sharemods.com/frbmurzcs0hj/Timecyc.rar.html
104.26.11.194301 Moved Permanently 0 B URL HTTP/1.1 sharemods.com/frbmurzcs0hj/Timecyc.rar.html
IP 104.26.11.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /frbmurzcs0hj/Timecyc.rar.html HTTP/1.1
Host: sharemods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 18:20:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 04 Feb 2023 19:20:45 GMT
Location: https://sharemods.com/frbmurzcs0hj/Timecyc.rar.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmuA%2BYuB633dNioAGchs0%2FCJu3fwbPsF4K0aXbPeN3jgoO357HmLwz0qaBG6Iixq3mH23NiaeLk%2B7gBuQe%2BspPGjKYg%2BykxBd2VhExo7Ks7Xx1UoLl6Z83SAm7xio9A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 79456c0fbe87b523-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12880
Expires: Sat, 04 Feb 2023 21:55:25 GMT
Date: Sat, 04 Feb 2023 18:20:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16013
Expires: Sat, 04 Feb 2023 22:47:38 GMT
Date: Sat, 04 Feb 2023 18:20:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 17:36:15 GMT
content-type: application/json
age: 2670
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4167
Expires: Sat, 04 Feb 2023 19:30:12 GMT
Date: Sat, 04 Feb 2023 18:20:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7a7a3d68ce326f1f15a306c4537e4845
470f37ed5aa873f84b5524b77e7c6d818db58032
fa62ed03b25602ad970052e13fba4910075992a22806a9754579598df233df1d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3053
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:45 GMT
Last-Modified: Sat, 04 Feb 2023 17:29:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: lODQsHKOqUZlAQgALRf+4kOjEeU1Wirv0ZX7QgjHIoBeGfJU3U8k9kmaHGzqEhwHC2sj8AfcD+g=
x-amz-request-id: XY1Q5YKV6NZ3G6NE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 17:52:55 GMT
age: 1670
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 18:20:45 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7a7a3d68ce326f1f15a306c4537e4845
470f37ed5aa873f84b5524b77e7c6d818db58032
fa62ed03b25602ad970052e13fba4910075992a22806a9754579598df233df1d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3054
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Last-Modified: Sat, 04 Feb 2023 17:29:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 149a2367312653ee73b6581578a2f84d
3c98fcaa27940cfcfb9a8c27bc3ec80476898bbc
007b5bc87b6006e78e97ea446e1979574d5c17782be5e901706a0881e62d05a4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3284
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Last-Modified: Sat, 04 Feb 2023 17:26:02 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 2.3 kB IP 93.184.220.29:0
File type Applesoft BASIC program data, first line number 41\012- data
Hash dc4cc725d497a931d0d469765f23846e
d644e991f876e31868e65d12213dbde25fc69998
e929259fcd729fd92d448b4939126fa2a39d657a57d57c3ea3b118450efe6695
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3284
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Last-Modified: Sat, 04 Feb 2023 17:26:02 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 149a2367312653ee73b6581578a2f84d
3c98fcaa27940cfcfb9a8c27bc3ec80476898bbc
007b5bc87b6006e78e97ea446e1979574d5c17782be5e901706a0881e62d05a4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3284
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Last-Modified: Sat, 04 Feb 2023 17:26:02 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 798 B IP 93.184.220.29:0
Hash 7353a6577d479dcf6495df778d67d4c5
60f0241dc9cbc55f73448902f6b00d49f6dda192
72b69c8c9fae2acb3a175d6abec982944b87d80e2a7eb04cab5dd101d78b4e73
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4223
Cache-Control: max-age=107455
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Etag: "63dd923e-117"
Expires: Mon, 06 Feb 2023 00:11:41 GMT
Last-Modified: Fri, 03 Feb 2023 23:01:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cookieinfoscript.com/js/cookieinfo.min.js
104.21.34.18200 OK 3.2 kB URL HTTP/2 cookieinfoscript.com/js/cookieinfo.min.js
IP 104.21.34.18:0
File type ASCII text, with very long lines (7650)
Hash c8d9397cdcd0ed0a58a581b754e4cae6
c90de6d4ea9ca85265fa1bdad4165dbcdb16b2ee
49d177b66cc2a63ba8ccb79e53af289155fec03c64cba78f5a33f9e0fa5b9d69
GET /js/cookieinfo.min.js HTTP/1.1
Host: cookieinfoscript.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: application/x-javascript
x-amz-id-2: scD+jI49bgDpkSsayoO8NMGEeMAg8uyEzYmd2TDwWaa5DpJZchpugmE1fcRG0gu3wK+jmB/jBww=
x-amz-request-id: 51SSPQYQZSA5RPMV
x-amz-meta-cb-modifiedtime: Wed, 07 Apr 2021 11:38:58 GMT
last-modified: Wed, 07 Apr 2021 11:39:17 GMT
etag: W/"d15d93068c1121f63008407d339bd819"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 4922
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEqTSTjQp6Z1bvaB%2FmrVDpK%2BfvcbEDkwucXMgVfDH%2Bf7nC9xpg%2BlHZdiGCi%2BmyzLUFvngYje7t6ffHKtKgWx0btKuDGqdqcEC1AyHjH5jPCX8GAS8YzIqRQBdVv7jIIrTL8Ipg0drA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79456c1448fcb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0b8e9ae3ed8c971921210fde97644ffc
391225a6b68e000475ed28c26890dfca0e3c224c
a9d7f4b19be01585dc5ac5ed72bc173159cf24d094cbb986673159d7dcdad453
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9D7F4B19BE01585DC5AC5ED72BC173159CF24D094CBB986673159D7DCDAD453"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1426
Expires: Sat, 04 Feb 2023 18:44:32 GMT
Date: Sat, 04 Feb 2023 18:20:46 GMT
Connection: keep-alive
use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
172.64.133.15200 OK 4.7 kB URL HTTP/2 use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (26508)
Hash 90fc1c01278b7e71ee09c2c476330a56
76b2825b0658ef0f8c3376b3b929f7f61b3dc9eb
b64432fc9a82794e71a8ed81aa18a7d276bc8a3b27f9813cf8666eb7ab28d46d
GET /releases/v5.1.1/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: text/css
x-amz-id-2: r3ii+dv0nxfFPD5bYmMA/1qmJk2dJ2e2Uj4yFZGB69n9TCQz4n/jOQ35BffN5aJJMqxGzLmo1d0=
x-amz-request-id: 0FPCWTWX7F8P879B
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"01727b5056f65c2ac938f5db4e552b10"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 709715
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JLkaX2%2FOH8iV0F9BL%2FML5pVZb1aF1prXxtlibvtMzala5pEUDvUmqu%2B%2BDiXJRgyNUK03qn5n0%2FCuIEN2M9Z7KuO7ijwajQfnT2BasU%2BGGCP4g%2BkMw57U74hf1HqfEXiWRZKv3lvE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79456c149e13752d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 34 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d8728180ed71dfcbb6aa4c3154dc0d3a
fbe95dfa6172dd42f3d90a0454607f14d0f1eb40
d5705cc8ac89fb56e04959064ef6afc866a23d7f96ebe61ddb344afd4b8abdaf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "827AA83F11DA3E616DB5CB430682B643BB0E1383DD31367C02360486A5300C8A"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7498
Expires: Sat, 04 Feb 2023 20:25:44 GMT
Date: Sat, 04 Feb 2023 18:20:46 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-15082559-23
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-15082559-23
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 8db4b1de0236c6655b139ab760420fa4
121c35e9147120418c9ee917a47e54867ea4bcca
dfe1da46483a34bc20de234e203da8dcf6764507f1d137b96dda97e14d53b1f9
GET /gtag/js?id=UA-15082559-23 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 18:20:46 GMT
expires: Sat, 04 Feb 2023 18:20:46 GMT
cache-control: private, max-age=900
last-modified: Sat, 04 Feb 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
biancasunlit.com/1clkn/16756
142.91.159.185200 OK 26 B URL HTTP/1.1 biancasunlit.com/1clkn/16756
IP 142.91.159.185:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
Analyzer Verdict Alert quad9 Sinkholed
GET /1clkn/16756 HTTP/1.1
Host: biancasunlit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 18:20:46 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sun, 05-Feb-2023 18:20:46 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Sun, 05-Feb-2023 18:20:46 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 17:49:07 GMT
age: 1899
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
video.onnetwork.tv/widget/widget_scrolllist.php?widget=808
149.202.118.64200 OK 5.3 kB URL HTTP/2 video.onnetwork.tv/widget/widget_scrolllist.php?widget=808
IP 149.202.118.64:0
File type ASCII text, with very long lines (2119)
Hash cace84d13ebde9887796e1f97e0b1bec
86faa3818633d841e97cf76df3f4fce0bffcaf58
3e91d90057e0110e7cba969ee0a2ae2c38c90315283119ef36f8e12e90b87abf
GET /widget/widget_scrolllist.php?widget=808 HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Sat, 04 Feb 2023 18:20:46 GMT
expires: Sat, 04 Feb 2023 18:20:47 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
strict-transport-security: max-age=31536000
content-length: 5260
content-type: text/html; charset=utf-8
date: Sat, 04 Feb 2023 18:20:46 GMT
server: XO.webservant
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.6 kB IP 142.250.74.131:0
Hash 78d59250558e5099dafb2398f1d8bc4c
a2f260025d6e7135f3676899d499418ff7e7ec46
3c0925554996f2ea55c22c2efb59ebe343dc538bc7b9f66f8b71cc6de8700c6e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 864 B IP 142.250.74.131:0
Hash 6be0382a2d51a370f7c7748e73ab3557
013a13f3fe3af1c78abf1268cd534e83ec61e745
24f2c7a0ddc86a084cf8724dc5589bf7299ff7b5c571272ead9b9ab147e30cc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.35200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:52:41 GMT
expires: Tue, 30 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 430085
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
142.250.74.35200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Hash ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:54:25 GMT
expires: Fri, 02 Feb 2024 00:54:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
age: 235581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
142.250.74.35200 OK 39 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 38752, version 1.0\012- data
Hash d451decbad0d0d2feba27610481a34d8
1479b2ad870d5e2bb04d206f33460089394f6eb5
a5515c53111bb4a4f45aff63d06df893ae9033dc85e82cc2ef27fc099a4d7609
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoC1CzjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 38752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 10:14:18 GMT
expires: Sat, 03 Feb 2024 10:14:18 GMT
cache-control: public, max-age=31536000
age: 115588
last-modified: Wed, 27 Apr 2022 17:04:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fd24c41cecd41f833dcbfbabe4ac6cd5
c63ab08b9fd8dd8bfdb691e54e0ba2b0c2c10217
8c9eb25d407d9cfa342ff0c9ff9bd5e9afc79a95f42677c76f1946460aafb481
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3189
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Last-Modified: Sat, 04 Feb 2023 17:27:37 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fd24c41cecd41f833dcbfbabe4ac6cd5
c63ab08b9fd8dd8bfdb691e54e0ba2b0c2c10217
8c9eb25d407d9cfa342ff0c9ff9bd5e9afc79a95f42677c76f1946460aafb481
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2923
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Last-Modified: Sat, 04 Feb 2023 17:32:04 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13042
Expires: Sat, 04 Feb 2023 21:58:08 GMT
Date: Sat, 04 Feb 2023 18:20:46 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad-delivery.net/px.gif?ch=2
104.26.2.70200 OK 43 B URL HTTP/2 ad-delivery.net/px.gif?ch=2
IP 104.26.2.70:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=2 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdvRyQuiKR7vao0d0gZH1fD4TACxVBfdiOoBZcjsTHe5pQD9btOiEjggzyh8C86yatVzyUlYTAFym5Cc073wIsWMUTACWflM
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 26 Jan 2023 22:54:58 GMT
cache-control: public, max-age=86400
age: 764574
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3jCEdL7wuhYd4cuxGoHhUFGBPdfT3l%2B0mZKq9KPqoXlV2iMkGldPuTt%2BCJc0nG6xCBHYCEcXN4IWXEAzp5osq2rpbUt5E6S%2FpAroACH82GY%2BGDIjnXOp6PDiJ%2FfeqPSTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79456c168df4b4f3-OSL
X-Firefox-Spdy: h2
ad-delivery.net/px.gif?ch=1&e=0.19632954590932938
104.26.2.70200 OK 43 B URL HTTP/2 ad-delivery.net/px.gif?ch=1&e=0.19632954590932938
IP 104.26.2.70:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /px.gif?ch=1&e=0.19632954590932938 HTTP/1.1
Host: ad-delivery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ADPycdvRyQuiKR7vao0d0gZH1fD4TACxVBfdiOoBZcjsTHe5pQD9btOiEjggzyh8C86yatVzyUlYTAFym5Cc073wIsWMUTACWflM
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 26 Jan 2023 22:54:58 GMT
cache-control: public, max-age=86400
age: 764574
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=596GLm8wLB79dHA%2BpS4M5ehTzk2h7RDCm%2B8y4DkSlaTNnnotM%2FfntwQoxpzdvh%2BdTxXR2IAzHgqIdMtEwvziukXQAMA%2F3CfDuaiIr9oRgf715HDbaQh1Waoc%2Fqe2u4oqhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79456c168df0b4f3-OSL
X-Firefox-Spdy: h2
pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21696195204/sharemods.com_336x280_1_DFP&sz=336x280&t=Placement_type%3Dserving&1675534882920
142.250.74.162200 OK 14 kB URL HTTP/2 pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21696195204/sharemods.com_336x280_1_DFP&sz=336x280&t=Placement_type%3Dserving&1675534882920
IP 142.250.74.162:0
File type ASCII text, with very long lines (54564)
Hash e3d48703a713d8d9369dad7b08db0a18
b99bcc767fd5a472a7a8259d215e2937cc9b3ac9
ca044b9587ddf3e7f7a26e6918896745aaed5ee37cb17e07d6b4178768ca89a0
GET /gampad/adx?iu=/147246189,21696195204/sharemods.com_336x280_1_DFP&sz=336x280&t=Placement_type%3Dserving&1675534882920 HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
google-lineitem-id: 5657257864
google-creative-id: 138344837108
google-mediationgroup-id: -2
google-mediationtag-id: -2
date: Sat, 04 Feb 2023 18:20:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 13913
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 18:35:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21696195204/sharemods.com_970x250_2_DFP&sz=300x250%7C336x280%7C970x250&t=Placement_type%3Dserving&1675534882919
142.250.74.162200 OK 13 kB URL HTTP/2 pubads.g.doubleclick.net/gampad/adx?iu=/147246189,21696195204/sharemods.com_970x250_2_DFP&sz=300x250%7C336x280%7C970x250&t=Placement_type%3Dserving&1675534882919
IP 142.250.74.162:0
File type ASCII text, with very long lines (54524)
Hash 2dfbadf4046b63b8e2095caf259d56cf
0dda75f7c370fe37ff4cc103775b78187c0c2188
7ea09bef23d11539fb9965cbc18ae16f3aea5b46b71d5e3ca5d5a0e037be71ff
GET /gampad/adx?iu=/147246189,21696195204/sharemods.com_970x250_2_DFP&sz=300x250%7C336x280%7C970x250&t=Placement_type%3Dserving&1675534882919 HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
google-lineitem-id: 5909540546
google-creative-id: 138380363290
google-mediationgroup-id: -2
google-mediationtag-id: -2
date: Sat, 04 Feb 2023 18:20:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 13203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 18:35:46 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
video.onnetwork.tv/embed.php?mid=NTcwODE0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA=&iid=1675534882979&cId=pid1675534882979&widget=808
149.202.118.64200 OK 1.3 kB URL HTTP/2 video.onnetwork.tv/embed.php?mid=NTcwODE0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA=&iid=1675534882979&cId=pid1675534882979&widget=808
IP 149.202.118.64:0
File type ASCII text, with very long lines (1779)
Hash 506fa1679ec70433f9818ace04e90e2d
68148720fba71c23863cf49d208263a72efdead2
cc66ac730593b75f77632d480d9b76cece18fd62025f42e35a97bcd82eb2f33f
GET /embed.php?mid=NTcwODE0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA=&iid=1675534882979&cId=pid1675534882979&widget=808 HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Sat, 04 Feb 2023 18:20:45 GMT
expires: Sat, 04 Feb 2023 18:20:45 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
feature-policy: fullscreen *; autoplay;
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-length: 1279
content-type: text/javascript;charset=utf-8
date: Sat, 04 Feb 2023 18:20:46 GMT
server: XO.webservant
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570840_5m.jpg
188.165.21.42200 OK 27 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570840_5m.jpg
IP 188.165.21.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 24bbfc2efae8c74b6924bf1a5592d39d
9e0fa658e3bb252c65b474a8d0f64e73e7c0896e
c3eefd5595d59072bfa4e2fe0f26df33c1013b7eeb3f1176c0b411b14c14f8df
GET /poster/5/7/570840_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: image/jpeg
content-length: 26627
last-modified: Mon, 07 Feb 2022 09:47:37 GMT
etag: "6200eab9-6803"
expires: Wed, 23 Aug 2023 18:20:46 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570858_5m.jpg
188.165.21.42200 OK 30 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570858_5m.jpg
IP 188.165.21.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 84a6a72d40f958ffeaf761d0883b38b2
de8e2ce426e7b03d202935b1c8b9caa0868c9731
43f7beebc22497f827ada6ee9c1f2e5b84264621a69bd47c9130709f3ce47f13
GET /poster/5/7/570858_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: image/jpeg
content-length: 29982
last-modified: Mon, 07 Feb 2022 09:58:20 GMT
etag: "6200ed3c-751e"
expires: Wed, 23 Aug 2023 18:20:46 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570814_5m.jpg
188.165.21.42200 OK 22 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570814_5m.jpg
IP 188.165.21.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 408d928fdc630ebd5ad904b0499c7388
0e7e45f316289fb28b48398170e170eb55bf6fa9
d174b44385b81158573717412867bdde8c1641dbb83e086f7794aa3789e023aa
GET /poster/5/7/570814_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: image/jpeg
content-length: 22008
last-modified: Mon, 07 Feb 2022 09:30:47 GMT
etag: "6200e6c7-55f8"
expires: Wed, 23 Aug 2023 18:20:46 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570832_1m.jpg
188.165.21.42200 OK 22 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570832_1m.jpg
IP 188.165.21.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash e89f8967d6c9e9e774ffe2d1acd0eb7b
3c31a2d1c270ea31232aea01df5044da8e63c3bc
971ee47efa3517204e4cf69c23c891f00cb2da7e88fd3381e5b6e12ccbb113b3
GET /poster/5/7/570832_1m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: image/jpeg
content-length: 21547
last-modified: Mon, 07 Feb 2022 09:41:25 GMT
etag: "6200e945-542b"
expires: Wed, 23 Aug 2023 18:20:46 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570804_5m.jpg
188.165.21.42200 OK 11 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570804_5m.jpg
IP 188.165.21.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 480x272, components 3\012- data
Hash 2871fb03f440dedc5c98a39e3233ecca
cdab8fec4adf07e4fc0ed5f84e6b5f421242b37e
c00fd1fce75f8aaf02c223b7140caf4b537e7c5660c7bba78a63d799baaf5cbb
GET /poster/5/7/570804_5m.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: image/jpeg
content-length: 10645
last-modified: Mon, 07 Feb 2022 09:22:50 GMT
etag: "6200e4ea-2995"
expires: Wed, 23 Aug 2023 18:20:46 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675534883358&d=9784&wsc=00&typ=embed&mobile=0&c=43
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675534883358&d=9784&wsc=00&typ=embed&mobile=0&c=43
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1675534883358&d=9784&wsc=00&typ=embed&mobile=0&c=43 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Saturday, 04-Feb-2023 18:20:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.186.4.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.4.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R4VVahmX4ztCt/MSZRU4ag==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6TS1UUkhr0lO73ipJg8tQQ/rVow=
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 04 Feb 2023 17:44:08 GMT
expires: Sat, 04 Feb 2023 19:44:08 GMT
cache-control: public, max-age=7200
age: 2198
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.34200 OK 27 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (39302)
Hash 263f2ba45aa0bd474f1e2f54f33af970
736cf56e746885a0507ebf8c5042c172bf9b3ae0
3d375881308734c9ca1d10985324aa71e87106b07a25bf2df6766bdbb804e70b
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27279
date: Sat, 04 Feb 2023 18:20:46 GMT
expires: Sat, 04 Feb 2023 18:20:46 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1472 / 36 of 1000 / last-modified: 1675465842"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2e174531b474d26a32c11aaa9965c69
6356e52468c57397bd01afe8c7cb861b4fe931ee
5eefef5a21ca2e611d0904b3adcff0005053a0d1f23a024808b436141cadd6b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
216.58.207.230200 OK 104 B URL HTTP/2 ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
IP 216.58.207.230:0
File type MS Windows icon resource - 2 icons, 16x16, 16 colors, 32x32, 16 colors\012- data
Hash 32ac8a9b81788b981a3a7e13c14082d4
fbfd48a2bfe8d4247a975176f88d18c3c2ad1952
00cc7617e054596ff0aaabd8a93a9214dc5304bfe317316022dbf4fb3ea073d2
GET /favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250 HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 104
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 15:55:01 GMT
expires: Sun, 05 Feb 2023 15:55:01 GMT
cache-control: public, max-age=86400
age: 8745
last-modified: Tue, 08 May 2012 13:08:06 GMT
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
104.110.14.155301 Moved Permanently 0 B URL HTTP/2 secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
