Overview

URLredir.me/?www.redgifs.com/watch/criminalenlightenedpupfish
IP 184.154.206.203 (United States)
ASN#32475 SINGLEHOP-LLC
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-29 01:30:30 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (47)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
chaturbate.com (2) 6807 No data No data 104.18.101.40
www.cwchmb.com (2) 0 No data No data 3.232.110.36 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.202.70.174
www.googletagmanager.com (1) 75 2013-05-22 02:07:37 UTC 2022-11-28 20:10:04 UTC 142.250.74.168
stats.g.doubleclick.net (1) 96 2013-06-10 20:21:11 UTC 2022-11-28 19:50:17 UTC 142.250.150.156
data.goasrv.com (1) 0 No data No data 217.22.19.195 Domain (goasrv.com) ranked at: 117069
media.livemediahost.com (2) 0 No data No data 64.210.135.117 Domain (livemediahost.com) ranked at: 249272
pixel.redgifs.com (1) 0 No data No data 104.18.40.219 Domain (redgifs.com) ranked at: 22804
manifest-server.naiadsystems.com (1) 115525 No data No data 207.66.135.93
www.redgifs.com (1) 70372 No data No data 104.18.40.219
r3.o.lencr.org (15) 344 No data No data 23.36.76.226
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-28 05:55:58 UTC 34.102.187.140
www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-11-28 19:50:17 UTC 142.250.74.35
region1.analytics.google.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-28 07:19:27 UTC 216.239.32.36 Domain (google.com) ranked at: 1
cdn.hybridclient.naiadsystems.com (1) 225613 No data No data 69.16.175.10
realtime.pa.highwebmedia.com (12) 24791 No data No data 143.204.55.44
ocsp.sectigo.com (3) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
chatw-62.stream.highwebmedia.com (2) 265383 No data No data 104.19.242.83
ocsp.digicert.com (11) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
redir.me (2) 0 No data No data 184.154.206.203 Unknown ranking
go.goasrv.com (2) 117068 No data No data 217.22.19.196
e1.o.lencr.org (2) 6159 No data No data 23.36.77.32
afgtrwd1.com (3) 178890 No data No data 192.99.16.68
tour.camsoda.com (2) 855080 No data No data 64.210.151.32
api.redgifs.com (6) 62401 No data No data 104.18.40.219
code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2020-04-21 12:46:20 UTC 69.16.175.10
hybridclient.naiadsystems.com (1) 116998 No data No data 207.246.147.63
syndication.realsrv.com (20) 9112 No data No data 95.211.229.248
static-assets.highwebmedia.com (11) 16059 No data No data 104.16.93.42
chatw-62.stream.highwebmedia.com (2) 265383 No data No data 104.19.241.83
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-28 05:53:26 UTC 34.117.237.239
fonts.gstatic.com (3) 0 2014-09-09 00:40:21 UTC 2022-11-28 23:28:37 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
v.vfgte.com (5) 18770 No data No data 18.196.84.70
track.gpsecureads.com (1) 146012 No data No data 18.193.146.82
www.imglnke.com (2) 20315 No data No data 205.185.216.42
a.medfoodsafety.com (2) 0 No data No data 172.64.172.19 Unknown ranking
ocsp.pki.goog (11) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
a.bestcontentfood.top (2) 54526 No data No data 172.64.104.34
s3t3d2y8.afcdn.net (6) 0 No data No data 185.76.9.16 Unknown ranking
cbjpeg.stream.highwebmedia.com (3) 23619 No data No data 131.153.88.90
js-agent.newrelic.com (1) 378 2018-06-22 04:15:37 UTC 2020-05-01 11:44:04 UTC 151.101.86.137
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-28 16:39:41 UTC 142.250.74.10
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
a.realsrv.com (22) 10080 No data No data 185.76.9.14
sfu-ue1-76.naiadsystems.com (1) 0 No data No data 207.66.253.130 Domain (naiadsystems.com) ranked at: 77771
bam.nr-data.net (3) 630 2015-02-10 00:06:27 UTC 2022-05-19 12:27:58 UTC 162.247.241.14

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-29 2 a.bestcontentfood.top/warp/4789803?r=92527 Phishing
2022-11-29 2 a.bestcontentfood.top/warp/4789805?r=76560 Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 184.154.206.203
Date UQ / IDS / BL URL IP
2023-01-29 06:55:41 +0000 0 - 2 - 8 redir.me/?fssquad.com/threads/ashley-suarez-s (...) 184.154.206.203
2023-01-21 22:36:11 +0000 0 - 0 - 6 redir.me/?fapster.xxx/videos/141095/jialissa- (...) 184.154.206.203
2023-01-15 18:21:48 +0000 0 - 0 - 6 redir.me/?netmoflix.com/scandal-officer-maega (...) 184.154.206.203
2023-01-15 11:38:18 +0000 0 - 2 - 0 redir.me/?beacons.ai/jameliz 184.154.206.203
2022-12-21 09:02:51 +0000 0 - 1 - 0 redir.me/?vjav.com/videos/181328/sexy-japanes (...) 184.154.206.203


Last 5 reports on ASN: SINGLEHOP-LLC
Date UQ / IDS / BL URL IP
2023-02-08 10:55:59 +0000 0 - 3 - 0 www.jpfolks.com/forum/ubbthreads.php/forums/2 (...) 198.20.92.85
2023-02-08 07:49:10 +0000 0 - 1 - 0 server2.asap-utilities.com/download/8.x/ASAP_ (...) 173.236.16.83
2023-02-08 07:18:37 +0000 0 - 4 - 2 playingwithfire.biz/justarius.com/gallery/ist (...) 184.154.194.130
2023-02-08 07:18:12 +0000 0 - 4 - 2 playingwithfire.biz/justarius.com/gallery/ist (...) 184.154.194.130
2023-02-08 07:16:24 +0000 0 - 2 - 2 playingwithfire.biz/justarius.com/gallery/ist (...) 184.154.194.130


Last 5 reports on domain: redir.me
Date UQ / IDS / BL URL IP
2023-01-29 06:55:41 +0000 0 - 2 - 8 redir.me/?fssquad.com/threads/ashley-suarez-s (...) 184.154.206.203
2023-01-21 22:36:11 +0000 0 - 0 - 6 redir.me/?fapster.xxx/videos/141095/jialissa- (...) 184.154.206.203
2023-01-15 18:21:48 +0000 0 - 0 - 6 redir.me/?netmoflix.com/scandal-officer-maega (...) 184.154.206.203
2023-01-15 11:38:18 +0000 0 - 2 - 0 redir.me/?beacons.ai/jameliz 184.154.206.203
2022-12-21 09:02:51 +0000 0 - 1 - 0 redir.me/?vjav.com/videos/181328/sexy-japanes (...) 184.154.206.203


No other reports with similar screenshot

JavaScript

Executed Scripts (62)

Executed Evals (9)
#1 JavaScript::Eval (size: 10295) - SHA256: 4fb240e4ee24f7ae5e4ef65ceccb5b96a7597f668ffefabe404227fcc902207d
! function() {
    "use strict";

    function t(n) {
        if (!n) throw new Error("No options passed to Waypoint constructor");
        if (!n.element) throw new Error("No element option passed to Waypoint constructor");
        if (!n.handler) throw new Error("No handler option passed to Waypoint constructor");
        this.key = "waypoint-" + e, this.options = t.Adapter.extend({}, t.defaults, n), this.element = this.options.element, this.adapter = new t.Adapter(this.element), this.ab = n.handler, this.axis = this.options.horizontal ? "horizontal" : "vertical", this.enabled = this.options.enabled, this.triggerPoint = null, this.group = t.Group.findOrCreate({
            name: this.options.group,
            axis: this.axis
        }), this.context = t.Context.findOrCreateByElement(this.options.context), t.offsetAliases[this.options.offset] && (this.options.offset = t.offsetAliases[this.options.offset]), this.group.add(this), this.context.add(this), i[this.key] = this, e += 1
    }
    var e = 0,
        i = {};
    t.prototype.queueTrigger = function(t) {
        this.group.queueTrigger(this, t)
    }, t.prototype.trigger = function(t) {
        this.enabled && this.ab && this.ab.apply(this, t)
    }, t.prototype.destroy = function() {
        this.context.remove(this), this.group.remove(this), delete i[this.key]
    }, t.prototype.disable = function() {
        return this.enabled = !1, this
    }, t.prototype.enable = function() {
        return this.context.refresh(), this.enabled = !0, this
    }, t.prototype.next = function() {
        return this.group.next(this)
    }, t.prototype.previous = function() {
        return this.group.previous(this)
    }, t.invokeAll = function(t) {
        var e = [];
        for (var n in i) e.push(i[n]);
        for (var o = 0, r = e.length; r > o; o++) e[o][t]()
    }, t.destroyAll = function() {
        t.invokeAll("destroy")
    }, t.disableAll = function() {
        t.invokeAll("disable")
    }, t.enableAll = function() {
        t.Context.refreshAll();
        for (var e in i) i[e].enabled = !0;
        return this
    }, t.refreshAll = function() {
        t.Context.refreshAll()
    }, t.viewportHeight = function() {
        return window.innerHeight || document.documentElement.clientHeight
    }, t.viewportWidth = function() {
        return document.documentElement.clientWidth
    }, t.adapters = [], t.defaults = {
        context: window,
        continuous: !0,
        enabled: !0,
        group: "default",
        horizontal: !1,
        offset: 0
    }, t.offsetAliases = {
        "bottom-in-view": function() {
            return this.context.innerHeight() - this.adapter.outerHeight()
        },
        "right-in-view": function() {
            return this.context.innerWidth() - this.adapter.outerWidth()
        }
    }, window.Waypoint = t
}(),
function() {
    "use strict";

    function t(t) {
        window.setTimeout(t, 1e3 / 60)
    }

    function e(t) {
        this.element = t, this.Adapter = o.Adapter, this.adapter = new this.Adapter(t), this.key = "waypoint-context-" + i, this.didScroll = !1, this.didResize = !1, this.oldScroll = {
            x: this.adapter.scrollLeft(),
            y: this.adapter.scrollTop()
        }, this.waypoints = {
            vertical: {},
            horizontal: {}
        }, t.waypointContextKey = this.key, n[t.waypointContextKey] = this, i += 1, o.windowContext || (o.windowContext = !0, o.windowContext = new e(window)), this.createThrottledScrollHandler(), this.createThrottledResizeHandler()
    }
    var i = 0,
        n = {},
        o = window.Waypoint,
        r = window.onload;
    e.prototype.add = function(t) {
        var e = t.options.horizontal ? "horizontal" : "vertical";
        this.waypoints[e][t.key] = t, this.refresh()
    }, e.prototype.checkEmpty = function() {
        var t = this.Adapter.isEmptyObject(this.waypoints.horizontal),
            e = this.Adapter.isEmptyObject(this.waypoints.vertical),
            i = this.element == this.element.window;
        t && e && !i && (this.adapter.off(".waypoints"), delete n[this.key])
    }, e.prototype.createThrottledResizeHandler = function() {
        function t() {
            e.handleResize(), e.didResize = !1
        }
        var e = this;
        this.adapter.on("resize.waypoints", function() {
            e.didResize || (e.didResize = !0, o.requestAnimationFrame(t))
        })
    }, e.prototype.createThrottledScrollHandler = function() {
        function t() {
            e.handleScroll(), e.didScroll = !1
        }
        var e = this;
        this.adapter.on("scroll.waypoints", function() {
            (!e.didScroll || o.isTouch) && (e.didScroll = !0, o.requestAnimationFrame(t))
        })
    }, e.prototype.handleResize = function() {
        o.Context.refreshAll()
    }, e.prototype.handleScroll = function() {
        var t = {},
            e = {
                horizontal: {
                    newScroll: this.adapter.scrollLeft(),
                    oldScroll: this.oldScroll.x,
                    forward: "right",
                    backward: "left"
                },
                vertical: {
                    newScroll: this.adapter.scrollTop(),
                    oldScroll: this.oldScroll.y,
                    forward: "down",
                    backward: "up"
                }
            };
        for (var i in e) {
            var n = e[i],
                o = n.newScroll > n.oldScroll,
                r = o ? n.forward : n.backward;
            for (var s in this.waypoints[i]) {
                var l = this.waypoints[i][s];
                if (null !== l.triggerPoint) {
                    var a = n.oldScroll < l.triggerPoint,
                        h = n.newScroll >= l.triggerPoint,
                        p = a && h,
                        u = !a && !h;
                    (p || u) && (l.queueTrigger(r), t[l.group.id] = l.group)
                }
            }
        }
        for (var d in t) t[d].flushTriggers();
        this.oldScroll = {
            x: e.horizontal.newScroll,
            y: e.vertical.newScroll
        }
    }, e.prototype.innerHeight = function() {
        return this.element == this.element.window ? o.viewportHeight() : this.adapter.innerHeight()
    }, e.prototype.remove = function(t) {
        delete this.waypoints[t.axis][t.key], this.checkEmpty()
    }, e.prototype.innerWidth = function() {
        return this.element == this.element.window ? o.viewportWidth() : this.adapter.innerWidth()
    }, e.prototype.destroy = function() {
        var t = [];
        for (var e in this.waypoints)
            for (var i in this.waypoints[e]) t.push(this.waypoints[e][i]);
        for (var n = 0, o = t.length; o > n; n++) t[n].destroy()
    }, e.prototype.refresh = function() {
        var t, e = this.element == this.element.window,
            i = e ? void 0 : this.adapter.offset(),
            n = {};
        this.handleScroll(), t = {
            horizontal: {
                contextOffset: e ? 0 : i.left,
                contextScroll: e ? 0 : this.oldScroll.x,
                contextDimension: this.innerWidth(),
                oldScroll: this.oldScroll.x,
                forward: "right",
                backward: "left",
                offsetProp: "left"
            },
            vertical: {
                contextOffset: e ? 0 : i.top,
                contextScroll: e ? 0 : this.oldScroll.y,
                contextDimension: this.innerHeight(),
                oldScroll: this.oldScroll.y,
                forward: "down",
                backward: "up",
                offsetProp: "top"
            }
        };
        for (var r in t) {
            var s = t[r];
            for (var l in this.waypoints[r]) {
                var a, h, p, u, d, f = this.waypoints[r][l],
                    c = f.options.offset,
                    w = f.triggerPoint,
                    y = 0,
                    g = null == w;
                f.element !== f.element.window && (y = f.adapter.offset()[s.offsetProp]), "function" == typeof c ? c = c.apply(f) : "string" == typeof c && (c = parseFloat(c), f.options.offset.indexOf("%") > -1 && (c = Math.ceil(s.contextDimension * c / 100))), a = s.contextScroll - s.contextOffset, f.triggerPoint = Math.floor(y + a - c), h = w < s.oldScroll, p = f.triggerPoint >= s.oldScroll, u = h && p, d = !h && !p, !g && u ? (f.queueTrigger(s.backward), n[f.group.id] = f.group) : !g && d ? (f.queueTrigger(s.forward), n[f.group.id] = f.group) : g && s.oldScroll >= f.triggerPoint && (f.queueTrigger(s.forward), n[f.group.id] = f.group)
            }
        }
        return o.requestAnimationFrame(function() {
            for (var t in n) n[t].flushTriggers()
        }), this
    }, e.findOrCreateByElement = function(t) {
        return e.findByElement(t) || new e(t)
    }, e.refreshAll = function() {
        for (var t in n) n[t].refresh()
    }, e.findByElement = function(t) {
        return n[t.waypointContextKey]
    }, window.onload = function() {
        r && r(), e.refreshAll()
    }, o.requestAnimationFrame = function(e) {
        var i = window.requestAnimationFrame || window.mozRequestAnimationFrame || window.webkitRequestAnimationFrame || t;
        i.call(window, e)
    }, o.Context = e
}(),
function() {
    "use strict";

