358d660ddb3c45769ae1357f
5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137
GET /safeframe/1-0-38/html/container.html?n=1 HTTP/1.1
Host: 473b0c451ae6a8d4f098714d57540f10.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 31 Aug 2022 19:19:53 GMT
expires: Thu, 31 Aug 2023 19:19:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 815ea7f55a1e77e09c30dc0fd274ad0c
cd1cddacf35ef78209e580f69fbe18ac098e20f6
5a4a2b986047ee7031a3c171ba9465d8fb73f6bff2bff319a775fc1cf6556860
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4296
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:53 GMT
Last-Modified: Wed, 31 Aug 2022 18:08:17 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082901&st=env
142.250.74.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082901&st=env
IP 142.250.74.162:0
File type JSON data\012- , ASCII text, with very long lines (14431), with no line terminators
Hash 2c81c7276948833e628e1c302df01fa8
d90aff84534ee890fce112129a12a7e9ac036d40
63a606f894e12e521c5e729a8f965a0df69a0fb00ca1d72788d30862271e06d3
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022082901&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 31 Aug 2022 19:19:53 GMT
server: cafe
cache-control: private
content-length: 10962
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
3953ad91d7a6575807df77abbc7c3c9c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
142.250.74.65200 OK 3.1 kB URL HTTP/2 3953ad91d7a6575807df77abbc7c3c9c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Hash 3fa5e95a358d660ddb3c45769ae1357f
5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137
GET /safeframe/1-0-38/html/container.html?n=3 HTTP/1.1
Host: 3953ad91d7a6575807df77abbc7c3c9c.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 31 Aug 2022 19:19:53 GMT
expires: Thu, 31 Aug 2023 19:19:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
6697b777ce70a61f67e6ed2fe32292cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
142.250.74.65200 OK 3.1 kB URL HTTP/2 6697b777ce70a61f67e6ed2fe32292cc.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5835)
Hash 3fa5e95a358d660ddb3c45769ae1357f
5f6164fbaf8cfbccfd061b00ae48dedfc16bbcd9
d32f4b680031c0e11222eb17385aa9d3b11d2903b05bff34c3d4eb6292631137
GET /safeframe/1-0-38/html/container.html?n=3 HTTP/1.1
Host: 6697b777ce70a61f67e6ed2fe32292cc.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Wed, 31 Aug 2022 19:19:53 GMT
expires: Thu, 31 Aug 2023 19:19:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 2e6ddf144d5d4b60d2db64118d82b15f
880291b6c3fc2494b5380d8bc44ce145b68712c3
0b0a5b0cf6a20590d91de2a252c02a8714a46f8ae933a64b032696006fc83845
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 31 Aug 2022 19:19:53 GMT
Last-Modified: Wed, 31 Aug 2022 17:50:54 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4WYbG0xbnHNrKuttkKpp61PBmx8eWCAfOOwoxtnK0-7LQhFiX7Q2PA==
Age: 5340
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082501&st=env
142.250.74.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082501&st=env
IP 142.250.74.162:0
File type JSON data\012- , ASCII text, with very long lines (14475), with no line terminators
Hash 7e16b178185cf4f1558e53d92a0e4e06
262b319c929b590cbc5a44720de3149dbc78a619
00c7fb22c073d91a568f70cd9b8c30fc0132e3619592cbff9950798433fdfdca
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022082501&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 31 Aug 2022 19:19:53 GMT
server: cafe
cache-control: private
content-length: 10990
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1661973592985&eid=45dd999e41985bf
100.24.224.141204 No Content 0 B URL HTTP/2 1x1.a-mo.net/hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1661973592985&eid=45dd999e41985bf
IP 100.24.224.141:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hbx/g_pbto?A=undefined&bid=undefined&a=undefined&cn=undefined&aud=undefined&ts=1661973592985&eid=45dd999e41985bf HTTP/1.1
Host: 1x1.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Wed, 31 Aug 2022 19:19:53 GMT
cache-control: max-age=0, private, must-revalidate
server: MonetEngine
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6bc4ec86508a3a7e59c9617e599d5523
b0ab24b5e233a44416e138adca6910655ee212c7
fb29b3ff704dd20fef28aa42a53bb4925eb6f07241c9db0f4e67af35435da624
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB29B3FF704DD20FEF28AA42A53BB4925EB6F07241C9DB0F4E67AF35435DA624"
Last-Modified: Mon, 29 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16058
Expires: Wed, 31 Aug 2022 23:47:31 GMT
Date: Wed, 31 Aug 2022 19:19:53 GMT
Connection: keep-alive
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082501&st=env
142.250.74.162200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082501&st=env
IP 142.250.74.162:0
File type JSON data\012- , ASCII text, with very long lines (14506), with no line terminators
Hash 9329717c94986cf3032547c94f4b496a
56cdd13db46a9b1ead8600e92b5cd01dc2c6dbe6
b66e6cd41e96e5c623a1ba97714ca27ae0f227bbc775894f3a086bd5bbe4a1af
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022082501&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Wed, 31 Aug 2022 19:19:53 GMT
server: cafe
cache-control: private
content-length: 11015
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 625b837b97213f5f0d3e9e9f4e096676
efbe7056fb6c35b44d10f863fdacd7f3d4752e5f
27632a4427bcda572554432fd91d53471d69e36114ddee64a0e4bfcebaa247d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Wed, 31 Aug 2022 19:19:53 GMT
expires: Wed, 31 Aug 2022 19:19:53 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 12:35:07 GMT
expires: Thu, 31 Aug 2023 12:35:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 24286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10891
Expires: Wed, 31 Aug 2022 22:21:24 GMT
Date: Wed, 31 Aug 2022 19:19:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10891
Expires: Wed, 31 Aug 2022 22:21:24 GMT
Date: Wed, 31 Aug 2022 19:19:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10891
Expires: Wed, 31 Aug 2022 22:21:24 GMT
Date: Wed, 31 Aug 2022 19:19:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10891
Expires: Wed, 31 Aug 2022 22:21:24 GMT
Date: Wed, 31 Aug 2022 19:19:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10891
Expires: Wed, 31 Aug 2022 22:21:24 GMT
Date: Wed, 31 Aug 2022 19:19:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb21182a7-c320-4c58-9822-7605821e65a5.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb21182a7-c320-4c58-9822-7605821e65a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dcb5acc5186b678254184c5dac12079
d7c84b42a0dd5b86a0668127698fd5f25b647fcb
8173103eda58bf2f1af2d077fc90c2c1b6d2a93265092a9c3152b686e05a4f9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb21182a7-c320-4c58-9822-7605821e65a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5910
x-amzn-requestid: 935b97da-1473-4863-bad2-a732709de9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslNHEfTIAMFWrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e8253-150847db7280350c19e2e464;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0RN7uc1rCMPWabmuO7QRLxIQ2mv0PFqTfL-dF7a6a3i1gFn0TtF8Nw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:45:19 GMT
age: 77674
etag: "d7c84b42a0dd5b86a0668127698fd5f25b647fcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c3b7580a37e6eb7e5bd18491f1d4dd6
288b82ad8f924eb9570ae1c55da84d041f862366
046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zYT0vF7Bxa5m84D12jI2w_A-MzR3wIMBOb0ubTEdNMlpYUes5aYdlQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:44:23 GMT
age: 77730
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.profitablecpmgate.com/favicon.ico
192.243.59.12200 OK 0 B URL HTTP/1.1 www.profitablecpmgate.com/favicon.ico
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.profitablecpmgate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 19:19:53 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 05efeada70e4d53e04187f1b492fffc2
Strict-Transport-Security: max-age=0; includeSubdomains
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9843fcd5eb49c75b942e3dd042f3a931
ff6de19656bc0ee5649c1367448116a9576a690a
8e9679e05e1b2194e44a962a19f226793b5d7fc2334df64f8dd560498532ad3a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6266
x-amzn-requestid: 82231f45-328a-479a-b346-108fe6a0c190
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjU6bEP5IAMFaGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630acea8-6545154a39b44bb04d3bc18c;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:10:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P_a-E2SVJUpYrlOzoX9kDtHoAeyEpcqEXau-5wDupR-9AAk3gQgaHQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 10:00:10 GMT
age: 33583
etag: "ff6de19656bc0ee5649c1367448116a9576a690a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6b2c036e67f8c39c136f6c69b0922eb1
98e27f0dafd7b1b49e159ee038b41a811096a2d0
9dc9e00e6f63a22dd85f54ba26326a9733f6c1d7a19c7b1636f14fca2722e6eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5b5a9a-050c-4a84-9e0d-dfa84795640f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8009
x-amzn-requestid: 6d716dae-efa3-449a-a505-fb5f3d99c2df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XsvlaFEaoAMFwDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e92ef-708228ce7e1fb3cb770cb490;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 22:45:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 03y3JoF38R7gjBYS3gHyOsivob68ykKlwvAIFEwiat2FjYfKWh-afA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 22:47:54 GMT
age: 73919
etag: "98e27f0dafd7b1b49e159ee038b41a811096a2d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4a0e321-c414-4af7-9075-ed1965872194.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4a0e321-c414-4af7-9075-ed1965872194.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 084c7b9f1244ec72236ab517787af1e2
18d7ffa17365f5f43f3ed702ef2ba80d9a7a12cb
2ea7697ebc332bec201ffeaed54a738869b6c64784916574db2c7e6a7990fb3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4a0e321-c414-4af7-9075-ed1965872194.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5911
x-amzn-requestid: ff3b12df-1798-40bb-bf02-ad198710da96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdcGHFGYoAMFw_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630873c0-00cd86e97d0687c702a49ecb;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:18:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bdUkkt8QyTXI_NN4R4tJ3pGrDwNpoLC_aS17xUIe7623fE5xNQucrw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:59:37 GMT
age: 76816
etag: "18d7ffa17365f5f43f3ed702ef2ba80d9a7a12cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnf.onnetwork.tv/f/4/2/4244/css/lt/mobile_small_size_of_miniplayer_21_febuary_2022.css
188.165.21.42200 OK 7.7 kB URL HTTP/2 cdnf.onnetwork.tv/f/4/2/4244/css/lt/mobile_small_size_of_miniplayer_21_febuary_2022.css
IP 188.165.21.42:0
Hash f0243faf40e04a94842b354762fcbbc5
45ebcd0ff668aad096e7a7912e60c38145bd36e0
8d22efe2898aba9ec53a33f8d99a09783c707ba2447ea51b9430f4eabb216959