IP 104.110.14.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP/1.1
Host: secure-assets.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
date: Sat, 04 Feb 2023 18:20:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d12cb53144d0964484d5533da0d9224f
a656489348ebb5f6eb71f7f8758d64ea5e9a1f7a
1b458c0e3cebcfb9bb5cfb8fd54cd54b79825bde21f296a4348b0ce342a38585
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B458C0E3CEBCFB9BB5CFB8FD54CD54B79825BDE21F296A4348B0CE342A38585"
Last-Modified: Sat, 04 Feb 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7313
Expires: Sat, 04 Feb 2023 20:22:39 GMT
Date: Sat, 04 Feb 2023 18:20:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 482952c319f6b341719e70726729734d
d562869196fe45ede7cf9d7b83643c020eae68b2
052ed0f05af6fa66b55a1e883536b6fc2743d32d56aa4b7c58f0b8202b67ee9b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2398
Cache-Control: max-age=152060
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Etag: "63de479c-139"
Expires: Mon, 06 Feb 2023 12:35:06 GMT
Last-Modified: Sat, 04 Feb 2023 11:55:08 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 482952c319f6b341719e70726729734d
d562869196fe45ede7cf9d7b83643c020eae68b2
052ed0f05af6fa66b55a1e883536b6fc2743d32d56aa4b7c58f0b8202b67ee9b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2396
Cache-Control: max-age=152058
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Etag: "63de479c-139"
Expires: Mon, 06 Feb 2023 12:35:04 GMT
Last-Modified: Sat, 04 Feb 2023 11:55:08 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 313
script.4dex.io/localstore.js
172.67.75.241200 OK 268 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 172.67.75.241:0
File type ASCII text, with very long lines (482)
Hash 58fe1f2623397cca72ecea6ee95d76b9
ac4d33ae761cf330574597936273a9c5d82f96d0
7cb0b5944c53bbacc5983fbef96aa0c1f514ec12da81666765610eae562a9020
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 18:20:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 106158
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcdeSBrBQ4o667Vs7Yyf4DlyGe1JsLVOuNdF1fLslelHlGKFFPrtlWBrswikPp1iolrGmQ07%2BaHSovMojMIY%2FX%2BT4BeUv9TKkEXPQy0OL9LZw61PPJCyew0sNKqc%2F%2BWs"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79456c191abfb51b-OSL
Content-Encoding: br
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675534883531&d=9784&wsc=00&typ=embed&mobile=0&c=40
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675534883531&d=9784&wsc=00&typ=embed&mobile=0&c=40
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1675534883531&d=9784&wsc=00&typ=embed&mobile=0&c=40 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Saturday, 04-Feb-2023 18:20:46 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
172.67.75.241304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 172.67.75.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Sat, 04 Feb 2023 18:20:46 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 106158
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02KuIKxQyhhjjnpg6r5Ba2sqkwJf8eO%2FxgkuIxUfmTIgTdB2dU5sO%2FgXpM0kRwYdebwJgqLfRPgj7eBDuOV9%2FY8vJ9UPr1qmspd5Zrc0u9%2Fr14nbkMGSm64tVxsfsnO9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79456c193af6b51b-OSL
id5-sync.com/g/v2/481.json
162.19.138.117200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 162.19.138.117:0
File type JSON data\012- , ASCII text, with no line terminators
Hash efbf40cb7af19fd75c152c61b06ac8df
bda2bcfd2156a55ba64edd954828084618fcb20f
3c25e5883d3590edd75db56cc391130e46c2a45f24d95794abdc314720dbc979
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 251
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 04 Feb 2023 18:20:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 1.1 kB IP 142.250.74.131:0
Hash 1cab95ccd98e11ab66839b94de97f6da
6038e88a2e9f314ff5bfb5c33a104fd1c4f887c7
7f309cece731f3f3fbcc2aee629dba76c8a4b9830929f6c4bf9b01149097954b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
script.4dex.io/adagio.js
172.67.75.241200 OK 23 kB IP 172.67.75.241:0
File type ASCII text, with very long lines (65354)
Hash 532a99fc0eb7b2c50a6bb0e5238b8dbb
d84157eb7e55c39d52ba5dde6e5bd4666f596e71
e6fa5d38f82f6bebf5dba12f2e84db1383827936fe077374593c6285f94e784c
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 18:20:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: 4tOz+34hpDpk86MvU1P78KPKm7a7VIS+MWt8xLldR2VdIdE8oWlfd7P/leRkBx6ZuEdqqsffCFU=
x-amz-request-id: CAW143MYKR71BRQX
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1067241
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BO5gZYgLoJOcKF7CcR%2F0n3MRFGVonZ%2FRL0Km4BCyDYdr01o6%2BJr0rlXrOvFVl8zYeuEkQPafE8X%2FBOKehtzIssfxbMcXGeT4xY1RzreQSYpnLXLzvw0H4UFMj5I%2BEkN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79456c19cc910b61-OSL
Content-Encoding: br
eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=pbs-setupad&endpoint=eu HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 04 Feb 2023 18:20:47 GMT
Connection: keep-alive
Vary: Accept-Encoding
id5-sync.com/g/v2/481.json
162.19.138.117200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 162.19.138.117:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c9ecf74c10c27f9ec537b54e57b8adc5
2f911047f5a0d881ecae6762777bb44c2d8cb546
b3fc75d8ef58d24bf3eea977bfb8a1e507dee45603da42137e29f68c7c3aa5dd
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 251
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 04 Feb 2023 18:20:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cdn.onnetwork.tv/js/player90/embed.min.js?s=1675339986
87.98.238.175200 OK 34 kB URL HTTP/2 cdn.onnetwork.tv/js/player90/embed.min.js?s=1675339986
IP 87.98.238.175:0
File type Unicode text, UTF-8 text, with very long lines (65492), with no line terminators
Hash 93d56d4b73d4e8e68b66ca8b5a2cbb61
abc174cefc3283a9776e90ee82c5feb7e38eae64
ef72d57cea03cf39935642486a7e68bd7af0f7cc5f38de01fb90f3bb4e35cf7d
GET /js/player90/embed.min.js?s=1675339986 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: application/javascript
last-modified: Thu, 02 Feb 2023 12:13:06 GMT
vary: Accept-Encoding
etag: W/"63dba8d2-11bba"
expires: Wed, 23 Aug 2023 18:20:46 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e825fa17a623e7dfc3a144c1fbefb7fe
50d637cac8808b59196ff18040db1369cad9d51e
dfe2a451b1389c328ed0867dd6cff4fcec3f17c5444d206c902956792aa721a8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFE2A451B1389C328ED0867DD6CFF4FCEC3F17C5444D206C902956792AA721A8"
Last-Modified: Thu, 02 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3197
Expires: Sat, 04 Feb 2023 19:14:04 GMT
Date: Sat, 04 Feb 2023 18:20:47 GMT
Connection: keep-alive
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.2.146200 OK 404 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with very long lines (497), with no line terminators
Hash afbc9bef765cc3c2ea0f16194b9755be
9f6d5c4d07ee047842fabbd33f0714fc88cc9588
748bdfabf01226205896b645c87354355a0e3eadf8f5fe39438a99af46a2c047
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 1198098
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash be9e8cb2aab1308dbbfe84176ba71381
3afbd8ac51e9a06b39de53eae8445c8e940560c7
cf46b12da26af447243709f718e2f84e6ca8f3ca5e4e25495b6da61114bb88dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 987
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Last-Modified: Sat, 04 Feb 2023 18:04:20 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
script.4dex.io/localstore.js
172.67.75.241304 Not Modified 0 B URL HTTP/1.1 script.4dex.io/localstore.js
IP 172.67.75.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 23 Nov 2022 15:43:18 GMT
If-None-Match: W/"922cffdd75f7192f75231d92684885aa"
HTTP/1.1 304 Not Modified
Date: Sat, 04 Feb 2023 18:20:47 GMT
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"922cffdd75f7192f75231d92684885aa"
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 106159
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqVkv20%2BbrpOs5CDWnJE3n2%2FZBDQfC3D9gteNGCcbE0IQhyn84te2IBnhzt5Vpk3AouAvQdxVQFYstbsorirpGG4jJZhLwTc4IDCuxo48CCQKltR0ZwsaFi0oOQtOq1C"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79456c1a7c76b51b-OSL
eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=pbs-setupad&endpoint=eu HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
ETag: "403b9-119-5ec73a0a33d00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 04 Feb 2023 18:20:47 GMT
Connection: keep-alive
Vary: Accept-Encoding
bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=4612927053
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=4612927053
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=32&wv=4.21.0-pre&cb=4612927053 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 322
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:47 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://sharemods.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 726
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: max-age=0, private, must-revalidate
date: Sat, 04 Feb 2023 18:20:46 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 1
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 817
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 4f543946-e5f5-462b-b756-4b35dd26d232
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 817
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 5b4dbebe-7aeb-4615-8b38-c2ed460c0996
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 724
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: max-age=0, private, must-revalidate
date: Sat, 04 Feb 2023 18:20:46 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 816
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 2e9372ac-7c2e-4a98-80e7-89ac0b759532
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash 6fe023ef93cf7f75105917e3cd2c2658
10726e2b6aec6643b45b06e02b6694e385140119
6afcf9299a3b43b99835c3d428383773c79f7f0ff930c5366e856c7441632502
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 562
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 18:20:47 GMT
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=94291184102
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=94291184102
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=32&wv=4.21.0-pre&cb=94291184102 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 321
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://sharemods.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1562
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: max-age=0, private, must-revalidate
date: Sat, 04 Feb 2023 18:20:46 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash 6fe023ef93cf7f75105917e3cd2c2658
10726e2b6aec6643b45b06e02b6694e385140119
6afcf9299a3b43b99835c3d428383773c79f7f0ff930c5366e856c7441632502
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d28ed3e080cbd1ec203a146092a4fbcb
9a6603e8c7baf71763e6580ed393eac576aea446
67055b2b4523563bf69bdfdd432a16bf6b9521ef296694c57bd4e8dce105e429
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 18:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 14:03:24 GMT
Expires: Sat, 11 Feb 2023 14:03:23 GMT
Etag: "9a6603e8c7baf71763e6580ed393eac576aea446"
Cache-Control: max-age=588755,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79456c1a8e8c1c0a-OSL
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 50 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7736c7e5103ab75364b02c667809041c
9079a8f6b2c428bdaf1b5dcd598263b2eccbb6fb
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1880
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 50
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: b88be4ff-1236-4763-827a-fe5b1138ecf8
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 562
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 18:20:47 GMT
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=35593843260
178.250.0.165200 OK 44 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=32&wv=4.21.0-pre&cb=35593843260
IP 178.250.0.165:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5f1dcf53824ce88cdb7941d34db3f19d
4164a13e3f53e1f002606a807d64a92620720fb0
3a803b7520764b5266cfac90aa9f9b2ff931109f489d9a1deb24aa686c239a74
POST /cdb?profileId=207&av=32&wv=4.21.0-pre&cb=35593843260 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 907
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
vary: Origin
server: Finatra
content-type: application/json; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: https://sharemods.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-encoding: gzip
content-length: 44
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1097
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 18:20:47 GMT
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 27ce914bad3a60d980c23e19ae639690
270acbd8d798698216b3c48f0e09e0a2d8576836
d5ebe8ba92a47d866879d7a7ab736b586ff458f57e81552255eb423d2eb6719a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5860
Cache-Control: max-age=147202
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Etag: "63de271d-1d7"
Expires: Mon, 06 Feb 2023 11:14:09 GMT
Last-Modified: Sat, 04 Feb 2023 09:36:29 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
script.4dex.io/adagio.js
172.67.75.241304 Not Modified 0 B IP 172.67.75.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Tue, 22 Nov 2022 09:44:15 GMT
If-None-Match: W/"c56b6332dacf72f135afcd153ae22448"
HTTP/1.1 304 Not Modified
Date: Sat, 04 Feb 2023 18:20:47 GMT
Connection: keep-alive
x-amz-id-2: 4tOz+34hpDpk86MvU1P78KPKm7a7VIS+MWt8xLldR2VdIdE8oWlfd7P/leRkBx6ZuEdqqsffCFU=
x-amz-request-id: CAW143MYKR71BRQX
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Last-Modified: Tue, 22 Nov 2022 09:44:15 GMT
ETag: "c56b6332dacf72f135afcd153ae22448"
Cache-Control: public, max-age=1800
CF-Cache-Status: HIT
Age: 1067241
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e4HXO0mPseo4YUdcq5%2Fl%2Btg6viZW8Q%2BvlB4ZXjbBnlWfhAI7hEK2xG3PTde0sjGchvT%2F7ACFRYaAFX87FLU2Se2gHMAvihgXthDc7eBFnpZXvOsD9rVeMFrBNE%2Bf2p5s"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79456c1b1dc80b61-OSL
ads.betweendigital.com/adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=9738495305235600&tz=0&fl=0&rr=direct&s=2544233&bidid=10ca4c00e709412&transactionid=6e2dae88-1093-4bce-8e45-b57746e29e8b&auctionid=031a1563-87c2-44d5-94c2-e7ca1bd395d1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=9738495305235600&tz=0&fl=0&rr=direct&s=2544233&bidid=10ca4c00e709412&transactionid=6e2dae88-1093-4bce-8e45-b57746e29e8b&auctionid=031a1563-87c2-44d5-94c2-e7ca1bd395d1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=9738495305235600&tz=0&fl=0&rr=direct&s=2544233&bidid=10ca4c00e709412&transactionid=6e2dae88-1093-4bce-8e45-b57746e29e8b&auctionid=031a1563-87c2-44d5-94c2-e7ca1bd395d1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /adjson?sizes=300x250%252C250x250%252C300x300%252C336x280%252C320x320&jst=hb&ord=9738495305235600&tz=0&fl=0&rr=direct&s=2544233&bidid=10ca4c00e709412&transactionid=6e2dae88-1093-4bce-8e45-b57746e29e8b&auctionid=031a1563-87c2-44d5-94c2-e7ca1bd395d1&schain=eyJ2ZXIiOiIxLjAiLCJjb21wbGV0ZSI6MSwibm9kZXMiOlt7ImFzaSI6InNldHVwYWQuY29tIiwic2lkIjoiMTI1IiwiaHAiOjF9XX0&ref=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 04 Feb 2024 18:20:47 GMT; Path=/; Domain=.betweendigital.com
tuuid=f753c5ba-b77b-5223-99e8-d5e0fa36741f; Max-Age=31536000; Expires=Sun, 04 Feb 2024 18:20:47 GMT; Path=/; Domain=.betweendigital.com
ut=Y96h_wADFRAGbn-iNIRHYxLKMt5CUtFsKrwFGw==; Max-Age=31536000; Expires=Sun, 04 Feb 2024 18:20:47 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 27ce914bad3a60d980c23e19ae639690
270acbd8d798698216b3c48f0e09e0a2d8576836
d5ebe8ba92a47d866879d7a7ab736b586ff458f57e81552255eb423d2eb6719a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5860
Cache-Control: max-age=147202
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Etag: "63de271d-1d7"
Expires: Mon, 06 Feb 2023 11:14:09 GMT
Last-Modified: Sat, 04 Feb 2023 09:36:29 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b2225cc2d185fde75131092ad660d637
cd30900570650f2f02b61ec691a71885f72e1974
870dd465ebcd3c268152c2f77ac12fddf0c22e4b388ff0ca1df9cf5e20724546
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4498
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Last-Modified: Sat, 04 Feb 2023 17:05:49 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 479 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- , ASCII text, with very long lines (479), with no line terminators
Hash 38a4dc74948491c20265756ae8c40184
31bcf38e89113dbcc04bd1619a53ac8872f54a00
0b297c4f5d01c8bb382a572ca9c652b53326561a600a5024bc051e37a2d9ea23
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1881
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:47 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 479
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 79111886-9f07-486f-b569-0f2898b7a9fe
Set-Cookie: icu=ChgIordHEAoYASABKAEw_8P6ngY4AUABSAEQ_8P6ngYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 05-May-2023 18:20:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=5048625700547078252; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 05-May-2023 18:20:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 17b154551d0d62dde5d62de38fa46d8a
3468762be6e127f7641c3409e0ca8a567725e2b6
0dd480ace544fcda0d1504940cab79895ef63d8d17132c8d8b3be6edf07d93b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6245
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Last-Modified: Sat, 04 Feb 2023 16:36:42 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 893ef64e0e5a743889a56610c74d08b0
fb99cd6996a35cbc5f55befabbe2f46dd79e7b1a
6ed81aeffee8f39513c61a2957396215dca673c6dab0b0e65cbbd44422cd08b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3784
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Last-Modified: Sat, 04 Feb 2023 17:17:43 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
api.btloader.com/pv?tid=gV4NaUE2&w=5737349457641472&o=5646025299591168&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html&sid=JOtzHXBEb&upapi=true
130.211.23.194204 No Content 0 B URL HTTP/2 api.btloader.com/pv?tid=gV4NaUE2&w=5737349457641472&o=5646025299591168&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html&sid=JOtzHXBEb&upapi=true
IP 130.211.23.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pv?tid=gV4NaUE2&w=5737349457641472&o=5646025299591168&cv=2.1.06-2-g014272c&r=false&vr=1280x939&pageURL=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html&sid=JOtzHXBEb&upapi=true HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
vary: Origin
date: Sat, 04 Feb 2023 18:20:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 893ef64e0e5a743889a56610c74d08b0
fb99cd6996a35cbc5f55befabbe2f46dd79e7b1a
6ed81aeffee8f39513c61a2957396215dca673c6dab0b0e65cbbd44422cd08b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3784
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Last-Modified: Sat, 04 Feb 2023 17:17:43 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1021
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
date: Sat, 04 Feb 2023 18:20:47 GMT
X-Firefox-Spdy: h2
ib.adnxs.com/ut/v3/prebid
37.252.172.123200 OK 12 kB URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 37.252.172.123:0
File type JSON data\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (20573), with no line terminators
Hash e9fc0e0c1dd4e72f150c4fb9acc0d300
04fa9f92ca4c1d8434cfabfbbbada099b354c998
d0a684877bc09639e2406a321ef918ce0983858c409dd602707ab90f072f0083
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 817
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:47 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: a8ea3916-aabe-4e10-a8de-de0ecf2bb392
Set-Cookie: icu=ChgIordHEAoYASABKAEw_8P6ngY4AUABSAEQ_8P6ngYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 05-May-2023 18:20:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=1783679506932507416; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 05-May-2023 18:20:47 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Encoding: gzip
api.btloader.com/country
130.211.23.194200 OK 16 B IP 130.211.23.194:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 452880c1a375b8fba8c9499f0930d05f
ffe5484a23512c2a574d837fe2d3267b134e48c8
8b3383aa4c71f1d816bfaf33e3ef2e8ded067698a7798b9f306204d5777b140d
GET /country HTTP/1.1
Host: api.btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
content-type: application/json
vary: Origin
date: Sat, 04 Feb 2023 18:20:47 GMT
content-length: 16
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1023
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
date: Sat, 04 Feb 2023 18:20:45 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/-vVKdY11C3E
IP 142.250.74.131:0
Hash 6fe023ef93cf7f75105917e3cd2c2658
10726e2b6aec6643b45b06e02b6694e385140119
6afcf9299a3b43b99835c3d428383773c79f7f0ff930c5366e856c7441632502
POST /s/gts1d4/-vVKdY11C3E HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e5d097f4be39983ef7520e28b6fef2d7
b35064a1416228daedd4ba291daeda8bf8b27b89
86c3c6eede403c9dc4a3e76adca976666e4791a676340e1871d93393f9f007bf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 18:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 12:31:17 GMT
Expires: Fri, 10 Feb 2023 12:31:16 GMT
Etag: "b35064a1416228daedd4ba291daeda8bf8b27b89"