    function t(t, e) {
        return t.triggerPoint - e.triggerPoint
    }

    function e(t, e) {
        return e.triggerPoint - t.triggerPoint
    }

    function i(t) {
        this.name = t.name, this.axis = t.axis, this.id = this.name + "-" + this.axis, this.waypoints = [], this.clearTriggerQueues(), n[this.axis][this.name] = this
    }
    var n = {
            vertical: {},
            horizontal: {}
        },
        o = window.Waypoint;
    i.prototype.add = function(t) {
        this.waypoints.push(t)
    }, i.prototype.clearTriggerQueues = function() {
        this.triggerQueues = {
            up: [],
            down: [],
            left: [],
            right: []
        }
    }, i.prototype.flushTriggers = function() {
        for (var i in this.triggerQueues) {
            var n = this.triggerQueues[i],
                o = "up" === i || "left" === i;
            n.sort(o ? e : t);
            for (var r = 0, s = n.length; s > r; r += 1) {
                var l = n[r];
                (l.options.continuous || r === n.length - 1) && l.trigger([i])
            }
        }
        this.clearTriggerQueues()
    }, i.prototype.next = function(e) {
        this.waypoints.sort(t);
        var i = o.Adapter.inArray(e, this.waypoints),
            n = i === this.waypoints.length - 1;
        return n ? null : this.waypoints[i + 1]
    }, i.prototype.previous = function(e) {
        this.waypoints.sort(t);
        var i = o.Adapter.inArray(e, this.waypoints);
        return i ? this.waypoints[i - 1] : null
    }, i.prototype.queueTrigger = function(t, e) {
        this.triggerQueues[e].push(t)
    }, i.prototype.remove = function(t) {
        var e = o.Adapter.inArray(t, this.waypoints);
        e > -1 && this.waypoints.splice(e, 1)
    }, i.prototype.first = function() {
        return this.waypoints[0]
    }, i.prototype.last = function() {
        return this.waypoints[this.waypoints.length - 1]
    }, i.findOrCreate = function(t) {
        return n[t.axis][t.name] || new i(t)
    }, o.Group = i
}(),
function() {
    "use strict";