GET /f/4/2/4244/css/lt/mobile_small_size_of_miniplayer_21_febuary_2022.css HTTP/1.1
Host: cdnf.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:52 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 09:49:48 GMT
vary: Accept-Encoding
etag: W/"6213603c-135"
strict-transport-security: max-age=31536000
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 33410cea864550cd4be2f798e8a92156
fc4f2e22c8d21bef49d86758c2c311c1b23bc450
16dfd590017d14a1a28128aba724e86b638150c7127b45619e775ef6380303d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2927
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:54 GMT
Last-Modified: Wed, 31 Aug 2022 18:31:07 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a3174f909a7792a326742671bb6d3dde
fa4703fd1dc5829d61209aaf18407b4498f8a478
bc171d0c715235ad2ba48dbbb594a35ea1af13107fe7b54e988a63a61fa9fb22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a3174f909a7792a326742671bb6d3dde
fa4703fd1dc5829d61209aaf18407b4498f8a478
bc171d0c715235ad2ba48dbbb594a35ea1af13107fe7b54e988a63a61fa9fb22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 573bec7a0c7fa0d20a86150369c59c79
fa02e4d324496cfb8be12a665ee761c9d833230a
2e99d92ea84dee19103af3c171112de2f1df9b6f5451782ba104a756d6891ce4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E99D92EA84DEE19103AF3C171112DE2F1DF9B6F5451782BA104A756D6891CE4"
Last-Modified: Tue, 30 Aug 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9675
Expires: Wed, 31 Aug 2022 22:01:09 GMT
Date: Wed, 31 Aug 2022 19:19:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7136b0e281da5e6b4506c5546181c038
55f0fb198155530e0222aaeaf4066f90380ca541
ddf861c74d75c19b8f3edea0b5760384aa7c85da04df65977dcddb93334568af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 897
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:54 GMT
Last-Modified: Wed, 31 Aug 2022 19:04:58 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 564881c93b824bbb04f1677a02332b97
eb7f2a57ed17bcd5992751a55f51391757abb0b9
7cd6adc2ed65d50f37491c33e1139f3b6404aa219fff9dba502d346b29905df3
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 31 Aug 2022 19:19:54 GMT
date: Wed, 31 Aug 2022 19:19:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-bNI2kibnNq-wTDaXj0JSTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7136b0e281da5e6b4506c5546181c038
55f0fb198155530e0222aaeaf4066f90380ca541
ddf861c74d75c19b8f3edea0b5760384aa7c85da04df65977dcddb93334568af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 854
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:54 GMT
Last-Modified: Wed, 31 Aug 2022 19:05:40 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 313
googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALtndIc1cONFyUGrWSwbMn6BsnSHOaVO2PEx-ZiTERlQ4HVGW9ZxSwmyAxrnHbpmyx0sBs4FblKhJ7YnCVX_dYDWR6lw&cry=1&dbm_d=AKAmf-DVDZ2UcgiDHjE3Z92whIgNnqPFsgni299GPtESTWlxzVHeW8PsOHh_YTZg2oCIYXhlxntj9OBhDZahvKuZyZJ7OtkqlI2zUSW4dPsWT49WmTNK96OxUaj2oTt8HI-MWrxZyJ44KpxgVIEOLj6bFSIX75STEfvd24ZNWsZBMOAWha-e4xWdFDVJo-SnA7MzC1ZKRADJhtMpbj0qBwVwPYsL4WT6td00OFwbdEM8ZP7SxtMUXt92Pjh2PBxcLg92pWw_r3luRvB7jZixae1dQkOcvIajX1w1Z9WQemXeFPa6UDRPOtxKLEm-7Mdsfx-4krYXoEFRrJWiC_gHBhTDYeWlwJ7PQkQokxUhHloyusPR5nx4oQJlcFPVdumtyrTim5XCFJ_rgRHb28hnlNGy2J4EnszFIJcbhsIPgjKS7oZkEi8w99wWMakvIpiQhp9rvbTSIoPL6wwv3f8mTYN8RoFS8xQcmEpkEBSoUMgztT3ggGZVAc-L_tO657Uaq0w_tBWEzhHizs9qB8LSv1sBa5kP_etl2yQp-ba_HLi9-vdzsolaT_H8Inh7x6ZFhjJ1nDXDq6F8mC4EeSwx5rTB4qnsRfq8oIx8rTQ03rpLDDO9EK19EKGKIJGyat1XCyeVmG2YfirsQCmbOfTezRun66w3EZbtzBRKgXERPE5og_PnUbc1lPsoUVmhp3Ukb3_aSzSbOXJpLXYf5dwc_fWhAXuXhthk3ujMN-CQU3GAIGAU6meiY-B9kkzrZAAb-nKCkqlnvEpUoYZXIwH35Iyl9vZvAE6k29HYMx3YEWJG99AJG75u8e__9RmMTLEC8BJWbm4efDv950f_4q884_zGVjdPA_nWEgIybtkLXe013zaphuMrYjiIsy9O5Ow_i3g5PJPF2udiIXpuX_Btouw-huQ-vn02AyHx1ZbvsvEkMzUs45ITDNS-2Z4ntxpdV-rJwcvk_cUG8K4eOu9WsjMlUQQRYZR41sii-kMkGOieC7ZKU5gxIQlO6_o-uNsQjpp-Ik6J1agGbOAcKy7f8TbmWtXrENrENZ7DaAyfEQRk9XQGIJyClGcmD0hARcaQpCRI6XOUpem7hTVIsOz8FBHUJfhZanwv69Wdr-7oLxAZ5TAcPgizvWU-ZXNUCFkE326mEnLB0xLu3599epRr7QYe56guXCgjZl-Rs426dPOFsiK-PtKjPC8ANHc7PZJOJu9fN7awzD6UW7cjwlohSKwuRP9h4kKaHzeCFlyiREBZqLK6Pk0wyrJJbWnYUChmt6NJhhrL7ioBA1OGtyP09KGfNFfcbG6GlbjmG4SWUEz_lOW5VBwV1aF2jeXaDzxj3dp3ezWpIzgEKa3pbtp2dGzLMWcSW__8fWUEKmSAFRQMRkcVpkyWDRaweROFCsVvkZjnTT972fZ9A-au9X6NzSWhqI49Yv3s73pQu-LjRUkxZnhdo0dIqXgwmHq5BB_U9zUxOMSoTvAOwHeTRa1NyZmHiqyznsRy2RSKuZUzwuU5xkgMo-llS5pNO-CevOMmcuRuNDKv39Dda3Y6OSD3s1XtV_A9Rl0OrZT-Hww5VdnLb7vOImsEwAFQcpYS4MVL61reRntG6HIe1hyUkzwV4VTQ53bRf9n1aEIjlcwbvH0zVE4sMGC5qCfd0rh7ZO2Q7mDpd_AxqD7onUWg5axvEIl16VXaiTznC1bbHPWHa5MdJPdV1IYKzhdq5YdR8s21lEyhxtj8KW9Sbqeq-_z7zW07ZagtMMtSK4hQgeZUrlIiNiAzf7GgSnBRXfxVwXTMaggdFm0w4EwlaKCLRtdCKxQaUJrXclVADABc8GW1LyhU6yuH8rOp06Kct2a0R1e-bVz1T5SeFGn2C91XOkBUDbqxCdyTnC4GLTQ3a1t6dL0PuUgqGh3UPNVV8DMLT53oSXudtzb5xQQ9yxjL-mkPJMF2FFo-XPQ3dVHVkg8VSWjLuAU_KL1z8dRAzO5eOTef2ljuNdfjXCnL_VtvLClKy9dIP9GmXNDbfvBh1GeYdzSrEY4Px78HZoic1DDUwXUqGC29ohaIwwdfFIi9hAH_EHZOKv5uU_lODV34u_7489wsneUC08BrMaKSzeZWuCyBjyvW2S6Bg1KIyuuZHVL7XNVHV6N4zUviILtPObmiPJ2LfMiMDmVoccV4WjjTL2CdAxMb-MVuAJOIZglelzzf-iI-aQf1rN0HBrLnK_Ln6SpEM_1yIw3lRArp7-DIycXsy_ixNuqNOHprwndGirhvH24XY8oetgY8ku1Pnvm4poi-QmsPQCjdFENgQsZq1VNc3Hka5H-fDD-RP3rCtKHC05Htxgx-5eQaxRNhfnouuIXbLTlRCfF3ek0XneKHnh8-4RbQuM9swK65mwP0MoMJvWgg54-NuLGl_l32kK56yIByd28jqEy6tbkY5FWofIQpfduhmHAjPPapzfA5TUEFlarTHC3PwWpXCOqf7R4ay4W28jdP8TZfYxlNYTJ6_gH3kQn9c-If0ypgqUwOO5gHfbiPGCC_iCNx0m1KpD03Q4PASqkjlJJWrK-JUxw61mJjcW0bM7ekyEZHj1HNchMrUKKCxIYJdPXUxUrMm1e4g2eeLPEuist2OJ_u0NKdgzrKrpU2Fz1GiHLv1j_WOwrqmW5D-jSw9aCe9MpITao-qjPkZ32ZyDgxNrksuR9XvhxJPpgDnvOh131vsasyUGWhQrW4H2CLkq3GghLHXEVlQkm_QS-A-YUiWjDB5jnxzV0AIsU-QznWBsPkxenP7xhq7u66shWeUFpaA2oru7zS6kEX5j989CmlpjXbEHueoykoqgnKicmhcca3DXZtP6-uUqrUJtOBa5rhcbqpRwpb_MsYB5th8dgM9k5EuAvWje3jVJ19VCpwx8UJTkGPLmMS63Tw_tQSRkiftlgA18LCkMixukViFobUXKgjxI3bMy9z5wpaIxfHpfyzpFKMhZ7vlr0QwyveP_02bgOMA6_L_VdPd0-4cJtsBA1PkM18QKgFMF6pTJxJkJ1w5O9zGBGMBUKla27B_nSNRETLLzXwobDRCPTRFLh_3TraR3U3wMdyRwM8Gv-FDyroBvF9-d12FQv2Y_atkhpKJu84rtole0K4xSSD8B3i353i4uOXbDsO-37AJN4fHeqJcBwbO0MWnCb-WPSIasR1uSh3932HIAGgtib6zg6NDSLoYj78eNgvbRL5-IFDQN9obcF10H8XlWKSr5J80-F5jg&cid=CAASJ-RoUtL4Tqr9ezdGNPRa6iXVZItrIXZa_eCljbH6VP6AYBiIpoYzmA&rfl=3%2C%2C%2Chttps%253A%252F%252Fsharemods.com%252F%240
142.250.74.130200 OK 34 kB URL HTTP/2 googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ALtndIc1cONFyUGrWSwbMn6BsnSHOaVO2PEx-ZiTERlQ4HVGW9ZxSwmyAxrnHbpmyx0sBs4FblKhJ7YnCVX_dYDWR6lw&cry=1&dbm_d=AKAmf-DVDZ2UcgiDHjE3Z92whIgNnqPFsgni299GPtESTWlxzVHeW8PsOHh_YTZg2oCIYXhlxntj9OBhDZahvKuZyZJ7OtkqlI2zUSW4dPsWT49WmTNK96OxUaj2oTt8HI-MWrxZyJ44KpxgVIEOLj6bFSIX75STEfvd24ZNWsZBMOAWha-e4xWdFDVJo-SnA7MzC1ZKRADJhtMpbj0qBwVwPYsL4WT6td00OFwbdEM8ZP7SxtMUXt92Pjh2PBxcLg92pWw_r3luRvB7jZixae1dQkOcvIajX1w1Z9WQemXeFPa6UDRPOtxKLEm-7Mdsfx-4krYXoEFRrJWiC_gHBhTDYeWlwJ7PQkQokxUhHloyusPR5nx4oQJlcFPVdumtyrTim5XCFJ_rgRHb28hnlNGy2J4EnszFIJcbhsIPgjKS7oZkEi8w99wWMakvIpiQhp9rvbTSIoPL6wwv3f8mTYN8RoFS8xQcmEpkEBSoUMgztT3ggGZVAc-L_tO657Uaq0w_tBWEzhHizs9qB8LSv1sBa5kP_etl2yQp-ba_HLi9-vdzsolaT_H8Inh7x6ZFhjJ1nDXDq6F8mC4EeSwx5rTB4qnsRfq8oIx8rTQ03rpLDDO9EK19EKGKIJGyat1XCyeVmG2YfirsQCmbOfTezRun66w3EZbtzBRKgXERPE5og_PnUbc1lPsoUVmhp3Ukb3_aSzSbOXJpLXYf5dwc_fWhAXuXhthk3ujMN-CQU3GAIGAU6meiY-B9kkzrZAAb-nKCkqlnvEpUoYZXIwH35Iyl9vZvAE6k29HYMx3YEWJG99AJG75u8e__9RmMTLEC8BJWbm4efDv950f_4q884_zGVjdPA_nWEgIybtkLXe013zaphuMrYjiIsy9O5Ow_i3g5PJPF2udiIXpuX_Btouw-huQ-vn02AyHx1ZbvsvEkMzUs45ITDNS-2Z4ntxpdV-rJwcvk_cUG8K4eOu9WsjMlUQQRYZR41sii-kMkGOieC7ZKU5gxIQlO6_o-uNsQjpp-Ik6J1agGbOAcKy7f8TbmWtXrENrENZ7DaAyfEQRk9XQGIJyClGcmD0hARcaQpCRI6XOUpem7hTVIsOz8FBHUJfhZanwv69Wdr-7oLxAZ5TAcPgizvWU-ZXNUCFkE326mEnLB0xLu3599epRr7QYe56guXCgjZl-Rs426dPOFsiK-PtKjPC8ANHc7PZJOJu9fN7awzD6UW7cjwlohSKwuRP9h4kKaHzeCFlyiREBZqLK6Pk0wyrJJbWnYUChmt6NJhhrL7ioBA1OGtyP09KGfNFfcbG6GlbjmG4SWUEz_lOW5VBwV1aF2jeXaDzxj3dp3ezWpIzgEKa3pbtp2dGzLMWcSW__8fWUEKmSAFRQMRkcVpkyWDRaweROFCsVvkZjnTT972fZ9A-au9X6NzSWhqI49Yv3s73pQu-LjRUkxZnhdo0dIqXgwmHq5BB_U9zUxOMSoTvAOwHeTRa1NyZmHiqyznsRy2RSKuZUzwuU5xkgMo-llS5pNO-CevOMmcuRuNDKv39Dda3Y6OSD3s1XtV_A9Rl0OrZT-Hww5VdnLb7vOImsEwAFQcpYS4MVL61reRntG6HIe1hyUkzwV4VTQ53bRf9n1aEIjlcwbvH0zVE4sMGC5qCfd0rh7ZO2Q7mDpd_AxqD7onUWg5axvEIl16VXaiTznC1bbHPWHa5MdJPdV1IYKzhdq5YdR8s21lEyhxtj8KW9Sbqeq-_z7zW07ZagtMMtSK4hQgeZUrlIiNiAzf7GgSnBRXfxVwXTMaggdFm0w4EwlaKCLRtdCKxQaUJrXclVADABc8GW1LyhU6yuH8rOp06Kct2a0R1e-bVz1T5SeFGn2C91XOkBUDbqxCdyTnC4GLTQ3a1t6dL0PuUgqGh3UPNVV8DMLT53oSXudtzb5xQQ9yxjL-mkPJMF2FFo-XPQ3dVHVkg8VSWjLuAU_KL1z8dRAzO5eOTef2ljuNdfjXCnL_VtvLClKy9dIP9GmXNDbfvBh1GeYdzSrEY4Px78HZoic1DDUwXUqGC29ohaIwwdfFIi9hAH_EHZOKv5uU_lODV34u_7489wsneUC08BrMaKSzeZWuCyBjyvW2S6Bg1KIyuuZHVL7XNVHV6N4zUviILtPObmiPJ2LfMiMDmVoccV4WjjTL2CdAxMb-MVuAJOIZglelzzf-iI-aQf1rN0HBrLnK_Ln6SpEM_1yIw3lRArp7-DIycXsy_ixNuqNOHprwndGirhvH24XY8oetgY8ku1Pnvm4poi-QmsPQCjdFENgQsZq1VNc3Hka5H-fDD-RP3rCtKHC05Htxgx-5eQaxRNhfnouuIXbLTlRCfF3ek0XneKHnh8-4RbQuM9swK65mwP0MoMJvWgg54-NuLGl_l32kK56yIByd28jqEy6tbkY5FWofIQpfduhmHAjPPapzfA5TUEFlarTHC3PwWpXCOqf7R4ay4W28jdP8TZfYxlNYTJ6_gH3kQn9c-If0ypgqUwOO5gHfbiPGCC_iCNx0m1KpD03Q4PASqkjlJJWrK-JUxw61mJjcW0bM7ekyEZHj1HNchMrUKKCxIYJdPXUxUrMm1e4g2eeLPEuist2OJ_u0NKdgzrKrpU2Fz1GiHLv1j_WOwrqmW5D-jSw9aCe9MpITao-qjPkZ32ZyDgxNrksuR9XvhxJPpgDnvOh131vsasyUGWhQrW4H2CLkq3GghLHXEVlQkm_QS-A-YUiWjDB5jnxzV0AIsU-QznWBsPkxenP7xhq7u66shWeUFpaA2oru7zS6kEX5j989CmlpjXbEHueoykoqgnKicmhcca3DXZtP6-uUqrUJtOBa5rhcbqpRwpb_MsYB5th8dgM9k5EuAvWje3jVJ19VCpwx8UJTkGPLmMS63Tw_tQSRkiftlgA18LCkMixukViFobUXKgjxI3bMy9z5wpaIxfHpfyzpFKMhZ7vlr0QwyveP_02bgOMA6_L_VdPd0-4cJtsBA1PkM18QKgFMF6pTJxJkJ1w5O9zGBGMBUKla27B_nSNRETLLzXwobDRCPTRFLh_3TraR3U3wMdyRwM8Gv-FDyroBvF9-d12FQv2Y_atkhpKJu84rtole0K4xSSD8B3i353i4uOXbDsO-37AJN4fHeqJcBwbO0MWnCb-WPSIasR1uSh3932HIAGgtib6zg6NDSLoYj78eNgvbRL5-IFDQN9obcF10H8XlWKSr5J80-F5jg&cid=CAASJ-RoUtL4Tqr9ezdGNPRa6iXVZItrIXZa_eCljbH6VP6AYBiIpoYzmA&rfl=3%2C%2C%2Chttps%253A%252F%252Fsharemods.com%252F%240
IP 142.250.74.130:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 905d8a93559f897a017b125bd66a0090
f260168cf83dcbbb5bd75291be34a831d728e6d6
bf6d17d2c38d39c6643d0a3c91bbec54bfd5e4d025d0ea79fe975c054dd4216a