Cache-Control: max-age=496828,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79456c1b6f3e1c0a-OSL
hbopenbid.pubmatic.com/translator?source=prebid-client
185.64.189.112204 No Content 0 B URL HTTP/2 hbopenbid.pubmatic.com/translator?source=prebid-client
IP 185.64.189.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /translator?source=prebid-client HTTP/1.1
Host: hbopenbid.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2013
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: no-cache, no-store, must-revalidate
date: Sat, 04 Feb 2023 18:20:47 GMT
X-Firefox-Spdy: h2
prg.smartadserver.com/prebid/v1
185.86.139.85200 OK 4.5 kB URL HTTP/1.1 prg.smartadserver.com/prebid/v1
IP 185.86.139.85:0
ASN #201081 SmartAdServer SAS
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (12335), with no line terminators
Hash 31d1c0ce74d5fa49e461c2e853ddcf81
9b334b780824d32c402dc6679c133748c11b6e2a
8dba94f5e72e6ecced58a333fd35f540de75f2b2c0e80a703d1374f02e56918b
POST /prebid/v1 HTTP/1.1
Host: prg.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 546
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
date: Sat, 04 Feb 2023 18:20:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
set-cookie: pbw=%24b%3d12999%3b%24o%3d11100; expires=Sun, 04 Feb 2024 18:20:47 GMT; domain=.smartadserver.com; path=/
vs=327264=5308940; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 04 Feb 2024 18:20:47 GMT; domain=.smartadserver.com; path=/
pid=2120302282164177967; expires=Sun, 04 Feb 2024 18:20:47 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638111316472842723&o=1; expires=Sun, 05 Feb 2023 18:20:47 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sun, 05 Feb 2023 18:20:47 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash e5d097f4be39983ef7520e28b6fef2d7
b35064a1416228daedd4ba291daeda8bf8b27b89
86c3c6eede403c9dc4a3e76adca976666e4791a676340e1871d93393f9f007bf
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 18:20:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 03 Feb 2023 12:31:17 GMT
Expires: Fri, 10 Feb 2023 12:31:16 GMT
Etag: "b35064a1416228daedd4ba291daeda8bf8b27b89"
Cache-Control: max-age=496828,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79456c1add92b511-OSL
bid.contextweb.com/header/ortb?src=prebid
198.148.27.133204 No Content 0 B URL HTTP/2 bid.contextweb.com/header/ortb?src=prebid
IP 198.148.27.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /header/ortb?src=prebid HTTP/1.1
Host: bid.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 695
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-no-bid-reason: Passback by decision
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-expose-headers: Access-Control-Allow-Origin
x-envoy-upstream-service-time: 1
date: Sat, 04 Feb 2023 18:20:47 GMT
server: envoy
X-Firefox-Spdy: h2
rtb.adxpremium.services/openrtb2/auction
185.106.140.18400 Bad Request 138 B URL HTTP/1.1 rtb.adxpremium.services/openrtb2/auction
IP 185.106.140.18:0
Hash 5f78c751d01f494ae8e01aadcc631379
b2dda869fe1ef0bf1ffde8b9e0baffb9bb7d6f05
4435a89c97521b357804146d7d466c6dce236fb8438804918cf2a7758f912f94
POST /openrtb2/auction HTTP/1.1
Host: rtb.adxpremium.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1409
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx
Date: Sat, 04 Feb 2023 18:20:47 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 138
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Vary: Origin
X-Prebid: pbs-go/unknown
bid.contextweb.com/header/ortb?src=prebid
198.148.27.133204 No Content 0 B URL HTTP/2 bid.contextweb.com/header/ortb?src=prebid
IP 198.148.27.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /header/ortb?src=prebid HTTP/1.1
Host: bid.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 700
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
x-no-bid-reason: Passback by decision
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-expose-headers: Access-Control-Allow-Origin
x-envoy-upstream-service-time: 0
date: Sat, 04 Feb 2023 18:20:47 GMT
server: envoy
X-Firefox-Spdy: h2
rtb.adxpremium.services/openrtb2/auction
185.106.140.18400 Bad Request 69 B URL HTTP/1.1 rtb.adxpremium.services/openrtb2/auction
IP 185.106.140.18:0
Hash 44cb4c4df8fff2ff6db15392639f1260
3d5e4e46c840169413eaa9052ec516a8f4120f1c
432d55e02a9db801a90caab4a06dd441d8d02fb2428e453c20f0331cfc8d136f
POST /openrtb2/auction HTTP/1.1
Host: rtb.adxpremium.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 787
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 400 Bad Request
Server: nginx
Date: Sat, 04 Feb 2023 18:20:47 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 69
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://sharemods.com
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Pragma: no-cache
Vary: Origin
X-Prebid: pbs-go/unknown
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=25asPF9memdiJTJGa3MlMkZ3YzZUbXVkVnlMTm5CVEpESXBJdU9HbENqTGZGajJmdmJzRkVhTm5VMHpTUWZBUmhWeE84WlF2V1MzVUJqRnFhbFpKTGo0U0VEYk1MVm5XcjRDWCUyRkhZV21aVkZuenBqYUNUUXZHdEdEJTJCWnAzTEdEd0JCdmFLNjJa&cw=1&lsw=1
178.250.2.146200 OK 22 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=25asPF9memdiJTJGa3MlMkZ3YzZUbXVkVnlMTm5CVEpESXBJdU9HbENqTGZGajJmdmJzRkVhTm5VMHpTUWZBUmhWeE84WlF2V1MzVUJqRnFhbFpKTGo0U0VEYk1MVm5XcjRDWCUyRkhZV21aVkZuenBqYUNUUXZHdEdEJTJCWnAzTEdEd0JCdmFLNjJa&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 91d4898f938e4920ac88f87453b33933
1bd4a04303c2501101656075ad8304e1a84eb91e
93ecc6762eafd376cbe2fd18250fa9f12c90f9a86b481430ef29ec40716d8f35
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=25asPF9memdiJTJGa3MlMkZ3YzZUbXVkVnlMTm5CVEpESXBJdU9HbENqTGZGajJmdmJzRkVhTm5VMHpTUWZBUmhWeE84WlF2V1MzVUJqRnFhbFpKTGo0U0VEYk1MVm5XcjRDWCUyRkhZV21aVkZuenBqYUNUUXZHdEdEJTJCWnAzTEdEd0JCdmFLNjJa&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 497335
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
c.amazon-adsystem.com/aax2/apstag.js
54.230.111.210200 OK 47 kB URL HTTP/2 c.amazon-adsystem.com/aax2/apstag.js
IP 54.230.111.210:0
Hash e9a37f63af385a80c4346041cd3915e8
39cb7a0442f7abb2f8bb2790f6d4748462d9fa11
b940ca07027cf93b03bdfbe50700ed681b5bd326979ce43bcbde6e63121fac9c
GET /aax2/apstag.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sat, 04 Feb 2023 17:44:02 GMT
last-modified: Wed, 01 Feb 2023 21:25:54 GMT
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
server: AmazonS3
content-encoding: gzip
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront), 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
etag: W/"ca579f2de02c4700bc4fa6f925ed06a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA60-P1, OSL50-P1
x-amz-cf-id: yfqMWLgOcHxWAzRd39LSsqWNoHAP0RwE-gPtAwiuGSOyuuJJ8V5tXg==
age: 2206
X-Firefox-Spdy: h2
c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsharemods.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
54.230.111.210200 OK 1.6 kB URL HTTP/2 c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fsharemods.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
IP 54.230.111.210:0
File type JSON data\012- , ASCII text, with very long lines (1630), with no line terminators
Hash 8f5341e2df96f62a3ae7cfe631f9c6d3
85438fabfc4ddcc5108f0d83933afa40cc2b3dd4
8549109719d603c3bbc8b96843a89d5fade5ae68200899834cccc93520a5328d
GET /cdn/prod/config?src=600&u=https%3A%2F%2Fsharemods.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=UTF-8
content-length: 1630
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
cache-control: max-age=21550, s-maxage=21600
date: Sat, 04 Feb 2023 13:27:17 GMT
server: Server
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uoJ0Jvr9RG0p5g6GvNIjUDYNIEJYac9yOflImDZUF2n7qKEozOPNaw==
age: 17610
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=sharemods.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=sharemods.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharemods.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 18:20:47 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=sharemods.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=sharemods.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=sharemods.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 04 Feb 2023 18:20:47 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 40ee59ec17ff4b68e7961563edde0ec9
23a4a97e9a0b208688618f8a6695ff727c946468
7288450eca8b95a5f2bff34e82dd9efccb4fe59d8c1dd8bc9135ca3d3691074d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5409
Cache-Control: max-age=157583
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Etag: "63de516d-118"
Expires: Mon, 06 Feb 2023 14:07:10 GMT
Last-Modified: Sat, 04 Feb 2023 12:37:01 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash de88149c85daf1f2f8f183d16f581394
4b88639d92a9defef7e575ff50f00348d7a4fc91
5bcde8fa6ee36e3a745249b5a5d1c583b0b17e1bd37a3d5b83ce9255b818680d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
23.46.116.133200 OK 17 kB URL HTTP/2 secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
IP 23.46.116.133:0
File type Unicode text, UTF-8 text, with very long lines (36525), with NEL line terminators
Hash 65875d9adc4599663a61e744c57d3e08
da7689e79bd92cd1c676badf0fb897f045d48653
830050c7e3b735c29efa65defb4de8dc42969a8cbb12e520479f9d067a90f4bf
GET /js/pubcid/latest/pubcid.min.js HTTP/1.1
Host: secure.cdn.fastclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
last-modified: Thu, 13 Oct 2022 18:14:48 GMT
etag: "d4ed-5eaee7c12df48-gzip"
accept-ranges: bytes
content-encoding: gzip
content-length: 17131
content-type: application/javascript
cache-control: max-age=900
expires: Sat, 04 Feb 2023 18:35:47 GMT
date: Sat, 04 Feb 2023 18:20:47 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env
216.58.207.226200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env
IP 216.58.207.226:0
File type JSON data\012- , ASCII text, with very long lines (15014), with no line terminators
Hash e22ca091f3f389b1d2ad4e3eeef760dd
8b91a58217f51c946e6d33b8430e04ea48cb44bf
59702062b52b460a184c7e0efecc9a1cadff76116df1693cfe40ecf4651c2d64
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 04 Feb 2023 18:20:47 GMT
server: cafe
content-length: 11333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html&pid=gl4zFpza2F76Z&cb=0&ws=336x150&v=23.127.1625&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1675534883297-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22300x300%22%2C%22336x280%22%2C%22320x320%22%5D%2C%22sn%22%3A%22%2F147246189%2C21696195204%2Fsharemods.com_336x280_1%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
54.230.241.131200 OK 193 B URL HTTP/2 aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html&pid=gl4zFpza2F76Z&cb=0&ws=336x150&v=23.127.1625&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1675534883297-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22300x300%22%2C%22336x280%22%2C%22320x320%22%5D%2C%22sn%22%3A%22%2F147246189%2C21696195204%2Fsharemods.com_336x280_1%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
IP 54.230.241.131:0
File type ASCII text, with no line terminators
Hash b248a666cc8937132a2fe02d5b38050d
055a4e059e1513c175eb66fa46edfadef523cc9e
ad812d846e127baf14db46ce2d3cf0b0bd64c3ecdeb17e0ca4c956d40582492d
GET /e/dtb/bid?src=600&u=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html&pid=gl4zFpza2F76Z&cb=0&ws=336x150&v=23.127.1625&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1675534883297-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22250x250%22%2C%22300x300%22%2C%22336x280%22%2C%22320x320%22%5D%2C%22sn%22%3A%22%2F147246189%2C21696195204%2Fsharemods.com_336x280_1%22%7D%5D&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D HTTP/1.1
Host: aax-dtb-cf.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 193
server: Server
date: Sat, 04 Feb 2023 18:20:47 GMT
x-amz-rid: 3C85N178KTX9JH5G7H6B
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
timing-allow-origin: *
strict-transport-security: max-age=47474747; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: If2TSo5Wtfd41OWREXJKnfBQKheuAglnaWdZZyt_o-zmEj7KrA8H5A==
X-Firefox-Spdy: h2
e4e84ccc56d32a37f3b79cbed4ce3730.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 2.7 kB URL HTTP/2 e4e84ccc56d32a37f3b79cbed4ce3730.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: e4e84ccc56d32a37f3b79cbed4ce3730.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sat, 04 Feb 2023 18:20:47 GMT
expires: Sun, 04 Feb 2024 18:20:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 9a38ff437259f4d2c8f0ae0a0af071c1
5e600b744c2b35b5a7d3e3429bf40c7fc45d9296
be67a0d3644f83408f95228b8b5c95133e957051e04b6904fa8a86de6063c39e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3447
Cache-Control: max-age=90117
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Etag: "63dd518d-13a"
Expires: Sun, 05 Feb 2023 19:22:44 GMT
Last-Modified: Fri, 03 Feb 2023 18:25:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 707bbc8a805b920528f43d3b19e9e41f
d33afb3c6b479050987b8ffa9ca64f574656af87
2e840eb2feba7a5a9c565c16c78c0c4ecbaa6273b9c77d97548b4d5c58ae2011
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
142.250.74.97200 OK 2.7 kB URL HTTP/2 345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html?n=2 HTTP/1.1
Host: 345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Sat, 04 Feb 2023 18:20:47 GMT
expires: Sun, 04 Feb 2024 18:20:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 04 Feb 2023 18:20:47 GMT
expires: Sat, 04 Feb 2023 18:20:47 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89cb314fd96ee7eecd69c34d471055fe
0773c53bc7741323d666d69b39a73ec53167ed17
0e0811aec04223315893249a43c4a8b5140c5031651263a427c9885215e4719e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E0811AEC04223315893249A43C4A8B5140C5031651263A427C9885215E4719E"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15798
Expires: Sat, 04 Feb 2023 22:44:05 GMT
Date: Sat, 04 Feb 2023 18:20:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 89cb314fd96ee7eecd69c34d471055fe
0773c53bc7741323d666d69b39a73ec53167ed17
0e0811aec04223315893249a43c4a8b5140c5031651263a427c9885215e4719e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E0811AEC04223315893249A43C4A8B5140C5031651263A427C9885215E4719E"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15798
Expires: Sat, 04 Feb 2023 22:44:05 GMT
Date: Sat, 04 Feb 2023 18:20:47 GMT
Connection: keep-alive
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env
216.58.207.226200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env
IP 216.58.207.226:0
File type JSON data\012- , ASCII text, with very long lines (14809), with no line terminators
Hash 8b957d8e62b7a9b893ebc2e6c85981a1
bbfc04efb6a6f2a4b23c0502535fdd42dc9c340d
a133fc6ba0d5d186890111d1c5fb23a53eada082d1af70038eb41587b49f92ba
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 04 Feb 2023 18:20:47 GMT
server: cafe
content-length: 11179
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 0c386f0c530b0b0d87675feb2da6dcff
0588eea7609a381f8f4560fb7fc5492165359d66
6f23dec0f8338c11ceb66d3b2d9aa64ff542f0fc7d4ccb6c3b1a84ee4a9953bb
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99902
Date: Sat, 04 Feb 2023 18:20:47 GMT
Etag: "63dd6c31-1d7"
Expires: Sun, 05 Feb 2023 22:05:49 GMT
Last-Modified: Fri, 03 Feb 2023 20:18:57 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3Gxlc5KOOVUrEqkRX23XaFItcwZ19r5FWlgZxqGyZz8ndG0PctNAKw==
Age: 6412
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
216.58.207.193200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 216.58.207.193:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 08:42:42 GMT
expires: Fri, 02 Feb 2024 08:42:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 207485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 0c386f0c530b0b0d87675feb2da6dcff
0588eea7609a381f8f4560fb7fc5492165359d66
6f23dec0f8338c11ceb66d3b2d9aa64ff542f0fc7d4ccb6c3b1a84ee4a9953bb
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=99653
Date: Sat, 04 Feb 2023 18:20:47 GMT
Etag: "63dd6c31-1d7"
Expires: Sun, 05 Feb 2023 22:01:40 GMT
Last-Modified: Fri, 03 Feb 2023 20:18:57 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sRGqHm0gQankhjVXdDpl95qw_SL9XizbMsMBg_zT5d2R9rRh5B3n3w==
Age: 6163
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env
216.58.207.226200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env
IP 216.58.207.226:0
File type JSON data\012- , ASCII text, with very long lines (14937), with no line terminators
Hash bf32829f8d928d01eed4c5c0d273f039
a13d903fe14624ceabf8fbdf6ef38088874ba4ed
e882f62ba04580c7c3c170e0485ffb06333e1bbecd1f56bb3569000e81044912
GET /getconfig/sodar?sv=200&tid=gpt&tv=2023013101&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Sat, 04 Feb 2023 18:20:47 GMT
server: cafe
content-length: 11276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lbs.eu-1-id5-sync.com/lbs/v1
162.19.138.119200 OK 34 B URL HTTP/1.1 lbs.eu-1-id5-sync.com/lbs/v1
IP 162.19.138.119:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 12a6ba8e952d1dbbb8b4e4471036de54
7342a44088b9e3dc6d689f956cd6d622ed9c1b55
97b630a56a53fc8a3bf5aa58d514acda18a40da54ef93092dfe4e6904c3717ee
GET /lbs/v1 HTTP/1.1
Host: lbs.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Sat, 4 Feb 2023 18:20:47 GMT
access-control-allow-origin: https://sharemods.com
vary: Origin
content-type: application/json
content-length: 34
strict-transport-security: max-age=63072000; includeSubDomains; preload
lb.eu-1-id5-sync.com/lb/v1
162.19.138.118200 33 B URL HTTP/1.1 lb.eu-1-id5-sync.com/lb/v1
IP 162.19.138.118:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4e9a67d567d0eb4fa68649d60b7e0bc7
645b246ac0e0a8da4f7b9a4873f0705b4a031ee5
aebc0811f7f00e8c61e0e6c1e2c9a1b4366fff8ed524a9986639f4ffb97c303a
GET /lb/v1 HTTP/1.1
Host: lb.eu-1-id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 04 Feb 2023 18:20:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
bcp.crwdcntrl.net/6/map
52.211.54.102200 OK 60 B IP 52.211.54.102:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7ac3f958ce58df5b5fd1ae578f854a6b
292c26dbacbb69aac46235dc29badb5627552c84
98efd16b715e01335e1f64e601f98dacb1c9055673bc44adfa398bdc7455e102
POST /6/map HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 50
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:47 GMT
content-type: application/json;charset=utf-8
content-length: 60
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.28.127
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 514 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 3a37009ce30fb58b023759b112136a14
53523542e1f5f7c730d3d07747050e1102729fa3
aa982fbeb26277ffd62234bee7faa7ce95cc8a84c4fb6d63497549f3d55a2069
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 04 Feb 2023 18:20:48 GMT
date: Sat, 04 Feb 2023 18:20:48 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-R9GHZOEP5BglLiEg1RB4pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
id5-sync.com/g/v2/481.json
162.19.138.117200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 162.19.138.117:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 37886620752c20e1897f05724b07f88d
db443e2025591d90521237385751d066026bdc8b
571628d94761fff08f437938ad447a7cd53628c34ac10aef818243043652cf14
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 432
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 04 Feb 2023 18:20:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
3.90.170.155200 OK 0 B URL HTTP/2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
IP 3.90.170.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/recordVendorsLoaded HTTP/1.1
Host: prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:47 GMT
content-length: 0
set-cookie: AWSALB=W1lZOTBHR/Kz4VtqyWvhrBMQYcceiTjB7LcWo1HDSZ/P/vq0CLvCsnCjJUVA3YSa3TL7H//QsP6SG+WImT/xf5j/x4ayoN6n8ao9SJM+IqpVMay96YPp+t8cqYc4; Expires=Sat, 11 Feb 2023 18:20:47 GMT; Path=/
AWSALBCORS=W1lZOTBHR/Kz4VtqyWvhrBMQYcceiTjB7LcWo1HDSZ/P/vq0CLvCsnCjJUVA3YSa3TL7H//QsP6SG+WImT/xf5j/x4ayoN6n8ao9SJM+IqpVMay96YPp+t8cqYc4; Expires=Sat, 11 Feb 2023 18:20:47 GMT; Path=/; SameSite=None; Secure
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675534884657&d=9784&wsc=00&typ=embed&mobile=0&c=44
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675534884657&d=9784&wsc=00&typ=embed&mobile=0&c=44
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1675534884657&d=9784&wsc=00&typ=embed&mobile=0&c=44 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Saturday, 04-Feb-2023 18:20:48 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain
67.220.226.238302 Found 0 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain
IP 67.220.226.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Sat, 04 Feb 2023 18:20:48 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: MTDFHPQ7D9QM5MM53GPW
Set-Cookie: ad-id=A1Daev70A022hmSCCL3oq9c|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 18:20:48 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 2808f4f05bede6c821a7795c169ea1c9
8d74b6ea76446cdeeb5d8af31dea1becc291ffe5
2c653a61bfd6856df4a022a844e2501705450b746908e701d6ef418bd1e4e168
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 04 Feb 2023 18:20:48 GMT
date: Sat, 04 Feb 2023 18:20:48 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-zUsVfHt86KLbgL4nKnSGPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 993e979fb84558c4f44efa096de4ca6b