    function t(t) {
        return t === t.window
    }

    function e(e) {
        return t(e) ? e : e.defaultView
    }

    function i(t) {
        this.element = t, this.handlers = {}
    }
    var n = window.Waypoint;
    i.prototype.innerHeight = function() {
        var e = t(this.element);
        return e ? this.element.innerHeight : this.element.clientHeight
    }, i.prototype.innerWidth = function() {
        var e = t(this.element);
        return e ? this.element.innerWidth : this.element.clientWidth
    }, i.prototype.off = function(t, e) {
        function i(t, e, i) {
            for (var n = 0, o = e.length - 1; o > n; n++) {
                var r = e[n];
                i && i !== r || t.removeEventListener(r)
            }
        }
        var n = t.split("."),
            o = n[0],
            r = n[1],
            s = this.element;
        if (r && this.handlers[r] && o) i(s, this.handlers[r][o], e), this.handlers[r][o] = [];
        else if (o)
            for (var l in this.handlers) i(s, this.handlers[l][o] || [], e), this.handlers[l][o] = [];
        else if (r && this.handlers[r]) {
            for (var a in this.handlers[r]) i(s, this.handlers[r][a], e);
            this.handlers[r] = {}
        }
    }, i.prototype.offset = function() {
        if (!this.element.ownerDocument) return null;
        var t = this.element.ownerDocument.documentElement,
            i = e(this.element.ownerDocument),
            n = {
                top: 0,
                left: 0
            };
        return this.element.getBoundingClientRect && (n = this.element.getBoundingClientRect()), {
            top: n.top + i.pageYOffset - t.clientTop,
            left: n.left + i.pageXOffset - t.clientLeft
        }
    }, i.prototype.on = function(t, e) {
        var i = t.split("."),
            n = i[0],
            o = i[1] || "__default",
            r = this.handlers[o] = this.handlers[o] || {},
            s = r[n] = r[n] || [];
        s.push(e), this.element.addEventListener(n, e)
    }, i.prototype.outerHeight = function(e) {
        var i, n = this.innerHeight();
        return e && !t(this.element) && (i = window.getComputedStyle(this.element), n += parseInt(i.marginTop, 10), n += parseInt(i.marginBottom, 10)), n
    }, i.prototype.outerWidth = function(e) {
        var i, n = this.innerWidth();
        return e && !t(this.element) && (i = window.getComputedStyle(this.element), n += parseInt(i.marginLeft, 10), n += parseInt(i.marginRight, 10)), n
    }, i.prototype.scrollLeft = function() {
        var t = e(this.element);
        return t ? t.pageXOffset : this.element.scrollLeft
    }, i.prototype.scrollTop = function() {
        var t = e(this.element);
        return t ? t.pageYOffset : this.element.scrollTop
    }, i.extend = function() {
        function t(t, e) {
            if ("object" == typeof t && "object" == typeof e)
                for (var i in e) e.hasOwnProperty(i) && (t[i] = e[i]);
            return t
        }
        for (var e = Array.prototype.slice.call(arguments), i = 1, n = e.length; n > i; i++) t(e[0], e[i]);
        return e[0]
    }, i.inArray = function(t, e, i) {
        return null == e ? -1 : e.indexOf(t, i)
    }, i.isEmptyObject = function(t) {
        for (var e in t) return !1;
        return !0
    }, n.adapters.push({
        name: "noframework",
        Adapter: i
    }), n.Adapter = i
}();
#2 JavaScript::Eval (size: 1229) - SHA256: 609c5dec9fb8f055ad1e0ad48bedaa97ee5222cf78d926fd08b298dc40946cb0
goCtrl.open = function(uri, cb, i) {
    i = i | 0;
    var ob = this;
    var win, uc;
    if (i == 0 && (!goCtrl.abDetected || !goCtrl.bypassAb)) {
        win = window.open(uri, ob.makeId())
    } else {
        if (goCtrl.bypassAb) {
            for (const k in goCtrl.connectors) {
                var uc = goCtrl.connectors[k];
                var i = goCtrl.getItem(uc, 'isproxy', 0);
                if (i == 1) {
                    if (uri.substring(0, 2) == "//") {
                        uri = "http" + (goCtrl.m() ? "s" : "") + ":" + uri
                    }
                    var u = uc.url + "?i=0&act=redir&uri=" + escape(uri);
                    win = window.open(u, ob.makeId())
                }
            }
        }
    }
    setTimeout(function() {
        if (!win || win.closed) {
            cb(false)
        } else {
            cb(true)
        }
    }, 1000)
};
goCtrl.swpvid = function(obj, itemid, subid) {
    var ob = this;
    if (!goCtrl.abDetected) {
        goCtrl.banner.reload(itemid);
        return
    }
    if (obj.src.indexOf("base64") == -1) {
        try {
            ob.loadBin(obj.src, function(ok, s) {
                if (ok) {
                    obj.src = s.replace("image", "video")
                }
            })
        } catch (_0) {}
    } else {
        console.log("another errors", itemid, subid);
        goCtrl.banner.reload(itemid)
    }
};
goCtrl.rma = function(n, ka) {
    var a = [];
    if (n.attributes) {
        for (const at of n.attributes) {
            if (ka.indexOf(at.name) == -1) {
                a.push(at.name)
            }
        };
        for (var i = 0; i < a.length; i++) {
            n.removeAttribute(a[i])
        }
    }
};
goCtrl.k = function(o) {;
    var ob = this;
    if (o.src.indexOf("base64") == -1) {
        try {
            ob.loadBin(o.src, function(ok, s) {
                if (ok) {
                    o.src = s;
                    goCtrl.rma(o, ['src', 'width', 'height', 'id', 'border'])
                } else {
                    ob.Tools.remove(o)
                }
            })
        } catch (_0) {
            console.log(_0)
        }
    }
};
#3 JavaScript::Eval (size: 10439) - SHA256: fd65fd91043fe0d0d0e5f3d9503830fe7e32adab562de3498c2f7c6c0234babc
goCtrl.banner = {
    sTag: "",
    getVersion: function() {
        return "6.7"
    },
    imghwd: [],
    display: function(ii, json) {
        if (goCtrl.getItem(json, 'adtype', '') == 'native') {
            goCtrl.ad(-1, "native", function() {
                goCtrl.native.display(ii, json)
            });
            return
        }
        if (typeof goCtrl.c[ii] == "undefined") {
            return
        }
        if (typeof goCtrl.lazyLoading == 'undefined') {
            goCtrl.lazyLoading = false
        }
        var ai = goCtrl.c[ii];
        ai.data = [];
        var o = this;
        var Bfound = false;
        var bExit = false;
        goCtrl.Tools.getnodes("#" + ai.display).forEach(function(node, i) {
            if (node.getAttribute('run') != '1' || goCtrl.getItem(ai, 'reload', 0) == 1) {
                delete ai.reload;
                if (ai.plugin == "banner") {
                    if (goCtrl.abDetected) {
                        goCtrl.Tools.getnode("#" + ai.display).removeAttribute("style")
                    }
                    if (!goCtrl.Tools.isvisible("#" + ai.display)) {
                        if (goCtrl.getItem(ai, 'isflt', 0) != 1) {
                            if (!goCtrl.abDetected) {
                                goCtrl.i("AdTag " + ai.display + " is not visible, abort loading");
                                console.log("AdTag " + ai.display + " is not visible, abort loading");
                                bExit = true;
                                return true
                            } else {
                                goCtrl.i("AdTag " + ai.display + " is not visible, probably because the active adblocker")
                            }
                        }
                    }
                }
                var h = '';
                var aAds = [];
                if (typeof json.items != 'undefined' && json.items.length > 0) {
                    aAds = json.items;
                    var sId = o.makeId(15);
                    goCtrl.Tools.html(node, '<div id="' + sId + '" style="width:' + json.adwidth + 'px;height:' + json.adheight + 'px;overflow:hidden; margin:0px;padding:0px;"></div>');
                    node = goCtrl.Tools.getnode("#" + sId)
                } else {
                    goCtrl.Tools.html(node, "");
                    aAds.push(json)
                }
                var iSet = 0;
                goCtrl.Tools.attr(node, 'run', '1');
                aAds.forEach(function(ad, i) {
                    if (goCtrl.getItem(ad, 'sellingtype', 'unk') == 'own_ad_eactrl') {
                        ad.type = goCtrl.getItem(ai.defaultad, 'type', 'image');
                        switch (ad.type) {
                            case "image":
                                ad.bannerpath = goCtrl.getItem(ai.defaultad, 'image', '');
                                ad.destinationurl = goCtrl.getItem(ai.defaultad, 'url', '');
                                break;
                            case "iframe":
                                ad.bannerpath = goCtrl.getItem(ai.defaultad, 'iframe', '');
                                break;
                            case "html":
                                ad.html = goCtrl.getItem(ai.defaultad, 'html', '');
                                break
                        }
                        ad.bannertype = ad.type;
                        ad.isrtb = 0;
                        ad.networkid = 0;
                        ad.ispubad = 1
                    }
                    ai.data.push(ad);
                    o.t(ii, ad, function(s) {
                        if (goCtrl.lazyLoading && !goCtrl.Tools.isInFold(node) && typeof Waypoint == 'function') {
                            try {
                                var waypoint = new Waypoint({
                                    element: node,
                                    handler: function(direction) {
                                        goCtrl.i('Ad ' + ai.display + ' visible');
                                        o.execute(node, s, ai, i, ii);
                                        this.destroy()
                                    },
                                    offset: 'bottom-in-view'
                                })
                            } catch (_0) {
                                console.log(_0);
                                o.execute(node, s, ai, i, ii)
                            }
                        } else {
                            o.execute(node, s, ai, i, ii)
                        }
                    }, i)
                });
                Bfound = true;
                return false
            }
        });
        if (bExit) {
            return
        }
        if (!Bfound) {
            goCtrl.i("Could not find element with id:" + ai.display)
        }
    },
    execute: function(node, h, ai, i, ii) {
        var o = this;
        goCtrl.Tools.append(node, h);
        if (typeof ai.onload == "function") {
            try {
                ai.onload(function() {})
            } catch (_0) {
                goCtrl.i("something went wrong with executing the onload function for adtag:" + goCtrl.getItem(ai, 'name', 'unk'));
                goCtrl.i(_0)
            }
        }
        if (goCtrl.abDetected) {
            var s = o.makeId(15) + i;
            goCtrl.Tools.attr(node, 'id', s);
            ai.display = s
        }
        var ir = goCtrl.getItem(ai, 'reloadtime', 0);
        if (ir > 0) {
            if (ir < 30) {
                ir = 30
            }
            ir = (ir * 1000);
            setTimeout(function() {
                if (typeof ai.onbeforeReload == "function") {
                    try {
                        ai.onbeforeReload(function() {
                            o.reload(ii)
                        })
                    } catch (_0) {
                        goCtrl.i("something went wrong with executing the onbeforeReload function for adtag:" + goCtrl.getItem(ai, 'name', 'unk'));
                        goCtrl.i(_0);
                        o.reload(ii)
                    }
                } else {
                    o.reload(ii)
                }
            }, ir)
        }
        o.j(ii, {}, i)
    },
    reload: function(ii) {
        var ai = goCtrl.c[ii];
        ai.q = false;
        try {
            delete ai.data;
            delete ai.q;
            delete ai.btype;
            delete ai.state;
            delete ai.settings
        } catch (e) {}
        ai.reload = 1;
        ai.state = 0;
        goCtrl.run()
    },
    j: function(ii, p, iSubItem) {
        iSubItem = iSubItem | 0;
        var u = 'undefined';
        if (typeof p != u) {
            this.imghwd[ii] = p
        } else {
            var p = this.imghwd[ii]
        }
        var ai = goCtrl.c[ii];
        var px = this.sTag + ii + iSubItem + "px";
        goCtrl.Tools.getnode("#" + px).addEventListener('load', function() {
            goCtrl.banner.q(ii, ai.btype, this, p, iSubItem)
        });
        if (ai.btype == "image" || ai.btype == 'video' || ai.btype == "image_set") {
            goCtrl.Tools.getnode("#" + this.sTag + "u" + ii + '_' + iSubItem).addEventListener('click', function(event) {
                event.stopImmediatePropagation();
                var ad = ai.data;
                if (typeof ad.length != 'undefined') {
                    ad = ad[iSubItem]
                }
                var lc = goCtrl.getItem(ad, 'logclick', '0') == "1";
                if (lc) {
                    url = goCtrl.getItem(ad, 'destinationurl', '')
                } else {
                    var sDomain = "";
                    var u = "undefined";
                    if (typeof goCtrl.ca.ctrl_domain != u && goCtrl.ca.ctrl_domain != "") {
                        sDomain = goCtrl.ca.ctrl_domain
                    }
                    url = sDomain + "/click.go?xref=" + ad.hash
                }
                goCtrl.open(url, function(ok) {
                    if (ok) {
                        if (lc) {
                            var uri = 'act=logclick&xref=' + ad.hash;
                            goCtrl.o('logclick', uri, 0, {
                                result: function(a) {}
                            })
                        }
                        goCtrl.bkLog('click', ii, {
                            isiframe: 0
                        })
                    }
                });
                return false
            })
        }
    },
    q: function(ii, ah, s, p, iSubItem) {
        var u = 'undefined';
        iSubItem = iSubItem | 0;
        if (goCtrl.abDetected) {
            if (typeof ah != u) {
                if (ah == 'img') {
                    if (typeof goCtrl.Tools.getnode(s).getAttribute('class') != u) {
                        goCtrl.i("Swap image because ab blocked");
                        goCtrl.k(s);
                        return
                    }
                }
            }
        }
        if (typeof p != u && typeof p.onload != u) {
            p.onload()
        }
        var a = goCtrl.c[ii].data;
        if (typeof a.length != 'undefined') {
            a = a[iSubItem]
        }
        if (typeof a.q != 'undefined' && a.q) {
            this.reload(ii);
            return
        } else {
            var ai = goCtrl.c[ii];
            if (goCtrl.abDetected && ai.data.type == 'image' && ai.plugin == "banner") {
                if (!goCtrl.Tools.isvisible("#" + ai.display)) {
                    goCtrl.Tools.attr("#" + ai.display, "style", "display:block !important");
                    if (!goCtrl.Tools.isvisible("#" + ai.display)) {
                        goCtrl.i("Ad hided by adblocker");
                        return
                    }
                } else {
                    if (!goCtrl.Tools.isvisible("#" + this.sTag + ii)) {
                        goCtrl.Tools.attr("#" + this.sTag + ii, "style", "display:block !important");
                        if (!goCtrl.Tools.isvisible("#" + this.sTag + ii)) {
                            goCtrl.i("Ad hided by adblocker");
                            return
                        }
                    }
                }
            }
            goCtrl.c[ii].q = true;
            goCtrl.i(ai.plugin + ' ItemId:' + ii + " finished");
            if (typeof a.nurl != u && a.nurl != '') {
                var ul = a.nurl.replace('${AUCTION_PRICE}', a.bid);
                var si = '<img src="' + ul + '" border="0" width="1" height="1"/>';
                goCtrl.Tools.append('body', si)
            }
            goCtrl.ch(a.hash);
            goCtrl.bkLog('view', ii)
        }
    },
    iframe: function(a) {
        var h = '<iframe class=""  name="' + goCtrl.getItem(a, 'name', '') + '" id="' + goCtrl.getItem(a, 'id', '') + '" src="' + goCtrl.getItem(a, 'url', '') + '"  width="' + goCtrl.getItem(a, 'width', '') + '" height="' + goCtrl.getItem(a, 'height', '') + '"  scrolling="' + goCtrl.getItem(a, 'scroll', 'no') + '" frameborder="0"></iframe>';
        goCtrl.Tools.html("#" + a.display, h);
        if ("undefined" != typeof(a.onerror)) {
            goCtrl.Tools.getnode("#" + a.id).addEventListener('error', function() {
                try {
                    goCtrl.Tools.html("#" + a.display, '');
                    a.onerror()
                } catch (_0) {}
            })
        }
        if ("undefined" != typeof(a.onload)) {
            goCtrl.Tools.getnode("#" + a.id).addEventListener('load', function() {
                try {
                    a.onload()
                } catch (_0) {}
            })
        }
    },
    open: function(uri) {
        var win = window.open(uri);
        setTimeout(function() {
            if (!win || win.closed) {
                top.location = uri
            }
        }, 500)
    },
    makeId: function(iMax) {
        var t = "";
        var s = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
        for (var i = 0; i < iMax; i++) {
            t += s.charAt(Math.floor(Math.random() * s.length))
        }
        return t
    },
    vidloaded: function(vid) {
        alert(test)
    },
    t: function(ii, json, z, i) {
        var iSubItem = 0;
        if (i != null) {
            iSubItem = i
        }
        if (this.sTag == '') {
            var i = Math.floor((Math.random() * 10) + 1);
            this.sTag = this.makeId(i)
        }
        var ai = goCtrl.c[ii];
        var b = '';
        var h = '';
        var DynamicBanner = (goCtrl.getItem(json.settings, 'isdynamic', 0) == 1);
        if (DynamicBanner) {
            if (json.settings.width.responsive == 1) {
                b = 'width="100%"'
            } else {
                b = 'width="' + json.settings.width.value + '"'
            }
            if (json.settings.height.responsive == 1) {
                b += ' height="100%"'
            } else {
                b += ' height="' + json.settings.height.value + '"'
            }
        } else {
            if (ai.responsive == '1') {
                b = 'width="100%"'
            } else {
                b = 'width="' + json.adwidth + '" height="' + json.adheight + '"'
            }
        }
        goCtrl.c[ii].btype = json.type;
        var ttl = goCtrl.getItem(json, 'ainfo', '');
        if (ttl != '') {
            ttl = 'title="' + ttl + '" '
        }
        var px = String(this.sTag + ii + iSubItem + 'px');
        switch (json.type) {
            case "img_base64":
                h = '<a id="' + this.sTag + 'u' + ii + '_' + iSubItem + '"  href="#" rel="nofollow"><img ' + ttl + '  id="' + this.sTag + ii + '_' + iSubItem + '" src="%%img%%" ' + b + ' border="0"/></a>';
                h += '<img width="0" height="0"  id="' + px + '" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg=="/>';
                h = h.replace('%%img%%', json.imgdata);
                break;
            case "iframe":
                var iframe = json.bannerpath;
                h = '<span id="frmtrck_' + ii + '_' + iSubItem + '" bnrid="' + ii + '_' + iSubItem + '"><iframe ' + ttl + ' sandbox="allow-same-origin allow-popups allow-popups-to-escape-sandbox allow-scripts allow-top-navigation-by-user-activation allow-forms" src="' + iframe + '" ' + b + '  id="' + this.sTag + ii + '_' + iSubItem + '" frameborder="0" scrolling="no" marginwidth="0" marginheight="0"></iframe></span>';
                h += '<img width="0" height="0"  id="' + px + '" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg=="/>';
                break;
            case "image_set":
                h = '<a id="' + this.sTag + 'u' + ii + '_' + iSubItem + '"  href="#" rel="sponsored noopener nofollow">';
                var spath = json.bannerpath;
                if (!goCtrl.abDetected) {
                    h += '<picture id="' + this.sTag + ii + '_' + iSubItem + '">';
                    for (var k in json.files) {
                        if (k != 'org') {
                            h += '<source srcset="' + spath + '/' + json.files[k] + '" type="image/' + k + '">'
                        }
                    }
                    h += '<img ' + ttl + '  src="' + spath + '/' + json.files.org + '"  ' + b + '></picture>'
                } else {
                    var sm = '';
                    if (json.files.org != null && json.files.org != '') {
                        sm = json.files.org
                    } else {
                        sm = json.files.webp
                    }
                    h += '<img ' + ttl + '  id="' + this.sTag + ii + '_' + iSubItem + '" src="' + spath + '/' + sm + '" ' + b + ' border="0" onerror="goCtrl.k(this)"/>'
                }
                h += '</a><img width="0" height="0"  id="' + px + '" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg=="/>';
                break;
            case "image":
                var bi = false;
                var f = json.bannerpath;
                h = '<a id="' + this.sTag + 'u' + ii + '_' + iSubItem + '"  href="#" rel="sponsored noopener nofollow"><img ' + ttl + '  id="' + this.sTag + ii + '_' + iSubItem + '" src="%%img%%" ' + b + ' border="0" onerror="goCtrl.k(this)"/></a>';
                h += '<img width="0" height="0"  id="' + px + '" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg=="/>';
                h = h.replace('%%img%%', f);
                break;
            case 'html':
                var h = json.html;
                h += '<img width="0" height="0" id="' + px + '" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg=="/>';
                break;
            case 'video':
                f = json.bannerpath;
                h = '<a id="' + this.sTag + 'u' + ii + '_' + iSubItem + '"  href="#" rel="sponsored noopener nofollow"' + b + '><video id="' + this.sTag + '_1' + ii + '_' + iSubItem + '" playsinline autoplay loop  ' + b + ' onload="goCtrl.banner.vidloaded(this)" src="' + f + '" type="video/mp4" onerror="goCtrl.swpvid(this,' + ii + ',' + iSubItem + ')"></video></a>';