GET /dbm/ad?dbm_c=AKAmf-ALtndIc1cONFyUGrWSwbMn6BsnSHOaVO2PEx-ZiTERlQ4HVGW9ZxSwmyAxrnHbpmyx0sBs4FblKhJ7YnCVX_dYDWR6lw&cry=1&dbm_d=AKAmf-DVDZ2UcgiDHjE3Z92whIgNnqPFsgni299GPtESTWlxzVHeW8PsOHh_YTZg2oCIYXhlxntj9OBhDZahvKuZyZJ7OtkqlI2zUSW4dPsWT49WmTNK96OxUaj2oTt8HI-MWrxZyJ44KpxgVIEOLj6bFSIX75STEfvd24ZNWsZBMOAWha-e4xWdFDVJo-SnA7MzC1ZKRADJhtMpbj0qBwVwPYsL4WT6td00OFwbdEM8ZP7SxtMUXt92Pjh2PBxcLg92pWw_r3luRvB7jZixae1dQkOcvIajX1w1Z9WQemXeFPa6UDRPOtxKLEm-7Mdsfx-4krYXoEFRrJWiC_gHBhTDYeWlwJ7PQkQokxUhHloyusPR5nx4oQJlcFPVdumtyrTim5XCFJ_rgRHb28hnlNGy2J4EnszFIJcbhsIPgjKS7oZkEi8w99wWMakvIpiQhp9rvbTSIoPL6wwv3f8mTYN8RoFS8xQcmEpkEBSoUMgztT3ggGZVAc-L_tO657Uaq0w_tBWEzhHizs9qB8LSv1sBa5kP_etl2yQp-ba_HLi9-vdzsolaT_H8Inh7x6ZFhjJ1nDXDq6F8mC4EeSwx5rTB4qnsRfq8oIx8rTQ03rpLDDO9EK19EKGKIJGyat1XCyeVmG2YfirsQCmbOfTezRun66w3EZbtzBRKgXERPE5og_PnUbc1lPsoUVmhp3Ukb3_aSzSbOXJpLXYf5dwc_fWhAXuXhthk3ujMN-CQU3GAIGAU6meiY-B9kkzrZAAb-nKCkqlnvEpUoYZXIwH35Iyl9vZvAE6k29HYMx3YEWJG99AJG75u8e__9RmMTLEC8BJWbm4efDv950f_4q884_zGVjdPA_nWEgIybtkLXe013zaphuMrYjiIsy9O5Ow_i3g5PJPF2udiIXpuX_Btouw-huQ-vn02AyHx1ZbvsvEkMzUs45ITDNS-2Z4ntxpdV-rJwcvk_cUG8K4eOu9WsjMlUQQRYZR41sii-kMkGOieC7ZKU5gxIQlO6_o-uNsQjpp-Ik6J1agGbOAcKy7f8TbmWtXrENrENZ7DaAyfEQRk9XQGIJyClGcmD0hARcaQpCRI6XOUpem7hTVIsOz8FBHUJfhZanwv69Wdr-7oLxAZ5TAcPgizvWU-ZXNUCFkE326mEnLB0xLu3599epRr7QYe56guXCgjZl-Rs426dPOFsiK-PtKjPC8ANHc7PZJOJu9fN7awzD6UW7cjwlohSKwuRP9h4kKaHzeCFlyiREBZqLK6Pk0wyrJJbWnYUChmt6NJhhrL7ioBA1OGtyP09KGfNFfcbG6GlbjmG4SWUEz_lOW5VBwV1aF2jeXaDzxj3dp3ezWpIzgEKa3pbtp2dGzLMWcSW__8fWUEKmSAFRQMRkcVpkyWDRaweROFCsVvkZjnTT972fZ9A-au9X6NzSWhqI49Yv3s73pQu-LjRUkxZnhdo0dIqXgwmHq5BB_U9zUxOMSoTvAOwHeTRa1NyZmHiqyznsRy2RSKuZUzwuU5xkgMo-llS5pNO-CevOMmcuRuNDKv39Dda3Y6OSD3s1XtV_A9Rl0OrZT-Hww5VdnLb7vOImsEwAFQcpYS4MVL61reRntG6HIe1hyUkzwV4VTQ53bRf9n1aEIjlcwbvH0zVE4sMGC5qCfd0rh7ZO2Q7mDpd_AxqD7onUWg5axvEIl16VXaiTznC1bbHPWHa5MdJPdV1IYKzhdq5YdR8s21lEyhxtj8KW9Sbqeq-_z7zW07ZagtMMtSK4hQgeZUrlIiNiAzf7GgSnBRXfxVwXTMaggdFm0w4EwlaKCLRtdCKxQaUJrXclVADABc8GW1LyhU6yuH8rOp06Kct2a0R1e-bVz1T5SeFGn2C91XOkBUDbqxCdyTnC4GLTQ3a1t6dL0PuUgqGh3UPNVV8DMLT53oSXudtzb5xQQ9yxjL-mkPJMF2FFo-XPQ3dVHVkg8VSWjLuAU_KL1z8dRAzO5eOTef2ljuNdfjXCnL_VtvLClKy9dIP9GmXNDbfvBh1GeYdzSrEY4Px78HZoic1DDUwXUqGC29ohaIwwdfFIi9hAH_EHZOKv5uU_lODV34u_7489wsneUC08BrMaKSzeZWuCyBjyvW2S6Bg1KIyuuZHVL7XNVHV6N4zUviILtPObmiPJ2LfMiMDmVoccV4WjjTL2CdAxMb-MVuAJOIZglelzzf-iI-aQf1rN0HBrLnK_Ln6SpEM_1yIw3lRArp7-DIycXsy_ixNuqNOHprwndGirhvH24XY8oetgY8ku1Pnvm4poi-QmsPQCjdFENgQsZq1VNc3Hka5H-fDD-RP3rCtKHC05Htxgx-5eQaxRNhfnouuIXbLTlRCfF3ek0XneKHnh8-4RbQuM9swK65mwP0MoMJvWgg54-NuLGl_l32kK56yIByd28jqEy6tbkY5FWofIQpfduhmHAjPPapzfA5TUEFlarTHC3PwWpXCOqf7R4ay4W28jdP8TZfYxlNYTJ6_gH3kQn9c-If0ypgqUwOO5gHfbiPGCC_iCNx0m1KpD03Q4PASqkjlJJWrK-JUxw61mJjcW0bM7ekyEZHj1HNchMrUKKCxIYJdPXUxUrMm1e4g2eeLPEuist2OJ_u0NKdgzrKrpU2Fz1GiHLv1j_WOwrqmW5D-jSw9aCe9MpITao-qjPkZ32ZyDgxNrksuR9XvhxJPpgDnvOh131vsasyUGWhQrW4H2CLkq3GghLHXEVlQkm_QS-A-YUiWjDB5jnxzV0AIsU-QznWBsPkxenP7xhq7u66shWeUFpaA2oru7zS6kEX5j989CmlpjXbEHueoykoqgnKicmhcca3DXZtP6-uUqrUJtOBa5rhcbqpRwpb_MsYB5th8dgM9k5EuAvWje3jVJ19VCpwx8UJTkGPLmMS63Tw_tQSRkiftlgA18LCkMixukViFobUXKgjxI3bMy9z5wpaIxfHpfyzpFKMhZ7vlr0QwyveP_02bgOMA6_L_VdPd0-4cJtsBA1PkM18QKgFMF6pTJxJkJ1w5O9zGBGMBUKla27B_nSNRETLLzXwobDRCPTRFLh_3TraR3U3wMdyRwM8Gv-FDyroBvF9-d12FQv2Y_atkhpKJu84rtole0K4xSSD8B3i353i4uOXbDsO-37AJN4fHeqJcBwbO0MWnCb-WPSIasR1uSh3932HIAGgtib6zg6NDSLoYj78eNgvbRL5-IFDQN9obcF10H8XlWKSr5J80-F5jg&cid=CAASJ-RoUtL4Tqr9ezdGNPRa6iXVZItrIXZa_eCljbH6VP6AYBiIpoYzmA&rfl=3%2C%2C%2Chttps%253A%252F%252Fsharemods.com%252F%240 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3953ad91d7a6575807df77abbc7c3c9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 31 Aug 2022 19:19:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 34160
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 31-Aug-2022 19:34:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/xbbe/pixel?d=CLSPmdgCENe9--oCGPrTg9ABMAE&v=APEucNW6hXkkj7Yayz6vb8WtfUDeLrUe-9SnAqpEfe5GFJ43gQTOuFIl5FUwZddqu3SifiCxbaqV_mhNhr9o80PKt939D-iQ5g1tThAubd1sfa5wpLOLmufZdmeq7ngRurDhb4oYRYdi7lmRyOdkgcATGpbfLy5sJbnU2CHxOCTuPl0O8-eVg7hnkOiEP_1_AaWzRc9odBce5tNx-VWgUGnQxKwrUt1U-w
142.250.74.130200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/xbbe/pixel?d=CLSPmdgCENe9--oCGPrTg9ABMAE&v=APEucNW6hXkkj7Yayz6vb8WtfUDeLrUe-9SnAqpEfe5GFJ43gQTOuFIl5FUwZddqu3SifiCxbaqV_mhNhr9o80PKt939D-iQ5g1tThAubd1sfa5wpLOLmufZdmeq7ngRurDhb4oYRYdi7lmRyOdkgcATGpbfLy5sJbnU2CHxOCTuPl0O8-eVg7hnkOiEP_1_AaWzRc9odBce5tNx-VWgUGnQxKwrUt1U-w
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=CLSPmdgCENe9--oCGPrTg9ABMAE&v=APEucNW6hXkkj7Yayz6vb8WtfUDeLrUe-9SnAqpEfe5GFJ43gQTOuFIl5FUwZddqu3SifiCxbaqV_mhNhr9o80PKt939D-iQ5g1tThAubd1sfa5wpLOLmufZdmeq7ngRurDhb4oYRYdi7lmRyOdkgcATGpbfLy5sJbnU2CHxOCTuPl0O8-eVg7hnkOiEP_1_AaWzRc9odBce5tNx-VWgUGnQxKwrUt1U-w HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3953ad91d7a6575807df77abbc7c3c9c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 31 Aug 2022 19:19:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 31-Aug-2022 19:34:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 31 Aug 2022 19:19:54 GMT
cache-control: private
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:53 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=p8oR2l80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhFNVFzV01ZSDVKaVk2WiUyQlNiQjd4c25qZUUlMkZXOE1xWXQyV1loR0N0VDRs; expires=Mon, 25 Sep 2023 19:19:54 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 239337
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 4fa250d4be1b0beea7e18a7d0e4aff72
81fa0ccdf87bd20bba124e7cb4eaefb5ca55dab4
9b36435492af051c0fc7165b6c67e0b23c24f738411079b18f2e00b81c62dac8
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 31 Aug 2022 19:19:54 GMT
date: Wed, 31 Aug 2022 19:19:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-YSnOaGqLfM1GDZzHgp_nZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 515 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash b1462ecfd7daf205048252545992ead2
cfca984da887cb245decabb546d338008c978df3
cfefbd6e8943514e0885381a75f8ae7a0749c90a2d08fe0b71b35556e12a7e30
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 31 Aug 2022 19:19:54 GMT
date: Wed, 31 Aug 2022 19:19:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-zeZW1F85WkIR0NS9GFBqrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 162103fea2d2770a892523dda40eb8d3
18fdbf868daac86329ddd87b5d70794108888c1f
6ef5338f6861732e340a5bbb77948cbc56fff65861dab47485e2aade1c3f94bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 162103fea2d2770a892523dda40eb8d3
18fdbf868daac86329ddd87b5d70794108888c1f
6ef5338f6861732e340a5bbb77948cbc56fff65861dab47485e2aade1c3f94bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/hls.min.js
151.101.85.229200 OK 93 kB URL HTTP/2 cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/hls.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4cc4caf7724584aecce10a3465661f1c
199035cd38640b65c11e61429fade2c5c4f2e213
7b6e0377389650e55abb7aec33aa43be7fbc522c2abb1f9a2e3413bcae7019d5
GET /npm/hls.js@1.1.3/dist/hls.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.1.3
x-jsd-version-type: version
etag: W/"4eaf2-/CwIB8b0ZgFLVgmQTHnomAXuiz4"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 31 Aug 2022 19:19:54 GMT
age: 14119948
x-served-by: cache-fra19183-FRA, cache-bma1645-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 92753
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
142.250.74.138200 OK 31 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (3442)
Hash 18d24038f6fd556b0f2fde4068de9001
ad04aa2f316e1dcd8ebe8176abbf76653b3ba06d
77a2db182c0c21d72d88ff4523e301e082b9a021ccc54c176066b22fa1fca800
GET /js/sdkloader/gpt_proxy.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 30871
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:10:40 GMT
expires: Wed, 31 Aug 2022 19:25:40 GMT
cache-control: public, max-age=900
age: 554
last-modified: Mon, 29 Aug 2022 20:45:25 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.15200 OK 12 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.15:0
File type JSON data\012- , ASCII text, with very long lines (1548)
Hash 086aa5aaf227f36450868275b12db807
400c092b65c26ab76a9c31a760e7778d16d59270
18dfa483e21c4ff14961453351be149c97858edc036cf23100bb9cb4dea2a43a
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:54 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 146415
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 2732b3212798253f588c5dbd2a2f3a14
c933b5e352407b931a08ed757cfadffbc47cb146
cf9c67e56b8014dcf1dde3932145a072659f077ebbed7fac753497f57aaf0e92
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 19:19:54 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "8EFF5210B646D28F59D7AF512DB4C9298E550077"
Expires: Thu, 01 Sep 2022 06:00:00 GMT
Last-Modified: Wed, 31 Aug 2022 18:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 2574
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74381ed3cf291c06-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea8f135d0d9646f85d5f17dee7000297
4450bda2c50f8de9366bb33b372ce4d8cbbc5f28
577489ce192278f40054e285aaa614d3502f1507911c8098eabb68eead763395
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 162103fea2d2770a892523dda40eb8d3
18fdbf868daac86329ddd87b5d70794108888c1f
6ef5338f6861732e340a5bbb77948cbc56fff65861dab47485e2aade1c3f94bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
216.58.211.6200 OK 38 kB URL HTTP/2 s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
IP 216.58.211.6:0
File type ASCII text, with very long lines (3095)
Hash 4f9b890a6c4cfbbfd0fb7eff98bf4dde
2db204fb0ee448842b40f84463234ea496763130
8e0d4c67a688228e1ba10b1e1dc367c078edf7e9bc35be0bd4ae8c0ce980647c
GET /879366/express_html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://3953ad91d7a6575807df77abbc7c3c9c.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://3953ad91d7a6575807df77abbc7c3c9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 12:29:23 GMT
expires: Thu, 01 Sep 2022 12:29:23 GMT
cache-control: public, max-age=86400
age: 24631
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ea8f135d0d9646f85d5f17dee7000297
4450bda2c50f8de9366bb33b372ce4d8cbbc5f28
577489ce192278f40054e285aaa614d3502f1507911c8098eabb68eead763395
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 19:19:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 57 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 57116, version 1.0\012- data
Hash 0df839703cae7648ea76e7525842ec83
1220ca1a9f7fb2f27f0249fdcc31e29636e48e9b
1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2
GET /s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://video.onnetwork.tv
Connection: keep-alive
Referer: https://cdn.onnetwork.tv/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 57116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 17:49:56 GMT
expires: Wed, 30 Aug 2023 17:49:56 GMT
cache-control: public, max-age=31536000
age: 91798
last-modified: Tue, 21 Sep 2021 23:13:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 4.8 kB IP 178.250.2.146:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11154)
Hash 3f76ca96e87368a9748d10d2c060ac30
d332a08a8c8f0f5ef40d732a290efdcb7b737862
61b708505775f6d36c64f01542a4648c0da7e235106b6f1ba98f48b664f7e0ce
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=p8oR2l80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhFNVFzV01ZSDVKaVk2WiUyQlNiQjd4c25qZUUlMkZXOE1xWXQyV1loR0N0VDRs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:53 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=Xe8uoF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhFNVFzV01ZSDVKaVk2WiUyQlNiQjd4c3o3c21nN3BQV1FWWWt5SFNjMk5qRQ; expires=Mon, 25 Sep 2023 19:19:54 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 367932
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1661973594253&event=plimpression&d=9784&vs=0&aps=3&playerVisible=0&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1661973594253&event=plimpression&d=9784&vs=0&aps=3&playerVisible=0&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1661973594253&event=plimpression&d=9784&vs=0&aps=3&playerVisible=0&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:54 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Wednesday, 31-Aug-2022 19:19:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player86/player.min.js?s=1661854233