719cc0b3c893afda95b90c6f842ead7be1dc6db1
6d1aeeedb3fed4876cc30b155b6e9495b30fd61dcaa0aa09e6a82c8aee929736
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 04 Feb 2023 18:20:48 GMT
date: Sat, 04 Feb 2023 18:20:48 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-wjgDkOePbb_xltSYG5-evg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/hls.min.js
151.101.65.229200 OK 93 kB URL HTTP/2 cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/hls.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4cc4caf7724584aecce10a3465661f1c
199035cd38640b65c11e61429fade2c5c4f2e213
7b6e0377389650e55abb7aec33aa43be7fbc522c2abb1f9a2e3413bcae7019d5
GET /npm/hls.js@1.1.3/dist/hls.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.1.3
x-jsd-version-type: version
etag: W/"4eaf2-/CwIB8b0ZgFLVgmQTHnomAXuiz4"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 04 Feb 2023 18:20:48 GMT
age: 8868663
x-served-by: cache-fra-eddf8230138-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 92753
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player86/player.js?s=1675521280
87.98.238.175200 OK 77 kB URL HTTP/2 cdn.onnetwork.tv/js/player86/player.js?s=1675521280
IP 87.98.238.175:0
Hash 55f1d193ec474eb604925ad427c5c51e
cef44983e4d3c35834eff35b1ad2bd0650222cb2
653a1b9682bb7430636783199f5c5781e67d29a3c724321515054bc1a83ed8b3
GET /js/player86/player.js?s=1675521280 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: application/javascript
last-modified: Sat, 04 Feb 2023 14:34:40 GMT
vary: Accept-Encoding
etag: W/"63de6d00-4463b"
expires: Wed, 23 Aug 2023 18:20:48 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain&dcc=t
67.220.226.238200 OK 64 B URL HTTP/1.1 aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain&dcc=t
IP 67.220.226.238:0
File type HTML document, ASCII text
Hash be99f9f8ced5e5eb1f9721d861712f89
4291ee98f7ce20471796ec89961abb1acb2af1d8
f17fe415b91a13ea86b93344389e18c996384323ca3c2f4267b18c96b8314a12
GET /s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_gg_n-index_n-sharethrough_n-LoopMe_n-onetag_pm-db5_ym_n-emx_sovrn_3lift_n-Outbrain&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Sat, 04 Feb 2023 18:20:48 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 64
Connection: keep-alive
x-amz-rid: QTBEQD6FNC2ZPRCF4VW8
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
3.90.170.155200 OK 0 B URL HTTP/2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
IP 3.90.170.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/recordVendorsLoaded HTTP/1.1
Host: prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 456
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:48 GMT
content-length: 0
set-cookie: AWSALB=bPmEWpP1DIrCyOt/FXoK7Pr7ZEB73MWv9NdGU2rMaRdfioBlnEfuSM46ZCyRcEzqh0LqKGSsOG+WcRJRmrRE1gGyvAqdr8ARryfpToGXjJHDioEFzhoFJYLcMSuO; Expires=Sat, 11 Feb 2023 18:20:48 GMT; Path=/
AWSALBCORS=bPmEWpP1DIrCyOt/FXoK7Pr7ZEB73MWv9NdGU2rMaRdfioBlnEfuSM46ZCyRcEzqh0LqKGSsOG+WcRJRmrRE1gGyvAqdr8ARryfpToGXjJHDioEFzhoFJYLcMSuO; Expires=Sat, 11 Feb 2023 18:20:48 GMT; Path=/; SameSite=None; Secure
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11064
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 18:20:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11064
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 18:20:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11064
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 18:20:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11064
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 18:20:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 73964
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11064
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 18:20:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 72627
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 72615
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://cdn.onnetwork.tv/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 57116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 18:34:27 GMT
expires: Sat, 03 Feb 2024 18:34:27 GMT
cache-control: public, max-age=31536000
age: 85581
last-modified: Tue, 21 Sep 2021 23:13:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2521dc6dc015025c26c7a1b08b3060a1
f5c7abc50c9229a4b198a5c0d5f6dfa8ac528b9f
6671bc387c8011ec55a9d023502189b997adeb18fc2f199747dec7d688f85bd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6322
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Last-Modified: Sat, 04 Feb 2023 16:35:27 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 6a1fd567-b34d-4787-aa05-5b7db3fc51c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fflRBHU4IAMFnsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d61c06-2d1ec3206d2ebeb4780a84b4;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 07:11:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUloQ6xaRWpnvMRh7kFvFIWhFotmILLZHfD_YK01RmrQ2vmYKVh46w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 03:08:59 GMT
age: 54709
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 72438
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 0 B IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:48 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=HhBaDV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g5R20wcW9MWFhEQzNPUmElMkZ4ekxwTExqRlgwT2ZvSDRhVkJPeDhHTDVzYQ; expires=Thu, 29 Feb 2024 18:20:48 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 261307
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 1.2 kB IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash 274c05c5963560fdcf716237a2dea10c
6ad03935fa8ece9c1d0c9edfad613c082d66189f
1af0e32244d764032a47d8a9091481e2dd1d83005fa5502c0f75d719c331c049
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 810
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Last-Modified: Sat, 04 Feb 2023 18:07:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 312
ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
IP 142.250.74.131:0
Hash 54560d4504ea0e89bbdf8e2c6ead8ebb
1e22ba7e6466107c3020ed9cbea820a607abcb49
a9ac6d88fb573f4105ba05a706a48ea389f428bc0c624dad9d4bba8e9aa9daa9
POST /s/gts1d4/0-8iGxjpB1Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 6521d1238a4ed164bc6fe76707f28b96
cb61b728667d4cbaa6b8c237cc3149dd1b1e5347
879378a93eb2c9cb965791e7fd17de8568210fec4c8269f9c19aa28d28c2eec5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 810
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Last-Modified: Sat, 04 Feb 2023 18:07:18 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 312
oa.openxcdn.net/esp.js
34.102.146.192200 OK 7.9 kB IP 34.102.146.192:0
File type ASCII text, with very long lines (24615), with no line terminators
Hash df5542b88bc0e368c6999754a5b9e2ba
54f17142faeb7c882fee3bf67d537733e75e43ae
b82da9703a35c5436f9e47711f5b95d5357f02d590cb39dba99355b9b073561f
GET /esp.js HTTP/1.1
Host: oa.openxcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvwMGFffHYQy8sTedcRnmfr30vomrx37NAP7bZvkKaQgR0ioehNSqlXKXkSFNMXK3psRf9hnClXiAB1o-nr_AZlPA
x-goog-generation: 1622140251693895
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 7927
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 7927
server: UploadServer
date: Wed, 18 Jan 2023 06:43:33 GMT
expires: Thu, 18 Jan 2024 06:43:33 GMT
cache-control: no-transform
last-modified: Thu, 27 May 2021 18:30:51 GMT
etag: "df5542b88bc0e368c6999754a5b9e2ba"
content-type: application/javascript
age: 1510635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 729cca7d7cbb6298a425ab284e07da2d
1ecf68f1210a63b000c491f443613bd0b23244db
9238059021fea591eaaaf5e5d05d2e48968e220d8cd505bbe2f66affb8bb755b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d5c1c16910d3863e0e96917075b0b675
9b971a2c0ff758ddd319b5c1373ab9a9e1144ed0
794ceb68060fe4281f128225b917a38b92c611b81156f7bd18bacecf1807e53a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 729cca7d7cbb6298a425ab284e07da2d
1ecf68f1210a63b000c491f443613bd0b23244db
9238059021fea591eaaaf5e5d05d2e48968e220d8cd505bbe2f66affb8bb755b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 729cca7d7cbb6298a425ab284e07da2d
1ecf68f1210a63b000c491f443613bd0b23244db
9238059021fea591eaaaf5e5d05d2e48968e220d8cd505bbe2f66affb8bb755b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs
216.58.207.193200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-fit-text-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (5021)
Hash 15dbec6a43680f6683938949e1b50562
fd479e89a3460ca0e48b5001aad0a2836df31dab
d08eefabc738f11545330db83c2d3e9a855add08db6b9d9217a15dd783c4f5c8
GET /rtv/012301181928000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1914
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 18:22:17 GMT
expires: Fri, 02 Feb 2024 18:22:17 GMT
cache-control: public, max-age=31536000
etag: "f13d3e1d36b26a3d"
content-type: text/javascript; charset=UTF-8
age: 172711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs
216.58.207.193200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-analytics-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (65534)
Hash 71f3ba24b0a01ade500d97ad0b8f3617
508b7affbf3e3c2b8bf4f46ebcb69ea29855bf9a
34c90f195073264a8f3e51bb9582b73665f65d7b053a031400c48bf627ca9d69
GET /rtv/012301181928000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28817
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "6eb387830c268337"
content-type: text/javascript; charset=UTF-8
age: 432971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs
216.58.207.193200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-ad-exit-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (14751)
Hash 73e00d54af81c3fab604b50e24c8e9c3
69acac1ec53fcbcf886bb240adabd050520197f9
3347e49ea6e174315c1bee3660a9988e4c7fe184a7a1176cf2aceb307c73125a
GET /rtv/012301181928000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5218
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "47662644ea8653a3"
content-type: text/javascript; charset=UTF-8
age: 432971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.prod.uidapi.com/uid2SecureSignal.js
54.230.82.163200 OK 1.9 kB URL HTTP/1.1 cdn.prod.uidapi.com/uid2SecureSignal.js
IP 54.230.82.163:0
File type ASCII text, with very long lines (1859), with no line terminators
Hash aded621b17723f487b3c9d0e43cf2f94
90fbec381aa4a6ae2a2bb37eb082291432a1ab18
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
GET /uid2SecureSignal.js HTTP/1.1
Host: cdn.prod.uidapi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1859
Connection: keep-alive
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 04 Feb 2023 04:08:02 GMT
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Y8lf1TJKyzl2pBo1zHobAiJxPMr3UMOOE9CYR3E3tST95PQojoA1iw==
Age: 51166
cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
216.58.207.193200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/amp4ads-v0.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash c84202220125aee9bd368d2036235130
a18a7c9251c3bc1a5a96de74db84ed5af86ba618
f2f5cf1534589a8934ca4ac301eb38863fc89c48648da9a8807656a2d4a22b94
GET /rtv/012301181928000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61734
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 13:07:14 GMT
expires: Fri, 02 Feb 2024 13:07:14 GMT
cache-control: public, max-age=31536000
etag: "5b4f5406239652c8"
content-type: text/javascript; charset=UTF-8
age: 191614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.35200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 14:34:21 GMT
expires: Fri, 02 Feb 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 186387
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
track.adform.net/adfscript/?bn=60502038;rtbwp=9rIEEL9EDDZMXEFHIAZ_qKzboUFQG3yp0;rtbdata=nky8M2fOFF62zTK9aZmNJ2CmEevIx-vnIbYapEoJ8X4-LDipRitbx-dFXIB0HFyJhzrAmBmq55HU19Hw-ZldcILMA41YU6_q-D8_fI3jpYwT9z0gjpHAu3ieD17mChVPEMLuFGAl2qKtihkqeiTbue_EmhwR82e9WxWA1aOB9AGhsX3ly_xURwM1QQCT-4RPkzRyPyZsCbpD9nTqBfytlsmaoV4043dBfzyMrTKe-cFQSL_z94W4gOrygthGeCsSY1FyWyuHdO-nqGuhAbga6kBXbYzkItHoVltKaB49If_aXm6x4rgdM00GR27cQ4eNp76VHMk2BGDcYhilDUfmzY3A9bEEFwUc0;csid=60961;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZMMHzzV-1ch42u1ywTJ-2gsETfgDNEkITkcJYrV6QN-lS8sOh5Sb528fI60XlM8NKJfoPzGDfuT6DRNWUYu4HK5xbcwO0BDo7srFmVh91QhU6zlCViPtvUT5f7DS2Jx1YbMM0PiYjLrPD_gYXdTPLHIfEVvI5cO--ZfMYcz5ZglR12xefkkBpyZCLeCtJxhtrYoZKnok27k4pTS-iA95MtSJeei2s8Hc0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEFDqmNjQvhfLZY0BpiIQQNagEIyMsJC8E_h0RW5Gk4h7Gs7lQeoY1e96vWmW1dlSa0;
37.157.6.252200 OK 1.3 kB URL HTTP/2 track.adform.net/adfscript/?bn=60502038;rtbwp=9rIEEL9EDDZMXEFHIAZ_qKzboUFQG3yp0;rtbdata=nky8M2fOFF62zTK9aZmNJ2CmEevIx-vnIbYapEoJ8X4-LDipRitbx-dFXIB0HFyJhzrAmBmq55HU19Hw-ZldcILMA41YU6_q-D8_fI3jpYwT9z0gjpHAu3ieD17mChVPEMLuFGAl2qKtihkqeiTbue_EmhwR82e9WxWA1aOB9AGhsX3ly_xURwM1QQCT-4RPkzRyPyZsCbpD9nTqBfytlsmaoV4043dBfzyMrTKe-cFQSL_z94W4gOrygthGeCsSY1FyWyuHdO-nqGuhAbga6kBXbYzkItHoVltKaB49If_aXm6x4rgdM00GR27cQ4eNp76VHMk2BGDcYhilDUfmzY3A9bEEFwUc0;csid=60961;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZMMHzzV-1ch42u1ywTJ-2gsETfgDNEkITkcJYrV6QN-lS8sOh5Sb528fI60XlM8NKJfoPzGDfuT6DRNWUYu4HK5xbcwO0BDo7srFmVh91QhU6zlCViPtvUT5f7DS2Jx1YbMM0PiYjLrPD_gYXdTPLHIfEVvI5cO--ZfMYcz5ZglR12xefkkBpyZCLeCtJxhtrYoZKnok27k4pTS-iA95MtSJeei2s8Hc0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEFDqmNjQvhfLZY0BpiIQQNagEIyMsJC8E_h0RW5Gk4h7Gs7lQeoY1e96vWmW1dlSa0;
IP 37.157.6.252:0
File type ASCII text, with very long lines (942), with CRLF line terminators
Hash d9b3cd714b8a72e29f41bfc5a5d0b713
aa30dd19d8f862ca21c474ad1a9f63531db7748d
2d4e0df0a449d6daada9d884e974beed00f792c2d86af368e8449dae95814257
GET /adfscript/?bn=60502038;rtbwp=9rIEEL9EDDZMXEFHIAZ_qKzboUFQG3yp0;rtbdata=nky8M2fOFF62zTK9aZmNJ2CmEevIx-vnIbYapEoJ8X4-LDipRitbx-dFXIB0HFyJhzrAmBmq55HU19Hw-ZldcILMA41YU6_q-D8_fI3jpYwT9z0gjpHAu3ieD17mChVPEMLuFGAl2qKtihkqeiTbue_EmhwR82e9WxWA1aOB9AGhsX3ly_xURwM1QQCT-4RPkzRyPyZsCbpD9nTqBfytlsmaoV4043dBfzyMrTKe-cFQSL_z94W4gOrygthGeCsSY1FyWyuHdO-nqGuhAbga6kBXbYzkItHoVltKaB49If_aXm6x4rgdM00GR27cQ4eNp76VHMk2BGDcYhilDUfmzY3A9bEEFwUc0;csid=60961;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZMMHzzV-1ch42u1ywTJ-2gsETfgDNEkITkcJYrV6QN-lS8sOh5Sb528fI60XlM8NKJfoPzGDfuT6DRNWUYu4HK5xbcwO0BDo7srFmVh91QhU6zlCViPtvUT5f7DS2Jx1YbMM0PiYjLrPD_gYXdTPLHIfEVvI5cO--ZfMYcz5ZglR12xefkkBpyZCLeCtJxhtrYoZKnok27k4pTS-iA95MtSJeei2s8Hc0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEFDqmNjQvhfLZY0BpiIQQNagEIyMsJC8E_h0RW5Gk4h7Gs7lQeoY1e96vWmW1dlSa0; HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 1337
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: C=1; domain=adform.net; expires=Sat, 04-Mar-2023 18:20:48 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 729cca7d7cbb6298a425ab284e07da2d
1ecf68f1210a63b000c491f443613bd0b23244db
9238059021fea591eaaaf5e5d05d2e48968e220d8cd505bbe2f66affb8bb755b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 841f0b71f20f9a647e4d0acd33a24b2a
7a650907aa0a5b868a0db1ed837286485ad1bc15
2eef319e415882d87cabe6efe8ce6bfbb348d6cee7fb6967e63f4fc7c9acd161
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EEF319E415882D87CABE6EFE8CE6BFBB348D6CEE7FB6967E63F4FC7C9ACD161"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10916
Expires: Sat, 04 Feb 2023 21:22:44 GMT
Date: Sat, 04 Feb 2023 18:20:48 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/0-8iGxjpB1Y
IP 142.250.74.131:0
Hash 54560d4504ea0e89bbdf8e2c6ead8ebb
1e22ba7e6466107c3020ed9cbea820a607abcb49
a9ac6d88fb573f4105ba05a706a48ea389f428bc0c624dad9d4bba8e9aa9daa9
POST /s/gts1d4/0-8iGxjpB1Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs
216.58.207.193200 OK 0 B URL HTTP/2 cdn.ampproject.org/rtv/012301181928000/v0/amp-form-0.1.mjs
IP 216.58.207.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtv/012301181928000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12960
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 18:04:37 GMT
expires: Tue, 30 Jan 2024 18:04:37 GMT
cache-control: public, max-age=31536000
etag: "f74ebce85e2cb18a"
content-type: text/javascript; charset=UTF-8
age: 432971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/vFK9qEKFQSs
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/vFK9qEKFQSs
IP 142.250.74.131:0
Hash 04a3f2ba6ee904983f5659ea2e56fd95
696d9ba661d12de029cf4790bd084fa4493427a7
dd0083ccb22471a29b26991e0f80819b8481770348bb60e42b06cc3425edad7b
POST /s/gts1d4/vFK9qEKFQSs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
34.96.70.87200 OK 1.3 kB URL HTTP/2 invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
IP 34.96.70.87:0
File type ASCII text, with very long lines (1178)
Hash f5bc066f146e3dbb049aa6c86c7012e6
efa97d857c263b3b3672e2ffa630af6e2625d84b
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
GET /encrypted-signals/encrypted-tag-g.js HTTP/1.1
Host: invstatic101.creativecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdt6jcb4P2fvSpOJCb43HUSczJaR2Ip2MR84MW5Q7Ksnkzf1Fm5dnnm6o98IJn6x2M0hw90ncBsqbWjy_ngkrdw0OnjPkwoV
vary: X-Goog-Allowed-Resources
x-goog-generation: 1659113709880056
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1258
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1258
server: UploadServer
via: 1.1 google
date: Sat, 04 Feb 2023 18:07:33 GMT
expires: Sat, 04 Feb 2023 19:07:33 GMT
cache-control: public, max-age=3600
age: 795
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 33b4dcac47176829c3f733cf485b00d8
2f0ca8dfa8106b51602e1c9cd6a5b1e31254c924
d258d8a0ec6ed7cf9fb2ee6de730c0380adde3a3c656e10f046a56f140307f2c
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2674
Cache-Control: max-age=163111
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Etag: "63de71b6-1d7"
Expires: Mon, 06 Feb 2023 15:39:19 GMT
Last-Modified: Sat, 04 Feb 2023 14:54:46 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1d4/vFK9qEKFQSs
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/vFK9qEKFQSs
IP 142.250.74.131:0
Hash 04a3f2ba6ee904983f5659ea2e56fd95
696d9ba661d12de029cf4790bd084fa4493427a7
dd0083ccb22471a29b26991e0f80819b8481770348bb60e42b06cc3425edad7b
POST /s/gts1d4/vFK9qEKFQSs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bcp.crwdcntrl.net/6/map
52.211.54.102200 OK 60 B IP 52.211.54.102:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 765317332a8e801bec4082f9ba2c5226
6fdcf4f36f655765d530efea4b1970c5f5e132c5
9e082de8f94e65d6411ffe05e0dc24795d096f1067644d10293dd6ca3d2c7ae3
POST /6/map HTTP/1.1
Host: bcp.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 50
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: application/json;charset=utf-8
content-length: 60
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.9.47
access-control-allow-credentials: true
access-control-allow-origin: https://sharemods.com
server: Jetty(9.4.38.v20210224)
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16589/sync.min.js
54.230.111.122200 OK 10 kB URL HTTP/2 tags.crwdcntrl.net/lt/c/16589/sync.min.js
IP 54.230.111.122:0
Hash 7405cd40a0542fabef562fc3b285c3ad
a37c79a1e4a28a86b49b284962ac40942551c8bc
b9d37f04a65343808c649cd5799bf40048ef19b102c7b4ed440ef2ce27088ddf
GET /lt/c/16589/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 05 Jan 2023 20:08:05 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sat, 04 Feb 2023 08:35:22 GMT
cache-control: max-age: 86400
etag: W/"87ee016ad429d1c83712b8d81ccb3c59"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BHsmdIx70XvJJrfdAASnec6_VPPic5_gQtpmt1Gs3xlHGTDuBk6pEA==
age: 35127
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.ids.js
178.250.0.130200 OK 14 kB URL HTTP/2 static.criteo.net/js/ld/publishertag.ids.js
IP 178.250.0.130:0
Hash 777716a01e61fbdc1573d24496825275
9f449e16c28e7307a8e3a3c7e0960941d76caa57
a76e77a8d5c7fc1d75fde42bd526e392e034eb034bed6be2931cd0d82e62fab8
GET /js/ld/publishertag.ids.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-9c1f"
expires: Sun, 05 Feb 2023 18:20:48 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdnt.onnetwork.tv/poster/5/7/570814_5.jpg
188.165.21.42200 OK 96 kB URL HTTP/2 cdnt.onnetwork.tv/poster/5/7/570814_5.jpg
IP 188.165.21.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 1280x720, components 3\012- data
Hash 8af4b14ab8641600bd4e0e14529131c1
36a0c66ceda1499e96e75c5d7fc4f28d33a218f5
18b20f40b1c2b85fd542c41541bc0fc8537c2395031ce89f0ba30fa149f1ffe7
GET /poster/5/7/570814_5.jpg HTTP/1.1
Host: cdnt.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: image/jpeg
content-length: 95852
last-modified: Mon, 07 Feb 2022 09:30:47 GMT
etag: "6200e6c7-1766c"
expires: Wed, 23 Aug 2023 18:20:48 GMT
cache-control: max-age=17280000
strict-transport-security: max-age=31536000
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
s1.adform.net/banners/scripts/adx.js
37.157.5.73200 OK 26 kB URL HTTP/2 s1.adform.net/banners/scripts/adx.js
IP 37.157.5.73:0
Hash b61b7be96679273ae5a61e78810b31f5
89c7398e6821f8c3721cf7b00bfcec8dd38890bb
4b1ad7de8c05dbf88262a802b04c55283b1a3e069e0770c7957af5f7bba7f878
GET /banners/scripts/adx.js HTTP/1.1
Host: s1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 21 Nov 2022 11:50:07 GMT
x-rgw-object-type: Normal
etag: W/"5fae11bd8facb45d9707cd5617753542"
x-amz-request-id: tx000000e3ab76e28d6a00a-00637b6788-329354d9-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/esp.js
104.22.52.86200 OK 17 kB URL HTTP/2 cdn.id5-sync.com/api/1.0/esp.js
IP 104.22.52.86:0