                h += '<img width="0" height="0"  id="' + px + '" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg=="/>';
                break;
            default:
                goCtrl.i("unknown bannertype:" + json.type);
                break
        }
        if (typeof json.imp_trackingurl != 'undefined' && json.imp_trackingurl != '') {
            h += '<img style="width:0px;height:0px;" width="0" height="0" src="' + json.imp_trackingurl + '" onerror="goCtrl.Tools.remove(this)" border="0"/>'
        }
        z(h)
    }
};
#4 JavaScript::Eval (size: 4453) - SHA256: 5af10fb43c9f724f4ec8ca5a60cdbe08332911c90bbfea8cbc0ae17c1ecc1570
goCtrl.fpa = {
    cq: false,
    bv: false,
    ismobile: false,
    ctrlName: 'fpa',
    IsLoaded: false,
    aHtml: [],
    lsett: {
        url: "",
        target: ""
    },
    getVersion: function() {
        return "4.7"
    },
    fire: function(ii) {
        var Html = this.aHtml[ii];
        if (typeof Html != 'undefined') {
            goCtrl.Tools.append('body', Html);
            this.IsLoaded = true
        }
    },
    display: function(ii, ai) {
        if (this.bv) {
            return
        }
        if (goCtrl.browserInfo.ismobile) {
            goCtrl.Tools.append('head', '<meta name="viewport" content="width=device-width,height=device-height,initial-scale=1.0"/>');
            this.ismobile = true
        }
        var Html = '';
        var uri = ai.destinationurl;
        if (uri.indexOf('?')) {
            uri += '&nojump'
        } else {
            uri += '?nojump'
        }
        var s;
        if (typeof goCtrl.sCloseFpaButtonHtml != 'undefined' && goCtrl.sCloseFpaButtonHtml != '') {
            s = goCtrl.sCloseFpaButtonHtml
        } else {
            s = '<button style="height:40px;font-size:19px;margin-top:5px;margin-right:5px;"><b>Close</b></button>'
        }
        Html += '<div id="fpa_layer" style="display:none;background-color:#ffffff;position:absolute;z-index:1000000000000;top:0px;left:0px;width:100%;height:100%;margin:0,0,0,0;overflow:hidden;">' + '<div id="fpa_top" style="background-color:#000000;height:50px;overflow:hidden;width:100%; margin:0,0,0,0;">' + '<div id="fpa_close_button" style="float:right;" onclick="goCtrl.fpa.close();"><a title="Close ' + (goCtrl.isPreview ? 'Preview' : 'Ad') + '">' + s + '</a></div>' + '</div><div id="fpa_loader"  class="fpa_loader" style="overflow:auto;-webkit-overflow-scrolling:touch; height: 100%; width: 100%;">' + '<iframe framborder="0" sandbox="allow-same-origin allow-scripts allow-popups allow-forms" style="padding:0;margin:0;border:0;margin:0;" width="100%" height="100%" id="fpa_frame" onload="goCtrl.fpa.q(' + ii + ');" src="' + uri + '" onerror="goCtrl.fpa.error()"></iframe>' + '</div><style id="fpa_css" type="text/css">fpa_frame{overflow-y:scroll !important;border:none;top:0;left:0;margin:0;padding:0;width:100%;height:100%;-webkit-overflow-scrolling: touch}';
        if (this.ismobile) {
            Html += '.fpa_loader{display: inline-block;-webkit-overflow-scrolling: touch;overflow-y: scroll}.fpa_loader .fpa_loader{width:100%}'
        }
        Html += '</style></div>';
        var ob = this;
        ob.aHtml[ii] = Html;
        if (goCtrl.isPreview) {
            ob.fire(ii)
        } else {
            var ch = function(t, e) {
                try {
                    if (!ob.IsLoaded) {
                        var phref = t.getAttribute("href");
                        var ptarget = t.getAttribute("target");
                        if (phref !== '#' && phref != "" && phref !== 'javascript:void(0)') {
                            if (ptarget != null) {
                                ob.lsett.target = ptarget
                            }
                            ob.lsett.url = phref;
                            goCtrl.cm = true;
                            ob.IsLoaded = true;
                            goCtrl.Tools.append('body', Html);
                            e.preventDefault();
                            e.stopPropagation();
                            e.stopImmediatePropagation();
                            ob.cq = true;
                            goCtrl.q(ii)
                        }
                    }
                } catch (_0) {}
            };
            goCtrl.Tools.on("click", 'a', function(e) {
                ch(e.target, e)
            });
            goCtrl.Tools.on("click", '*', function(e) {
                if (ob.IsLoaded) {
                    return
                }
                var el = e.target;
                while (el) {
                    if (el.nodeName == 'A') {
                        ch(el, e);
                        return
                    }
                    el = el.parentNode
                }
            })
        }
    },
    error: function() {
        goCtrl.i("error in loading FPA,probably blocked ");
        this.close()
    },
    close: function() {
        goCtrl.Tools.remove("#fpa_layer");
        if (this.ismobile) {
            goCtrl.Tools.show('body > :not(#fpa_layer)')
        }
        goCtrl.Tools.css('body', {
            overflow: ''
        });
        goCtrl.cm = false;
        if (goCtrl.isPreview) {
            this.IsLoaded = false;
            this.bv = false
        }
        if (typeof this.lsett.url != 'undefined') {
            if (this.lsett.url != null && this.lsett.url != "") {
                if (this.lsett.target.search('blank') >= 0) {
                    var w = window.open(this.lsett.url, '_1');
                    this.lsett = {
                        url: "",
                        target: ""
                    }
                } else {
                    top.location.href = this.lsett.url
                }
            }
        }
    },
    q: function(ii) {
        if (this.bv) {
            return
        }
        if (this.ismobile) {
            goCtrl.Tools.hide('body > :not(#fpa_layer)')
        }
        goCtrl.Tools.css('body', {
            overflow: 'hidden'
        });
        window.scrollTo(0, 0);
        this.bv = true;
        goCtrl.Tools.show("#fpa_layer");
        goCtrl.Tools.on(window, 'resize', function() {
            goCtrl.fpa.by()
        });
        goCtrl.Tools.on(document, 'scroll', function() {
            goCtrl.fpa.cn()
        });
        goCtrl.Tools.on(window, "orientationchange", function(event) {
            goCtrl.fpa.by()
        });
        setTimeout("goCtrl.fpa.bx()", 3000);
        setTimeout("goCtrl.fpa.by();", 1000);
        this.by()
    },
    bx: function() {
        goCtrl.Tools.fadeIn("#fpa_close_button", 2500)
    },
    gw: function(i) {
        try {
            return (i.innerWidth ? i.innerWidth : (i.offsetWidth ? i.offsetWidth : (i.screen != null ? i.screen.availWidth : 0)))
        } catch (_0) {
            return goCtrl.Tools.width(i)
        }
    },
    by: function() {
        var cp = goCtrl.Tools.height(window);
        goCtrl.Tools.css('#fpa_layer', {
            height: cp + 'px'
        });
        cp -= (goCtrl.Tools.height('#fpa_top'));
        goCtrl.Tools.css('#fpa_loader', {
            height: cp + 'px'
        });
        goCtrl.Tools.css('#fpa_frame', {
            height: cp + 'px'
        });
        if (this.ismobile) {
            var iWidth = this.gw(window);
            goCtrl.Tools.css('#fpa_layer', {
                width: iWidth + 'px'
            });
            goCtrl.Tools.css('#fpa_frame', {
                width: iWidth + 'px'
            })
        }
    },
    co: function() {
        return (window.orientation === 90 || window.orientation === -90)
    },
    cn: function() {
        if (this.bv) {
            window.scrollTo(0, 0);
            this.by()
        }
    },
};
#5 JavaScript::Eval (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
#6 JavaScript::Eval (size: 11887) - SHA256: 6d323a2471f40b4c0c55cb1a8dd341496e70a77c755711475e6ee0e17337e77f
goCtrl.banner = {
    sTag: "",
    getVersion: function() {
        return "7.4"
    },
    imghwd: [],
    wpc: false,
    haswebp: false,
    display: function(ii, json) {
        var o = this;
        if (goCtrl.getItem(json, 'adtype', '') == 'native') {
            goCtrl.ad(-1, "native", function() {
                json.adtype = 'banner';
                goCtrl.native.display(ii, json)
            });
            return
        }
        if (typeof goCtrl.c[ii] == "undefined") {
            return
        }
        if (typeof goCtrl.lazyLoading == 'undefined') {
            goCtrl.lazyLoading = false
        }
        var ai = goCtrl.c[ii];
        ai.data = [];
        var Bfound = false;
        var bExit = false;
        var aNodes = goCtrl.Tools.getnodes("#" + ai.display);
        aNodes.forEach(function(node, i) {
            if (node.getAttribute('run') != '1' || goCtrl.getItem(ai, 'reload', 0) == 1) {
                if (!Bfound) {
                    delete ai.reload;
                    if (ai.plugin == "banner") {
                        if (goCtrl.abDetected) {
                            goCtrl.Tools.getnode("#" + ai.display).removeAttribute("style")
                        }
                        if (!goCtrl.Tools.isvisible("#" + ai.display)) {
                            if (goCtrl.getItem(ai, 'isflt', 0) != 1) {
                                if (!goCtrl.abDetected) {
                                    goCtrl.i("AdTag " + ai.display + " is not visible, abort loading");
                                    console.log("AdTag " + ai.display + " is not visible, abort loading");
                                    bExit = true;
                                    return true
                                } else {
                                    goCtrl.i("AdTag " + ai.display + " is not visible, probably because the active adblocker")
                                }
                            }
                        }
                    }
                    var h = '';
                    var aAds = [];
                    if (typeof json.items != 'undefined' && json.items.length > 0) {
                        aAds = json.items;
                        var sId = o.makeId(15);
                        goCtrl.Tools.html(node, '<div id="' + sId + '" style="width:' + json.adwidth + 'px;height:' + json.adheight + 'px;overflow:hidden; margin:0px;padding:0px;"></div>');
                        node = goCtrl.Tools.getnode("#" + sId)
                    } else {
                        goCtrl.Tools.html(node, "");
                        aAds.push(json)
                    }
                    var iSet = 0;
                    goCtrl.Tools.attr(node, 'run', '1');
                    aAds.forEach(function(ad, i) {
                        if (goCtrl.getItem(ad, 'sellingtype', 'unk') == 'own_ad_eactrl') {
                            ad.type = goCtrl.getItem(ai.defaultad, 'type', 'image');
                            switch (ad.type) {
                                case "image":
                                    ad.bannerpath = goCtrl.getItem(ai.defaultad, 'image', '');
                                    ad.destinationurl = goCtrl.getItem(ai.defaultad, 'url', '');
                                    break;
                                case "iframe":
                                    ad.bannerpath = goCtrl.getItem(ai.defaultad, 'iframe', '');
                                    break;
                                case "html":
                                    ad.html = goCtrl.getItem(ai.defaultad, 'html', '');
                                    break
                            }
                            ad.bannertype = ad.type;
                            ad.isrtb = 0;
                            ad.networkid = 0;
                            ad.ispubad = 1
                        }
                        ai.data.push(ad);
                        o.t(ii, ad, function(s) {
                            if (goCtrl.lazyLoading && !goCtrl.Tools.isInFold(node) && typeof Waypoint == 'function') {
                                try {
                                    var waypoint = new Waypoint({
                                        element: node,
                                        handler: function(direction) {
                                            o.execute(node, s, ai, i, ii);
                                            this.destroy()
                                        },
                                        offset: 'bottom-in-view'
                                    })
                                } catch (_0) {
                                    console.log(_0);
                                    o.execute(node, s, ai, i, ii)
                                }
                            } else {
                                o.execute(node, s, ai, i, ii)
                            }
                        }, i)
                    });
                    Bfound = true
                }
                return
            }
        });
        if (bExit) {
            return
        }
        if (!Bfound) {
            goCtrl.i("Could not find element with id:" + ai.display)
        }
    },
    execute: function(node, h, ai, i, ii) {
        var o = this;
        goCtrl.Tools.append(node, h);
        if (typeof ai.onload == "function") {
            try {
                ai.onload(function() {})
            } catch (_0) {
                goCtrl.i("something went wrong with executing the onload function for adtag:" + goCtrl.getItem(ai, 'name', 'unk'));
                goCtrl.i(_0)
            }
        }
        if (goCtrl.abDetected) {
            var s = o.makeId(15) + i;
            goCtrl.Tools.attr(node, 'id', s);
            ai.display = s
        }
        var ir = goCtrl.getItem(ai, 'reloadtime', 0);
        if (ir > 0) {
            if (ir < 4) {
                ir = 4
            }
            ir = (ir * 1000);
            setTimeout(function() {
                if (typeof ai.onbeforeReload == "function") {
                    try {
                        ai.onbeforeReload(function() {
                            o.reload(ii)
                        })
                    } catch (_0) {
                        goCtrl.i("something went wrong with executing the onbeforeReload function for adtag:" + goCtrl.getItem(ai, 'name', 'unk'));
                        goCtrl.i(_0);
                        o.reload(ii)
                    }
                } else {
                    o.reload(ii)
                }
            }, ir)
        }
        o.j(ii, {}, i)
    },
    reload: function(ii) {
        var ai = goCtrl.c[ii];
        ai.q = false;
        try {
            delete ai.data;
            delete ai.q;
            delete ai.btype;
            delete ai.state;
            delete ai.settings
        } catch (e) {}
        ai.reload = 1;
        ai.state = 0;
        goCtrl.run()
    },
    j: function(ii, p, iSubItem) {
        iSubItem = iSubItem | 0;
        var u = 'undefined';
        if (typeof p != u) {
            this.imghwd[ii] = p
        } else {
            var p = this.imghwd[ii]
        }
        var ai = goCtrl.c[ii];
        var px = this.sTag + ii + iSubItem + "px";
        var n = goCtrl.Tools.getnode("#" + px);
        if (n) {
            n.addEventListener('load', function() {
                goCtrl.banner.q(ii, ai.btype, this, p, iSubItem)
            })
        } else {
            console.log("cannot find pixel node")
        }
        if (ai.btype == "image" || ai.btype == 'video' || ai.btype == "image_set") {
            var na = goCtrl.Tools.getnode("#" + this.sTag + "u" + ii + '_' + iSubItem);
            if (na) {
                na.addEventListener('click', function(event) {
                    event.stopImmediatePropagation();
                    var ad = ai.data;
                    if (typeof ad.length != 'undefined') {
                        ad = ad[iSubItem]
                    }
                    var lc = goCtrl.getItem(ad, 'logclick', '0') == "1";
                    if (lc) {
                        url = goCtrl.getItem(ad, 'destinationurl', '')
                    } else {
                        var sDomain = "";
                        var u = "undefined";
                        if (typeof goCtrl.ca.ctrl_domain != u && goCtrl.ca.ctrl_domain != "") {
                            sDomain = goCtrl.ca.ctrl_domain
                        }
                        url = sDomain + "/click.go?xref=" + ad.hash
                    }
                    goCtrl.open(url, function(ok) {
                        if (ok) {
                            if (lc) {
                                var uri = 'act=logclick&xref=' + ad.hash;
                                goCtrl.o('logclick', uri, 0, {
                                    result: function(a) {}
                                })
                            }
                            goCtrl.bkLog('click', ii, {
                                isiframe: 0
                            })
                        }
                    });
                    return false
                })
            } else {
                console.log("cannot find node ", "#" + this.sTag + "u" + ii + '_' + iSubItem)
            }
        }
    },
    q: function(ii, ah, s, p, iSubItem) {
        var u = 'undefined';
        iSubItem = iSubItem | 0;
        if (goCtrl.abDetected) {
            if (typeof ah != u) {
                if (ah == 'img') {
                    if (typeof goCtrl.Tools.getnode(s).getAttribute('class') != u) {
                        goCtrl.i("Swap image because ab blocked");
                        goCtrl.k(s);
                        return
                    }
                }
            }
        }
        if (typeof p != u && typeof p.onload != u) {
            p.onload()
        }
        var a = goCtrl.c[ii].data;
        if (typeof a.length != 'undefined') {
            a = a[iSubItem]
        }
        if (typeof a.q != 'undefined' && a.q) {
            this.reload(ii);
            return
        } else {
            var ai = goCtrl.c[ii];
            if (goCtrl.abDetected && ai.data.type == 'image' && ai.plugin == "banner") {
                if (!goCtrl.Tools.isvisible("#" + ai.display)) {
                    goCtrl.Tools.attr("#" + ai.display, "style", "display:block !important");
                    if (!goCtrl.Tools.isvisible("#" + ai.display)) {
                        goCtrl.i("Ad hided by adblocker");
                        return
                    }
                } else {
                    if (!goCtrl.Tools.isvisible("#" + this.sTag + ii)) {
                        goCtrl.Tools.attr("#" + this.sTag + ii, "style", "display:block !important");
                        if (!goCtrl.Tools.isvisible("#" + this.sTag + ii)) {
                            goCtrl.i("Ad hided by adblocker");
                            return
                        }
                    }
                }
            }
            goCtrl.c[ii].q = true;
            goCtrl.i(ai.plugin + ' ItemId:' + ii + " finished");
            if (typeof a.nurl != u && a.nurl != '') {
                var ul = a.nurl.replace('${AUCTION_PRICE}', a.bid);
                var si = '<img src="' + ul + '" border="0" width="1" height="1"/>';
                goCtrl.Tools.append('body', si)
            }
            goCtrl.ch(a.hash);
            goCtrl.bkLog('view', ii)
        }
    },
    iframe: function(a) {
        var h = '<iframe class=""  name="' + goCtrl.getItem(a, 'name', '') + '" id="' + goCtrl.getItem(a, 'id', '') + '" src="' + goCtrl.getItem(a, 'url', '') + '"  width="' + goCtrl.getItem(a, 'width', '') + '" height="' + goCtrl.getItem(a, 'height', '') + '"  scrolling="' + goCtrl.getItem(a, 'scroll', 'no') + '" frameborder="0"></iframe>';
        goCtrl.Tools.html("#" + a.display, h);
        if ("undefined" != typeof(a.onerror)) {
            goCtrl.Tools.getnode("#" + a.id).addEventListener('error', function() {
                try {
                    goCtrl.Tools.html("#" + a.display, '');
                    a.onerror()
                } catch (_0) {}
            })
        }
        if ("undefined" != typeof(a.onload)) {
            goCtrl.Tools.getnode("#" + a.id).addEventListener('load', function() {
                try {
                    a.onload()
                } catch (_0) {}
            })
        }
    },
    open: function(uri) {
        var win = window.open(uri);
        setTimeout(function() {
            if (!win || win.closed) {
                top.location = uri
            }
        }, 500)
    },
    makeId: function(iMax) {
        var t = "";
        var s = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
        for (var i = 0; i < iMax; i++) {
            t += s.charAt(Math.floor(Math.random() * s.length))
        }
        return t
    },
    vidloaded: function(vid) {
        alert(test)
    },
    t: function(ii, json, z, i) {
        var o = this;
        if (!o.wpc) {
            o.wpc = true;
            o.hasWebP(function(ok) {
                o.haswebp = ok;
                o.t(ii, json, z, i)
            });
            return
        }
        var iSubItem = 0;
        if (i != null) {
            iSubItem = i
        }
        if (this.sTag == '') {
            var i = Math.floor((Math.random() * 10) + 1);
            this.sTag = this.makeId(i)
        }
        var ai = goCtrl.c[ii];
        var b = '';
        var h = '';
        var DynamicBanner = (goCtrl.getItem(json.settings, 'isdynamic', 0) == 1);
        if (DynamicBanner) {
            if (json.settings.width.responsive == 1) {
                b = 'width="100%"'
            } else {
                b = 'width="' + json.settings.width.value + '"'
            }
            if (json.settings.height.responsive == 1) {
                b += ' height="100%"'
            } else {
                b += ' height="' + json.settings.height.value + '"'
            }
        } else {
            if (ai.responsive == '1') {
                b = 'width="100%"'
            } else {
                b = 'width="' + json.adwidth + '" height="' + json.adheight + '"'
            }
        }
        goCtrl.c[ii].btype = json.type;
        var ttl = goCtrl.getItem(json, 'ainfo', '');
        if (ttl != '') {
            ttl = 'title="' + ttl + '" '
        }
        var px = String(this.sTag + ii + iSubItem + 'px');
        switch (json.type) {
            case "img_base64":
                h = '<a id="' + this.sTag + 'u' + ii + '_' + iSubItem + '"  href="#" rel="sponsored noopener nofollow noindex"><img ' + ttl + '  id="' + this.sTag + ii + '_' + iSubItem + '" src="%%img%%" ' + b + ' border="0"/></a>';