188.165.21.42200 OK 59 kB URL HTTP/2 cdn.onnetwork.tv/js/player86/player.min.js?s=1661854233
IP 188.165.21.42:0
File type C++ source, ASCII text, with very long lines (2822)
Hash c44209e00ac9075e5cb4867f520af1c4
76b4c7526f900cdcb64e726831e862a9d800ddf0
09baf7e49122e0c45062d5e94824f66285cfba24d57a1f2c7b46665a0c73b0dc
GET /js/player86/player.min.js?s=1661854233 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:54 GMT
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 10:10:33 GMT
vary: Accept-Encoding
etag: W/"630de219-39e98"
expires: Sun, 19 Mar 2023 19:19:54 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.60200 OK 165 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.60:0
Hash f0d01680cb7a281c8c9f14b274376939
818facb26dfa0608bd382655a3ea7013ac2b94ed
8a94c980ad30c828cfad63587ebaa37413c07ba1323ac77e84e1957a86d4a4dc
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:53 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 120012
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntd.png?ts=1661973594255&mobile=0&plc=5&time=11&website=9784
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntd.png?ts=1661973594255&mobile=0&plc=5&time=11&website=9784
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntd.png?ts=1661973594255&mobile=0&plc=5&time=11&website=9784 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:54 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Wednesday, 31-Aug-2022 19:19:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/img/black.mp4
188.165.21.42206 Partial Content 2.7 kB URL HTTP/2 cdn.onnetwork.tv/img/black.mp4
IP 188.165.21.42:0
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Hash 623ba46941cf827bff173d0679197d6a
fdb571b537510f2682876a3b45606f338bddb8a0
33e364012a7b1d72169cfaa7f2b3cda202b016e6e926577739b8bd9b3b61680c
GET /img/black.mp4 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 206 Partial Content
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:54 GMT
content-type: video/mp4
content-length: 2739
last-modified: Mon, 19 Mar 2018 19:13:39 GMT
etag: "5ab00be3-ab3"
expires: Sun, 19 Mar 2023 19:19:54 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-range: bytes 0-2738/2739
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntm.png?ts=1661973594303&i=570858&d=9784&wsc=ar&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=3&vs=30
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntm.png?ts=1661973594303&i=570858&d=9784&wsc=ar&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=3&vs=30
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntm.png?ts=1661973594303&i=570858&d=9784&wsc=ar&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=3&vs=30 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:54 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Wednesday, 31-Aug-2022 19:19:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
142.250.74.138200 OK 155 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 142.250.74.138:0
Size 155 kB (154899 bytes)
Hash ea43b313130e7527fe51795a30934315
105060de892725fbe000aabf29980bede96d3629
34f121235020395a98aeb5c719ab11a52e3d0654e5e10c31401bff5264774a51
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 128229
date: Wed, 31 Aug 2022 19:19:54 GMT
expires: Wed, 31 Aug 2022 19:19:54 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Wed, 31 Aug 2022 18:41:12 GMT
expires: Wed, 31 Aug 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 2322
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.onnetwork.tv/css/player86.css?s=1661172433
188.165.21.42200 OK 9.5 kB URL HTTP/2 cdn.onnetwork.tv/css/player86.css?s=1661172433
IP 188.165.21.42:0
Hash 07423c725310dd2c990ff97313e11b3b
37bbaac300b357d553665960572e1677b4f6a54a
f7ca49d6a207741673d931ee625a4ad6d10ee4c84d0aa7ad885b096785b8db8f
GET /css/player86.css?s=1661172433 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:54 GMT
content-type: text/css
last-modified: Mon, 22 Aug 2022 12:47:13 GMT
vary: Accept-Encoding
etag: W/"63037ad1-9da4"
expires: Sun, 19 Mar 2023 19:19:54 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1661973594395&d=9784&wsc=00&typ=embed&mobile=0&c=30
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1661973594395&d=9784&wsc=00&typ=embed&mobile=0&c=30
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1661973594395&d=9784&wsc=00&typ=embed&mobile=0&c=30 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:54 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Wednesday, 31-Aug-2022 19:19:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cda78f9df9f5d15ab41c7a8ed7f22863
6dda3fef9a06386b56607c792ab50d855ba6c936
97bc8ac814fdca432a8d5f39ba7d95572575e0dbc67628d6f61efef9e543028f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "97BC8AC814FDCA432A8D5F39BA7D95572575E0DBC67628D6F61EFEF9E543028F"
Last-Modified: Mon, 29 Aug 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7085
Expires: Wed, 31 Aug 2022 21:17:59 GMT
Date: Wed, 31 Aug 2022 19:19:54 GMT
Connection: keep-alive
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuTx1zLHorjRhGd1uqcvdwQ-ojXnb7_QbDvsqvXCDAJImIqS_GQ-GFq97pSMC7qngflv2YC-EdUzJ9lyneXMYqS3SJEib3emsL1LMWsZBQlqw5osu1RaIUxL51BldtXFHaygFsTrgnR9ymyyZnQ0jU4LINwmSvts4vIepeOQnvKnp8lZdT3xkuBsk2wXInuI_4zdVNGN5hXPqOntiVDqCNo5OUFzgEtyJFJZDLwx7AiHJTUEYEWb7vzU-bMegqUsJs94oAlUrbr_nso0bKU5XESZv2EZb418LDplVJ6Y7XVeJl_x2JfjI2HI23THMieOqFLXTeEA7aeA_Wb1UYmMoT5v-Xe24RRI8VyNti97ILMitwHgZVr2CsRp5GtLTMmn4NZCrGV2cPxvwIKn24qyjnToQJ3Vqx6sv8Ralt8iRGdUkPbwieEafcDGagPGIGqqGOkskXLR3OcZFNpzEdZ4IRR8fdt7f1IMK2AtwCy_9mLbvKIuz-UXDSKfgYDaTnxQmWeKnpBti-qjoG3zSU4Gn_mbTBVrVZi1FTYtTD6ogokr6WCUXAhtVwdxZd_yuRQ2pnA5FDTHyXbGNSV2sRfzLgsd4cvBdVLx24t_IP4Wkn5rB2HfTykgzYVpAQIX4Kp6hs-MAdLP05H5OHqfqYZHSz-LevHklOpvUmfh8nOkZ4bG28wukid4alaopXNL9lAfSmeyyDBAGdjThMmOVbRsYwIHvS8DLJal7Kc3ESmGW6wwZO-cm5NkEkCQQro7Qq2IaWC0edHy8pv2QhA2dAgWH4KiCi90c4BVrmeOoX0oUogUxfNHI-QVX2FsI5xfjUSHOhfUihVuz6wbbTOt1TsLT9QJy1MidtqV2OUXu4sLPItXLNLNX8lMG7fuRtgvCzcPy9Sj1j9a67rOR5Y1N4lmC8IG94WKXXN95XQ0yR3Gm1LibeJ2tysO1Gp08FjSCgg8im7dCSZ8pCSP4yP7O2Awa8I2ABLzWm0slysBtQaew_MjDULA3QNcTRzws6vJoRzVeKkuuUjp9A75jDLVwdYxreUW1Bj2mtNMNLtoOhn9wNu-Ugx0PHjkLOVVMDNO5Z7I3d1g8mCtojSkYmLtNHaVucA12991URJj8QxYkVgEcghmRAjFa4UCw4_ZP2KRpOeOqtHQODfHcoabxdBBMwtkThFXuL61_5FB9BSRr-5NGFBvWLm2qIXLb8u6JGoQky1ypKM-IgT4r9EQOvtJ8oIY6iberiy4rLnkbOitXIXeR-TykulTA&sai=AMfl-YQ0UjJOoruTsWPDA0JNTWGsHp-fJFDym4ypJjwJpTDyKRPbnxRxTTM_pJdYWi89Fh2AclQZwSK2rxIg57qv3IfFnDW0sAS4kFjqm4sQ2t75-PiB_5TrybAidSa4kNzi5Uwkjqy32RlGDzOPq75a0BWBYnRjrPJEFQ_hQV4UzdOqCDptMRiMBBi_gf_pVFWLIkjvkad5ryKZK6m3646pAH5HCLWoPfs&sig=Cg0ArKJSzAaHbjEhAFLhEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=185&cbvp=1&cstd=181&cisv=r20220829.04825&adurl=
216.58.211.2200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuTx1zLHorjRhGd1uqcvdwQ-ojXnb7_QbDvsqvXCDAJImIqS_GQ-GFq97pSMC7qngflv2YC-EdUzJ9lyneXMYqS3SJEib3emsL1LMWsZBQlqw5osu1RaIUxL51BldtXFHaygFsTrgnR9ymyyZnQ0jU4LINwmSvts4vIepeOQnvKnp8lZdT3xkuBsk2wXInuI_4zdVNGN5hXPqOntiVDqCNo5OUFzgEtyJFJZDLwx7AiHJTUEYEWb7vzU-bMegqUsJs94oAlUrbr_nso0bKU5XESZv2EZb418LDplVJ6Y7XVeJl_x2JfjI2HI23THMieOqFLXTeEA7aeA_Wb1UYmMoT5v-Xe24RRI8VyNti97ILMitwHgZVr2CsRp5GtLTMmn4NZCrGV2cPxvwIKn24qyjnToQJ3Vqx6sv8Ralt8iRGdUkPbwieEafcDGagPGIGqqGOkskXLR3OcZFNpzEdZ4IRR8fdt7f1IMK2AtwCy_9mLbvKIuz-UXDSKfgYDaTnxQmWeKnpBti-qjoG3zSU4Gn_mbTBVrVZi1FTYtTD6ogokr6WCUXAhtVwdxZd_yuRQ2pnA5FDTHyXbGNSV2sRfzLgsd4cvBdVLx24t_IP4Wkn5rB2HfTykgzYVpAQIX4Kp6hs-MAdLP05H5OHqfqYZHSz-LevHklOpvUmfh8nOkZ4bG28wukid4alaopXNL9lAfSmeyyDBAGdjThMmOVbRsYwIHvS8DLJal7Kc3ESmGW6wwZO-cm5NkEkCQQro7Qq2IaWC0edHy8pv2QhA2dAgWH4KiCi90c4BVrmeOoX0oUogUxfNHI-QVX2FsI5xfjUSHOhfUihVuz6wbbTOt1TsLT9QJy1MidtqV2OUXu4sLPItXLNLNX8lMG7fuRtgvCzcPy9Sj1j9a67rOR5Y1N4lmC8IG94WKXXN95XQ0yR3Gm1LibeJ2tysO1Gp08FjSCgg8im7dCSZ8pCSP4yP7O2Awa8I2ABLzWm0slysBtQaew_MjDULA3QNcTRzws6vJoRzVeKkuuUjp9A75jDLVwdYxreUW1Bj2mtNMNLtoOhn9wNu-Ugx0PHjkLOVVMDNO5Z7I3d1g8mCtojSkYmLtNHaVucA12991URJj8QxYkVgEcghmRAjFa4UCw4_ZP2KRpOeOqtHQODfHcoabxdBBMwtkThFXuL61_5FB9BSRr-5NGFBvWLm2qIXLb8u6JGoQky1ypKM-IgT4r9EQOvtJ8oIY6iberiy4rLnkbOitXIXeR-TykulTA&sai=AMfl-YQ0UjJOoruTsWPDA0JNTWGsHp-fJFDym4ypJjwJpTDyKRPbnxRxTTM_pJdYWi89Fh2AclQZwSK2rxIg57qv3IfFnDW0sAS4kFjqm4sQ2t75-PiB_5TrybAidSa4kNzi5Uwkjqy32RlGDzOPq75a0BWBYnRjrPJEFQ_hQV4UzdOqCDptMRiMBBi_gf_pVFWLIkjvkad5ryKZK6m3646pAH5HCLWoPfs&sig=Cg0ArKJSzAaHbjEhAFLhEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=185&cbvp=1&cstd=181&cisv=r20220829.04825&adurl=
IP 216.58.211.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsuTx1zLHorjRhGd1uqcvdwQ-ojXnb7_QbDvsqvXCDAJImIqS_GQ-GFq97pSMC7qngflv2YC-EdUzJ9lyneXMYqS3SJEib3emsL1LMWsZBQlqw5osu1RaIUxL51BldtXFHaygFsTrgnR9ymyyZnQ0jU4LINwmSvts4vIepeOQnvKnp8lZdT3xkuBsk2wXInuI_4zdVNGN5hXPqOntiVDqCNo5OUFzgEtyJFJZDLwx7AiHJTUEYEWb7vzU-bMegqUsJs94oAlUrbr_nso0bKU5XESZv2EZb418LDplVJ6Y7XVeJl_x2JfjI2HI23THMieOqFLXTeEA7aeA_Wb1UYmMoT5v-Xe24RRI8VyNti97ILMitwHgZVr2CsRp5GtLTMmn4NZCrGV2cPxvwIKn24qyjnToQJ3Vqx6sv8Ralt8iRGdUkPbwieEafcDGagPGIGqqGOkskXLR3OcZFNpzEdZ4IRR8fdt7f1IMK2AtwCy_9mLbvKIuz-UXDSKfgYDaTnxQmWeKnpBti-qjoG3zSU4Gn_mbTBVrVZi1FTYtTD6ogokr6WCUXAhtVwdxZd_yuRQ2pnA5FDTHyXbGNSV2sRfzLgsd4cvBdVLx24t_IP4Wkn5rB2HfTykgzYVpAQIX4Kp6hs-MAdLP05H5OHqfqYZHSz-LevHklOpvUmfh8nOkZ4bG28wukid4alaopXNL9lAfSmeyyDBAGdjThMmOVbRsYwIHvS8DLJal7Kc3ESmGW6wwZO-cm5NkEkCQQro7Qq2IaWC0edHy8pv2QhA2dAgWH4KiCi90c4BVrmeOoX0oUogUxfNHI-QVX2FsI5xfjUSHOhfUihVuz6wbbTOt1TsLT9QJy1MidtqV2OUXu4sLPItXLNLNX8lMG7fuRtgvCzcPy9Sj1j9a67rOR5Y1N4lmC8IG94WKXXN95XQ0yR3Gm1LibeJ2tysO1Gp08FjSCgg8im7dCSZ8pCSP4yP7O2Awa8I2ABLzWm0slysBtQaew_MjDULA3QNcTRzws6vJoRzVeKkuuUjp9A75jDLVwdYxreUW1Bj2mtNMNLtoOhn9wNu-Ugx0PHjkLOVVMDNO5Z7I3d1g8mCtojSkYmLtNHaVucA12991URJj8QxYkVgEcghmRAjFa4UCw4_ZP2KRpOeOqtHQODfHcoabxdBBMwtkThFXuL61_5FB9BSRr-5NGFBvWLm2qIXLb8u6JGoQky1ypKM-IgT4r9EQOvtJ8oIY6iberiy4rLnkbOitXIXeR-TykulTA&sai=AMfl-YQ0UjJOoruTsWPDA0JNTWGsHp-fJFDym4ypJjwJpTDyKRPbnxRxTTM_pJdYWi89Fh2AclQZwSK2rxIg57qv3IfFnDW0sAS4kFjqm4sQ2t75-PiB_5TrybAidSa4kNzi5Uwkjqy32RlGDzOPq75a0BWBYnRjrPJEFQ_hQV4UzdOqCDptMRiMBBi_gf_pVFWLIkjvkad5ryKZK6m3646pAH5HCLWoPfs&sig=Cg0ArKJSzAaHbjEhAFLhEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=185&cbvp=1&cstd=181&cisv=r20220829.04825&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://3953ad91d7a6575807df77abbc7c3c9c.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Wed, 31 Aug 2022 19:19:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 31-Aug-2022 19:34:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 31 Aug 2022 19:19:54 GMT
X-Firefox-Spdy: h2