Hash ef40b4beb35dd4ca47dc83e1bd1c6602
a2388a4fa9681245ece8f50f41e67977c234871b
4fb77173c3ac304193a4ce8f07c53ad3681a2b3eebac599d96d3f84e0f447094
GET /api/1.0/esp.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: FVMlFSmcD0Wn/+rph/xJPSMD8h1xLItGxMiFojs1e+J1f7LO28QsQCtM5wu1mlkwy4pwPQtZ0SQ=
x-amz-request-id: H5PSQWN45SZ0RJ5Q
last-modified: Wed, 18 Jan 2023 10:47:58 GMT
etag: W/"854d94282c6b6d99cd8ba33bb311e621"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 1092
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 79456c232c160b49-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
oajs.openx.net/esp?url=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html&rid=esp
34.120.107.143200 OK 2 B URL HTTP/2 oajs.openx.net/esp?url=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html&rid=esp
IP 34.120.107.143:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /esp?url=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html&rid=esp HTTP/1.1
Host: oajs.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: https://sharemods.com
vary: Origin
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 2
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
date: Sat, 04 Feb 2023 18:20:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
37.157.5.73200 OK 16 kB URL HTTP/2 s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
IP 37.157.5.73:0
Hash b32bf179f1b98088270ab81d0d064930
fe203b84b836ca4a4c1cfc8bad7e8f0bc66f9efd
c9f358c52b002581c4b37228af718f36a144db350dc4672aeb8060908dc20e65
GET /stoat/626/s1.adform.net/bootstrap.js HTTP/1.1
Host: s1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
cache-control: public, max-age=100000
expires: Thu, 22 Dec 2022 19:29:51 GMT
x-cache-status: STALE
content-encoding: gzip
X-Firefox-Spdy: h2
id5-sync.com/api/esp/increment?counter=no-config
162.19.138.117204 0 B URL HTTP/1.1 id5-sync.com/api/esp/increment?counter=no-config
IP 162.19.138.117:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/esp/increment?counter=no-config HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
date: Sat, 04 Feb 2023 18:20:48 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
cdn.onnetwork.tv/cnt/a_cntm.png?ts=1675534885439&i=570814&d=9784&wsc=ar&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=3&vs=30
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntm.png?ts=1675534885439&i=570814&d=9784&wsc=ar&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=3&vs=30
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntm.png?ts=1675534885439&i=570814&d=9784&wsc=ar&plist=2557&widget=808&initap=3&currap=3&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=3&vs=30 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Saturday, 04-Feb-2023 18:20:48 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
stpd.cloud/assets/hb/sharemods.js
104.18.30.49200 OK 161 kB URL HTTP/2 stpd.cloud/assets/hb/sharemods.js
IP 104.18.30.49:0
File type ASCII text, with very long lines (58673)
Size 161 kB (160946 bytes)
Hash f46d4b2c563fdf820d6e547e19f3e13e
b0d5efde745f0923fedf19799a163048345b440a
fad7cfc8693242d321d0ad852140277aa935ba3c664ac4df5ed469ff7af0b2c7
GET /assets/hb/sharemods.js HTTP/1.1
Host: stpd.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: application/javascript
content-md5: bWb7BtXWQtqkkPx7GJ/9MA==
last-modified: Fri, 03 Feb 2023 11:35:45 GMT
vary: Origin, Accept-Encoding
x-ms-request-id: 233cb6f1-701e-0016-29c3-370940000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
age: 5188
expires: Sat, 04 Feb 2023 22:20:46 GMT
cache-control: public, max-age=14400
access-control-allow-origin: *
server: cloudflare
cf-ray: 79456c14e920b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 33b4dcac47176829c3f733cf485b00d8
2f0ca8dfa8106b51602e1c9cd6a5b1e31254c924
d258d8a0ec6ed7cf9fb2ee6de730c0380adde3a3c656e10f046a56f140307f2c
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2674
Cache-Control: max-age=163111
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Etag: "63de71b6-1d7"
Expires: Mon, 06 Feb 2023 15:39:19 GMT
Last-Modified: Sat, 04 Feb 2023 14:54:46 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
esp.rtbhouse.com/encrypt
35.190.39.111200 OK 241 B IP 35.190.39.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8b6c573dd71cbc7bfea924b7287de2b0
0f4442cf6507170481e8427c63ce71202d5c69d0
136f7d1c4fd7e66635d4ac987693b349e0b1523cf4976efe0e3f78899ab5c398
POST /encrypt HTTP/1.1
Host: esp.rtbhouse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Content-Type: application/json
Origin: https://sharemods.com
Content-Length: 165
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
x-cloud-trace-context: 55f61500dde53cfb0d4347cb6ed6ca2d
date: Sat, 04 Feb 2023 18:20:48 GMT
server: Google Frontend
content-length: 241
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/xn041pq5aCQ
IP 142.250.74.131:0
Hash 5fb965774659b735afe90e41453103a0
1545b7eaeca9ca3e4091a1f47d744b0b12419b41
919a253e1bdca7bf001856ab0d81063442325a0367459fcf953a8db59dbaf1fe
POST /s/gts1d4/xn041pq5aCQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:48 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
track.adform.net/adfserve/?CC=1&bn=60502038;rtbwp=9rIEEL9EDDZMXEFHIAZ_qKzboUFQG3yp0;rtbdata=nky8M2fOFF62zTK9aZmNJ2CmEevIx-vnIbYapEoJ8X4-LDipRitbx-dFXIB0HFyJhzrAmBmq55HU19Hw-ZldcILMA41YU6_q-D8_fI3jpYwT9z0gjpHAu3ieD17mChVPEMLuFGAl2qKtihkqeiTbue_EmhwR82e9WxWA1aOB9AGhsX3ly_xURwM1QQCT-4RPkzRyPyZsCbpD9nTqBfytlsmaoV4043dBfzyMrTKe-cFQSL_z94W4gOrygthGeCsSY1FyWyuHdO-nqGuhAbga6kBXbYzkItHoVltKaB49If_aXm6x4rgdM00GR27cQ4eNp76VHMk2BGDcYhilDUfmzY3A9bEEFwUc0;csid=60961;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZMMHzzV-1ch42u1ywTJ-2gsETfgDNEkITkcJYrV6QN-lS8sOh5Sb528fI60XlM8NKJfoPzGDfuT6DRNWUYu4HK5xbcwO0BDo7srFmVh91QhU6zlCViPtvUT5f7DS2Jx1YbMM0PiYjLrPD_gYXdTPLHIfEVvI5cO--ZfMYcz5ZglR12xefkkBpyZCLeCtJxhtrYoZKnok27k4pTS-iA95MtSJeei2s8Hc0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEFDqmNjQvhfLZY0BpiIQQNagEIyMsJC8E_h0RW5Gk4h7Gs7lQeoY1e96vWmW1dlSa0;;js=1;adfxid=1x;8232;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html
37.157.6.252200 OK 3.7 kB URL HTTP/2 track.adform.net/adfserve/?CC=1&bn=60502038;rtbwp=9rIEEL9EDDZMXEFHIAZ_qKzboUFQG3yp0;rtbdata=nky8M2fOFF62zTK9aZmNJ2CmEevIx-vnIbYapEoJ8X4-LDipRitbx-dFXIB0HFyJhzrAmBmq55HU19Hw-ZldcILMA41YU6_q-D8_fI3jpYwT9z0gjpHAu3ieD17mChVPEMLuFGAl2qKtihkqeiTbue_EmhwR82e9WxWA1aOB9AGhsX3ly_xURwM1QQCT-4RPkzRyPyZsCbpD9nTqBfytlsmaoV4043dBfzyMrTKe-cFQSL_z94W4gOrygthGeCsSY1FyWyuHdO-nqGuhAbga6kBXbYzkItHoVltKaB49If_aXm6x4rgdM00GR27cQ4eNp76VHMk2BGDcYhilDUfmzY3A9bEEFwUc0;csid=60961;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZMMHzzV-1ch42u1ywTJ-2gsETfgDNEkITkcJYrV6QN-lS8sOh5Sb528fI60XlM8NKJfoPzGDfuT6DRNWUYu4HK5xbcwO0BDo7srFmVh91QhU6zlCViPtvUT5f7DS2Jx1YbMM0PiYjLrPD_gYXdTPLHIfEVvI5cO--ZfMYcz5ZglR12xefkkBpyZCLeCtJxhtrYoZKnok27k4pTS-iA95MtSJeei2s8Hc0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEFDqmNjQvhfLZY0BpiIQQNagEIyMsJC8E_h0RW5Gk4h7Gs7lQeoY1e96vWmW1dlSa0;;js=1;adfxid=1x;8232;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html
IP 37.157.6.252:0
File type ASCII text, with very long lines (6121), with CRLF line terminators
Hash 143f687021c7c6505daf51caeb8eb442
4e79323631d2ecf4c1138b9594705499ee04c1df
d3e1ea0ad6b4a66a6752ebdc238bb757e1c8465e4c4a561504ab0fcd3b146543
GET /adfserve/?CC=1&bn=60502038;rtbwp=9rIEEL9EDDZMXEFHIAZ_qKzboUFQG3yp0;rtbdata=nky8M2fOFF62zTK9aZmNJ2CmEevIx-vnIbYapEoJ8X4-LDipRitbx-dFXIB0HFyJhzrAmBmq55HU19Hw-ZldcILMA41YU6_q-D8_fI3jpYwT9z0gjpHAu3ieD17mChVPEMLuFGAl2qKtihkqeiTbue_EmhwR82e9WxWA1aOB9AGhsX3ly_xURwM1QQCT-4RPkzRyPyZsCbpD9nTqBfytlsmaoV4043dBfzyMrTKe-cFQSL_z94W4gOrygthGeCsSY1FyWyuHdO-nqGuhAbga6kBXbYzkItHoVltKaB49If_aXm6x4rgdM00GR27cQ4eNp76VHMk2BGDcYhilDUfmzY3A9bEEFwUc0;csid=60961;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=ZMMHzzV-1ch42u1ywTJ-2gsETfgDNEkITkcJYrV6QN-lS8sOh5Sb528fI60XlM8NKJfoPzGDfuT6DRNWUYu4HK5xbcwO0BDo7srFmVh91QhU6zlCViPtvUT5f7DS2Jx1YbMM0PiYjLrPD_gYXdTPLHIfEVvI5cO--ZfMYcz5ZglR12xefkkBpyZCLeCtJxhtrYoZKnok27k4pTS-iA95MtSJeei2s8Hc0;pui=2ShljixBLrbi0hXl08juHHFAHCKQ7jOEFDqmNjQvhfLZY0BpiIQQNagEIyMsJC8E_h0RW5Gk4h7Gs7lQeoY1e96vWmW1dlSa0;;js=1;adfxid=1x;8232;set=en-US|en-US|1280X1024|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: text/javascript; charset=utf-8
content-length: 3662
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
content-encoding: gzip
expires: -1
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 165 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 20522ba72cb104f5074ac9229909b23c
cdb763b8b1f67ba3f3112e3551acd1c65ee3cc27
4c6a5d24d128e8eec3f6763d59cde4968116cb4dd8a1ffe9d3654e7c1d0597b8
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 438
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
google-bidout-d.openx.net/w/1.0/pd?plm=5
35.244.159.8200 OK 20 B URL HTTP/2 google-bidout-d.openx.net/w/1.0/pd?plm=5
IP 35.244.159.8:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /w/1.0/pd?plm=5 HTTP/1.1
Host: google-bidout-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept, Accept-Encoding
server: OXGW/0.0.0
date: Sat, 04 Feb 2023 18:20:49 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182867&sid=18330&dvregion=0&unit=970x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0grY2G1ASAKiGuPFPIy4blU&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396518244&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=116984763429&turl=sharemods.com/&DVP_PP_BUNDLE_ID=
95.101.11.115200 OK 1.9 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115750&plc=5182867&sid=18330&dvregion=0&unit=970x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0grY2G1ASAKiGuPFPIy4blU&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396518244&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=116984763429&turl=sharemods.com/&DVP_PP_BUNDLE_ID=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document, ASCII text, with very long lines (536)
Hash 87b6182d03ee779aa68e37632f67656e
fac511e36df5215ae95ad7d03c4984e5ffcb7f6e
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
GET /dvbs_src.js?ctx=1828362&cmp=115750&plc=5182867&sid=18330&dvregion=0&unit=970x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0grY2G1ASAKiGuPFPIy4blU&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396518244&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=116984763429&turl=sharemods.com/&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
X-GUploader-UploadID: ADPycds6p1jm1dM37ZrGE7degj1PHtVHSCOhkWg3tNxtDa8jls04Qf_pWilJX59SK2PF90mCXMWOvLDiSS4yJ4B9Ex0-uw
Cache-Control: max-age=86400
Expires: Wed, 18 Jan 2023 15:48:02 GMT
Last-Modified: Tue, 10 Jan 2023 11:02:09 GMT
ETag: "87b6182d03ee779aa68e37632f67656e"
x-goog-generation: 1673348529482061
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1922
x-goog-meta-pipeline-id: 742670731
x-goog-meta-previous-generation-number: 1673253614982549
Content-Type: application/javascript
x-goog-hash: crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
x-goog-storage-class: STANDARD
Accept-Ranges: bytes
Content-Length: 1922
Server: UploadServer
Date: Sat, 04 Feb 2023 18:20:49 GMT
Connection: keep-alive
cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0grY2G1ASAKiGuPFPIy4blU&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396518244&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=116984763429&turl=sharemods.com/&DVP_PP_BUNDLE_ID=
95.101.11.115200 OK 3.3 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0grY2G1ASAKiGuPFPIy4blU&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396518244&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=116984763429&turl=sharemods.com/&DVP_PP_BUNDLE_ID=
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash 558236d14c2aba66c3914c13a1854592
6f67ca562bf15c1a23254b80111d11d99260eff7
ae734998083e7b4a03942d17ae10e83c9d5ff2a75ad66fadfe7eb8acab3bf23f
GET /dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0grY2G1ASAKiGuPFPIy4blU&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396518244&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=116984763429&turl=sharemods.com/&DVP_PP_BUNDLE_ID= HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 10:02:56 GMT
Accept-Ranges: bytes
ETag: "0c8245b2436d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3338
Date: Sat, 04 Feb 2023 18:20:49 GMT
Connection: keep-alive
cdn.doubleverify.com/dvbs_src_internal117.js
95.101.11.115200 OK 19 kB URL HTTP/1.1 cdn.doubleverify.com/dvbs_src_internal117.js
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2636), with CRLF, LF line terminators
Hash cf93b15de9d1c76c1bc6fdaee5382496
26e52f0a242bff375cc54d8d33a1a416d89e2813
c290ae68279e0685c13650d1534a0cd86997420399bb67288046e61b13defb53
GET /dvbs_src_internal117.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 10 Jan 2023 11:00:18 GMT
Accept-Ranges: bytes
ETag: "0cda5b9e224d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 18840
Date: Sat, 04 Feb 2023 18:20:49 GMT
Connection: keep-alive
s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
142.250.74.70200 OK 38 kB URL HTTP/2 s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
IP 142.250.74.70:0
File type ASCII text, with very long lines (3095)
Hash 4f9b890a6c4cfbbfd0fb7eff98bf4dde
2db204fb0ee448842b40f84463234ea496763130
8e0d4c67a688228e1ba10b1e1dc367c078edf7e9bc35be0bd4ae8c0ce980647c
GET /879366/express_html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 10:25:03 GMT
expires: Sun, 05 Feb 2023 10:25:03 GMT
cache-control: public, max-age=86400
age: 28546
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675534886334&d=9784&wsc=ar&typ=embed&mobile=0&c=23
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntg.png?ts=1675534886334&d=9784&wsc=ar&typ=embed&mobile=0&c=23
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntg.png?ts=1675534886334&d=9784&wsc=ar&typ=embed&mobile=0&c=23 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:49 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Saturday, 04-Feb-2023 18:20:49 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuILfWrxz6HRvJBNqu7om8dcvDzWcxYmm-xj4Iyrqw9qWPoA_p5hVhbNZG3xEPzNsoArdG3NOJEf8bRFa3NZ2SrNJvTSttoR_qGwAcHtkT2ms5EZ9VEymprxA_JYEyLlF9Bn4hH_zZZ3w&sai=AMfl-YScxKSQxJBfv3Llj7fZxQeRhHxsE-qOf9Jq-kU9iG4oMH-2GJHJG-gA5qWm60f0iMKrZG0p_ayfEekNdk4&sig=Cg0ArKJSzFbH1KPXt0UfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=154&cbvp=1&cstd=150&cisv=r20230201.07192&arae=0&ftch=1&adurl=
142.250.74.130200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuILfWrxz6HRvJBNqu7om8dcvDzWcxYmm-xj4Iyrqw9qWPoA_p5hVhbNZG3xEPzNsoArdG3NOJEf8bRFa3NZ2SrNJvTSttoR_qGwAcHtkT2ms5EZ9VEymprxA_JYEyLlF9Bn4hH_zZZ3w&sai=AMfl-YScxKSQxJBfv3Llj7fZxQeRhHxsE-qOf9Jq-kU9iG4oMH-2GJHJG-gA5qWm60f0iMKrZG0p_ayfEekNdk4&sig=Cg0ArKJSzFbH1KPXt0UfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=154&cbvp=1&cstd=150&cisv=r20230201.07192&arae=0&ftch=1&adurl=
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsuILfWrxz6HRvJBNqu7om8dcvDzWcxYmm-xj4Iyrqw9qWPoA_p5hVhbNZG3xEPzNsoArdG3NOJEf8bRFa3NZ2SrNJvTSttoR_qGwAcHtkT2ms5EZ9VEymprxA_JYEyLlF9Bn4hH_zZZ3w&sai=AMfl-YScxKSQxJBfv3Llj7fZxQeRhHxsE-qOf9Jq-kU9iG4oMH-2GJHJG-gA5qWm60f0iMKrZG0p_ayfEekNdk4&sig=Cg0ArKJSzFbH1KPXt0UfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=154&cbvp=1&cstd=150&cisv=r20230201.07192&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 18:20:49 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 18:35:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 18:20:49 GMT
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.24200 OK 1.8 kB IP 192.124.249.24:0
Hash 79a2784590877462b86b7f0a33601af9
ad856fdf644f7d403697b442559ac0d856adc194
9548a32ab06ba91adac7bfd95322db97869075f71e85c30ef3b4d3ede057b3e2
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 04 Feb 2023 18:20:49 GMT
Content-Type: application/ocsp-response
Content-Length: 1845
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 03 Feb 2023 20:47:17 GMT
Expires: Sat, 04 Feb 2023 20:47:17 GMT
ETag: "ad856fdf644f7d403697b442559ac0d856adc194"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_542172230960&jsTagObjCallback=__tagObject_callback_542172230960&num=6&ctx=1828362&cmp=115750&plc=5182867&sid=18330&advid=&adsrv=&unit=970x250&isdvvid=&uid=542172230960&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=sharemods.com/&srcurlD=2&ssl=1&refD=3&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0grY2G1ASAKiGuPFPIy4blU&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396518244&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=116984763429&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=16&fcifrms=12&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauD92C6%3E%405D%5D4%40%3ETau&dvp_exetime=10.00&callbackName=__verify_callback_542172230960
34.149.12.213200 OK 264 B URL HTTP/1.1 rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_542172230960&jsTagObjCallback=__tagObject_callback_542172230960&num=6&ctx=1828362&cmp=115750&plc=5182867&sid=18330&advid=&adsrv=&unit=970x250&isdvvid=&uid=542172230960&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=sharemods.com/&srcurlD=2&ssl=1&refD=3&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0grY2G1ASAKiGuPFPIy4blU&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396518244&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=116984763429&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=16&fcifrms=12&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauD92C6%3E%405D%5D4%40%3ETau&dvp_exetime=10.00&callbackName=__verify_callback_542172230960
IP 34.149.12.213:0
Hash 226cc2f5bb2666ee20f6a57cf9f60b17
2f52d4886c30a398c02b2dd91a4e8ba7edbb0dd6
9f22e9e46521e747bded1d8be40e284ac8f50e6873cc6d19f7724fd213db7073
GET /verify.js?flvr=0&jsCallback=__verify_callback_542172230960&jsTagObjCallback=__tagObject_callback_542172230960&num=6&ctx=1828362&cmp=115750&plc=5182867&sid=18330&advid=&adsrv=&unit=970x250&isdvvid=&uid=542172230960&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Linux%20x86_64&dvp_strhd=1.00&dvpx_strhd=1.00&brid=0&brver=&bridua=2&dup=null&turl=sharemods.com/&srcurlD=2&ssl=1&refD=3&htmlmsging=1&tstype=128&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0grY2G1ASAKiGuPFPIy4blU&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396518244&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=116984763429&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=16&fcifrms=12&brh=1&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauD92C6%3E%405D%5D4%40%3ETau&dvp_exetime=10.00&callbackName=__verify_callback_542172230960 HTTP/1.1
Host: rtb0.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 18:20:49 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0
Content-Encoding: br
Expires: 02/03/2023 18:20:49
Pragma: no-cache
Vary: Accept-Encoding
X-DV-Response: 0
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuILfWrxz6HRvJBNqu7om8dcvDzWcxYmm-xj4Iyrqw9qWPoA_p5hVhbNZG3xEPzNsoArdG3NOJEf8bRFa3NZ2SrNJvTSttoR_qGwAcHtkT2ms5EZ9VEymprxA_JYEyLlF9Bn4hH_zZZ3w&sai=AMfl-YScxKSQxJBfv3Llj7fZxQeRhHxsE-qOf9Jq-kU9iG4oMH-2GJHJG-gA5qWm60f0iMKrZG0p_ayfEekNdk4&sig=Cg0ArKJSzFbH1KPXt0UfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=338&vt=11&dtpt=184&dett=3&cstd=150&cisv=r20230201.07192&arae=0&ftch=1&adurl=
142.250.74.130200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuILfWrxz6HRvJBNqu7om8dcvDzWcxYmm-xj4Iyrqw9qWPoA_p5hVhbNZG3xEPzNsoArdG3NOJEf8bRFa3NZ2SrNJvTSttoR_qGwAcHtkT2ms5EZ9VEymprxA_JYEyLlF9Bn4hH_zZZ3w&sai=AMfl-YScxKSQxJBfv3Llj7fZxQeRhHxsE-qOf9Jq-kU9iG4oMH-2GJHJG-gA5qWm60f0iMKrZG0p_ayfEekNdk4&sig=Cg0ArKJSzFbH1KPXt0UfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=338&vt=11&dtpt=184&dett=3&cstd=150&cisv=r20230201.07192&arae=0&ftch=1&adurl=
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsuILfWrxz6HRvJBNqu7om8dcvDzWcxYmm-xj4Iyrqw9qWPoA_p5hVhbNZG3xEPzNsoArdG3NOJEf8bRFa3NZ2SrNJvTSttoR_qGwAcHtkT2ms5EZ9VEymprxA_JYEyLlF9Bn4hH_zZZ3w&sai=AMfl-YScxKSQxJBfv3Llj7fZxQeRhHxsE-qOf9Jq-kU9iG4oMH-2GJHJG-gA5qWm60f0iMKrZG0p_ayfEekNdk4&sig=Cg0ArKJSzFbH1KPXt0UfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=338&vt=11&dtpt=184&dett=3&cstd=150&cisv=r20230201.07192&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sat, 04 Feb 2023 18:20:49 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 04-Feb-2023 18:35:49 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 04 Feb 2023 18:20:49 GMT
X-Firefox-Spdy: h2
cdn.doubleverify.com/dv-measurements3497.js
95.101.11.115200 OK 109 kB URL HTTP/1.1 cdn.doubleverify.com/dv-measurements3497.js
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 109 kB (109099 bytes)
Hash 4773cb5cfa2ad0e71d21f43c56c76ae3
39d66090c14e1b5d2f0f3413a34e087b5969d054
76206ee41bcfae347cef25b03589639e616747c9f77e2b3378387ee9e14f3a00
GET /dv-measurements3497.js HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=946080900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 08:37:17 GMT
Accept-Ranges: bytes
ETag: "809cf641836d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 109099
Date: Sat, 04 Feb 2023 18:20:49 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 56b95aa55ceded43cc33f229e1bd80e4
bca7e5b811ec35ca6cf074106c90cccd952b77d4
0f572785cfa37c2f123ae9c94b4875d90ab2014746a9dc34196d61043b3124a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1455
Cache-Control: max-age=145330
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:50 GMT
Etag: "63de3105-2d7"