                h += '<img width="0" height="0"  id="' + px + '" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg=="/>';
                h = h.replace('%%img%%', json.imgdata);
                break;
            case "iframe":
                var iframe = json.bannerpath;
                h = '<span id="frmtrck_' + ii + '_' + iSubItem + '" bnrid="' + ii + '_' + iSubItem + '"><iframe ' + ttl + '  rel="sponsored noopener nofollow noindex" sandbox="allow-same-origin allow-popups allow-popups-to-escape-sandbox allow-scripts allow-top-navigation-by-user-activation allow-forms" src="' + iframe + '" ' + b + '  id="' + this.sTag + ii + '_' + iSubItem + '" frameborder="0" scrolling="no" marginwidth="0" marginheight="0"></iframe></span>';
                h += '<img width="0" height="0"  id="' + px + '" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg=="/>';
                break;
            case "image_set":
                h = '<a id="' + this.sTag + 'u' + ii + '_' + iSubItem + '"  href="#" rel="sponsored noopener nofollow noindex">';
                var spath = json.bannerpath;
                if (!goCtrl.abDetected && o.haswebp) {
                    var sm = '';
                    if (json.files.webp != null && json.files.webp != '') {
                        sm = json.files.webp
                    } else {
                        sm = json.files.org
                    }
                    h += '<img ' + ttl + '  id="' + this.sTag + ii + '_' + iSubItem + '" src="' + spath + '/' + sm + '" ' + b + ' border="0" onerror="goCtrl.k(this)"/>'
                } else {
                    var sm = '';
                    if (json.files.org != null && json.files.org != '') {
                        sm = json.files.org
                    } else {
                        sm = json.files.webp
                    }
                    h += '<img ' + ttl + '  id="' + this.sTag + ii + '_' + iSubItem + '" src="' + spath + '/' + sm + '" ' + b + ' border="0" onerror="goCtrl.k(this)"/>'
                }
                h += '</a><img width="0" height="0"  id="' + px + '" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg=="/>';
                break;
            case "image":
                var bi = false;
                var f = json.bannerpath;
                h = '<a id="' + this.sTag + 'u' + ii + '_' + iSubItem + '"  href="#" rel="sponsored noopener nofollow noindex"><img ' + ttl + '  id="' + this.sTag + ii + '_' + iSubItem + '" src="%%img%%" ' + b + ' border="0" onerror="goCtrl.k(this)"/></a>';
                h += '<img width="0" height="0"  id="' + px + '" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg=="/>';
                h = h.replace('%%img%%', f);
                break;
            case 'html':
                var h = json.html;
                h += '<img width="0" height="0" id="' + px + '" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg=="/>';
                break;
            case 'video':
                f = json.bannerpath;
                h = '<a id="' + this.sTag + 'u' + ii + '_' + iSubItem + '"  href="#" rel="sponsored noopener nofollow noindex" ' + b + '>';
                var alt = goCtrl.getItem(json, 'alt_image', '');
                if (alt != '') {
                    h += '<video id="' + this.sTag + '_1' + ii + '_' + iSubItem + '" autoplay muted playsinline loop data-object-fit="cover" onload="goCtrl.banner.vidloaded(this)" ' + b + ' src="' + f + '" type="video/mp4" altimg="' + alt + '" onerror="goCtrl.banner.swpvid(this)"></video></a>'
                } else {
                    h += '<video id="' + this.sTag + '_1' + ii + '_' + iSubItem + '" autoplay muted playsinline loop data-wf-ignore="true" data-object-fit="cover"  ' + b + ' onload="goCtrl.banner.vidloaded(this)" src="' + f + '" type="video/mp4" onerror="goCtrl.swpvid(this,' + ii + ',' + iSubItem + ')"></video></a>'
                }
                h += '<img width="0" height="0"  id="' + px + '" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk+M9QDwADhgGAWjR9awAAAABJRU5ErkJggg=="/>';
                break;
            default:
                goCtrl.i("unknown bannertype:" + json.type);
                break
        }
        if (typeof json.imp_trackingurl != 'undefined' && json.imp_trackingurl != '') {
            h += '<img style="width:0px;height:0px;" width="0" height="0" src="' + json.imp_trackingurl + '" onerror="goCtrl.Tools.remove(this)" border="0"/>'
        }
        z(h)
    },
    swpvid: function(vid) {
        var imgpath = vid.getAttribute('altimg');
        var img = document.createElement('img');
        goCtrl.i("video " + vid.src + " got replaced with " + imgpath + " because a error");
        var p = vid.parentNode;
        img.src = imgpath;
        img.setAttribute('width', vid.getAttribute('width'));
        img.setAttribute('height', vid.getAttribute('height'));
        img.setAttribute('onerror', "goCtrl.k(this)");
        img.setAttribute('id', vid.getAttribute('id'));
        p.insertBefore(img, vid);
        p.removeChild(vid)
    },
    hasWebP: function(cb) {
        var img = document.createElement("img");
        img.onload = function() {
            if (img.width === 2 && img.height === 1) {
                cb(true)
            } else {
                cb(false)
            }
        };
        img.onerror = function() {
            cb(false)
        };
        img.src = "data:image/webp;base64,UklGRh4AAABXRUJQVlA4TBEAAAAvAQAAAAfQ//73v/+BiOh/AAA="
    }
};
#7 JavaScript::Eval (size: 26777) - SHA256: 1fa22a2a50c2459ee6eb9ccdc03b8cdca45c5481f58efec3a2a184b037a31fb8
var goCtrl = {
    datadomain: '',
    datafailover_domain: '',
    refurl: '',
    datapath: 'data',
    connectors: {},
    ctrlId: 'ictrlid',
    sCtrlName: 'goCtrl',
    bypassAb: true,
    ag: {},
    ca: {},
    iWaitMs: 0,
    abDetected: false,
    al: false,
    v: false,
    jq: null,
    w: false,
    c: [],
    f_print: 'unknown',
    browserInfo: [],
    plugins: [],
    aPlugins: ['banner', 'floater', 'fpa', 'im', 'invideo', 'native', 'video', 'pop', 'videoslider', 'fxim_banner', 'native_webpush', 'native_bar', 'tabs', 'dyn_banner', 'tools'],
    an: [],
    ao: [],
    cr: [],
    cs: false,
    ap: false,
    ax: [],
    debugOn: true,
    iTime: 0,
    isPaused: false,
    sLastStatus: '',
    bSlowConn: false,
    bFirstStart: false,
    bSkipAdding: false,
    bSkipConnecting: false,
    initDataLoaded: false,
    videoAdRunning: false,
    aSkippedAds: [],
    ck: [],
    ci: 0,
    cj: 0,
    cl: 0,
    PageLoading: "",
    awHwnd: [],
    rid: 0,
    sRequestType: 'POST',
    lazyLoading: false,
    isPreview: false,
    cm: false,
    lvJs: false,
    sCloseButtonHtml: "<img alt='Close Ad' style='background:#ffffff;border-radius: 50%;margin:2px' width='24' height='24' src='data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iaXNvLTg4NTktMSI/Pg0KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDE5LjAuMCwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPg0KPHN2ZyB2ZXJzaW9uPSIxLjEiIGlkPSJDYXBhXzEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4Ig0KCSB2aWV3Qm94PSIwIDAgNDk2IDQ5NiIgc3R5bGU9ImVuYWJsZS1iYWNrZ3JvdW5kOm5ldyAwIDAgNDk2IDQ5NjsiIHhtbDpzcGFjZT0icHJlc2VydmUiPg0KPGc+DQoJPGc+DQoJCTxnPg0KCQkJPHBhdGggZD0iTTI0OCwwQzExMS4wMzMsMCwwLDExMS4wMzMsMCwyNDhzMTExLjAzMywyNDgsMjQ4LDI0OHMyNDgtMTExLjAzMywyNDgtMjQ4QzQ5NS44NDEsMTExLjA5OSwzODQuOTAxLDAuMTU5LDI0OCwweg0KCQkJCSBNMjQ4LDQ4MEMxMTkuODcsNDgwLDE2LDM3Ni4xMywxNiwyNDhTMTE5Ljg3LDE2LDI0OCwxNnMyMzIsMTAzLjg3LDIzMiwyMzJDNDc5Ljg1OSwzNzYuMDcyLDM3Ni4wNzIsNDc5Ljg1OSwyNDgsNDgweiIvPg0KCQkJPHBhdGggZD0iTTM2MS4xMzYsMTM0Ljg2NGMtMy4xMjQtMy4xMjMtOC4xODgtMy4xMjMtMTEuMzEyLDBMMjQ4LDIzNi42ODhMMTQ2LjE3NiwxMzQuODY0Yy0zLjA2OS0zLjE3OC04LjEzNC0zLjI2Ni0xMS4zMTItMC4xOTcNCgkJCQljLTMuMTc4LDMuMDY5LTMuMjY2LDguMTM0LTAuMTk3LDExLjMxMmMwLjA2NCwwLjA2NywwLjEzLDAuMTMyLDAuMTk3LDAuMTk3TDIzNi42ODgsMjQ4TDEzNC44NjQsMzQ5LjgyNA0KCQkJCWMtMy4xNzgsMy4wNy0zLjI2Niw4LjEzNC0wLjE5NiwxMS4zMTJjMy4wNywzLjE3OCw4LjEzNCwzLjI2NiwxMS4zMTIsMC4xOTZjMC4wNjctMC4wNjQsMC4xMzItMC4xMywwLjE5Ni0wLjE5NkwyNDgsMjU5LjMxMg0KCQkJCWwxMDEuODI0LDEwMS44MjRjMy4xNzgsMy4wNyw4LjI0MiwyLjk4MiwxMS4zMTItMC4xOTZjMi45OTUtMy4xLDIuOTk1LTguMDE2LDAtMTEuMTE2TDI1OS4zMTIsMjQ4bDEwMS44MjQtMTAxLjgyNA0KCQkJCUMzNjQuMjU5LDE0My4wNTIsMzY0LjI1OSwxMzcuOTg4LDM2MS4xMzYsMTM0Ljg2NHoiLz4NCgkJPC9nPg0KCTwvZz4NCjwvZz4NCjxnPg0KPC9nPg0KPGc+DQo8L2c+DQo8Zz4NCjwvZz4NCjxnPg0KPC9nPg0KPGc+DQo8L2c+DQo8Zz4NCjwvZz4NCjxnPg0KPC9nPg0KPGc+DQo8L2c+DQo8Zz4NCjwvZz4NCjxnPg0KPC9nPg0KPGc+DQo8L2c+DQo8Zz4NCjwvZz4NCjxnPg0KPC9nPg0KPGc+DQo8L2c+DQo8Zz4NCjwvZz4NCjwvc3ZnPg0K'/>",
    getVersion: function() {
        return "6.3"
    },
    GetMyId: function() {
        return this.ctrlId
    },
    reset: function() {
        this.bSkipAdding = false;
        this.aSkippedAds = [];
        this.c = [];
        this.ax = []
    },
    pause: function() {
        this.isPaused = true
    },
    resume: function() {
        this.isPaused = false;
        this.run()
    },
    backLog: function(stype, json) {},
    ch: function(a) {
        this.ci = Date.now();
        this.cj++;
        this.ck.push(a)
    },
    cg: function() {
        var o = this;
        if (o.ck.length > 0 && o.ci < (o.Tools.now() - 60)) {
            var b = o.ck;
            o.ck = [];
            var u = 'act=logmultiimp';
            var i = 0;
            b.forEach(function(v, k) {
                if (v != '') {
                    u += '&logitem[' + i + ']=' + v;
                    o.cl++;
                    i++
                }
            });
            if (i > 0) {
                goCtrl.o('logimp', u, 0, {
                    result: function(d) {}
                })
            }
        }
    },
    runSkippedAds: function() {
        var n = this;
        n.pause();
        n.aSkippedAds.forEach(function(v, k) {
            n.ad(v)
        });
        n.resume()
    },
    isInFold: function(a) {
        return goCtrl.Tools.isInFold(a)
    },
    bkLog: function(stype, ii, json, ai) {
        if (ai == null || typeof ai == 'undefined') {
            var ai = goCtrl.c[ii]
        }
        var o = goCtrl;
        if (typeof json != 'object') {
            var json = {}
        }
        json.uniqid = o.f_print;
        json.itemid = ii;
        json.adzone = o.getItem(ai, 'name', 'unk');
        json.plugin = o.getItem(ai, 'plugin', 'unk');
        json.spaceid = ai.sid;
        json.subid = ai.subid;
        if (typeof ai.data != 'undefined') {
            json.spaceid = ai.data.spaceid;
            json.siteid = ai.data.siteid;
            if (ai.plugin == 'banner' || ai.plugin == 'native') {
                json.adpos = ai.data.pos
            } else {
                json.adpos = {
                    left: 0,
                    top: 0
                }
            }
            if (typeof ai.data.xparams != 'undefined') {
                var xparams = ai.data.xparams;
                delete xparams.bid;
                json.forEach(function(v, i) {
                    xparams[i] = v
                });
                json = xparams
            }
        }
        goCtrl.backLog(stype, json)
    },
    init: function() {
        if (goCtrl.al) {
            return
        }
        if (goCtrl.PageLoading == "" || goCtrl.PageLoading.indexOf("http") == -1) {
            goCtrl.PageLoading = goCtrl.getItem(document, 'location', '')
        }
        if (typeof goCtrlRecs != 'undefined') {
            goCtrlRecs.forEach(function(funct, i) {
                goCtrl.ax.push(funct);
                delete goCtrlRecs[i]
            })
        }
        goCtrl.al = true;
        goCtrl.Tools.docready(function() {
            goCtrl.start(1);
            setInterval(function() {
                goCtrl.cg()
            }, 1000)
        })
    },
    cb: function() {
        if (document.body != null && typeof document.body != 'undefined') {
            var el = document.createElement('div');
            el.id = 'adsbox';
            el.innerHTML = '<h2>&nbsp;</h2>';
            document.body.appendChild(el);
            if (el.offsetHeight === 0) {
                goCtrl.abDetected = true;
                goCtrl.runAbFuncts()
            }
            return goCtrl.abDetected
        } else {
            goCtrl.abDetected = true;
            goCtrl.runAbFuncts();
            return true
        }
    },
    start: function(dr) {
        goCtrl.cb();
        var aPlugins = [];
        goCtrl.aPlugins.forEach(function(v, i) {
            var o = goCtrl.checkPlugin(v, true);
            if (o !== false) {
                aPlugins.push({
                    f: v,
                    v: o
                })
            }
        });
        goCtrl.ap = true;
        goCtrl.ax.forEach(function(v, i) {
            goCtrl.add(v)
        });
        goCtrl.ax = [];
        goCtrl.w = true;
        goCtrl.run(aPlugins)
    },
    makeId: function(im) {
        var t = "";
        var s = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
        for (var i = 0; i < im; i++) {
            t += s.charAt(Math.floor(Math.random() * s.length))
        }
        return t
    },
    openModal: function(aParms) {
        var sid = goCtrl.makeId(10);
        var uri = goCtrl.getItem(aParms, 'uri', '');
        if (uri == '') {
            goCtrl.i("No url given to open the modal");
            return
        }
        var bOpenOnHide = goCtrl.getItem(aParms, 'reopen_onhide', false);
        var sBgColor = goCtrl.getItem(aParms, 'bgcolor', '#000000');
        var sDivStyle = 'display:block;background-color:' + sBgColor + ';position:absolute;z-index:1000000000000;top:0px;left:0px;width:100%;height:100%;margin:0,0,0,0;overflow:hidden;';
        var sFrameStyle = 'position: absolute; ' + (!goCtrl.browserInfo.ismobile ? ' left:50%;top: 50%;transform: translate(-50%, -50%);' : 'left:0px;top:0px;');
        goCtrl.Tools.append('head', '<style>#' + sid + '_3{' + sDivStyle + '} #' + sid + '_4{' + sFrameStyle + '}</style>');
        setTimeout(function() {
            var h = '<div id="' + sid + '_3"><iframe  id="' + sid + '_4" ' + (!goCtrl.browserInfo.ismobile ? ' width="90%" height="90%"' : 'width="100%" height="100%"') + ' frameborder="0" src="' + uri + '"></iframe><div>';
            goCtrl.Tools.append('body', h);
            if (bOpenOnHide) {
                oReCheck = function() {
                    if (goCtrl.Tools.isvisible('#' + sid + '_3')) {
                        setTimeout("oReCheck()", 1000)
                    } else {
                        goCtrl.Tools.remove("#" + sid);
                        goCtrl.openModal(aParms)
                    }
                };
                setTimeout("oReCheck()", 1000)
            }
        }, 1500)
    },
    getSettings: function() {
        return goCtrl.ca
    },
    aq: function(j) {
        var u = 'undefined';
        goCtrl.ar(j);
        if (u != typeof(j.logo_data) && j.logo_data != '') {
            goCtrl.ce = j.logo_data
        }
        if (u != typeof(j.closebtn_data) && j.closebtn_data != '') {
            goCtrl.cf = j.closebtn_data
        }
        if (u != typeof(j.browserinfo)) {
            goCtrl.browserInfo = j.browserinfo
        }
        if (u != typeof(j.datadomain)) {
            goCtrl.datadomain = j.datadomain
        }
        if (u != typeof(j.datapath)) {
            goCtrl.datapath = j.datapath
        }
        if (u != typeof(j.refurl)) {
            goCtrl.refurl = j.refurl
        }
        if (u != typeof(j.plugininfo)) {
            goCtrl.an = j.plugininfo
        }
        if (u != typeof(j.siteinfo)) {
            goCtrl.siteinfo = j.siteinfo
        }
        if (u != typeof(j.ctrlsettings)) {
            goCtrl.ca = j.ctrlsettings
        }
        if (u != typeof(j.abrestictions)) {
            goCtrl.ag = j.abrestictions
        }
        if (u != typeof(j.cmd)) {
            try {
                eval(j.cmd)
            } catch (_0) {
                console.log(_0)
            }
        }
        if (typeof(j.errors) != 'undefined') {
            goCtrl.au(j.errors)
        }
        goCtrl.initDataLoaded = true;
        goCtrl.ao.forEach(function(f, i) {
            try {
                f()
            } catch (_0) {
                goCtrl.i(_0)
            }
        });
        goCtrl.rid = 0;
        goCtrl.rid = setInterval("goCtrl.checkHiddenAds()", 500)
    },
    checkHiddenAds: function() {
        if (goCtrl.isPaused) {
            return
        }
        var bFound = false,
            iCnt = 0;
        goCtrl.c.forEach(function(val, i) {
            if (val.state == -1) {
                iCnt++;
                if (goCtrl.Tools.isvisible("#" + val.display)) {
                    goCtrl.i("AdTag: " + val.display + ' ItemId' + i + ' Is visible again');
                    goCtrl.c[i].state = 0;
                    bFound = true;
                    iCnt--
                }
            }
        });
        if (bFound) {
            goCtrl.run()
        }
    },
    onAbDetected: function(f) {
        goCtrl.cr.push(f)
    },
    runAbFuncts: function() {
        if (goCtrl.cs) {
            return
        }
        goCtrl.cs = true;
        goCtrl.cr.forEach(function(funct, i) {
            try {
                funct()
            } catch (_0) {
                goCtrl.i(_0)
            }
        })
    },
    onReady: function(f) {
        if (!goCtrl.al) {
            goCtrl.ao.push(f)
        } else {
            try {
                f()
            } catch (_0) {
                goCtrl.i(_0)
            }
        }
    },
    af: function(obj, filter) {
        var s = '';
        this.ag.forEach(function(v, i) {
            if (typeof filter == 'undefined' || typeof filter[i] != 'undefined') {
                s += (s != '' ? ',' : '') + '"' + i + '"' + ':"' + v + '"'
            }
        });
        return '{' + s + '}'
    },
    i: function(ovar) {
        if (goCtrl.debugOn) {
            console.log(ovar)
        }
    },
    Add: function(a, cb) {
        this.add(a, cb)
    },
    add: function(a, cb) {
        if (goCtrl.bSkipAdding) {
            goCtrl.aSkippedAds.push(a);
            return
        }
        if (!goCtrl.ap) {
            goCtrl.ax.push(a);
            return
        }
        if (goCtrl.abDetected && goCtrl.getItem(goCtrl.ag, a.plugin, 'yes') == 'no') {
            return
        }
        a.state = 0;
        var i = goCtrl.c.length;
        goCtrl.c.push(a);
        if (goCtrl.w && !goCtrl.isPaused) {
            var aPlugins = [];
            goCtrl.aPlugins.forEach(function(funct, i) {
                var o = goCtrl.checkPlugin(funct, true);
                if (o !== false) {
                    aPlugins.push({
                        f: funct,
                        v: o
                    })
                }
            });
            goCtrl.run(aPlugins)
        }
        if (typeof cb != 'undefined') {
            cb(i)
        }
    },
    runOnErrors: function() {
        goCtrl.c.forEach(function(val, i) {
            if (typeof val.onerror == 'function') {
                if (typeof val.cf == 'undefined' && val.state == '1') {
                    goCtrl.c[i].cf = 1;
                    try {
                        val.onerror(i, goCtrl.getItem(val, 'display', 'unknown'))
                    } catch (_0) {
                        goCtrl.i("something went wrong with executing the onerror handler in addtag:" + goCtrl.getItem(val, 'display', 'unknown') + ' SpaceId:' + goCtrl.getItem(val, 'sid', 'Unknown'));
                        goCtrl.i(_0)
                    }
                }
            }
        })
    },
    o: function(sact, ay, as, av) {
        if (!goCtrl.lvJs && goCtrl.abDetected && !goCtrl.bypassAb) {
            goCtrl.i("Request cancelled, enable the option bypassAb to get this running");
            return
        }
        var at = '';
        var ck = -1;
        var iStart = 0;
        var iEnd = 0;
        var ob = this;
        var uc;
        for (const k in goCtrl.connectors) {
            uc = goCtrl.connectors[k];
            if (typeof uc.isfailed == 'undefined') {
                goCtrl.connectors[k].isfailed = 0
            }
            if (!goCtrl.lvJs && goCtrl.abDetected) {
                if (!goCtrl.getItem(uc, 'isproxy', 0)) {
                    continue
                }
            }
            if (!uc.isfailed) {
                ck = k;
                at = uc.url;
                break
            }
        }
        if (at == '') {
            goCtrl.backLog('error', {
                msg: 'no connectionurl available',
                abdetected: goCtrl.abDetected
            });
            return false
        }
        if (goCtrl.abDetected) {
            ay += '&ab=1'
        }
        ay += '&hastouch=' + ('ontouchend' in document);
        if (sact != 'loadimage' && (typeof(as) == "undefined" || as == 0)) {
            ay += '&time=' + (new Date).getTime();
            ay += '&is_ssl=' + (goCtrl.m() ? '1' : '0');
            ay += '&ctrlname=' + goCtrl.sCtrlName;
            ay += '&ctrlid=' + goCtrl.ctrlId + '&version=' + parseFloat(goCtrl.getVersion());
            ay += '&ispreview=' + goCtrl.isPreview;
            if (goCtrl.Gup("nocap") == 1 || goCtrl.isPreview) {
                ay += '&nocap=1'
            }
            ay += '&itime=' + goCtrl.iTime;
            if (sact == 'init' || sact == 'get') {
                ay += '&doc=' + escape(goCtrl.PageLoading);
                ay += '&ref=' + escape(goCtrl.getItem(document, 'referrer', ''));
                ay += '&sh=' + goCtrl.getItem(screen, 'height', 0);
                ay += '&sw=' + goCtrl.getItem(screen, 'width', 0);
                if (goCtrl.debugOn) {
                    ay += '&de' + 'bug=1'
                }
                var tm = "-1";
                try {
                    tm = new Date().toString().match(/([-\+][0-9]+)\s/)[1];
                    tm = tm.replace('+', '')
                } catch (_0) {
                    tm = "-1"
                }
                if (typeof tm == 'undefined' || tm == null || tm == '') {
                    tm = '-1'
                }
                ay += '&tz=' + tm;
                try {
                    ay += '&dh=' + parseInt(goCtrl.Tools.dh()) + '&dw=' + parseInt(goCtrl.Tools.dw());
                    ay += '&p_title=' + escape(ob.utf8_encode(goCtrl.Tools.find("title").innerText))
                } catch (_0) {}
            }
        }
        var sdata_Type = "json";
        if (sact == "loadplugin" || sact == "logimp") {
            sdata_Type = "text"
        }
        try {
            var i = '';
            var sMethod = goCtrl.sRequestType;
            if (sact == "loadimage") {
                i = ay
            } else {
                i = 's=' + goCtrl.encode(ay)
            }
            iStart = goCtrl.Tools.now();
            var http = new XMLHttpRequest();