hal9000.redintelligence.net/zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCed0KWbQPY7HuJIeqYd-xuOAPybminGnMrc3O1Q_wLhABII3kvSlgw4SAgJgYyAEJqQKLyfoBn8qwPqgDAaoE7QFP0PC7dADuXQvGxojRzgh61yAn2pWkCUVrAD0eEdvLWj_DGawAM8ib260250S60N6nPS-FZZwq9HSNKuEIiZvVnZrbH94CxY7SK94mVQiMn39hOxWzXXgHmpZi4fC-eoUcOU9esJusX01iYUoFbN1olgizcoE8WaRErUNuS0gzhu34YhYAyy4XWilWcOjAbdZUuG9I1WNIWBJNKEazwJ5exymZ_YE8uo3KAac2iEcFdDYw1CL7l3LpZF91ixfh1chutO7167y0L2iLfeI01cWafebwa6uLfUNF3rxfykot25w5IblYottYSwpIi1zABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORo1SHQNHcC3u_OnejCL9tBF-Dl1JoiUJp2Z5OwyAzgzrSEomiQCqs%26sig%3DAOD64_3rjd1Q6oWP0H6PDvx-8KbhW914hw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BaXPS8UmXYXWklay4OXbdwaWO2WmN4wby89ZmzcCYczuzsb1lxP2ZjfB7mLs_Ku5cdp3mm49UY2Y9ECvhEm-TV0N8-eYzNIxr_DWcz0-Tmg4oZGPK9K3LOJ42iZ_-q8NJUl5MJzJWDJfE8M8AcymcFLiDUBA%26cry%3D1%26dbm_d%3DAKAmf-DgqPw0rSWXHrnsA2jtAGYvP6_RcCwZ3v1NfiF3lQmd7szr0Dln1qEh5u8YMaDQVN_hE6S1of59xIW0XBRTR7tEwleg2ym_hYFrtbOwk-_6B0DfMJZ5BkpnqL2vsHI6lBxhlxVLKAbxy144w74s2z0uhEQsmMfhj9B7KGJ_WpBOvnPBMhi-wn8GPDITpGWhwWivDfNe0eQqm4pmJZIItK9lfqyff_yrl58URlDKXeAzyINY2Gaa5iljdj__AqjXt3T6Vfri1cE3Xz4pTRvLyOcQNPNS5qB5ZjDvS6OjnuGNAcBifxws7M_LrQHxePU8USdXwJBjxSu-aEgGI0RLPEQWx_puC7qVq1qDgA9UhB2OcTpAd6tu2VZDyZRpuPXWfTi8a3SYANccKF0V0Tq6bqX3rgf0lnmzDytcC-g0dcGJGj0iB08H874jf0IoKfdG8RNoHEpPcavRCcXHaIM4cQA32GffqHypQdTKH5yFM2rsp0Ix6m6THnIbFd8Qem7SKdtSe9HWPCOb1tUYHT8uSMHQcw8CCZU2ynYzpzczSwDgVKFATchLVjKA04wo-OzF-MLFPHsIVbqU6jwKGVdC3p4vbV1DBg%26adurl%3D
88.99.165.19200 OK 4.1 kB URL HTTP/1.1 hal9000.redintelligence.net/zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCed0KWbQPY7HuJIeqYd-xuOAPybminGnMrc3O1Q_wLhABII3kvSlgw4SAgJgYyAEJqQKLyfoBn8qwPqgDAaoE7QFP0PC7dADuXQvGxojRzgh61yAn2pWkCUVrAD0eEdvLWj_DGawAM8ib260250S60N6nPS-FZZwq9HSNKuEIiZvVnZrbH94CxY7SK94mVQiMn39hOxWzXXgHmpZi4fC-eoUcOU9esJusX01iYUoFbN1olgizcoE8WaRErUNuS0gzhu34YhYAyy4XWilWcOjAbdZUuG9I1WNIWBJNKEazwJ5exymZ_YE8uo3KAac2iEcFdDYw1CL7l3LpZF91ixfh1chutO7167y0L2iLfeI01cWafebwa6uLfUNF3rxfykot25w5IblYottYSwpIi1zABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORo1SHQNHcC3u_OnejCL9tBF-Dl1JoiUJp2Z5OwyAzgzrSEomiQCqs%26sig%3DAOD64_3rjd1Q6oWP0H6PDvx-8KbhW914hw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BaXPS8UmXYXWklay4OXbdwaWO2WmN4wby89ZmzcCYczuzsb1lxP2ZjfB7mLs_Ku5cdp3mm49UY2Y9ECvhEm-TV0N8-eYzNIxr_DWcz0-Tmg4oZGPK9K3LOJ42iZ_-q8NJUl5MJzJWDJfE8M8AcymcFLiDUBA%26cry%3D1%26dbm_d%3DAKAmf-DgqPw0rSWXHrnsA2jtAGYvP6_RcCwZ3v1NfiF3lQmd7szr0Dln1qEh5u8YMaDQVN_hE6S1of59xIW0XBRTR7tEwleg2ym_hYFrtbOwk-_6B0DfMJZ5BkpnqL2vsHI6lBxhlxVLKAbxy144w74s2z0uhEQsmMfhj9B7KGJ_WpBOvnPBMhi-wn8GPDITpGWhwWivDfNe0eQqm4pmJZIItK9lfqyff_yrl58URlDKXeAzyINY2Gaa5iljdj__AqjXt3T6Vfri1cE3Xz4pTRvLyOcQNPNS5qB5ZjDvS6OjnuGNAcBifxws7M_LrQHxePU8USdXwJBjxSu-aEgGI0RLPEQWx_puC7qVq1qDgA9UhB2OcTpAd6tu2VZDyZRpuPXWfTi8a3SYANccKF0V0Tq6bqX3rgf0lnmzDytcC-g0dcGJGj0iB08H874jf0IoKfdG8RNoHEpPcavRCcXHaIM4cQA32GffqHypQdTKH5yFM2rsp0Ix6m6THnIbFd8Qem7SKdtSe9HWPCOb1tUYHT8uSMHQcw8CCZU2ynYzpzczSwDgVKFATchLVjKA04wo-OzF-MLFPHsIVbqU6jwKGVdC3p4vbV1DBg%26adurl%3D
IP 88.99.165.19:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1673), with CRLF line terminators
Hash a64b4dc5aab90e85e2222a7e4f7ba054
01dd4fa599376e7f6b702af3407a7d818b875e9b
a952c594fe331bc65b8eab2fa982d40141eea2bccfef02507f73d11f30aa9cb8
GET /zone/j3skijamt464?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCed0KWbQPY7HuJIeqYd-xuOAPybminGnMrc3O1Q_wLhABII3kvSlgw4SAgJgYyAEJqQKLyfoBn8qwPqgDAaoE7QFP0PC7dADuXQvGxojRzgh61yAn2pWkCUVrAD0eEdvLWj_DGawAM8ib260250S60N6nPS-FZZwq9HSNKuEIiZvVnZrbH94CxY7SK94mVQiMn39hOxWzXXgHmpZi4fC-eoUcOU9esJusX01iYUoFbN1olgizcoE8WaRErUNuS0gzhu34YhYAyy4XWilWcOjAbdZUuG9I1WNIWBJNKEazwJ5exymZ_YE8uo3KAac2iEcFdDYw1CL7l3LpZF91ixfh1chutO7167y0L2iLfeI01cWafebwa6uLfUNF3rxfykot25w5IblYottYSwpIi1zABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORo1SHQNHcC3u_OnejCL9tBF-Dl1JoiUJp2Z5OwyAzgzrSEomiQCqs%26sig%3DAOD64_3rjd1Q6oWP0H6PDvx-8KbhW914hw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BaXPS8UmXYXWklay4OXbdwaWO2WmN4wby89ZmzcCYczuzsb1lxP2ZjfB7mLs_Ku5cdp3mm49UY2Y9ECvhEm-TV0N8-eYzNIxr_DWcz0-Tmg4oZGPK9K3LOJ42iZ_-q8NJUl5MJzJWDJfE8M8AcymcFLiDUBA%26cry%3D1%26dbm_d%3DAKAmf-DgqPw0rSWXHrnsA2jtAGYvP6_RcCwZ3v1NfiF3lQmd7szr0Dln1qEh5u8YMaDQVN_hE6S1of59xIW0XBRTR7tEwleg2ym_hYFrtbOwk-_6B0DfMJZ5BkpnqL2vsHI6lBxhlxVLKAbxy144w74s2z0uhEQsmMfhj9B7KGJ_WpBOvnPBMhi-wn8GPDITpGWhwWivDfNe0eQqm4pmJZIItK9lfqyff_yrl58URlDKXeAzyINY2Gaa5iljdj__AqjXt3T6Vfri1cE3Xz4pTRvLyOcQNPNS5qB5ZjDvS6OjnuGNAcBifxws7M_LrQHxePU8USdXwJBjxSu-aEgGI0RLPEQWx_puC7qVq1qDgA9UhB2OcTpAd6tu2VZDyZRpuPXWfTi8a3SYANccKF0V0Tq6bqX3rgf0lnmzDytcC-g0dcGJGj0iB08H874jf0IoKfdG8RNoHEpPcavRCcXHaIM4cQA32GffqHypQdTKH5yFM2rsp0Ix6m6THnIbFd8Qem7SKdtSe9HWPCOb1tUYHT8uSMHQcw8CCZU2ynYzpzczSwDgVKFATchLVjKA04wo-OzF-MLFPHsIVbqU6jwKGVdC3p4vbV1DBg%26adurl%3D HTTP/1.1
Host: hal9000.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://473b0c451ae6a8d4f098714d57540f10.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 19:19:54 GMT
Server: Apache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4095
Connection: close
Content-Type: text/html; charset=UTF-8
hal900024.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=df06d440a8&subid=&uid=26ac4c15ed200c7d&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCed0KWbQPY7HuJIeqYd-xuOAPybminGnMrc3O1Q_wLhABII3kvSlgw4SAgJgYyAEJqQKLyfoBn8qwPqgDAaoE7QFP0PC7dADuXQvGxojRzgh61yAn2pWkCUVrAD0eEdvLWj_DGawAM8ib260250S60N6nPS-FZZwq9HSNKuEIiZvVnZrbH94CxY7SK94mVQiMn39hOxWzXXgHmpZi4fC-eoUcOU9esJusX01iYUoFbN1olgizcoE8WaRErUNuS0gzhu34YhYAyy4XWilWcOjAbdZUuG9I1WNIWBJNKEazwJ5exymZ_YE8uo3KAac2iEcFdDYw1CL7l3LpZF91ixfh1chutO7167y0L2iLfeI01cWafebwa6uLfUNF3rxfykot25w5IblYottYSwpIi1zABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORo1SHQNHcC3u_OnejCL9tBF-Dl1JoiUJp2Z5OwyAzgzrSEomiQCqs%26sig%3DAOD64_3rjd1Q6oWP0H6PDvx-8KbhW914hw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BaXPS8UmXYXWklay4OXbdwaWO2WmN4wby89ZmzcCYczuzsb1lxP2ZjfB7mLs_Ku5cdp3mm49UY2Y9ECvhEm-TV0N8-eYzNIxr_DWcz0-Tmg4oZGPK9K3LOJ42iZ_-q8NJUl5MJzJWDJfE8M8AcymcFLiDUBA%26cry%3D1%26dbm_d%3DAKAmf-DgqPw0rSWXHrnsA2jtAGYvP6_RcCwZ3v1NfiF3lQmd7szr0Dln1qEh5u8YMaDQVN_hE6S1of59xIW0XBRTR7tEwleg2ym_hYFrtbOwk-_6B0DfMJZ5BkpnqL2vsHI6lBxhlxVLKAbxy144w74s2z0uhEQsmMfhj9B7KGJ_WpBOvnPBMhi-wn8GPDITpGWhwWivDfNe0eQqm4pmJZIItK9lfqyff_yrl58URlDKXeAzyINY2Gaa5iljdj__AqjXt3T6Vfri1cE3Xz4pTRvLyOcQNPNS5qB5ZjDvS6OjnuGNAcBifxws7M_LrQHxePU8USdXwJBjxSu-aEgGI0RLPEQWx_puC7qVq1qDgA9UhB2OcTpAd6tu2VZDyZRpuPXWfTi8a3SYANccKF0V0Tq6bqX3rgf0lnmzDytcC-g0dcGJGj0iB08H874jf0IoKfdG8RNoHEpPcavRCcXHaIM4cQA32GffqHypQdTKH5yFM2rsp0Ix6m6THnIbFd8Qem7SKdtSe9HWPCOb1tUYHT8uSMHQcw8CCZU2ynYzpzczSwDgVKFATchLVjKA04wo-OzF-MLFPHsIVbqU6jwKGVdC3p4vbV1DBg%26adurl%3D&documentReferer=https%3A%2F%2Fsharemods.com%2F&ancestorOrigins=null&random=4028258235130&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
138.201.84.252302 Found 0 B URL HTTP/1.1 hal900024.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=df06d440a8&subid=&uid=26ac4c15ed200c7d&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCed0KWbQPY7HuJIeqYd-xuOAPybminGnMrc3O1Q_wLhABII3kvSlgw4SAgJgYyAEJqQKLyfoBn8qwPqgDAaoE7QFP0PC7dADuXQvGxojRzgh61yAn2pWkCUVrAD0eEdvLWj_DGawAM8ib260250S60N6nPS-FZZwq9HSNKuEIiZvVnZrbH94CxY7SK94mVQiMn39hOxWzXXgHmpZi4fC-eoUcOU9esJusX01iYUoFbN1olgizcoE8WaRErUNuS0gzhu34YhYAyy4XWilWcOjAbdZUuG9I1WNIWBJNKEazwJ5exymZ_YE8uo3KAac2iEcFdDYw1CL7l3LpZF91ixfh1chutO7167y0L2iLfeI01cWafebwa6uLfUNF3rxfykot25w5IblYottYSwpIi1zABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORo1SHQNHcC3u_OnejCL9tBF-Dl1JoiUJp2Z5OwyAzgzrSEomiQCqs%26sig%3DAOD64_3rjd1Q6oWP0H6PDvx-8KbhW914hw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BaXPS8UmXYXWklay4OXbdwaWO2WmN4wby89ZmzcCYczuzsb1lxP2ZjfB7mLs_Ku5cdp3mm49UY2Y9ECvhEm-TV0N8-eYzNIxr_DWcz0-Tmg4oZGPK9K3LOJ42iZ_-q8NJUl5MJzJWDJfE8M8AcymcFLiDUBA%26cry%3D1%26dbm_d%3DAKAmf-DgqPw0rSWXHrnsA2jtAGYvP6_RcCwZ3v1NfiF3lQmd7szr0Dln1qEh5u8YMaDQVN_hE6S1of59xIW0XBRTR7tEwleg2ym_hYFrtbOwk-_6B0DfMJZ5BkpnqL2vsHI6lBxhlxVLKAbxy144w74s2z0uhEQsmMfhj9B7KGJ_WpBOvnPBMhi-wn8GPDITpGWhwWivDfNe0eQqm4pmJZIItK9lfqyff_yrl58URlDKXeAzyINY2Gaa5iljdj__AqjXt3T6Vfri1cE3Xz4pTRvLyOcQNPNS5qB5ZjDvS6OjnuGNAcBifxws7M_LrQHxePU8USdXwJBjxSu-aEgGI0RLPEQWx_puC7qVq1qDgA9UhB2OcTpAd6tu2VZDyZRpuPXWfTi8a3SYANccKF0V0Tq6bqX3rgf0lnmzDytcC-g0dcGJGj0iB08H874jf0IoKfdG8RNoHEpPcavRCcXHaIM4cQA32GffqHypQdTKH5yFM2rsp0Ix6m6THnIbFd8Qem7SKdtSe9HWPCOb1tUYHT8uSMHQcw8CCZU2ynYzpzczSwDgVKFATchLVjKA04wo-OzF-MLFPHsIVbqU6jwKGVdC3p4vbV1DBg%26adurl%3D&documentReferer=https%3A%2F%2Fsharemods.com%2F&ancestorOrigins=null&random=4028258235130&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
IP 138.201.84.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=df06d440a8&subid=&uid=26ac4c15ed200c7d&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCed0KWbQPY7HuJIeqYd-xuOAPybminGnMrc3O1Q_wLhABII3kvSlgw4SAgJgYyAEJqQKLyfoBn8qwPqgDAaoE7QFP0PC7dADuXQvGxojRzgh61yAn2pWkCUVrAD0eEdvLWj_DGawAM8ib260250S60N6nPS-FZZwq9HSNKuEIiZvVnZrbH94CxY7SK94mVQiMn39hOxWzXXgHmpZi4fC-eoUcOU9esJusX01iYUoFbN1olgizcoE8WaRErUNuS0gzhu34YhYAyy4XWilWcOjAbdZUuG9I1WNIWBJNKEazwJ5exymZ_YE8uo3KAac2iEcFdDYw1CL7l3LpZF91ixfh1chutO7167y0L2iLfeI01cWafebwa6uLfUNF3rxfykot25w5IblYottYSwpIi1zABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORo1SHQNHcC3u_OnejCL9tBF-Dl1JoiUJp2Z5OwyAzgzrSEomiQCqs%26sig%3DAOD64_3rjd1Q6oWP0H6PDvx-8KbhW914hw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BaXPS8UmXYXWklay4OXbdwaWO2WmN4wby89ZmzcCYczuzsb1lxP2ZjfB7mLs_Ku5cdp3mm49UY2Y9ECvhEm-TV0N8-eYzNIxr_DWcz0-Tmg4oZGPK9K3LOJ42iZ_-q8NJUl5MJzJWDJfE8M8AcymcFLiDUBA%26cry%3D1%26dbm_d%3DAKAmf-DgqPw0rSWXHrnsA2jtAGYvP6_RcCwZ3v1NfiF3lQmd7szr0Dln1qEh5u8YMaDQVN_hE6S1of59xIW0XBRTR7tEwleg2ym_hYFrtbOwk-_6B0DfMJZ5BkpnqL2vsHI6lBxhlxVLKAbxy144w74s2z0uhEQsmMfhj9B7KGJ_WpBOvnPBMhi-wn8GPDITpGWhwWivDfNe0eQqm4pmJZIItK9lfqyff_yrl58URlDKXeAzyINY2Gaa5iljdj__AqjXt3T6Vfri1cE3Xz4pTRvLyOcQNPNS5qB5ZjDvS6OjnuGNAcBifxws7M_LrQHxePU8USdXwJBjxSu-aEgGI0RLPEQWx_puC7qVq1qDgA9UhB2OcTpAd6tu2VZDyZRpuPXWfTi8a3SYANccKF0V0Tq6bqX3rgf0lnmzDytcC-g0dcGJGj0iB08H874jf0IoKfdG8RNoHEpPcavRCcXHaIM4cQA32GffqHypQdTKH5yFM2rsp0Ix6m6THnIbFd8Qem7SKdtSe9HWPCOb1tUYHT8uSMHQcw8CCZU2ynYzpzczSwDgVKFATchLVjKA04wo-OzF-MLFPHsIVbqU6jwKGVdC3p4vbV1DBg%26adurl%3D&documentReferer=https%3A%2F%2Fsharemods.com%2F&ancestorOrigins=null&random=4028258235130&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP/1.1
Host: hal900024.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://473b0c451ae6a8d4f098714d57540f10.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Wed, 31 Aug 2022 19:19:55 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 31 Aug 2022 20:19:55 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=090a6bc280876705; expires=Tue, 29-Nov-2022 19:19:55 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