Expires: Mon, 06 Feb 2023 10:43:00 GMT
Last-Modified: Sat, 04 Feb 2023 10:18:45 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 727
host.adcropper.com/BetssonGroup/Betsson/DynamicJackpot/Betsson/NO/AbsolootlyMad/300x250/index.html
35.201.99.35200 OK 93 kB URL HTTP/2 host.adcropper.com/BetssonGroup/Betsson/DynamicJackpot/Betsson/NO/AbsolootlyMad/300x250/index.html
IP 35.201.99.35:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11602)
Hash bfc27fafeefb35d8f3f5acb3aef5b83c
a2db7be07c788042c9f864856238505cad612eef
983c4c79c0531367692aa871c76d356bfc814ddab89703a6fe7abcbb32bcfb1b
GET /BetssonGroup/Betsson/DynamicJackpot/Betsson/NO/AbsolootlyMad/300x250/index.html HTTP/1.1
Host: host.adcropper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycds_x7Q6EspFswd_2svTWnfcB87_5-VwqN4Gc2Hq0cQOohOfEOcT6OHYiVghfni3FrQc12MF4GnlMlxJRWnY88bCY6q1WyyK
vary: X-Goog-Allowed-Resources
x-goog-generation: 1671302197023314
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 93125
x-goog-hash: crc32c=ASl/yQ==, md5=v8J/r+77Ndjz9ayzrvW4PA==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 93125
access-control-allow-origin: *
server: UploadServer
date: Sat, 04 Feb 2023 17:23:59 GMT
expires: Sat, 04 Feb 2023 18:23:59 GMT
cache-control: public, max-age=3600
age: 3411
last-modified: Sat, 17 Dec 2022 18:36:37 GMT
etag: "bfc27fafeefb35d8f3f5acb3aef5b83c"
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 56b95aa55ceded43cc33f229e1bd80e4
bca7e5b811ec35ca6cf074106c90cccd952b77d4
0f572785cfa37c2f123ae9c94b4875d90ab2014746a9dc34196d61043b3124a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1455
Cache-Control: max-age=145330
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 18:20:50 GMT
Etag: "63de3105-2d7"
Expires: Mon, 06 Feb 2023 10:43:00 GMT
Last-Modified: Sat, 04 Feb 2023 10:18:45 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 727
servedby.flashtalking.com/imp/8/115750;5182867;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN970x250/?ftOBA=1&ft_domain=sharemods.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fsharemods.com%2F&us_privacy=${US_PRIVACY}&cachebuster=507138.7512712109&ft_dv=%5B%25ft_dv%25%5D
2.23.132.54200 OK 771 B URL HTTP/1.1 servedby.flashtalking.com/imp/8/115750;5182867;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN970x250/?ftOBA=1&ft_domain=sharemods.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fsharemods.com%2F&us_privacy=${US_PRIVACY}&cachebuster=507138.7512712109&ft_dv=%5B%25ft_dv%25%5D
IP 2.23.132.54:0
ASN #1299 Telia Company AB
File type ASCII text, with CRLF, CR, LF line terminators
Hash 96016520cfcbe6556a78d57a4795a5fe
4d90ef606b25098220d256c8dfb4146ece74d97c
42ef81d13ca91c11775b0c93667b137c5933cd7800ee335e0f2cc1bd78b2a0ad
GET /imp/8/115750;5182867;201;jsappend;DV360;DV360FY20AcrobatCTXInMarketHighReachNODSKBAN970x250/?ftOBA=1&ft_domain=sharemods.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fsharemods.com%2F&us_privacy=${US_PRIVACY}&cachebuster=507138.7512712109&ft_dv=%5B%25ft_dv%25%5D HTTP/1.1
Host: servedby.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=ISO-8859-1
Server: prod-xre-app5.frk11
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Sat, 04 Feb 2023 18:20:50 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 04 Feb 2023 18:20:50 GMT
Content-Length: 771
Connection: keep-alive
Strict-Transport-Security: max-age=86400
cdn.flashtalking.com/xre/518/5182867/4069577/js/j-5182867-4069577.js
205.185.216.10200 OK 17 kB URL HTTP/1.1 cdn.flashtalking.com/xre/518/5182867/4069577/js/j-5182867-4069577.js
IP 205.185.216.10:0
File type ASCII text, with very long lines (2897), with CRLF, CR, LF line terminators
Hash 10453ef3fb294d0a2124b77155f18c9a
063f03a920eb76bee602fbc9bcd335362c18200b
5ea86e0dd95cb8fa85725323a66c023f71fde55dec8a4d44a03d9b7d8d00070c
GET /xre/518/5182867/4069577/js/j-5182867-4069577.js HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 18:20:50 GMT
Connection: Keep-Alive
ETag: "1664998062"
Cache-Control: max-age=928
Content-Encoding: gzip
Content-Length: 17006
Content-Type: text/javascript; charset=utf-8
Last-Modified: Wed, 05 Oct 2022 19:27:42 GMT
Accept-Ranges: bytes
x-amz-id-2: g8SchLHQK6OwG+nPKpu91vShnm+miBUfeEI/oD3TBWrF8/1HWxqf3Bfn49NZmEIxXUL5n69MZFo=
x-amz-request-id: 6PER1VYMM9740SVJ
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675534850.dop024.sk1.t,1675534850.cds238.sk1.shn,1675534850.dop024.sk1.t,1675534850.cds015.sk1.c
cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182867&num=&adid=&advid=&adsrv=29&btreg=5182867&btadsrv=flashtalking&crt=4069577&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=77B44555-27D1-9A61-F6BE-5F96439FE135&auevent=&955910107
95.101.11.115200 OK 3.8 kB URL HTTP/1.1 cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182867&num=&adid=&advid=&adsrv=29&btreg=5182867&btadsrv=flashtalking&crt=4069577&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=77B44555-27D1-9A61-F6BE-5F96439FE135&auevent=&955910107
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (8016)
Hash b8361c5b7cb48b96d0fd75a4d112b301
8698dc829bf931f12f6401ac3c44fa2947c224a6
7a54cd3472cac931e665335ddeed5d1c7d51ff577beebc76be75b2c0340e4e99
GET /dvtp_src.js?ctx=1828362&cmp=115750&sid=18330&plc=5182867&num=&adid=&advid=&adsrv=29&btreg=5182867&btadsrv=flashtalking&crt=4069577&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=77B44555-27D1-9A61-F6BE-5F96439FE135&auevent=&955910107 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=900
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Wed, 01 Feb 2023 10:02:56 GMT
Accept-Ranges: bytes
ETag: "0c8245b2436d91:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 3338
Date: Sat, 04 Feb 2023 18:20:50 GMT
Connection: keep-alive
dnacdn.net/dna
178.250.0.157200 OK 20 kB IP 178.250.0.157:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1453), with CRLF, LF line terminators
Hash 4e0aa3ffea4e9146495d7ba5a0ae763a
ac486d655b59b3e1c599c764b4f402d47aba1050
cd5c9f82118452327e8896a1b703783e8747ee707b45ae87577413be994418d1
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=0jUJQV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g5R20wcW9MWFhEQzNPUmElMkZ4ekxwTDM2M1BCWTRMVGp0RElVUXBpWlZHWg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:50 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=uWE71V80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g5R20wcW9MWFhEQzNPUmElMkZ4ekxwSiUyRjZIZWpwWFNHVEhadjJwVWtia0Fv; expires=Thu, 29 Feb 2024 18:20:50 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 352419
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
23.38.200.44200 OK 1.3 kB URL HTTP/1.1 secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
IP 23.38.200.44:0
File type PNG image data, 19 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash db320ef6f3c45ab5c90887ef618de2bb
7d4bd175166545ea775fcb69b406eba11f7fa3ec
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
GET /oba/icon/iconc.png?EDAA_icon=y HTTP/1.1
Host: secure.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 12 Apr 2014 19:14:32 GMT
Content-Type: image/png
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-Varnish: 440713868 434560932
Accept-Ranges: bytes
Content-Length: 1308
Cache-Control: max-age=1610069
Expires: Thu, 23 Feb 2023 09:35:19 GMT
Date: Sat, 04 Feb 2023 18:20:50 GMT
Connection: keep-alive
Server: Flashtalking (AKA)
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 68cf08d77af8279898bf9ddad7b9b223
efda878c11b075ca24541c593e3e4146a8f7b4a5
d291469433a8ce2b9663f96789e5d7df3e1d1ae2d7258bf1835e126b2957e5ea
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 04 Feb 2023 18:20:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 02:59:35 GMT
Expires: Sun, 05 Feb 2023 02:59:35 GMT
ETag: "efda878c11b075ca24541c593e3e4146a8f7b4a5"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
t.myvisualiq.net/impression_pixel?pt=i&r=750723110&et=i&ago=212&ao=788&advt=5273038&pi=351021409&ad=546398320&si=3445823&aca=28890188&ci=132717249&chnl=-7&sz=1833&vndr=115
3.121.163.255302 Moved Temporarily 0 B URL HTTP/1.1 t.myvisualiq.net/impression_pixel?pt=i&r=750723110&et=i&ago=212&ao=788&advt=5273038&pi=351021409&ad=546398320&si=3445823&aca=28890188&ci=132717249&chnl=-7&sz=1833&vndr=115
IP 3.121.163.255:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /impression_pixel?pt=i&r=750723110&et=i&ago=212&ao=788&advt=5273038&pi=351021409&ad=546398320&si=3445823&aca=28890188&ci=132717249&chnl=-7&sz=1833&vndr=115 HTTP/1.1
Host: t.myvisualiq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sat, 04 Feb 2023 18:20:50 GMT
Location: https://t.myvisualiq.net/ul_cb/impression_pixel?pt=i&r=750723110&et=i&ago=212&ao=788&advt=5273038&pi=351021409&ad=546398320&si=3445823&aca=28890188&ci=132717249&chnl=-7&sz=1833&vndr=115
Set-Cookie: tuuid=c2afedb6-dcc8-4364-a5f6-d8659cef5891; path=/; expires=Mon, 03-Feb-2025 18:20:50 GMT; domain=.myvisualiq.net
c=1675534850; path=/; expires=Mon, 03-Feb-2025 18:20:50 GMT; domain=.myvisualiq.net
tuuid_lu=1675534850; path=/; expires=Mon, 03-Feb-2025 18:20:50 GMT; domain=.myvisualiq.net
Content-Length: 0
Connection: keep-alive
tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=195&ttfrms=19&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD92C6%3E%405D%5D4%40%3ETauU2%26C%3Dl9EEADTbpTauTaubcd6h2gfabe2fh%60dg6242df5%607acg7d2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauD2767C2%3E6Tau%60%5C_%5Cc_Tau9E%3E%3DTau4%40%3FE2%3A%3F6C%5D9E%3E%3DTbu%3FTbsa&srcurlD=2&aUrlD=4&ssl=https:&dfs=594&ddur=123&uid=1675534886827735&jsCallback=dvCallback_1675534886827623&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=970&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=3&fcifrms=12&brh=1&sdf=2&dvp_epl=250&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=sharemods.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0grY2G1ASAKiGuPFPIy4blU&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396518244&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=116984763429&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=230840797947.2974&dvp_tukv=4618739.338484555&dvp_tuid=1052575103503&jurtd=279341583
34.149.12.213200 OK 680 B URL HTTP/1.1 tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=195&ttfrms=19&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD92C6%3E%405D%5D4%40%3ETauU2%26C%3Dl9EEADTbpTauTaubcd6h2gfabe2fh%60dg6242df5%607acg7d2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauD2767C2%3E6Tau%60%5C_%5Cc_Tau9E%3E%3DTau4%40%3FE2%3A%3F6C%5D9E%3E%3DTbu%3FTbsa&srcurlD=2&aUrlD=4&ssl=https:&dfs=594&ddur=123&uid=1675534886827735&jsCallback=dvCallback_1675534886827623&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=970&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=3&fcifrms=12&brh=1&sdf=2&dvp_epl=250&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=sharemods.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0grY2G1ASAKiGuPFPIy4blU&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396518244&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=116984763429&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=230840797947.2974&dvp_tukv=4618739.338484555&dvp_tuid=1052575103503&jurtd=279341583
IP 34.149.12.213:0
File type ASCII text, with very long lines (1184), with no line terminators
Hash 87c8f4da2c22e9f5227482c949e3379e
a3cd60c4bb610c70cc8cfb7f607989afe383480b
92a936a8424c9014883544505dde4b9b217e7525db5e845e7df49f25e6d18297
GET /visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=195&ttfrms=19&bridua=2&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauD92C6%3E%405D%5D4%40%3ETauU2%26C%3Dl9EEADTbpTauTaubcd6h2gfabe2fh%60dg6242df5%607acg7d2%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauD2767C2%3E6Tau%60%5C_%5Cc_Tau9E%3E%3DTau4%40%3FE2%3A%3F6C%5D9E%3E%3DTbu%3FTbsa&srcurlD=2&aUrlD=4&ssl=https:&dfs=594&ddur=123&uid=1675534886827735&jsCallback=dvCallback_1675534886827623&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&htmlmsging=1&chro=0&hist=1&winh=250&winw=970&wouh=1024&wouw=1280&scah=1002&scaw=1280&jsver=3497&tgjsver=3497&lvvn=28&m1=13&refD=3&fcifrms=12&brh=1&sdf=2&dvp_epl=250&noc=16&nav_pltfrm=Linux%20x86_64&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=sharemods.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0grY2G1ASAKiGuPFPIy4blU&DVP_DBM_1=3060631&DVP_DBM_2=24779287&DVP_DBM_3=15170598693&DVP_DBM_4=396518244&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=116984763429&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=230840797947.2974&dvp_tukv=4618739.338484555&dvp_tuid=1052575103503&jurtd=279341583 HTTP/1.1
Host: tps.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 18:20:50 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=0
Content-Encoding: br
Expires: 02/03/2023 18:20:50
Pragma: no-cache
Vary: Accept-Encoding
ads.betweendigital.com/sspmatch-iframe
188.42.191.196302 Found 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 04 Feb 2024 18:20:50 GMT; Path=/; Domain=.betweendigital.com
tuuid=617fdf26-06d1-5223-9330-6385f0eec187; Max-Age=31536000; Expires=Sun, 04 Feb 2024 18:20:50 GMT; Path=/; Domain=.betweendigital.com
ut=Y96iAgAKmtjI1zCdhAKKgl9Tkm2kH-MT-vq-Ag==; Max-Age=31536000; Expires=Sun, 04 Feb 2024 18:20:50 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=cc0292c4dafd404691ec32b1592be4be&dup=&eoid=1000&cbust=1675534887401435
95.101.11.115302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=cc0292c4dafd404691ec32b1592be4be&dup=&eoid=1000&cbust=1675534887401435
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-eu3¶m=akipv6&impid=cc0292c4dafd404691ec32b1592be4be&dup=&eoid=1000&cbust=1675534887401435 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-eu3.doubleverify.com/event.png?impid=cc0292c4dafd404691ec32b1592be4be&akipv6=&dup=&eoid=1000
Date: Sat, 04 Feb 2023 18:20:50 GMT
Connection: keep-alive
ads.betweendigital.com/sspmatch-iframe?crf=1
188.42.191.196200 OK 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe?crf=1
IP 188.42.191.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe?crf=1 HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 04 Feb 2024 18:20:50 GMT; Path=/; Domain=.betweendigital.com
tuuid=8f94cfc9-31d3-5223-8bc6-73aee818d1ac; Max-Age=31536000; Expires=Sun, 04 Feb 2024 18:20:50 GMT; Path=/; Domain=.betweendigital.com
ut=Y96iAgALMzB9Q6occ8cHcWGQZkZZOCSCEB3WoA==; Max-Age=31536000; Expires=Sun, 04 Feb 2024 18:20:50 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
cdn.districtm.io/ids/index.html
54.230.111.22200 OK 116 B URL HTTP/2 cdn.districtm.io/ids/index.html
IP 54.230.111.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 517f2062d883c0ee35479a2da0c50b8c
73aed992d9fe72d54e3e638e51784db91bf345eb
f752ad8cf812a358129aac3fd9784b0baf6f19899eb49116f08a1afab1fa133e
GET /ids/index.html HTTP/1.1
Host: cdn.districtm.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 116
last-modified: Thu, 20 May 2021 02:18:27 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 05:43:16 GMT
etag: "517f2062d883c0ee35479a2da0c50b8c"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eNhOkOuluWE021RbIva77-H8VLmtXV0zF82xC52DBeQpnUbg2Sfwsw==
age: 45469
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/showad.js
23.38.200.201200 OK 14 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/showad.js
IP 23.38.200.201:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (38560)
Hash 0bfae9b18579b7ea0de0abd7c0ffc58f
c2f662ef4cccd27c27ef82686c9ee92b742bc9eb
3fa4e70bb63923f8dd778b7c310e48ec07bbd13ec13ad144d902f8502247f714
GET /AdServer/js/showad.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13968
content-type: text/html
cache-control: max-age=33165
expires: Sun, 05 Feb 2023 03:33:35 GMT
date: Sat, 04 Feb 2023 18:20:50 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.65.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.65.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 18:20:50 GMT
Age: 52697
X-Served-By: cache-lga13626-LGA, cache-bma1671-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20, 137399
X-Timer: S1675534851.764154,VS0,VE0
Vary: Accept-Encoding
t.myvisualiq.net/ul_cb/impression_pixel?pt=i&r=750723110&et=i&ago=212&ao=788&advt=5273038&pi=351021409&ad=546398320&si=3445823&aca=28890188&ci=132717249&chnl=-7&sz=1833&vndr=115
3.121.163.255200 OK 43 B URL HTTP/1.1 t.myvisualiq.net/ul_cb/impression_pixel?pt=i&r=750723110&et=i&ago=212&ao=788&advt=5273038&pi=351021409&ad=546398320&si=3445823&aca=28890188&ci=132717249&chnl=-7&sz=1833&vndr=115
IP 3.121.163.255:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/impression_pixel?pt=i&r=750723110&et=i&ago=212&ao=788&advt=5273038&pi=351021409&ad=546398320&si=3445823&aca=28890188&ci=132717249&chnl=-7&sz=1833&vndr=115 HTTP/1.1
Host: t.myvisualiq.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sharemods.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
access-control-allow-origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
cross-origin-resource-policy: cross-origin
Date: Sat, 04 Feb 2023 18:20:50 GMT
Content-Length: 43
Connection: keep-alive
ads.pubmatic.com/AdServer/js/showad.js
23.38.200.201200 OK 14 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/showad.js
IP 23.38.200.201:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (38560)
Hash 0bfae9b18579b7ea0de0abd7c0ffc58f
c2f662ef4cccd27c27ef82686c9ee92b742bc9eb
3fa4e70bb63923f8dd778b7c310e48ec07bbd13ec13ad144d902f8502247f714
GET /AdServer/js/showad.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13968
content-type: text/html
cache-control: max-age=33165
expires: Sun, 05 Feb 2023 03:33:35 GMT
date: Sat, 04 Feb 2023 18:20:50 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.170200 OK 17 kB URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.170:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash b58ba1fd29193bf66af7293fe54a026d
b96d6c71efd81fa6b95379e2d9456ab48a795b79
c606475178fb6c72e82c6542d35e053e20ff5faa63dfe8a0348815cef22acc0f
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:50 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 93071
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/showad.js
23.38.200.201200 OK 14 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/showad.js
IP 23.38.200.201:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (38560)
Hash 0bfae9b18579b7ea0de0abd7c0ffc58f
c2f662ef4cccd27c27ef82686c9ee92b742bc9eb
3fa4e70bb63923f8dd778b7c310e48ec07bbd13ec13ad144d902f8502247f714
GET /AdServer/js/showad.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:35 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13968
content-type: text/html
cache-control: max-age=33165
expires: Sun, 05 Feb 2023 03:33:35 GMT
date: Sat, 04 Feb 2023 18:20:50 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.65.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.65.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 18 Jan 2023 06:44:40 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 04 Feb 2023 18:20:50 GMT
Age: 52697
X-Served-By: cache-lga13626-LGA, cache-bma1671-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 20, 137400
X-Timer: S1675534851.782235,VS0,VE0
Vary: Accept-Encoding
gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=ISzB8l9memdiJTJGa3MlMkZ3YzZUbXVkVnlMTm5CUW1UcVhVRDZ2VkIxM3piZXM3U3lPUSUyQk96M1cyVCUyQkRHb095c2NUVUJRQVhoJTJGbXlzVVZVYVVNSjdzYmQlMkJnRUg0TW0xJTJCZWhSTTlsWHFTa3B5NTN3MzlkZmt2M3RRQjJQcTRiT08zME0yVWV0&info=uWE71V80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g5R20wcW9MWFhEQzNPUmElMkZ4ekxwSiUyRjZIZWpwWFNHVEhadjJwVWtia0Fv&idsd=1372520355,-53577260&cw=1&lsw=1
178.250.2.146200 OK 65 kB URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=ISzB8l9memdiJTJGa3MlMkZ3YzZUbXVkVnlMTm5CUW1UcVhVRDZ2VkIxM3piZXM3U3lPUSUyQk96M1cyVCUyQkRHb095c2NUVUJRQVhoJTJGbXlzVVZVYVVNSjdzYmQlMkJnRUg0TW0xJTJCZWhSTTlsWHFTa3B5NTN3MzlkZmt2M3RRQjJQcTRiT08zME0yVWV0&info=uWE71V80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g5R20wcW9MWFhEQzNPUmElMkZ4ekxwSiUyRjZIZWpwWFNHVEhadjJwVWtia0Fv&idsd=1372520355,-53577260&cw=1&lsw=1
IP 178.250.2.146:0
Hash dc32981200556994c3a9f5141fcd66e5
2822e230f48b0b6e81312e3159ef2f96be586df3
bab4458fda4842d59cce81ab5e7cfeaa4f774de47ccf8ca615e6236948483a2e
GET /sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=ISzB8l9memdiJTJGa3MlMkZ3YzZUbXVkVnlMTm5CUW1UcVhVRDZ2VkIxM3piZXM3U3lPUSUyQk96M1cyVCUyQkRHb095c2NUVUJRQVhoJTJGbXlzVVZVYVVNSjdzYmQlMkJnRUg0TW0xJTJCZWhSTTlsWHFTa3B5NTN3MzlkZmt2M3RRQjJQcTRiT08zME0yVWV0&info=uWE71V80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g5R20wcW9MWFhEQzNPUmElMkZ4ekxwSiUyRjZIZWpwWFNHVEhadjJwVWtia0Fv&idsd=1372520355,-53577260&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:50 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1255995
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=1e31236960854c32987742d84de3e9ea&dup=&eoid=1000&cbust=1675534887574333
95.101.11.115302 Moved Temporarily 0 B URL HTTP/1.1 cdn.doubleverify.com/redirect/?host=tpsc-eu3¶m=akipv6&impid=1e31236960854c32987742d84de3e9ea&dup=&eoid=1000&cbust=1675534887574333
IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect/?host=tpsc-eu3¶m=akipv6&impid=1e31236960854c32987742d84de3e9ea&dup=&eoid=1000&cbust=1675534887574333 HTTP/1.1
Host: cdn.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://tpsc-eu3.doubleverify.com/event.png?impid=1e31236960854c32987742d84de3e9ea&akipv6=&dup=&eoid=1000
Date: Sat, 04 Feb 2023 18:20:50 GMT