            function tC(evt) {
                var rjdata = evt.target.response;
                if (rjdata != null && typeof rjdata.error != 'undefined') {
                    goCtrl.i("there was an error " + rjdata.error);
                    if (rjdata.error == 'connect_error') {
                        if (sact == 'get') {
                            goCtrl.bSkipConnecting = true;
                            goCtrl.runOnErrors()
                        }
                    }
                } else {
                    goCtrl.sLastStatus = 'success';
                    iEnd = goCtrl.Tools.now();
                    if (sact == "init") {
                        var iC = (iEnd - iStart);
                        if (goCtrl.iTime < iC) {
                            goCtrl.iTime = iC
                        }
                        goCtrl.i("Total Init Request Time:" + goCtrl.iTime)
                    }
                    if (rjdata === undefined || rjdata == null) {
                        if (typeof(av) != 'undefined' && typeof(av.result) != 'undefined') {
                            rjdata = {
                                success: false,
                                data: {}
                            };
                            return av.result(rjdata)
                        }
                    } else {
                        if (typeof(rjdata.errors) != 'undefined') {
                            goCtrl.au(rjdata.errors)
                        }
                        if (typeof(av) != 'undefined' && typeof(av.result) != 'undefined') {
                            return av.result(rjdata)
                        } else {
                            goCtrl.handleResult(sact, rjdata)
                        }
                    }
                }
            }