Location: request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=df06d440a8&subid=&uid=26ac4c15ed200c7d&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCed0KWbQPY7HuJIeqYd-xuOAPybminGnMrc3O1Q_wLhABII3kvSlgw4SAgJgYyAEJqQKLyfoBn8qwPqgDAaoE7QFP0PC7dADuXQvGxojRzgh61yAn2pWkCUVrAD0eEdvLWj_DGawAM8ib260250S60N6nPS-FZZwq9HSNKuEIiZvVnZrbH94CxY7SK94mVQiMn39hOxWzXXgHmpZi4fC-eoUcOU9esJusX01iYUoFbN1olgizcoE8WaRErUNuS0gzhu34YhYAyy4XWilWcOjAbdZUuG9I1WNIWBJNKEazwJ5exymZ_YE8uo3KAac2iEcFdDYw1CL7l3LpZF91ixfh1chutO7167y0L2iLfeI01cWafebwa6uLfUNF3rxfykot25w5IblYottYSwpIi1zABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORo1SHQNHcC3u_OnejCL9tBF-Dl1JoiUJp2Z5OwyAzgzrSEomiQCqs%26sig%3DAOD64_3rjd1Q6oWP0H6PDvx-8KbhW914hw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BaXPS8UmXYXWklay4OXbdwaWO2WmN4wby89ZmzcCYczuzsb1lxP2ZjfB7mLs_Ku5cdp3mm49UY2Y9ECvhEm-TV0N8-eYzNIxr_DWcz0-Tmg4oZGPK9K3LOJ42iZ_-q8NJUl5MJzJWDJfE8M8AcymcFLiDUBA%26cry%3D1%26dbm_d%3DAKAmf-DgqPw0rSWXHrnsA2jtAGYvP6_RcCwZ3v1NfiF3lQmd7szr0Dln1qEh5u8YMaDQVN_hE6S1of59xIW0XBRTR7tEwleg2ym_hYFrtbOwk-_6B0DfMJZ5BkpnqL2vsHI6lBxhlxVLKAbxy144w74s2z0uhEQsmMfhj9B7KGJ_WpBOvnPBMhi-wn8GPDITpGWhwWivDfNe0eQqm4pmJZIItK9lfqyff_yrl58URlDKXeAzyINY2Gaa5iljdj__AqjXt3T6Vfri1cE3Xz4pTRvLyOcQNPNS5qB5ZjDvS6OjnuGNAcBifxws7M_LrQHxePU8USdXwJBjxSu-aEgGI0RLPEQWx_puC7qVq1qDgA9UhB2OcTpAd6tu2VZDyZRpuPXWfTi8a3SYANccKF0V0Tq6bqX3rgf0lnmzDytcC-g0dcGJGj0iB08H874jf0IoKfdG8RNoHEpPcavRCcXHaIM4cQA32GffqHypQdTKH5yFM2rsp0Ix6m6THnIbFd8Qem7SKdtSe9HWPCOb1tUYHT8uSMHQcw8CCZU2ynYzpzczSwDgVKFATchLVjKA04wo-OzF-MLFPHsIVbqU6jwKGVdC3p4vbV1DBg%26adurl%3D&documentReferer=https%3A%2F%2Fsharemods.com%2F&ancestorOrigins=null&random=4028258235130&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
fonts.gstatic.com/s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K3vXBi8Jpg.woff2
142.250.74.163200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K3vXBi8Jpg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 18820, version 1.0\012- data
Hash 30853c52ed840fcce98b892b6af2f790
66a4830320d87bed2f161709287b1f5908534d0d
05767a03c3f73ebd335b167630feb53617581c5489f9e7c46a7ed4ff374f2e6f
GET /s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K3vXBi8Jpg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://s0.2mdn.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 00:13:03 GMT
expires: Thu, 31 Aug 2023 00:13:03 GMT
cache-control: public, max-age=31536000
age: 68812
last-modified: Tue, 23 Aug 2022 17:55:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K8nQBi8Jpg.woff2
142.250.74.163200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K8nQBi8Jpg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 18828, version 1.0\012- data
Hash be566dac6ca731969d81f192b550f9e5
d9d1144843e6f01363a108993f043817f8e2f5ba
cef9ab366d8bcffc046e0eba3ce3a8ba307bb14caf61bf542586180012db1959
GET /s/worksans/v18/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K8nQBi8Jpg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://s0.2mdn.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 00:38:20 GMT
expires: Thu, 31 Aug 2023 00:38:20 GMT
cache-control: public, max-age=31536000
age: 67295
last-modified: Tue, 23 Aug 2022 17:55:27 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hal900024.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=df06d440a8&subid=&uid=26ac4c15ed200c7d&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCed0KWbQPY7HuJIeqYd-xuOAPybminGnMrc3O1Q_wLhABII3kvSlgw4SAgJgYyAEJqQKLyfoBn8qwPqgDAaoE7QFP0PC7dADuXQvGxojRzgh61yAn2pWkCUVrAD0eEdvLWj_DGawAM8ib260250S60N6nPS-FZZwq9HSNKuEIiZvVnZrbH94CxY7SK94mVQiMn39hOxWzXXgHmpZi4fC-eoUcOU9esJusX01iYUoFbN1olgizcoE8WaRErUNuS0gzhu34YhYAyy4XWilWcOjAbdZUuG9I1WNIWBJNKEazwJ5exymZ_YE8uo3KAac2iEcFdDYw1CL7l3LpZF91ixfh1chutO7167y0L2iLfeI01cWafebwa6uLfUNF3rxfykot25w5IblYottYSwpIi1zABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORo1SHQNHcC3u_OnejCL9tBF-Dl1JoiUJp2Z5OwyAzgzrSEomiQCqs%26sig%3DAOD64_3rjd1Q6oWP0H6PDvx-8KbhW914hw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BaXPS8UmXYXWklay4OXbdwaWO2WmN4wby89ZmzcCYczuzsb1lxP2ZjfB7mLs_Ku5cdp3mm49UY2Y9ECvhEm-TV0N8-eYzNIxr_DWcz0-Tmg4oZGPK9K3LOJ42iZ_-q8NJUl5MJzJWDJfE8M8AcymcFLiDUBA%26cry%3D1%26dbm_d%3DAKAmf-DgqPw0rSWXHrnsA2jtAGYvP6_RcCwZ3v1NfiF3lQmd7szr0Dln1qEh5u8YMaDQVN_hE6S1of59xIW0XBRTR7tEwleg2ym_hYFrtbOwk-_6B0DfMJZ5BkpnqL2vsHI6lBxhlxVLKAbxy144w74s2z0uhEQsmMfhj9B7KGJ_WpBOvnPBMhi-wn8GPDITpGWhwWivDfNe0eQqm4pmJZIItK9lfqyff_yrl58URlDKXeAzyINY2Gaa5iljdj__AqjXt3T6Vfri1cE3Xz4pTRvLyOcQNPNS5qB5ZjDvS6OjnuGNAcBifxws7M_LrQHxePU8USdXwJBjxSu-aEgGI0RLPEQWx_puC7qVq1qDgA9UhB2OcTpAd6tu2VZDyZRpuPXWfTi8a3SYANccKF0V0Tq6bqX3rgf0lnmzDytcC-g0dcGJGj0iB08H874jf0IoKfdG8RNoHEpPcavRCcXHaIM4cQA32GffqHypQdTKH5yFM2rsp0Ix6m6THnIbFd8Qem7SKdtSe9HWPCOb1tUYHT8uSMHQcw8CCZU2ynYzpzczSwDgVKFATchLVjKA04wo-OzF-MLFPHsIVbqU6jwKGVdC3p4vbV1DBg%26adurl%3D&documentReferer=https%3A%2F%2Fsharemods.com%2F&ancestorOrigins=null&random=4028258235130&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
138.201.84.252200 OK 512 B URL HTTP/1.1 hal900024.redintelligence.net/request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=df06d440a8&subid=&uid=26ac4c15ed200c7d&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCed0KWbQPY7HuJIeqYd-xuOAPybminGnMrc3O1Q_wLhABII3kvSlgw4SAgJgYyAEJqQKLyfoBn8qwPqgDAaoE7QFP0PC7dADuXQvGxojRzgh61yAn2pWkCUVrAD0eEdvLWj_DGawAM8ib260250S60N6nPS-FZZwq9HSNKuEIiZvVnZrbH94CxY7SK94mVQiMn39hOxWzXXgHmpZi4fC-eoUcOU9esJusX01iYUoFbN1olgizcoE8WaRErUNuS0gzhu34YhYAyy4XWilWcOjAbdZUuG9I1WNIWBJNKEazwJ5exymZ_YE8uo3KAac2iEcFdDYw1CL7l3LpZF91ixfh1chutO7167y0L2iLfeI01cWafebwa6uLfUNF3rxfykot25w5IblYottYSwpIi1zABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORo1SHQNHcC3u_OnejCL9tBF-Dl1JoiUJp2Z5OwyAzgzrSEomiQCqs%26sig%3DAOD64_3rjd1Q6oWP0H6PDvx-8KbhW914hw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BaXPS8UmXYXWklay4OXbdwaWO2WmN4wby89ZmzcCYczuzsb1lxP2ZjfB7mLs_Ku5cdp3mm49UY2Y9ECvhEm-TV0N8-eYzNIxr_DWcz0-Tmg4oZGPK9K3LOJ42iZ_-q8NJUl5MJzJWDJfE8M8AcymcFLiDUBA%26cry%3D1%26dbm_d%3DAKAmf-DgqPw0rSWXHrnsA2jtAGYvP6_RcCwZ3v1NfiF3lQmd7szr0Dln1qEh5u8YMaDQVN_hE6S1of59xIW0XBRTR7tEwleg2ym_hYFrtbOwk-_6B0DfMJZ5BkpnqL2vsHI6lBxhlxVLKAbxy144w74s2z0uhEQsmMfhj9B7KGJ_WpBOvnPBMhi-wn8GPDITpGWhwWivDfNe0eQqm4pmJZIItK9lfqyff_yrl58URlDKXeAzyINY2Gaa5iljdj__AqjXt3T6Vfri1cE3Xz4pTRvLyOcQNPNS5qB5ZjDvS6OjnuGNAcBifxws7M_LrQHxePU8USdXwJBjxSu-aEgGI0RLPEQWx_puC7qVq1qDgA9UhB2OcTpAd6tu2VZDyZRpuPXWfTi8a3SYANccKF0V0Tq6bqX3rgf0lnmzDytcC-g0dcGJGj0iB08H874jf0IoKfdG8RNoHEpPcavRCcXHaIM4cQA32GffqHypQdTKH5yFM2rsp0Ix6m6THnIbFd8Qem7SKdtSe9HWPCOb1tUYHT8uSMHQcw8CCZU2ynYzpzczSwDgVKFATchLVjKA04wo-OzF-MLFPHsIVbqU6jwKGVdC3p4vbV1DBg%26adurl%3D&documentReferer=https%3A%2F%2Fsharemods.com%2F&ancestorOrigins=null&random=4028258235130&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
IP 138.201.84.252:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash b116818982939de347d6f0f7dda6e210
4a1ca381e92d213a78586e182bf034a37e873c3b
9c18352a922fa01c8a757259c61cd8f001dd1cf9290e9b091fa852cc2ea73c32
GET /request.php?zone=j3skijamt464&nw=20&renderingType=javascript&namespace=df06d440a8&subid=&uid=26ac4c15ed200c7d&screenSize=1280x1024&screenSizeAvail=1280x1002&clientSize=970x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCed0KWbQPY7HuJIeqYd-xuOAPybminGnMrc3O1Q_wLhABII3kvSlgw4SAgJgYyAEJqQKLyfoBn8qwPqgDAaoE7QFP0PC7dADuXQvGxojRzgh61yAn2pWkCUVrAD0eEdvLWj_DGawAM8ib260250S60N6nPS-FZZwq9HSNKuEIiZvVnZrbH94CxY7SK94mVQiMn39hOxWzXXgHmpZi4fC-eoUcOU9esJusX01iYUoFbN1olgizcoE8WaRErUNuS0gzhu34YhYAyy4XWilWcOjAbdZUuG9I1WNIWBJNKEazwJ5exymZ_YE8uo3KAac2iEcFdDYw1CL7l3LpZF91ixfh1chutO7167y0L2iLfeI01cWafebwa6uLfUNF3rxfykot25w5IblYottYSwpIi1zABMG9lPzzA-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0xNzkzOTIxNDM1NTU0OTE5gAoDmAsByAsBgAwBsBOcos0O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASKORo1SHQNHcC3u_OnejCL9tBF-Dl1JoiUJp2Z5OwyAzgzrSEomiQCqs%26sig%3DAOD64_3rjd1Q6oWP0H6PDvx-8KbhW914hw%26client%3Dca-pub-7383171830614216%26dbm_c%3DAKAmf-BaXPS8UmXYXWklay4OXbdwaWO2WmN4wby89ZmzcCYczuzsb1lxP2ZjfB7mLs_Ku5cdp3mm49UY2Y9ECvhEm-TV0N8-eYzNIxr_DWcz0-Tmg4oZGPK9K3LOJ42iZ_-q8NJUl5MJzJWDJfE8M8AcymcFLiDUBA%26cry%3D1%26dbm_d%3DAKAmf-DgqPw0rSWXHrnsA2jtAGYvP6_RcCwZ3v1NfiF3lQmd7szr0Dln1qEh5u8YMaDQVN_hE6S1of59xIW0XBRTR7tEwleg2ym_hYFrtbOwk-_6B0DfMJZ5BkpnqL2vsHI6lBxhlxVLKAbxy144w74s2z0uhEQsmMfhj9B7KGJ_WpBOvnPBMhi-wn8GPDITpGWhwWivDfNe0eQqm4pmJZIItK9lfqyff_yrl58URlDKXeAzyINY2Gaa5iljdj__AqjXt3T6Vfri1cE3Xz4pTRvLyOcQNPNS5qB5ZjDvS6OjnuGNAcBifxws7M_LrQHxePU8USdXwJBjxSu-aEgGI0RLPEQWx_puC7qVq1qDgA9UhB2OcTpAd6tu2VZDyZRpuPXWfTi8a3SYANccKF0V0Tq6bqX3rgf0lnmzDytcC-g0dcGJGj0iB08H874jf0IoKfdG8RNoHEpPcavRCcXHaIM4cQA32GffqHypQdTKH5yFM2rsp0Ix6m6THnIbFd8Qem7SKdtSe9HWPCOb1tUYHT8uSMHQcw8CCZU2ynYzpzczSwDgVKFATchLVjKA04wo-OzF-MLFPHsIVbqU6jwKGVdC3p4vbV1DBg%26adurl%3D&documentReferer=https%3A%2F%2Fsharemods.com%2F&ancestorOrigins=null&random=4028258235130&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1 HTTP/1.1
Host: hal900024.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://473b0c451ae6a8d4f098714d57540f10.safeframe.googlesyndication.com/
Connection: keep-alive
Cookie: 8lcfmzhxc8d6_uid=090a6bc280876705
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 19:19:55 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Wed, 31 Aug 2022 20:19:55 +0200
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Set-Cookie: 8lcfmzhxc8d6_uid=090a6bc280876705; expires=Tue, 29-Nov-2022 19:19:55 GMT; Max-Age=7776000; path=/; domain=.redintelligence.net; secure; SameSite=None
X-NEORY-SubId: 47225200127587204438336012068024
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 512
Connection: close
Content-Type: application/x-javascript; charset=utf-8
node.setupad.com/node/node.php
159.89.25.223200 OK 20 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 487
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 31 Aug 2022 19:19:55 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.15200 OK 40 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c4e9e3cf0e8eb8b5478f47bbf90b836
baed27976baba71c308d0199563054dae57fee5f
128eef1b5c9af5bb219513dc74ff50803f902764d0b304c4dd400ee78b585c9c
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 95191
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=QSMMr19VTDdjNHhGQVF2U1pwNG92OXFJRzZsdm9rRDlUUVhJaDl0aHEwJTJGWHBCQXl3enV0UG5IQVI2WnI4RUx3dGNmQnJMJTJCM0RnZUVackkwUGFlSDJ2czhGVE5TZjhDOXolMkZSNHl3RUpEcEpVcVdORVR0MWsyYVQ0bUhOOGs0WUxnbzJPTQ&info=Lwn75F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhFNVFzV01ZSDVKaVk2WiUyQlNiQjd4dGt2S2hnNktsRDhCekJhTGRmSnFNSQ&idsd=-942791067,-1261565828&cw=1&lsw=1
178.250.0.157200 OK 321 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=QSMMr19VTDdjNHhGQVF2U1pwNG92OXFJRzZsdm9rRDlUUVhJaDl0aHEwJTJGWHBCQXl3enV0UG5IQVI2WnI4RUx3dGNmQnJMJTJCM0RnZUVackkwUGFlSDJ2czhGVE5TZjhDOXolMkZSNHl3RUpEcEpVcVdORVR0MWsyYVQ0bUhOOGs0WUxnbzJPTQ&info=Lwn75F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhFNVFzV01ZSDVKaVk2WiUyQlNiQjd4dGt2S2hnNktsRDhCekJhTGRmSnFNSQ&idsd=-942791067,-1261565828&cw=1&lsw=1
IP 178.250.0.157:0
File type JSON data\012- , ASCII text, with very long lines (399), with no line terminators
Hash eb39ba47edb0722de96878e3c8bbfab5
8e945259d806faf0ffe282dd16a132fa8a1f6b14
f19c33a3fd93eb331ff55c3d8debb088634145973b01a779069d6423602ccc0a
GET /sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=QSMMr19VTDdjNHhGQVF2U1pwNG92OXFJRzZsdm9rRDlUUVhJaDl0aHEwJTJGWHBCQXl3enV0UG5IQVI2WnI4RUx3dGNmQnJMJTJCM0RnZUVackkwUGFlSDJ2czhGVE5TZjhDOXolMkZSNHl3RUpEcEpVcVdORVR0MWsyYVQ0bUhOOGs0WUxnbzJPTQ&info=Lwn75F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhFNVFzV01ZSDVKaVk2WiUyQlNiQjd4dGt2S2hnNktsRDhCekJhTGRmSnFNSQ&idsd=-942791067,-1261565828&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com&gdpr=1&gdpr_consent=BPenQtvPenQtwAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1110519