Connection: keep-alive
tpsc-eu3.doubleverify.com/event.png?impid=cc0292c4dafd404691ec32b1592be4be&akipv6=&dup=&eoid=1000
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=cc0292c4dafd404691ec32b1592be4be&akipv6=&dup=&eoid=1000
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=cc0292c4dafd404691ec32b1592be4be&akipv6=&dup=&eoid=1000 HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 04 Feb 2023 18:20:50 GMT
Connection: keep-alive
Cache-Control: max-age=0
Expires: 02/03/2023 18:20:50
Pragma: no-cache
cdn.flashtalking.com/116327/4069577/images/acrobat_create_2.jpg
205.185.216.10200 OK 15 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069577/images/acrobat_create_2.jpg
IP 205.185.216.10:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 710x444, components 3\012- data
Hash 296f9ed86795c8b1f2a1554742a0485a
8899d835a9478a5161299ba357c50b3598501f40
f07b31ea4c345d978d4748fb71a680ef2861368279ccb491f78fc86380c0e37a
GET /116327/4069577/images/acrobat_create_2.jpg HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069577/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 18:20:51 GMT
Connection: Keep-Alive
ETag: "1664411225"
Cache-Control: max-age=709
Content-Length: 15071
Content-Type: image/jpeg
Last-Modified: Thu, 29 Sep 2022 00:27:05 GMT
Accept-Ranges: bytes
x-amz-id-2: cay+G1cHxn4cNweGjuyn6HfTZX7PBtIRmcRaa0sAh28MZCWlYzA74Lpw+2Q5yYckHzbxflyXjVY=
x-amz-request-id: 90SJNF27RE32MV9B
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675534850.dop024.sk1.t,1675534850.cds238.sk1.shn,1675534851.dop024.sk1.t,1675534851.cds264.sk1.c
tpsc-eu3.doubleverify.com/event.png?impid=1e31236960854c32987742d84de3e9ea&akipv6=&dup=&eoid=1000
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=1e31236960854c32987742d84de3e9ea&akipv6=&dup=&eoid=1000
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event.png?impid=1e31236960854c32987742d84de3e9ea&akipv6=&dup=&eoid=1000 HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Sat, 04 Feb 2023 18:20:51 GMT
Connection: keep-alive
Cache-Control: max-age=0
Expires: 02/03/2023 18:20:51
Pragma: no-cache
cdn.districtm.io/ids/idsync.d5cb6b96.js
54.230.111.22200 OK 3.3 kB URL HTTP/2 cdn.districtm.io/ids/idsync.d5cb6b96.js
IP 54.230.111.22:0
File type ASCII text, with very long lines (2048)
Hash 74ede07ef946dc2316f86b2661cf2dd3
dee3ae6938bd288ab9519a38eac3c39495a85f0f
196b425485c119046eada45bc1a473e6c35f7f8c5a94824873535de823af517f
GET /ids/idsync.d5cb6b96.js HTTP/1.1
Host: cdn.districtm.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.districtm.io/ids/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3302
last-modified: Thu, 20 May 2021 02:18:27 GMT
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 06:31:32 GMT
etag: "74ede07ef946dc2316f86b2661cf2dd3"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XPWinF1362-Y9IRN66m_YUj1erq4hQgF8Vz3xseJR3wrSPggdH8G2A==
age: 42560
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.172.123307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: e85f4421-15c6-4fb8-82ce-8016db4af7cb
Set-Cookie: uuid2=7691922996385286799; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 05-May-2023 18:20:51 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
api.adcropper.com/jackpot/betsson//no/absolootly-mad-mega-moolah
35.201.99.35200 OK 10 B URL HTTP/2 api.adcropper.com/jackpot/betsson//no/absolootly-mad-mega-moolah
IP 35.201.99.35:0
Hash 52759ab982b685244780034a2a422583
06a587ec2f7be913d0b4f7d01c995f3f13a55c13
67fe075858d7c89947e00fcecf36ad22ecba5e19d6c6617a5d0b7251536a2f1a
GET /jackpot/betsson//no/absolootly-mad-mega-moolah HTTP/1.1
Host: api.adcropper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://host.adcropper.com/
Origin: https://host.adcropper.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx/1.14.0 (Ubuntu)
date: Sat, 04 Feb 2023 18:20:51 GMT
content-type: application/json
content-length: 10
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bh.contextweb.com/visitormatch
198.148.27.140302 Found 180 kB URL HTTP/2 bh.contextweb.com/visitormatch
IP 198.148.27.140:0
Size 180 kB (179711 bytes)
Hash 314037a4474f08736ac3b38e39723c97
913968dcd81647fffc7b2062ac08941f7fc4fa99
d9fbcbd6ae30f6bada6cadc9b04820ca1ee0fbfb5d49b81af14d3b51a236545f
GET /visitormatch HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-dgmq6
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: /visitormatch?reat=1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=d6Alp0WZHIvQ;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Tue, 30-Jan-2024 18:20:50 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=8b0b9b66c3de6a2a; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/.gBBwCDA/i/vCAv.IAAAAAUAA/r:types/ThirdParty
37.157.5.73200 OK 16 kB URL HTTP/2 s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.226/e/.gBBwCDA/i/vCAv.IAAAAAUAA/r:types/ThirdParty
IP 37.157.5.73:0
File type ASCII text, with very long lines (537)
Hash f33fe9e5c3d5c7f332c568c9726402d5
cedc3ed91697805882e830a8ea5ca88a38458f93
2747d83d955353eb6caeced8b271fa7c1a6b55deb7cf233e5a4c92587462afee
GET /stoat/626/s1.adform.net/load/v/0.0.226/e/.gBBwCDA/i/vCAv.IAAAAAUAA/r:types/ThirdParty HTTP/1.1
Host: s1.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 18:20:51 GMT
content-type: text/javascript
vary: Accept-Encoding
access-control-allow-origin: *
last-modified: Wed, 21 Dec 2022 11:59:41 GMT
cache-control: public, max-age=100000
expires: Thu, 22 Dec 2022 17:23:40 GMT
x-cache-status: STALE
content-encoding: gzip
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.172.123200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 9619538a-d735-4b2b-8673-8006f1933ef6
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
cdn.flashtalking.com/116327/4069577/images/Image2.png
205.185.216.10200 OK 5.2 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069577/images/Image2.png
IP 205.185.216.10:0
File type PNG image data, 92 x 131, 8-bit/color RGBA, non-interlaced\012- data
Hash 36b54eb1631f1be795a0567fc7f6034f
c574b46865c60d9e654333e29b070ea802a54a2d
8856deebcedfa5f528c116f29edc1d31e54f16f7cc4841f9875b4910703d4445
GET /116327/4069577/images/Image2.png HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069577/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 18:20:51 GMT
Connection: Keep-Alive
ETag: "1664411225"
Cache-Control: max-age=710
Content-Length: 5192
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 00:27:05 GMT
Accept-Ranges: bytes
x-amz-id-2: +n92HupeuYRL9SDPxCxwacCI+/6vYU0grQh29UhL5BNu6TavlPfHa+RfYxEKmjYUs2ZDneS4SG8=
x-amz-request-id: 90SR62EY537D5ZFP
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675534850.dop024.sk1.t,1675534850.cds238.sk1.shn,1675534851.dop024.sk1.t,1675534851.cds017.sk1.c
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.172.123307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: cac157db-0bad-4a9c-810d-ac03e4baecb4
Set-Cookie: uuid2=7186808888721554048; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 05-May-2023 18:20:51 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
dnacdn.net/dna
178.250.0.157200 OK 6.1 kB IP 178.250.0.157:0
Hash 1e18ca377339cf8a3284a33364fa3db1
71eeb9df86b02ca76ae09dc22fe6c0c1b1debece
350c8a0b824a834884471805324dddfb2ff1ef1a35d230a9e9b6821654364e9f
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=uWE71V80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g5R20wcW9MWFhEQzNPUmElMkZ4ekxwSiUyRjZIZWpwWFNHVEhadjJwVWtia0Fv
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:49 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=TLrKyl80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g5R20wcW9MWFhEQzNPUmElMkZ4ekxwTGo3TDFtQWZlT0Q2JTJGNUtRTFcxOWdS; expires=Thu, 29 Feb 2024 18:20:50 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 290673
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.172.123200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 3e870a1e-edc7-4849-bd15-0b2a58f8b70b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
cdn.flashtalking.com/116327/4069577/images/notebook.png
205.185.216.10200 OK 99 kB URL HTTP/1.1 cdn.flashtalking.com/116327/4069577/images/notebook.png
IP 205.185.216.10:0
File type PNG image data, 1102 x 1102, 8-bit/color RGBA, non-interlaced\012- data
Hash 6072c623d256e1ede016076a14baa64b
754753da0a2a3202d775f71277a77417466bef14
01f6632e73c7e0f8ab3448cc32d557a93f469a4bd2db2e6a1a128af59344f74d
GET /116327/4069577/images/notebook.png HTTP/1.1
Host: cdn.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.flashtalking.com/116327/4069577/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 18:20:51 GMT
Connection: Keep-Alive
ETag: "1664411225"
Cache-Control: max-age=809
Content-Length: 98859
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 00:27:05 GMT
Accept-Ranges: bytes
x-amz-id-2: dnlDJbRXrc2N4Q9/qUIFLerwnQ5J3EyyyKbrcSlzwcOaS04DjdfXxaLkxw+MBlP2GyO0E2Twnbg=
x-amz-request-id: C5GRJCS505HK4ZKT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
X-HW: 1675534850.dop024.sk1.t,1675534850.cds238.sk1.shn,1675534851.dop024.sk1.t,1675534851.cds216.sk1.c
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.172.123200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 463ae3dc-02a3-4b46-801c-dc10c3adbe33
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
bh.contextweb.com/visitormatch
198.148.27.140302 Found 27 B URL HTTP/2 bh.contextweb.com/visitormatch
IP 198.148.27.140:0
File type HTML document, ASCII text
Hash 806d8942eb70ed2d827b12ed2bf44533
b1149d9764ff4a9a7e8698f7a56ed003796d8582
ec2f44e7dbd2ebb1268ac7e7a0602ec2106bc7fd9da17b9012db81be55cbd485
GET /visitormatch HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-s6cbk
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: /visitormatch?reat=1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=nw8yEGcKaSVV;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Tue, 30-Jan-2024 18:20:51 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=2f63ea2d56ae3457; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.172.123307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 9d779a37-3775-428f-b34e-650e010212e7
Set-Cookie: uuid2=1193672442661131953; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 05-May-2023 18:20:52 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.172.123200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: dbca9b99-5578-4c16-95b6-71d2c6eae526
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.172.123307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 1bbdf244-48b1-4582-bdf2-279fc91c8ebb
Set-Cookie: uuid2=6379604203289137675; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 05-May-2023 18:20:52 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
37.252.172.123307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: ae30fee4-1c34-49f4-af71-25fecd2a7334
Set-Cookie: uuid2=935804178597413874; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 05-May-2023 18:20:52 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.172.123200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: af978b84-beb3-4ae9-aafd-d4773d19e7fa
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
37.252.172.123200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 37.252.172.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 04 Feb 2023 18:20:52 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 5187753c-032b-4ba5-a3ee-1d71e3792e72
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675534890354&event=plstarttry&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675534890354&event=plstarttry&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1675534890354&event=plstarttry&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:53 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Saturday, 04-Feb-2023 18:20:53 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675534890362&event=adsearch&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675534890362&event=adsearch&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1675534890362&event=adsearch&d=9784&vs=0&aps=4&playerVisible=0&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:53 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Saturday, 04-Feb-2023 18:20:53 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
pubads.g.doubleclick.net/gampad/ads?iu=%2F147246189%2C21696195204%2Fsharemods.com_instream&description_url=https%3A%2F%2Fsharemods.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&min_ad_duration=5000&max_ad_duration=120000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1289639430562315&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&mpt=onnetwork%2Fvplayer&mpv=8.6.1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4093528735&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=6AE7B8A0-40BD-4674-B87E-21A09F5CBFB1&a3p=EhkKCnVpZGFwaS5jb20YgcCl7eEwSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIHApe3hMEgAUgIIZBIcCg1jcndkY250cmwubmV0GIHApe3hMEgAUgIIZBIbCgxpZDUtc3luYy5jb20Y0cWl7eEwSABSAghqEhQKBW9wZW54GLTGpe3hMEgAUgIIbxIZCgpwdWJjaWQub3JnGOjBpe3hMEgAUgIIahLWAQoIcnRiaG91c2USwAFLZkVmYU1saWJoSDhDL2ZaTFdoSDVKNitWL1ErcWh3eXFqTENHajZOM2FDZi9nTHdQS2licDE3d1RmZi9KT0JrMTl3WVhvYVRHYmdrczVZbEJEK1Y1NnRaMENXM3VSL2dRQkFJRXcxVTJKOTg3SUpZVDhTdFpiVEw3NGhva3JDNlJuWHk4MCtlUXFUNU1jMUhMQXNPQURaaGN3SnVpNEk0Y3ZCL3lQVkJpemo4dGM0czF2S1Rub0JSekpPdU16UGUYucal7eEwSAA.&nel=0&eid=44748969%2C44751889%2C44765701%2C44768717%2C44777649&url=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html&dlt=1675534883602&idt=2295&dt=1675534890488&cookie=ID%3Da48ca6e2abb8c297%3AT%3D1675534847%3AS%3DALNI_Mb0wRB-BhMVpmg9LThOOQLKnbdCPA&gpic=UID%3D00000bafa24c21ff%3AT%3D1675534847%3ART%3D1675534847%3AS%3DALNI_MZuss5gLT2DUxmNA0krSyIxF-Y4hg&scor=1199007480346670&fbidx=-1&ppid=onnetwork&ged=ve4_td6_tt4_pd6_la6000_er1829.64.1829.64_vi0.0.898.1268_vp0_eb16619
142.250.74.162200 OK 98 B URL HTTP/2 pubads.g.doubleclick.net/gampad/ads?iu=%2F147246189%2C21696195204%2Fsharemods.com_instream&description_url=https%3A%2F%2Fsharemods.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&min_ad_duration=5000&max_ad_duration=120000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1289639430562315&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&mpt=onnetwork%2Fvplayer&mpv=8.6.1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4093528735&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=6AE7B8A0-40BD-4674-B87E-21A09F5CBFB1&a3p=EhkKCnVpZGFwaS5jb20YgcCl7eEwSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIHApe3hMEgAUgIIZBIcCg1jcndkY250cmwubmV0GIHApe3hMEgAUgIIZBIbCgxpZDUtc3luYy5jb20Y0cWl7eEwSABSAghqEhQKBW9wZW54GLTGpe3hMEgAUgIIbxIZCgpwdWJjaWQub3JnGOjBpe3hMEgAUgIIahLWAQoIcnRiaG91c2USwAFLZkVmYU1saWJoSDhDL2ZaTFdoSDVKNitWL1ErcWh3eXFqTENHajZOM2FDZi9nTHdQS2licDE3d1RmZi9KT0JrMTl3WVhvYVRHYmdrczVZbEJEK1Y1NnRaMENXM3VSL2dRQkFJRXcxVTJKOTg3SUpZVDhTdFpiVEw3NGhva3JDNlJuWHk4MCtlUXFUNU1jMUhMQXNPQURaaGN3SnVpNEk0Y3ZCL3lQVkJpemo4dGM0czF2S1Rub0JSekpPdU16UGUYucal7eEwSAA.&nel=0&eid=44748969%2C44751889%2C44765701%2C44768717%2C44777649&url=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html&dlt=1675534883602&idt=2295&dt=1675534890488&cookie=ID%3Da48ca6e2abb8c297%3AT%3D1675534847%3AS%3DALNI_Mb0wRB-BhMVpmg9LThOOQLKnbdCPA&gpic=UID%3D00000bafa24c21ff%3AT%3D1675534847%3ART%3D1675534847%3AS%3DALNI_MZuss5gLT2DUxmNA0krSyIxF-Y4hg&scor=1199007480346670&fbidx=-1&ppid=onnetwork&ged=ve4_td6_tt4_pd6_la6000_er1829.64.1829.64_vi0.0.898.1268_vp0_eb16619
IP 142.250.74.162:0
Hash 60a684ea33f5a8ea992e3166f6015d77
07c31ee8b077593f0af0a85d422d8d21da4e7212
4888fd03619b61ad7ff3c1968be6789eda2fd0a949b407994a507d709907d4ac
GET /gampad/ads?iu=%2F147246189%2C21696195204%2Fsharemods.com_instream&description_url=https%3A%2F%2Fsharemods.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&min_ad_duration=5000&max_ad_duration=120000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1289639430562315&sdkv=h.3.554.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&mpt=onnetwork%2Fvplayer&mpv=8.6.1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4093528735&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.554.2&sid=6AE7B8A0-40BD-4674-B87E-21A09F5CBFB1&a3p=EhkKCnVpZGFwaS5jb20YgcCl7eEwSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIHApe3hMEgAUgIIZBIcCg1jcndkY250cmwubmV0GIHApe3hMEgAUgIIZBIbCgxpZDUtc3luYy5jb20Y0cWl7eEwSABSAghqEhQKBW9wZW54GLTGpe3hMEgAUgIIbxIZCgpwdWJjaWQub3JnGOjBpe3hMEgAUgIIahLWAQoIcnRiaG91c2USwAFLZkVmYU1saWJoSDhDL2ZaTFdoSDVKNitWL1ErcWh3eXFqTENHajZOM2FDZi9nTHdQS2licDE3d1RmZi9KT0JrMTl3WVhvYVRHYmdrczVZbEJEK1Y1NnRaMENXM3VSL2dRQkFJRXcxVTJKOTg3SUpZVDhTdFpiVEw3NGhva3JDNlJuWHk4MCtlUXFUNU1jMUhMQXNPQURaaGN3SnVpNEk0Y3ZCL3lQVkJpemo4dGM0czF2S1Rub0JSekpPdU16UGUYucal7eEwSAA.&nel=0&eid=44748969%2C44751889%2C44765701%2C44768717%2C44777649&url=https%3A%2F%2Fsharemods.com%2Ffrbmurzcs0hj%2FTimecyc.rar.html&dlt=1675534883602&idt=2295&dt=1675534890488&cookie=ID%3Da48ca6e2abb8c297%3AT%3D1675534847%3AS%3DALNI_Mb0wRB-BhMVpmg9LThOOQLKnbdCPA&gpic=UID%3D00000bafa24c21ff%3AT%3D1675534847%3ART%3D1675534847%3AS%3DALNI_MZuss5gLT2DUxmNA0krSyIxF-Y4hg&scor=1199007480346670&fbidx=-1&ppid=onnetwork&ged=ve4_td6_tt4_pd6_la6000_er1829.64.1829.64_vi0.0.898.1268_vp0_eb16619 HTTP/1.1
Host: pubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://imasdk.googleapis.com
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
access-control-allow-credentials: true
access-control-allow-origin: https://imasdk.googleapis.com
google-lineitem-id: -2
google-creative-id: -2
date: Sat, 04 Feb 2023 18:20:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 98
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675534890565&event=adnotpresent&d=9784&vs=0&aps=4&playerVisible=2&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cnti.png?ts=1675534890565&event=adnotpresent&d=9784&vs=0&aps=4&playerVisible=2&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cnti.png?ts=1675534890565&event=adnotpresent&d=9784&vs=0&aps=4&playerVisible=2&plist=2557&widget=808&initap=3&currap=4&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&acount=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:53 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Saturday, 04-Feb-2023 18:20:53 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntn.png?ts=1675534890565&d=9784&mobile=0&bp=0&ap=-1&lin=1&muted=1&fna=1&ab=0&co=0
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntn.png?ts=1675534890565&d=9784&mobile=0&bp=0&ap=-1&lin=1&muted=1&fna=1&ab=0&co=0
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntn.png?ts=1675534890565&d=9784&mobile=0&bp=0&ap=-1&lin=1&muted=1&fna=1&ab=0&co=0 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:53 GMT
content-type: image/png
content-length: 126
cache-control: no-cache
last-modified: Saturday, 04-Feb-2023 18:20:53 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.onnetwork.tv/cnt/a_cntr.png?ts=16755348900&vmvp=0&w=9784&vs=1197&vc=27330&mobile=0&aps=4&pv=0&ac=0&plist=2557&widget=808&ab=0&co=0&pod=0&muted=1&initap=3&adcount=1
188.165.21.42200 OK 126 B URL HTTP/2 cdn.onnetwork.tv/cnt/a_cntr.png?ts=16755348900&vmvp=0&w=9784&vs=1197&vc=27330&mobile=0&aps=4&pv=0&ac=0&plist=2557&widget=808&ab=0&co=0&pod=0&muted=1&initap=3&adcount=1
IP 188.165.21.42:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash e714c69ca26dcdabcf9016341f66b5b9
1c78ace0e38129460966521ecb9f3ce70563a5e8
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
GET /cnt/a_cntr.png?ts=16755348900&vmvp=0&w=9784&vs=1197&vc=27330&mobile=0&aps=4&pv=0&ac=0&plist=2557&widget=808&ab=0&co=0&pod=0&muted=1&initap=3&adcount=1 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://imasdk.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:53 GMT
content-type: image/png
content-length: 126
last-modified: Fri, 08 Nov 2019 15:04:48 GMT
set-cookie: nv27330=1; Max-Age=600; SameSite=None; Secure; path=/; domain=.onnetwork.tv
nd1197=1; Max-Age=300; SameSite=None; Secure; path=/; domain=.onnetwork.tv
accept-ranges: bytes
X-Firefox-Spdy: h2
tpsc-eu3.doubleverify.com/event.png?impid=cc0292c4dafd404691ec32b1592be4be&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=555&eoid=15&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=123&tetms=6&msltms=34&vltms=555&sei=145&vetms=20&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=1180&isumms=1180&nvr=3&isgmmims=1181&isgmv4mims=1180&elmtp=1&isbxdms=2659&b0=100&b2=1479&adhgt=250&adwdth=970&norwdth=970&norhgt=250&dvp_vsosnmr=1&lftb=1579&sftb=1579&msrdp=2&naral=640&vct=512&vphgt=1024&vpwdth=1280&chgt=250&cwdth=970&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isgmpims=1180&engalms=1179&dvp_dpr=1&dvp_valpct=2&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3663&cbust=1675534890472484
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=cc0292c4dafd404691ec32b1592be4be&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=555&eoid=15&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=123&tetms=6&msltms=34&vltms=555&sei=145&vetms=20&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=1180&isumms=1180&nvr=3&isgmmims=1181&isgmv4mims=1180&elmtp=1&isbxdms=2659&b0=100&b2=1479&adhgt=250&adwdth=970&norwdth=970&norhgt=250&dvp_vsosnmr=1&lftb=1579&sftb=1579&msrdp=2&naral=640&vct=512&vphgt=1024&vpwdth=1280&chgt=250&cwdth=970&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isgmpims=1180&engalms=1179&dvp_dpr=1&dvp_valpct=2&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3663&cbust=1675534890472484