            function tF(evt) {
                var xhr = evt.target;
                if (typeof(av) != 'undefined' && typeof(av.error) != 'undefined') {
                    av.error()
                }
                goCtrl.sLastStatus = xhr.sTxt;
                if (xhr.status == 0 && xhr.timeout == 0) {
                    if (as == 0 && !goCtrl.abDetected) {
                        if (goCtrl.cb()) {
                            if (goCtrl.bypassAb) {
                                goCtrl.o(sact, ay, 1, av)
                            } else {
                                goCtrl.i("enable the bypassab option to get ads");
                                goCtrl.runOnErrors()
                            }
                        }
                    } else {
                        goCtrl.runOnErrors()
                    }
                    return
                } else if (xhr.status != 200) {
                    goCtrl.runOnErrors();
                    return
                }
            }
            try {
                http.addEventListener("load", tC);
                http.addEventListener("error", tF);
                http.open("POST", at);
                http.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
                http.responseType = sdata_Type;
                http.send(i)
            } catch (_0) {
                console.log(_0)
            }
        } catch (_0) {
            console.log(_0);
            goCtrl.i("Adblocker detected (catch error)");
            goCtrl.runAbFuncts();
            goCtrl.abDetected = true;
            if (goCtrl.bypassAb) {
                goCtrl.o(sact, ay, 1, av)
            } else {
                goCtrl.i("enable the bypassab option to get ads")
            }
        }
    },
    loadBin: function(s, c) {
        var ob = this;
        ob.o("loadimage", "&act=getimage&f=" + s, 0, {
            result: function(ar) {
                var sd = '';
                if (typeof ar.errors != 'undefined') {
                    ar.errors.forEach(function(v, i) {
                        if (typeof v != 'undefined' && v != '') {
                            ob.i(v)
                        }
                    })
                }
                c(ar.success, ar.data)
            },
            error: function() {
                c(false, '')
            }
        })
    },
    swpvid: function(obj, itemid, subid) {
        var ob = this;
        if (!goCtrl.abDetected) {
            goCtrl.banner.reload(itemid);
            return
        }
        if (obj.src.indexOf("base64") == -1) {
            try {
                ob.loadBin(obj.src, function(ok, s) {
                    if (ok) {
                        obj.src = s.replace("image", "video");
                        var vid = obj.parentNode();
                        ob.Tools.attr(vid, "style", "");
                        var pnode = obj.parentNode().parentNode();
                        ob.Tools.remove(obj.parentNode());
                        pnode.append(vid[0].outerHTML)
                    }
                })
            } catch (_0) {
                console.log(_0)
            }
        } else {
            console.log("another errors", itemid, subid);
            goCtrl.banner.reload(itemid)
        }
    },
    rma: function(node, ka) {
        var a = [];
        node.attributes.forEach(function(attr, i) {
            if (ka.indexOf(attr.name) == -1) {
                a.push(attr.name)
            }
        });
        for (var i = 0; i < a.length; i++) {
            node.removeAttribute(a[i])
        }
    },
    k: function(o) {;
        var ob = this;
        if (o.src.indexOf("base64") == -1) {
            try {
                ob.loadBin(o.src, function(ok, s) {
                    if (ok) {
                        o.src = s;
                        goCtrl.rma(l, ['src', 'width', 'height', 'id', 'border'])
                    } else {
                        ob.Tools.remove(o)
                    }
                })
            } catch (_0) {
                console.log(_0)
            }
        }
    },
    open: function(uri, cb, i) {
        i = i | 0;
        var ob = this;
        var win;
        if (i == 0 && (!goCtrl.abDetected || !goCtrl.bypassAb)) {
            win = window.open(uri, ob.makeId())
        } else {
            if (goCtrl.bypassAb) {
                goCtrl.connectors.forEach(function(connector, i) {
                    var i = goCtrl.getItem(connector, 'isproxy', 0);
                    if (i == 1) {
                        if (uri.substring(0, 2) == "//") {
                            uri = "http" + (goCtrl.m() ? "s" : "") + ":" + uri
                        }
                        var u = connector.url + "?i=0&act=redir&uri=" + escape(uri);
                        win = window.open(u, ob.makeId())
                    }
                })
            }
        }
        setTimeout(function() {
            if (!win || win.closed) {
                cb(false)
            } else {
                cb(true)
            }
        }, 1000)
    },
    handleResult: function(sact, j) {
        switch (sact) {
            case 'get':
                if (typeof j.init_res != 'undefined') {
                    goCtrl.aq(j.init_res)
                }
                goCtrl.ar(j);
                if (typeof j.results != 'undefined') {
                    j.results.forEach(function(d, i) {
                        try {
                            goCtrl.cm = goCtrl.cm | false;