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 2.5 kB IP 178.250.2.146:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 04a3c0c6db579972e85b000e7ae39eb9
9b831e07569c209aaad60abbc72b41ff0d7292ec
356ea7d33f8a8a08fd0708b13c400761d2e983768e4706dabd7a680d9b360a7a
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=Xe8uoF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhFNVFzV01ZSDVKaVk2WiUyQlNiQjd4c3o3c21nN3BQV1FWWWt5SFNjMk5qRQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=Lwn75F80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhFNVFzV01ZSDVKaVk2WiUyQlNiQjd4dGt2S2hnNktsRDhCekJhTGRmSnFNSQ; expires=Mon, 25 Sep 2023 19:19:55 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 306076
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 32 kB URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32745)
Hash f6184ab94c254be97ed55bfaa64e598c
efd4d5fc00e0a1a6586af972b9332c7ddf4db56c
9778f8ec15d33c47f9698a39ee606ae90b51025b35807185e5f24843957437e3
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 459
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 31 Aug 2022 19:19:55 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.15200 OK 14 kB URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.15:0
File type JSON data\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (38487)
Hash ad6c3cbe541cf47e5d5631350f58f76a
c439e403bd3a88d7ddf63d6a74b4b8e347f857fc
78b666c22698aeed7c0ce8d4d8408c2ba7d70383d62a5ba1c856c1602d9ad6d8
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 139347
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.85.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.85.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 31 Aug 2022 19:19:56 GMT
Age: 52287
X-Served-By: cache-lga21969-LGA, cache-bma1621-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 154202
X-Timer: S1661973596.332779,VS0,VE0
Vary: Accept-Encoding
hal900024.redintelligence.net/viewability?s=47225200127587204438336012068024&a=a80fce7a&vb=m
138.201.84.252200 OK 0 B URL HTTP/1.1 hal900024.redintelligence.net/viewability?s=47225200127587204438336012068024&a=a80fce7a&vb=m
IP 138.201.84.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=47225200127587204438336012068024&a=a80fce7a&vb=m HTTP/1.1
Host: hal900024.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900024.redintelligence.net/request_content.php?s=47225200127587204438336012068024&a=4d71193c
Cookie: 8lcfmzhxc8d6_uid=090a6bc280876705
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 19:19:56 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 31 Aug 2022 19:19:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 99541c38-8b44-45fe-a334-856a1f4da058
Set-Cookie: uuid2=6291359386463271543; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 29-Nov-2022 19:19:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cdn.contentspread.net/24i/content/soberfb/EN/S-970x250.gif
88.99.69.161200 OK 87 kB URL HTTP/1.1 cdn.contentspread.net/24i/content/soberfb/EN/S-970x250.gif
IP 88.99.69.161:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 970 x 250\012- data
Hash 0e28e66e2adf8c90c21d5be5fb9e6fa6
1a0381040dccb97e0cbdd872d1a83b84356b9132
b597da368fd908257c568452ca805b3fb9023d6ad26b7675c5afc1fffb46fea9
GET /24i/content/soberfb/EN/S-970x250.gif HTTP/1.1
Host: cdn.contentspread.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900024.redintelligence.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 31 Aug 2022 19:19:56 GMT
Content-Type: image/gif
Content-Length: 86664
Last-Modified: Mon, 23 Jul 2018 15:20:13 GMT
Connection: close
ETag: "5b55f22d-15288"
Accept-Ranges: bytes
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.90200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 31 Aug 2022 19:19:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 5fedcc83-d10b-4a78-99f7-d0f755bb9f5d
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
bh.contextweb.com/visitormatch?reat=1
198.148.27.139200 OK 27 B URL HTTP/2 bh.contextweb.com/visitormatch?reat=1
IP 198.148.27.139:0
File type HTML document, ASCII text
Hash 806d8942eb70ed2d827b12ed2bf44533
b1149d9764ff4a9a7e8698f7a56ed003796d8582
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
GET /visitormatch?reat=1 HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-dd6bdcf45-lhxcf
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
content-type: text/html;charset=iso-8859-1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: INGRESSCOOKIE=0c643b0c012d0309; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.60200 OK 39 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.60:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d0f8c6f55d337ca757cfc16e6ba2f399
2a63b3a545d2420499b007f31af694471b1942fe
34239dfd3f544009fbe34944103591436597a24a8c39633d63edcf41ac4d7032
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 114847
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 31 Aug 2022 19:19:57 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 2bdfdaf2-cf0c-4b3a-8b55-7b8970d2da65
Set-Cookie: uuid2=5378079249903582525; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 29-Nov-2022 19:19:57 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.90200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 31 Aug 2022 19:19:57 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 27c4498a-a537-4c9a-bd3f-4dc86471f5cd
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
hal900024.redintelligence.net/viewability?s=47225200127587204438336012068024&a=a80fce7a&vb=v
138.201.84.252200 OK 0 B URL HTTP/1.1 hal900024.redintelligence.net/viewability?s=47225200127587204438336012068024&a=a80fce7a&vb=v
IP 138.201.84.252:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /viewability?s=47225200127587204438336012068024&a=a80fce7a&vb=v HTTP/1.1
Host: hal900024.redintelligence.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hal900024.redintelligence.net/request_content.php?s=47225200127587204438336012068024&a=4d71193c
Cookie: 8lcfmzhxc8d6_uid=090a6bc280876705
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 19:19:57 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.90307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 31 Aug 2022 19:19:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 609559c4-58db-4e85-a997-1e3a7ce44ded
Set-Cookie: uuid2=7941613893222031000; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 29-Nov-2022 19:19:58 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.90200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Wed, 31 Aug 2022 19:19:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 779cef30-d746-45ba-aa6e-cb6b400137a6
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1661973599257&event=plstarttry&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1661973599257&event=plstarttry&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1661973599257&event=plstarttry&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:59 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Wednesday, 31-Aug-2022 19:19:59 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1661973599277&event=adsearch&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1661973599277&event=adsearch&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1661973599277&event=adsearch&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:59 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Wednesday, 31-Aug-2022 19:19:59 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
sharemods.com/bbrdpnvehffc/FS22_Renault_Magnum_Integral.zip.html
104.26.10.194200 OK 0 B URL HTTP/2 sharemods.com/bbrdpnvehffc/FS22_Renault_Magnum_Integral.zip.html
IP 104.26.10.194:0
GET /bbrdpnvehffc/FS22_Renault_Magnum_Integral.zip.html HTTP/1.1
Host: sharemods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:50 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Tue, 30 Aug 2022 19:19:50 GMT
set-cookie: lang=english; domain=.sharemods.com; path=/
aff=100550; domain=.sharemods.com; path=/; expires=Wed, 14-Sep-2022 19:19:50 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6l%2FipopF%2FI52a2G%2BPO1pOoRC7vcnPK2KNuMbUshlspGz0MulQR5qizmstgTEvUKhYdcEl3I129cQRpB7EmFawRTOjfiZPjiEWb42nbB7aM4NC%2FzAyEY1ZeWRhxku%2F9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74381ebe4c96b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP 104.18.11.207:0
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 7423076
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74381ec09924b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/jquery-3.2.1.min.js
188.165.21.42200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/js/jquery-3.2.1.min.js
IP 188.165.21.42:0
GET /js/jquery-3.2.1.min.js HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: application/javascript
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
vary: Accept-Encoding
etag: W/"58d026fb-15283"
expires: Sun, 19 Mar 2023 19:19:51 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=QSMMr19VTDdjNHhGQVF2U1pwNG92OXFJRzZsdm9rRDlUUVhJaDl0aHEwJTJGWHBCQXl3enV0UG5IQVI2WnI4RUx3dGNmQnJMJTJCM0RnZUVackkwUGFlSDJ2czhGVE5TZjhDOXolMkZSNHl3RUpEcEpVcVdORVR0MWsyYVQ0bUhOOGs0WUxnbzJPTQ&info=Xe8uoF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhFNVFzV01ZSDVKaVk2WiUyQlNiQjd4c3o3c21nN3BQV1FWWWt5SFNjMk5qRQ&idsd=-942791067,-1261565828&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=QSMMr19VTDdjNHhGQVF2U1pwNG92OXFJRzZsdm9rRDlUUVhJaDl0aHEwJTJGWHBCQXl3enV0UG5IQVI2WnI4RUx3dGNmQnJMJTJCM0RnZUVackkwUGFlSDJ2czhGVE5TZjhDOXolMkZSNHl3RUpEcEpVcVdORVR0MWsyYVQ0bUhOOGs0WUxnbzJPTQ&info=Xe8uoF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhFNVFzV01ZSDVKaVk2WiUyQlNiQjd4c3o3c21nN3BQV1FWWWt5SFNjMk5qRQ&idsd=-942791067,-1261565828&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=QSMMr19VTDdjNHhGQVF2U1pwNG92OXFJRzZsdm9rRDlUUVhJaDl0aHEwJTJGWHBCQXl3enV0UG5IQVI2WnI4RUx3dGNmQnJMJTJCM0RnZUVackkwUGFlSDJ2czhGVE5TZjhDOXolMkZSNHl3RUpEcEpVcVdORVR0MWsyYVQ0bUhOOGs0WUxnbzJPTQ&info=Xe8uoF80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhFNVFzV01ZSDVKaVk2WiUyQlNiQjd4c3o3c21nN3BQV1FWWWt5SFNjMk5qRQ&idsd=-942791067,-1261565828&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:54 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1184549
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
bh.contextweb.com/visitormatch
198.148.27.139302 Found 0 B URL HTTP/2 bh.contextweb.com/visitormatch
IP 198.148.27.139:0
GET /visitormatch HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-dd6bdcf45-pxl6w
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: /visitormatch?reat=1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=TmlrCuxE3pn6;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sat, 26-Aug-2023 19:19:58 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=a0073f7bc6fe3ee8; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Sat, 01 Oct 2022 19:19:51 GMT
etag: W/"49EMMoGNl608re5Cihgheg=="
cf-cache-status: HIT
age: 77531
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381ec3dbdab52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 986511