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event.png?impid=cc0292c4dafd404691ec32b1592be4be&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=555&eoid=15&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=123&tetms=6&msltms=34&vltms=555&sei=145&vetms=20&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=904&msrcannum=3&ismms=1180&isumms=1180&nvr=3&isgmmims=1181&isgmv4mims=1180&elmtp=1&isbxdms=2659&b0=100&b2=1479&adhgt=250&adwdth=970&norwdth=970&norhgt=250&dvp_vsosnmr=1&lftb=1579&sftb=1579&msrdp=2&naral=640&vct=512&vphgt=1024&vpwdth=1280&chgt=250&cwdth=970&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isgmpims=1180&engalms=1179&dvp_dpr=1&dvp_valpct=2&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3663&cbust=1675534890472484 HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Date: Sat, 04 Feb 2023 18:20:54 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Expires: 02/03/2023 18:20:54
Pragma: no-cache
tpsc-eu3.doubleverify.com/event.png?impid=1e31236960854c32987742d84de3e9ea&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=70&eoid=14&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=123&tetms=7&msltms=35&vltms=70&sei=146&vetms=15&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=968&msrcannum=4&ismms=46&isumms=46&nvr=3&isgmmims=47&isgmv4mims=46&elmtp=1&isbxdms=2176&b0=100&b2=1758&b3=373&adhgt=250&adwdth=970&norwdth=970&norhgt=250&dvp_vsosnmr=1&lftb=2231&sftb=2231&msrdp=0&naral=704&vct=512&vphgt=1024&vpwdth=1280&chgt=250&cwdth=970&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isgmpims=46&engalms=45&engscrlms=420&dvp_pageEng=true&dvp_dpr=1&dvp_valpct=2&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3125&cbust=1675534890576699
34.149.12.213204 No Content 0 B URL HTTP/1.1 tpsc-eu3.doubleverify.com/event.png?impid=1e31236960854c32987742d84de3e9ea&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=70&eoid=14&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=123&tetms=7&msltms=35&vltms=70&sei=146&vetms=15&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=968&msrcannum=4&ismms=46&isumms=46&nvr=3&isgmmims=47&isgmv4mims=46&elmtp=1&isbxdms=2176&b0=100&b2=1758&b3=373&adhgt=250&adwdth=970&norwdth=970&norhgt=250&dvp_vsosnmr=1&lftb=2231&sftb=2231&msrdp=0&naral=704&vct=512&vphgt=1024&vpwdth=1280&chgt=250&cwdth=970&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isgmpims=46&engalms=45&engscrlms=420&dvp_pageEng=true&dvp_dpr=1&dvp_valpct=2&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3125&cbust=1675534890576699
IP 34.149.12.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /event.png?impid=1e31236960854c32987742d84de3e9ea&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=70&eoid=14&msrjs=3497&sdf=67108870&vit=2&isvelg=1&rmi=16&tltms=123&tetms=7&msltms=35&vltms=70&sei=146&vetms=15&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=968&msrcannum=4&ismms=46&isumms=46&nvr=3&isgmmims=47&isgmv4mims=46&elmtp=1&isbxdms=2176&b0=100&b2=1758&b3=373&adhgt=250&adwdth=970&norwdth=970&norhgt=250&dvp_vsosnmr=1&lftb=2231&sftb=2231&msrdp=0&naral=704&vct=512&vphgt=1024&vpwdth=1280&chgt=250&cwdth=970&invcs=false&scrhgt=1024&scrwdth=1280&strp=0&advisonl=false&isgmpims=46&engalms=45&engscrlms=420&dvp_pageEng=true&dvp_dpr=1&dvp_valpct=2&ee_dp_cvcmeeid=1&metp=2&meeid=1&ttfurm=3125&cbust=1675534890576699 HTTP/1.1
Host: tpsc-eu3.doubleverify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://345e9a87236a79158eaca57d1f248f5a.safeframe.googlesyndication.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 204 No Content
Date: Sat, 04 Feb 2023 18:20:54 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: max-age=0
Expires: 02/03/2023 18:20:54
Pragma: no-cache
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-162fb"
expires: Sun, 05 Feb 2023 18:20:48 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
sharemods.com/frbmurzcs0hj/Timecyc.rar.html
172.67.73.233200 OK 0 B URL HTTP/2 sharemods.com/frbmurzcs0hj/Timecyc.rar.html
IP 172.67.73.233:0
GET /frbmurzcs0hj/Timecyc.rar.html HTTP/1.1
Host: sharemods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:45 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=0;includeSubDomains;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Fri, 03 Feb 2023 18:20:45 GMT
set-cookie: lang=english; domain=.sharemods.com; path=/
affiliate=yLt5H9aP1GAMJS9voUK5HwB960JERnfPdfU9E6%2Bfe2XA4bs9KU4gbchBJbZe2ECf63NWz5hedhnfDfm0CvJNo%2F0MxR7bJOFs; domain=.sharemods.com; path=/; expires=Sat, 18-Feb-2023 18:20:45 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FaF3c8HpqPyaqDi4K5j3%2BjRf7wBoKo8VqyoE%2BkblrktfoCF8svuweEBnLZxjCv4kyEm1vg4F0OfuuaVoK%2BFMVuwOSVleGF3erCdG2OyXBhZ0atc4K%2Bgd93h6RIcqiyE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79456c11cef5b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 1014691
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.id5-sync.com/api/1.0/id5-api.js
104.22.52.86200 OK 0 B URL HTTP/2 cdn.id5-sync.com/api/1.0/id5-api.js
IP 104.22.52.86:0
GET /api/1.0/id5-api.js HTTP/1.1
Host: cdn.id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:47 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: CO+cPK9MlXQ+Pp7rzr8UBe9jXf3QVRyCEIXUUj0WHfDV3zQVrjcz3bOmEOU9iBqkaS9ucJx5v/0=
x-amz-request-id: H722FXZ7MH4EZWKX
last-modified: Wed, 18 Jan 2023 10:47:57 GMT
etag: W/"4d61440f9cbdbb9b0b5a43273c7c3caf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 491
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 79456c1dae780b49-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.onnetwork.tv/css/player86.css?s=1673963806
188.165.21.42200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/css/player86.css?s=1673963806
IP 188.165.21.42:0
GET /css/player86.css?s=1673963806 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: text/css
last-modified: Tue, 17 Jan 2023 13:56:46 GMT
vary: Accept-Encoding
etag: W/"63c6a91e-b317"
expires: Wed, 23 Aug 2023 18:20:48 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.1.1/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.1.1/css/all.css
IP 172.64.133.15:0
GET /releases/v5.1.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: text/css
x-amz-id-2: XbCC/gtqUn8DDkok+8EwDo88Se3uX8PCiR2VGXelmO2Pv0hranYbaS1YGYhk5SF63MEjadqKlO8=
x-amz-request-id: KJ56QCEHJ308MGHB
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"597b70b2ce6b1483f72526c906918fe9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 709734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XH9jN7%2FhnLKEpRT63zSyq%2F23xhO8DB6CbB0ClDSQ0TvbfemjUXgxwasbj%2BMCMxVCY7KOlkd0R%2FgNGRLv1OJNIXAtiQfOy54JCEqGh2Z1R0Pc3XP0cSl8Ri5EQp0LGTzQRxSQx65x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79456c14ae24752d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
IP 178.250.2.146:0
GET /syncframe?origin=publishertag&topUrl=sharemods.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:47 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=793dc27f-39ec-42f7-ba1c-60f96673cdf2; expires=Thu, 29 Feb 2024 18:20:47 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 957396
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=ISzB8l9memdiJTJGa3MlMkZ3YzZUbXVkVnlMTm5CUW1UcVhVRDZ2VkIxM3piZXM3U3lPUSUyQk96M1cyVCUyQkRHb095c2NUVUJRQVhoJTJGbXlzVVZVYVVNSjdzYmQlMkJnRUg0TW0xJTJCZWhSTTlsWHFTa3B5NTN3MzlkZmt2M3RRQjJQcTRiT08zME0yVWV0&info=0jUJQV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g5R20wcW9MWFhEQzNPUmElMkZ4ekxwTDM2M1BCWTRMVGp0RElVUXBpWlZHWg&idsd=1372520355,-53577260&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=ISzB8l9memdiJTJGa3MlMkZ3YzZUbXVkVnlMTm5CUW1UcVhVRDZ2VkIxM3piZXM3U3lPUSUyQk96M1cyVCUyQkRHb095c2NUVUJRQVhoJTJGbXlzVVZVYVVNSjdzYmQlMkJnRUg0TW0xJTJCZWhSTTlsWHFTa3B5NTN3MzlkZmt2M3RRQjJQcTRiT08zME0yVWV0&info=0jUJQV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g5R20wcW9MWFhEQzNPUmElMkZ4ekxwTDM2M1BCWTRMVGp0RElVUXBpWlZHWg&idsd=1372520355,-53577260&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=publishertag&domain=sharemods.com&sn=FirefoxSyncframe&so=3&topUrl=sharemods.com&bundle=ISzB8l9memdiJTJGa3MlMkZ3YzZUbXVkVnlMTm5CUW1UcVhVRDZ2VkIxM3piZXM3U3lPUSUyQk96M1cyVCUyQkRHb095c2NUVUJRQVhoJTJGbXlzVVZVYVVNSjdzYmQlMkJnRUg0TW0xJTJCZWhSTTlsWHFTa3B5NTN3MzlkZmt2M3RRQjJQcTRiT08zME0yVWV0&info=0jUJQV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3g5R20wcW9MWFhEQzNPUmElMkZ4ekxwTDM2M1BCWTRMVGp0RElVUXBpWlZHWg&idsd=1372520355,-53577260&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:49 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 1327037
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
btloader.com/tag?o=5646025299591168&domain=sharemods.com&upapi=true
172.67.70.134200 OK 0 B URL HTTP/2 btloader.com/tag?o=5646025299591168&domain=sharemods.com&upapi=true
IP 172.67.70.134:0
GET /tag?o=5646025299591168&domain=sharemods.com&upapi=true HTTP/1.1
Host: btloader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
etag: W/"d19d5e7c821b32c89c48f91542795b97"
last-modified: Sat, 04 Feb 2023 17:39:52 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 2269
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seVnfx6F2FqHF4MXn0%2B3fPLeDwMAz2hLNiHyBvISVqGB5ZPdv4QtEtIOFMP3GM%2Fr0D6GpHpKKSWUSzF7WUHBw1b1xey26L7iCGYrlh6a4oCndkIjNiyslCLpnwP%2BNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79456c146ee21c12-OSL
content-encoding: br
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.71200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.71:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:50 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 114828
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
stpd.cloud/assets/postbid/stpd201221.js
104.18.30.49200 OK 0 B URL HTTP/2 stpd.cloud/assets/postbid/stpd201221.js
IP 104.18.30.49:0
GET /assets/postbid/stpd201221.js HTTP/1.1
Host: stpd.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: application/javascript
content-md5: /FnTyG7mivuubIGMmM4B7Q==
last-modified: Fri, 03 Feb 2023 11:35:36 GMT
vary: Origin, Accept-Encoding
x-ms-request-id: 032481c9-e01e-002b-42c3-377f5b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
age: 2623
expires: Sat, 04 Feb 2023 22:20:46 GMT
cache-control: public, max-age=14400
access-control-allow-origin: *
server: cloudflare
cf-ray: 79456c177c3cb51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1
IP 178.250.2.146:0
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://sharemods.com/
Origin: https://sharemods.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 501764
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.onnetwork.tv/css/roboto.css
188.165.21.42200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/css/roboto.css
IP 188.165.21.42:0
GET /css/roboto.css HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: text/css
last-modified: Thu, 01 Jul 2021 08:44:40 GMT
vary: Accept-Encoding
etag: W/"60dd8078-194c"
expires: Wed, 23 Aug 2023 18:20:48 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
track.adform.net/csimpr/?bn=60502038&csi=8SX0MAkYAqsUaz4yw5Dp6pLm7F2k7-F1fDIHPwrdWynbNUjYKkRX5toj5KtB9xV16xJPC9al5rlC8X--9pj0nz6d8MIinlShnpjPIH8TCr26DwyRCLXnAV1b-3y6aNgTuMqdpvTjVv8v-nZQ81Upe3bKuz0Wvvaj2bm-msC6R0sl84tBalxnFA2
37.157.6.252200 OK 0 B URL HTTP/2 track.adform.net/csimpr/?bn=60502038&csi=8SX0MAkYAqsUaz4yw5Dp6pLm7F2k7-F1fDIHPwrdWynbNUjYKkRX5toj5KtB9xV16xJPC9al5rlC8X--9pj0nz6d8MIinlShnpjPIH8TCr26DwyRCLXnAV1b-3y6aNgTuMqdpvTjVv8v-nZQ81Upe3bKuz0Wvvaj2bm-msC6R0sl84tBalxnFA2
IP 37.157.6.252:0
POST /csimpr/?bn=60502038&csi=8SX0MAkYAqsUaz4yw5Dp6pLm7F2k7-F1fDIHPwrdWynbNUjYKkRX5toj5KtB9xV16xJPC9al5rlC8X--9pj0nz6d8MIinlShnpjPIH8TCr26DwyRCLXnAV1b-3y6aNgTuMqdpvTjVv8v-nZQ81Upe3bKuz0Wvvaj2bm-msC6R0sl84tBalxnFA2 HTTP/1.1
Host: track.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 18:20:49 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age: 86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
bh.contextweb.com/visitormatch
198.148.27.140302 Found 0 B URL HTTP/2 bh.contextweb.com/visitormatch
IP 198.148.27.140:0
GET /visitormatch HTTP/1.1
Host: bh.contextweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-5ffd6ccc57-ddqc6
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
location: /visitormatch?reat=1
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000
set-cookie: V=cG2tW1rGvYnM;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Tue, 30-Jan-2024 18:20:51 GMT;Max-Age=31104000;SameSite=None
INGRESSCOOKIE=a924df4bfc9e1523; path=/; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/widgets/widgetScrollist.js?s=202209160956
87.98.238.175200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/js/widgets/widgetScrollist.js?s=202209160956
IP 87.98.238.175:0
GET /js/widgets/widgetScrollist.js?s=202209160956 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://video.onnetwork.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: application/javascript
last-modified: Fri, 13 Jan 2023 11:52:32 GMT
vary: Accept-Encoding
etag: W/"63c14600-6a04"
expires: Wed, 23 Aug 2023 18:20:46 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
adx.adform.net/adx/?rp=4&bWlkPTUzMzM5OCZ0cmFuc2FjdGlvbklkPTZlMmRhZTg4LTEwOTMtNGJjZS04ZTQ1LWI1Nzc0NmUyOWU4Yg%3D%3D&pt=gross&stid=031a1563-87c2-44d5-94c2-e7ca1bd395d1&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjAyOWMyZDY4LWIyMjItNDYwNC1hNjA0LTUyODk1MGM5M2FiNCI6WzFdfX0%3D
37.157.6.252200 OK 0 B URL HTTP/2 adx.adform.net/adx/?rp=4&bWlkPTUzMzM5OCZ0cmFuc2FjdGlvbklkPTZlMmRhZTg4LTEwOTMtNGJjZS04ZTQ1LWI1Nzc0NmUyOWU4Yg%3D%3D&pt=gross&stid=031a1563-87c2-44d5-94c2-e7ca1bd395d1&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjAyOWMyZDY4LWIyMjItNDYwNC1hNjA0LTUyODk1MGM5M2FiNCI6WzFdfX0%3D
IP 37.157.6.252:0
GET /adx/?rp=4&bWlkPTUzMzM5OCZ0cmFuc2FjdGlvbklkPTZlMmRhZTg4LTEwOTMtNGJjZS04ZTQ1LWI1Nzc0NmUyOWU4Yg%3D%3D&pt=gross&stid=031a1563-87c2-44d5-94c2-e7ca1bd395d1&fd=1&eids=eyJwdWJjaWQub3JnIjp7IjAyOWMyZDY4LWIyMjItNDYwNC1hNjA0LTUyODk1MGM5M2FiNCI6WzFdfX0%3D HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 18:20:47 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://sharemods.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 18:20:47 GMT
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
etag: W/"63c74972-162fb"
expires: Sun, 05 Feb 2023 18:20:47 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.170200 OK 0 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.170:0
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 85591
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 0 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 849
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.71200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.71:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:49 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 85826
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap
IP 142.250.74.106:0
GET /css2?family=Open+Sans:wght@300;400;700&family=Ubuntu:wght@300;400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 18:20:46 GMT
date: Sat, 04 Feb 2023 18:20:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
188.114.99.234200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
IP 188.114.99.234:0
GET /bootstrap/3.3.7/css/bootstrap-theme.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 08/03/2021 14:28:52
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: e346f97b1d38a339b60e3cf96f044831
cdn-cache: HIT
cf-cache-status: HIT
age: 20978166
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79456c145d240b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
54.230.111.210200 OK 0 B URL HTTP/2 c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
IP 54.230.111.210:0
GET /bao-csm/aps-comm/aps_csm.js HTTP/1.1
Host: c.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 03 Feb 2023 23:37:45 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Fri, 03 Feb 2023 23:37:41 GMT
etag: W/"a4d296427fc806b21335359e398c025c"
cache-control: public, max-age=86400
x-amz-version-id: UbKifkjYJEpp9kioi5dZ9KFE2QW1MpFD
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: haC7AuriTZ_QBGyhzfFOfo6MDzZihw-3wLAx3ieiPM3qxwSe_IL-gw==
age: 67383
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=25asPF9memdiJTJGa3MlMkZ3YzZUbXVkVnlMTm5CVEpESXBJdU9HbENqTGZGajJmdmJzRkVhTm5VMHpTUWZBUmhWeE84WlF2V1MzVUJqRnFhbFpKTGo0U0VEYk1MVm5XcjRDWCUyRkhZV21aVkZuenBqYUNUUXZHdEdEJTJCWnAzTEdEd0JCdmFLNjJa&cw=1&lsw=1
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=25asPF9memdiJTJGa3MlMkZ3YzZUbXVkVnlMTm5CVEpESXBJdU9HbENqTGZGajJmdmJzRkVhTm5VMHpTUWZBUmhWeE84WlF2V1MzVUJqRnFhbFpKTGo0U0VEYk1MVm5XcjRDWCUyRkhZV21aVkZuenBqYUNUUXZHdEdEJTJCWnAzTEdEd0JCdmFLNjJa&cw=1&lsw=1
IP 178.250.2.146:0
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Fsharemods.com%2F&domain=sharemods.com&bundle=25asPF9memdiJTJGa3MlMkZ3YzZUbXVkVnlMTm5CVEpESXBJdU9HbENqTGZGajJmdmJzRkVhTm5VMHpTUWZBUmhWeE84WlF2V1MzVUJqRnFhbFpKTGo0U0VEYk1MVm5XcjRDWCUyRkhZV21aVkZuenBqYUNUUXZHdEdEJTJCWnAzTEdEd0JCdmFLNjJa&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://sharemods.com
server-processing-duration-in-ticks: 1346777
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
188.114.99.234200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP 188.114.99.234:0
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 20984331
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79456c143948fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
188.114.99.234200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP 188.114.99.234:0
GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:46 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 20976445
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79456c144958fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tags.crwdcntrl.net/lt/c/16576/sync.min.js
54.230.111.122200 OK 0 B URL HTTP/2 tags.crwdcntrl.net/lt/c/16576/sync.min.js
IP 54.230.111.122:0
GET /lt/c/16576/sync.min.js HTTP/1.1
Host: tags.crwdcntrl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
last-modified: Thu, 05 Jan 2023 20:07:47 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Sat, 04 Feb 2023 08:35:22 GMT
cache-control: max-age: 86400
etag: W/"322a4a4dadec5839e9040f77edf9282d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ukTCsAnEoYN3cZydUjZM_V0R_HcLMD7wyF2LnF0p6ElBhkVrTnvHRg==
age: 35126
X-Firefox-Spdy: h2
cdn.onnetwork.tv/js/player86/player_utils.js?s=1675521280
188.165.21.42200 OK 0 B URL HTTP/2 cdn.onnetwork.tv/js/player86/player_utils.js?s=1675521280
IP 188.165.21.42:0
GET /js/player86/player_utils.js?s=1675521280 HTTP/1.1
Host: cdn.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: XO.webservantpro
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: application/javascript
last-modified: Sat, 04 Feb 2023 14:34:40 GMT
vary: Accept-Encoding
etag: W/"63de6d00-2cde"
expires: Wed, 23 Aug 2023 18:20:48 GMT
pragma: public
cache-control: max-age=17280000, public
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 0 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 673
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 04 Feb 2023 18:20:51 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
video.onnetwork.tv/frame86.php?id=ffONNPdb0cd051aeedcc3fbc4db058c71ef74d16755348835281&iid=1675534882979&e=1&widget=808&lang=7&onnsfonn=1&mid=NTcwODE0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA%3D&wtop=https%253A%252F%252Fsharemods.com%252Ffrbmurzcs0hj%252FTimecyc.rar.html&apop=0&vpop=0&apopa=0&vpopa=0&cId=pid1675534882979&rrpt=%7B%22hb_rf%22%3A%5B%220%22%5D%2C%22CxSegments%22%3Anull%7D
149.202.118.64200 OK 0 B URL HTTP/2 video.onnetwork.tv/frame86.php?id=ffONNPdb0cd051aeedcc3fbc4db058c71ef74d16755348835281&iid=1675534882979&e=1&widget=808&lang=7&onnsfonn=1&mid=NTcwODE0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA%3D&wtop=https%253A%252F%252Fsharemods.com%252Ffrbmurzcs0hj%252FTimecyc.rar.html&apop=0&vpop=0&apopa=0&vpopa=0&cId=pid1675534882979&rrpt=%7B%22hb_rf%22%3A%5B%220%22%5D%2C%22CxSegments%22%3Anull%7D
IP 149.202.118.64:0
GET /frame86.php?id=ffONNPdb0cd051aeedcc3fbc4db058c71ef74d16755348835281&iid=1675534882979&e=1&widget=808&lang=7&onnsfonn=1&mid=NTcwODE0LDE2eDksMyw1MCwyNTU3LDk3ODQsMSwwLDEsNTAsMCwwLDIsMCwxLDEsMCwwLDQsMCwwLDAsMCwwLDAsMywxLC0xOy0xOzIwOzIwLDAsMCwwLDAsMCwwOzA7MDswOzA7MDswLDA%3D&wtop=https%253A%252F%252Fsharemods.com%252Ffrbmurzcs0hj%252FTimecyc.rar.html&apop=0&vpop=0&apopa=0&vpopa=0&cId=pid1675534882979&rrpt=%7B%22hb_rf%22%3A%5B%220%22%5D%2C%22CxSegments%22%3Anull%7D HTTP/1.1
Host: video.onnetwork.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sharemods.com
Connection: keep-alive
Referer: https://sharemods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
last-modified: Sat, 04 Feb 2023 18:20:47 GMT
expires: Sat, 04 Feb 2023 18:20:48 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
pragma: no-cache
feature-policy: fullscreen *; autoplay;
access-control-allow-origin: https://sharemods.com
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-type: text/html; charset=utf-8
date: Sat, 04 Feb 2023 18:20:47 GMT
server: XO.webservant
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.71200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.71:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 18:20:48 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 108367
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2