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com&gdpr=1&gdpr_consent=BPenQtvPenQtwAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com&gdpr=1&gdpr_consent=BPenQtvPenQtwAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A
IP 178.250.0.157:0
GET /syncframe?origin=publishertag&topUrl=sharemods.com&gdpr=1&gdpr_consent=BPenQtvPenQtwAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:54 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=2087c75d-d537-4222-8893-c647d16f850b; expires=Mon, 25 Sep 2023 19:19:55 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 674595
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 0 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 518
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Wed, 31 Aug 2022 19:19:54 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
cookieinfoscript.com/js/cookieinfo.min.js
172.67.153.46200 OK 0 B URL HTTP/2 cookieinfoscript.com/js/cookieinfo.min.js
IP 172.67.153.46:0
GET /js/cookieinfo.min.js HTTP/1.1
Host: cookieinfoscript.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: application/x-javascript
x-amz-id-2: scD+jI49bgDpkSsayoO8NMGEeMAg8uyEzYmd2TDwWaa5DpJZchpugmE1fcRG0gu3wK+jmB/jBww=
x-amz-request-id: 51SSPQYQZSA5RPMV
x-amz-meta-cb-modifiedtime: Wed, 07 Apr 2021 11:38:58 GMT
last-modified: Wed, 07 Apr 2021 11:39:17 GMT
etag: W/"d15d93068c1121f63008407d339bd819"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 808
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13kq%2FRKJ7z6XZFuV7sJj0uCjcplypK15XODTvnPFpk6KQ3dzSNfMyw7mMT6zYtpLbfyP8DrEyR5S1qy2NGkJknr3Ai4YyiBG%2BTmWexKLQQNNw0FSbqXrTXQO1NB%2FVg0sM8d0fOWCVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381ec0cf240b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stpd.cloud/assets/postbid/stpd201221.js
104.18.31.49200 OK 0 B URL HTTP/2 stpd.cloud/assets/postbid/stpd201221.js
IP 104.18.31.49:0
GET /assets/postbid/stpd201221.js HTTP/1.1
Host: stpd.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: application/javascript
content-md5: /FnTyG7mivuubIGMmM4B7Q==
last-modified: Fri, 26 Aug 2022 11:58:21 GMT
vary: Origin, Accept-Encoding
x-ms-request-id: b451909e-901e-0043-1243-b919cb000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
age: 4582
expires: Wed, 31 Aug 2022 23:19:51 GMT
cache-control: public, max-age=14400
access-control-allow-origin: *
server: cloudflare
cf-ray: 74381ec468601c16-OSL
content-encoding: br
X-Firefox-Spdy: h2
adx.adform.net/adx/?rp=4&bWlkPTUzMzM5OCZ0cmFuc2FjdGlvbklkPWM5NjZkNWZjLWExOGItNGRhYy1iODM1LWU0ODJlNzIxOTBkZA%3D%3D&pt=gross&stid=44ec403d-3b20-4660-8b59-98b5e277d6e2&gdpr=true&gdpr_consent=BPenQtvPenQtwAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&fd=1
37.157.2.234200 OK 0 B URL HTTP/2 adx.adform.net/adx/?rp=4&bWlkPTUzMzM5OCZ0cmFuc2FjdGlvbklkPWM5NjZkNWZjLWExOGItNGRhYy1iODM1LWU0ODJlNzIxOTBkZA%3D%3D&pt=gross&stid=44ec403d-3b20-4660-8b59-98b5e277d6e2&gdpr=true&gdpr_consent=BPenQtvPenQtwAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&fd=1
IP 37.157.2.234:0
GET /adx/?rp=4&bWlkPTUzMzM5OCZ0cmFuc2FjdGlvbklkPWM5NjZkNWZjLWExOGItNGRhYy1iODM1LWU0ODJlNzIxOTBkZA%3D%3D&pt=gross&stid=44ec403d-3b20-4660-8b59-98b5e277d6e2&gdpr=true&gdpr_consent=BPenQtvPenQtwAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&fd=1 HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 19:19:52 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://sharemods.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
script.4dex.io/adagio.js
104.26.9.169200 OK 0 B IP 104.26.9.169:0
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:52 GMT
content-type: application/javascript
access-control-allow-headers: Authorization
access-control-max-age: 3000
x-amz-id-2: tx07075c97c4c74d33905b4-00629f4bc8
access-control-allow-credentials: true
x-amz-request-id: tx07075c97c4c74d33905b4-00629f4bc8
last-modified: Tue, 10 May 2022 09:57:31 GMT
etag: W/"2430496689c00115831347992a974246"
cache-control: public, max-age=1800
x-amz-version-id: 1652176651393042
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: HIT
age: 2009882
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5WbmGDNgKt7FlBbQpTPGMIn38fgXx5goRJ49HtCFdvvhR9XiX%2FQOl6YA%2FQd5EqqYKj3JN6x0AG6Cd0HNdVsBGi9FMxwnNbm%2FJYyJtHYy389MNAcbOrKTda2WlwZjni3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381ec94fc60b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.onnetwork.tv/css/roboto.css
188.165.21.42200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/css/roboto.css
IP 188.165.21.42:0
GET /css/roboto.css HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:54 GMT
content-type: text/css
last-modified: Thu, 01 Jul 2021 08:44:40 GMT
vary: Accept-Encoding
etag: W/"60dd8078-194c"
expires: Sun, 19 Mar 2023 19:19:54 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
IP 178.250.0.157:0
GET /syncframe?origin=publishertag&topUrl=sharemods.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:53 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=782718d5-10bc-4f47-855d-9e9eaaaa3fe6; expires=Mon, 25 Sep 2023 19:19:53 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 543560
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
IP 104.18.11.207:0
GET /bootstrap/3.3.7/css/bootstrap-theme.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 08/03/2021 14:28:52
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: e346f97b1d38a339b60e3cf96f044831
cdn-cache: HIT
cf-cache-status: HIT
age: 7416911
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74381ec09a7e1c02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.0.157:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 1096116
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
172.67.169.247200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
IP 172.67.169.247:0
GET /releases/v5.1.1/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: text/css
x-amz-id-2: 3qtLoslVpJWs3Uito9jZuiVnmA5sSUfDqF6AALJJlexLZUgaMQB+AdqvjgwmB2FXg+ckjD0wasU=
x-amz-request-id: 9P1DVWXDHX5TQGV9
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"01727b5056f65c2ac938f5db4e552b10"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2338780
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Id9XYZoMJgcxQw8lOs%2FG7FP2FD4wSftLARFKjas0vcL4CsVn%2FTTSgyj5OESaDzZ1pZc1R5E9iuYT8peft4vrob8HNdIWynmiZwrm7oVez21DEOTrWUrw633w6GsIr4Fvjch%2FOvy%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381ec0aaec0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.1.1/css/all.css
172.67.169.247200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.1.1/css/all.css
IP 172.67.169.247:0
GET /releases/v5.1.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: text/css
x-amz-id-2: +Lj/tI4gfEuPqnjA1bfddSyyL3HcZlNvzhhPQhDDWlSQ7fqsTmK6xbpNwvA92zQeEbPwFt17A2A=
x-amz-request-id: NH28DGS10Q33FGNZ
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"597b70b2ce6b1483f72526c906918fe9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1862366
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgPBLRf7CaOuKQQvaCtPj7jkJVrXsDzc4qryEmCurbgWE34yd9kiFysAYwjynlAfLc4mu2HeHyXfF5m4hJgEZQt%2BE9uMY1ilRv8eqHVGZ65F1SwdCqjJvkFtlAMJEVBuxZQt%2BJSn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74381ec0bb100b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video.onnetwork.tv/widget/widget_scrolllist_list.php?nl=1&widget=808&iid=1661973591124&cId=pid1661973591124
137.74.20.12200 OK 0 B URL HTTP/2 video.onnetwork.tv/widget/widget_scrolllist_list.php?nl=1&widget=808&iid=1661973591124&cId=pid1661973591124
IP 137.74.20.12:0
GET /widget/widget_scrolllist_list.php?nl=1&widget=808&iid=1661973591124&cId=pid1661973591124 HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Wed, 31 Aug 2022 19:19:51 GMT
expires: Wed, 31 Aug 2022 19:19:52 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
date: Wed, 31 Aug 2022 19:19:51 GMT
server: XO.webservant
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.0.157:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 461133
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/adblock_notify.js?s=1661973593
188.165.21.42200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/js/adblock_notify.js?s=1661973593
IP 188.165.21.42:0
GET /js/adblock_notify.js?s=1661973593 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Wed, 31 Aug 2022 19:19:54 GMT
content-type: application/javascript
last-modified: Tue, 18 Aug 2020 15:40:09 GMT
vary: Accept-Encoding
etag: W/"5f3bf659-19"
expires: Sun, 19 Mar 2023 19:19:54 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 19:19:51 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 7415190
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74381ec0991eb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 19:19:53 GMT
content-type: text/javascript
last-modified: Tue, 23 Aug 2022 00:22:08 GMT
etag: W/"63041db0-15cdc"
expires: Thu, 01 Sep 2022 19:19:53 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.betweendigital.com/adjson?jst=hb&ord=8876051005481104&tz=0&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=222ade92705f443&transactionid=c966d5fc-a18b-4dac-b835-e482e72190dd&auctionid=44ec403d-3b20-4660-8b59-98b5e277d6e2&crf=1
188.42.191.196200 OK 0 B URL HTTP/2 ads.betweendigital.com/adjson?jst=hb&ord=8876051005481104&tz=0&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=222ade92705f443&transactionid=c966d5fc-a18b-4dac-b835-e482e72190dd&auctionid=44ec403d-3b20-4660-8b59-98b5e277d6e2&crf=1
IP 188.42.191.196:0
GET /adjson?jst=hb&ord=8876051005481104&tz=0&fl=0&rr=direct&w=300&h=250&s=2544233&bidid=222ade92705f443&transactionid=c966d5fc-a18b-4dac-b835-e482e72190dd&auctionid=44ec403d-3b20-4660-8b59-98b5e277d6e2&crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Content-Type: text/plain
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Thu, 31 Aug 2023 19:19:52 GMT; Path=/; Domain=.betweendigital.com
tuuid=68494ed0-9bb6-52f3-bb5d-88c3d8523c9b; Max-Age=31536000; Expires=Thu, 31 Aug 2023 19:19:52 GMT; Path=/; Domain=.betweendigital.com
ut=Yw-0WAAL10CX5MWy_TA32EFXcjbBwkYhMt3kUQ==; Max-Age=31536000; Expires=Thu, 31 Aug 2023 19:19:52 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 19:19:53 GMT
content-type: text/javascript
last-modified: Tue, 23 Aug 2022 00:22:08 GMT
etag: W/"63041db0-15cdc"
expires: Thu, 01 Sep 2022 19:19:53 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
bh.contextweb.com/visitormatch/prebid
198.148.27.139302 Found 0 B URL HTTP/2 bh.contextweb.com/visitormatch/prebid
IP 198.148.27.139:0
GET /visitormatch/prebid HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-dd6bdcf45-ssfrs
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=%%ENCRYPTED_VGUID_B64%%&gdpr=%%GDPR_IN_EFFECT%%&gdpr_consent=%%GDPR_CONSENT%%
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=pJEjp7r2XHJv;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Sat, 26-Aug-2023 19:19:58 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=39be3344d8b0a26a; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2