                            function ds() {
                                if (goCtrl.cm) {
                                    setTimeout(function() {
                                        ds()
                                    });
                                    return
                                }
                                goCtrl.display(d.itemid, d)
                            }
                            ds()
                        } catch (_0) {
                            console.log(_0)
                        }
                    })
                }
                break
        }
    },
    ar: function(j) {
        if ('undefined' != typeof(j.plugins)) {
            j.plugins.forEach(function(v, i) {
                try {
                    eval(v)
                } catch (_0) {
                    goCtrl.i("error in loading plugin");
                    console.log(_0)
                }
            })
        }
    },
    ad: function(ii, ac, cb) {
        if (goCtrl.checkPlugin(ac)) {
            if ('undefined' != typeof cb) {
                try {
                    cb()
                } catch (_0) {
                    goCtrl.i("Error in executing call back in plugin:" + ac + " Error:" + _0)
                }
                return
            }
            if (ii > -1) {
                var ai = goCtrl.c[ii];
                goCtrl.c[ii].state = 2;
                goCtrl.display(ii, ai.data)
            }
            return
        }
        goCtrl.i('loading plugin:' + ac);
        goCtrl.plugins.push(ac);
        goCtrl.o('loadplugin', '&act=loadplugin&plugins[0]=' + ac + '&ctrl=' + goCtrl.sCtrlName, 0, {
            result: function(a) {
                try {
                    eval(a);
                    if ('undefined' != typeof cb) {
                        cb();
                        return
                    }
                    if (ii > -1) {
                        var ai = goCtrl.c[ii];
                        goCtrl.c[ii].state = 2;
                        goCtrl.display(ii, ai.data)
                    }
                } catch (_0) {
                    console.log(_0);
                    goCtrl.i("error in loading plugin:" + ac)
                }
            }
        })
    },
    watch: function(ii, cb) {
        var ad = goCtrl.c[ii].data;
        if (typeof ad != 'object' || goCtrl.c[ii].d_called == 0) {
            setTimeout(function() {
                goCtrl.watch(ii, cb)
            }, 500)
        } else {
            cb(ad)
        }
    },
    display: function(ii, j) {
        var ai = goCtrl.c[ii];
        if (goCtrl.c[ii].state != 2) {
            goCtrl.c[ii].state = 2;
            goCtrl.c[ii].d_called = 0;
            goCtrl.c[ii].settings = goCtrl.getItem(j, 'settings', {}, false);
            goCtrl.c[ii].data = j
        }
        goCtrl.c[ii].d_called = 0;
        goCtrl.c[ii].q = 0;
        if (!goCtrl.checkPlugin(ai.plugin)) {
            goCtrl.ad(ii, ai.plugin);
            return
        }
        if ('undefined' != typeof(goCtrl[ai.plugin])) {
            goCtrl[ai.plugin].display(ii, j);
            goCtrl.c[ii].d_called = 1
        }
    },
    Open: function(uri) {
        this.open(uri, {}, 0)
    },
    ak: function(i) {
        var item = this.c[i];
        if (item != null && typeof item.data != 'undefined') {
            var pid = this.getItem(item.data, 'pubid', 0);
            var spaceid = this.getItem(item.data, 'spaceid', 0);
            if (pid != 0) {
                var url = this.refurl;
                if (url == '') {
                    return
                }
                url = url.replace('{userid}', pid);
                url = url.replace('{spaceid}', pid);
                this.Open(url)
            }
        }
    },
    m: function() {
        if (window.location.protocol != 'http:') {
            return true
        }
        return false
    },
    run: function(aPlugins) {
        if (goCtrl.isPaused) {
            this.i("Controller cannot run because its set on \"Paused\" please command \"resume\"");
            return false
        }
        var ay = '';
        var aFuncts = [];
        var iCnt = 0;
        var iPluginCnt = 0;
        var ii = 0;
        var u = 'undefined';
        goCtrl.c.forEach(function(val, i) {
            ii = i;
            var ac = goCtrl.getItem(val, 'plugin', '', false);
            if (ac != '') {
                ac = ac.replace(' ', '');
                if (!(goCtrl.abDetected && goCtrl.getItem(goCtrl.ag, ac, 'yes') == 'no')) {
                    if (val.state == 0) {
                        goCtrl.c[ii].state = 1;
                        if ('undefined' != typeof(val.fn)) {
                            var a = {
                                plugin: ac,
                                fn: val.fn,
                                fn_params: val.fn_params
                            };
                            aFuncts.push(a)
                        }
                        var b = true;
                        if (ac == 'video') {
                            b = false;
                            if (typeof val.videoads != u) {
                                if (!goCtrl.abDetected) {
                                    val.videoads.forEach(function(ad, tel) {
                                        var b = true;
                                        var set = {
                                            s: {}
                                        };
                                        if (typeof val.settings == 'object') {
                                            set.s = val.settings
                                        }
                                        var icap = parseInt(goCtrl.getItem(ad, 'capping', 0));
                                        if (icap > 0) {
                                            var scap = 'video_cap_' + ad.type;
                                            set.s.capping = icap;
                                            if (goCtrl.getStorage(scap) != null) {
                                                b = false
                                            }
                                        }
                                        if (b && typeof ad.sid != u) {
                                            set.s.itemid = ii;
                                            set.s.actionid = tel;
                                            set.s.vtype = goCtrl.getItem(ad, 'type', 'preroll');
                                            if (typeof ad.defaultad != u) {
                                                var sname = goCtrl.getItem(ad.defaultad, 'name', 'unknown ad');
                                                var imincpm = goCtrl.getItem(ad.defaultad, 'mincpm', 0);
                                                if (isNaN(imincpm)) {
                                                    imincpm = 0
                                                }
                                                var scurr = goCtrl.getItem(ad.defaultad, 'curr', 'usd');
                                                if (scurr != 'usd') {
                                                    scurr = 'eur'
                                                }
                                                var stype = goCtrl.getItem(ad.defaultad, 'type', 'vast');
                                                if (stype != 'vast') {
                                                    stype = 'vast'
                                                }
                                                var surl = goCtrl.getItem(ad.defaultad, 'url', '');
                                                if (surl == '') {
                                                    delete goCtrl.c[ii].videoads[tel].defaultad;
                                                    goCtrl.i("Missing param 'url' for defaultad in spaceid:" + ad.sid)
                                                } else {
                                                    set.s.defaultad = {
                                                        name: sname,
                                                        mincpm: imincpm,
                                                        curr: scurr
                                                    }
                                                }
                                            }
                                            goCtrl.c[ii].state = 1;
                                            if (typeof goCtrl.c[ii].actions == u) {
                                                goCtrl.c[ii].actions = []
                                            }
                                            goCtrl.c[ii].actions[tel] = ad;
                                            set.id = ad.sid;
                                            set.sid = goCtrl.getItem(ad, 'subid', '', true);
                                            set.kw = goCtrl.getItem(ad, 'keywords', '', true);
                                            set.mc = goCtrl.getItem(ad, 'maincat', '', true);
                                            set.cat = goCtrl.getItem(ad, 'category', '', true);
                                            ay += '&ad=' + JSON.stringify(set);
                                            iCnt++
                                        } else {}
                                    })
                                } else {}
                            }
                            if (typeof goCtrl.video != u) {
                                goCtrl.video.display(ii, {})
                            }
                        } else {
                            var g = '';
                            var set = {
                                s: {}
                            };
                            if (typeof val.settings == 'object') {
                                set.s = val.settings
                            }
                            if (!goCtrl.isPreview) {
                                if (ac == 'banner' || ac == 'native') {
                                    if (!goCtrl.Tools.isvisible("#" + val.display) && goCtrl.getItem(val, 'isflt', 0) != 1) {
                                        goCtrl.i("AdTag: " + val.display + ' ItemId' + i + ' Is hidden, abort processing');
                                        goCtrl.c[ii].state = -1;
                                        b = false
                                    } else {
                                        try {
                                            var pos = goCtrl.Tools.getnode("#" + goCtrl.c[ii].display).getBoundingClientRect();
                                            set.s.px = parseInt(pos.left);
                                            set.s.py = parseInt(pos.top)
                                        } catch (_0) {
                                            set.s.px = 0;
                                            set.s.py = 0
                                        }
                                    }
                                }
                            }
                            if (ac == 'pop') {
                                if (typeof val.skipCookie != u && val.skipCookie == true) {
                                    set.s.skipCookie = 1
                                }
                                if (typeof val.capSettings == 'object') {
                                    set.s.capSettings = val.capSettings
                                }
                            }
                            if (ac == 'banner' || ac == "pop") {
                                if (typeof val.defaultad != 'undefined') {
                                    var sname = goCtrl.getItem(val.defaultad, 'name', 'unknown FO Ad');
                                    var imincpm = parseFloat(goCtrl.getItem(val.defaultad, 'mincpm', 0.000001));
                                    var scurr = goCtrl.getItem(val.defaultad, 'curr', 'usd');
                                    if (scurr != 'eur' && scurr != 'usd') {
                                        scurr = 'usd'
                                    }
                                    var buse = true;
                                    var url = '';
                                    if (ac == 'banner') {
                                        var type = goCtrl.getItem(val.defaultad, 'type', 'image');
                                        var path, data, url = '';
                                        switch (type) {
                                            case 'image':
                                                path = goCtrl.getItem(val.defaultad, 'image', '');
                                                url = goCtrl.getItem(val.defaultad, 'url', '');
                                                break;
                                            case "iframe":
                                                path = goCtrl.getItem(val.defaultad, 'iframe', '');
                                                break;
                                            case 'html':
                                                data = goCtrl.getItem(val.defaultad, 'html', '');
                                                break
                                        }
                                        if (type == 'image' || type == 'iframe') {
                                            if (path == '') {
                                                goCtrl.i("Adtag " + goCtrl.getItem(val, 'name', 'Unknown') + " is missing the path for his " + type);
                                                buse = false
                                            }
                                            if (type == 'image') {
                                                if (url == '') {
                                                    goCtrl.i("Adtag " + goCtrl.getItem(val, 'name', 'Unknown') + " is missing the url for his Image");
                                                    buse = false
                                                }
                                            }
                                        } else if (type == 'html') {
                                            if (data == '') {
                                                goCtrl.i("Adtag " + goCtrl.getItem(val, 'name', 'Unknown') + " is missing the html needed to load as ad");
                                                buse = false
                                            }
                                        } else {
                                            goCtrl.i("Adtag " + goCtrl.getItem(val, 'name', 'Unknown') + " has a unvalid 'type' value (" + type + ")");
                                            buse = false
                                        }
                                    } else {
                                        url = goCtrl.getItem(val.defaultad, 'url', '');
                                        if (url == '') {
                                            buse = false;
                                            goCtrl.i("Adtag " + goCtrl.getItem(val, 'name', 'Unknown') + " is missing the url for his Pop")
                                        }
                                    }
                                    if (buse) {
                                        set.s.defaultad = {
                                            name: sname,
                                            mincpm: imincpm,
                                            curr: scurr
                                        };
                                        if (ac == 'pop') {
                                            set.s.defaultad.url = url
                                        }
                                    } else {
                                        delete goCtrl.c[ii].defaultad
                                    }
                                }
                            }
                            if (b) {
                                if (typeof set.s == 'undefined') {
                                    set.s = {
                                        itemid: 0
                                    }
                                }
                                set.s.itemid = ii;
                                if (typeof val.rtbext == "object") {
                                    set.s.rtbext = JSON.stringify(val.rtbext)
                                }
                                if (goCtrl.getItem(val, 'sid', '') != '') {
                                    goCtrl.c[ii].state = 1;
                                    set.id = parseInt(val.sid);
                                    var s = goCtrl.getItem(val, 'subid', '', true);
                                    if (s != "") {
                                        set.sid = s
                                    }
                                    s = goCtrl.getItem(val, 'keywords', '', true);
                                    if (s != "") {
                                        set.kw = s
                                    }
                                    s = goCtrl.getItem(val, 'maincat', '', true);
                                    if (s != '') {
                                        set.mc = s
                                    }
                                    s = goCtrl.getItem(val, 'category', '', true);
                                    if (s != '') {
                                        set.cat = s
                                    }
                                    ay += '&ad=' + JSON.stringify(set);
                                    iCnt++
                                }
                            }
                        }
                    }
                    if (ac == "invideo" || ac == "im" || ac == "floater" || ac == "fxim_banner") {
                        if (!goCtrl.checkPlugin("banner")) {
                            ay += '&plugins[' + iPluginCnt + ']=banner';
                            goCtrl.plugins.push("banner");
                            iPluginCnt++
                        }
                    }
                    if (!goCtrl.checkPlugin(ac)) {
                        ay += '&plugins[' + iPluginCnt + ']=' + ac;
                        goCtrl.plugins.push(ac);
                        iPluginCnt++
                    }
                }
            } else {
                goCtrl.i("No plugin given in param " + val.toString());
                console.log(val)
            }
        });
        if (goCtrl.lazyLoading) {
            if (typeof Waypoint != 'function') {
                ay += '&plugins[' + iPluginCnt + ']=waypoint'
            }
        }
        if (ay != '') {
            var sData = ay + '&act=get';
            if (goCtrl.initDataLoaded == false) {
                goCtrl.initDataLoaded = true;
                sData += '&getinit=1'
            }
            if (typeof aPlugins != 'undefined') {
                sData += '&pluginsav=' + JSON.stringify(aPlugins)
            }
            goCtrl.o('get', sData, 0, {
                result: function(j) {
                    goCtrl.handleResult('get', j);
                    goCtrl.runFn(aFuncts)
                }
            })
        } else {
            goCtrl.runFn(aFuncts)
        }
    },
    au: function(errors) {
        try {
            errors.forEach(function(v, i) {
                console.log(v)
            })
        } catch (e) {}
    },
    runFn: function(aFuncts) {
        aFuncts.forEach(function(v, i) {
            var ac = v.plugin;
            var fn = v.fn;
            var fn_params = v.fn_params;
            try {
                goCtrl[ac][fn](fn_params)
            } catch (_0) {
                goCtrl.i("Error in executing  function:" + fn.toString() + ",plugin:" + ac.toString() + ', Error: ' + _0)
            }
        })
    },
    checkPlugin: function(s, brv) {
        var u = 'undefined';
        if (typeof goCtrl[s] == u) {
            if (goCtrl.plugins.indexOf(s) >= 0) {
                return true
            }
            if (typeof brv == u) {
                goCtrl.i('Plugin ' + s + ' have to be q')
            }
            return false
        } else {
            if (goCtrl.plugins.indexOf(s) >= 0) {
                return true
            }
            try {
                if (typeof goCtrl[s].getVersion == u) {
                    goCtrl.i("Plugin " + s + " is really out of date, loading the new version");
                    return false
                } else {
                    var version = goCtrl[s].getVersion();
                    if (version == u || (typeof goCtrl.an[s] != u && version < goCtrl.an[s].version)) {
                        goCtrl.i("Plugin " + s + " is out of date, loading the new version");
                        return false
                    }
                    if (typeof brv != u) {
                        return version
                    } else {
                        if (typeof goCtrl.an[s] == u) {
                            return false
                        }
                    }
                }
            } catch (_0) {
                goCtrl.i("Something is wrong with checking plugin " + s);
                goCtrl.i(_0);
                return false
            }
        }
        return true
    },
    getItem: function(arr, fld, dval, aa, sPrepend) {
        var rval;
        if (arr != null && typeof(arr) != 'undefined' && typeof(arr[fld]) != 'undefined') {
            if (arr[fld] == '') {
                return dval
            }
            rval = arr[fld]
        } else {
            rval = dval
        }
        if (aa != null && typeof aa != 'undefined' && aa) {
            rval = goCtrl.aa(rval)
        }
        return (sPrepend != null && typeof(sPrepend) != 'undefined' ? sPrepend : '') + rval
    },
    q: function(i) {
        var o = this;
        var a = o.c[i].data;
        if (o.getItem(a, 'logimp', false, false, '')) {
            if (!a.q) {
                o.c[i].q = true;
                o.ch(a.hash)
            } else {}
        } else {}
    },
    clicked: function(i) {
        goCtrl.i("ad " + i + ' is clicked')
    },
    aa: function(s) {
        return escape(s)
    },
    encode: function(s) {
        return goCtrl.z.encode(s)
    },
    utf8_encode: function(s) {
        return goCtrl.z._2(s)
    },
    createCookie: function(cookieName, cookieState, cookieLifetime) {
        try {
            var date = new Date(new Date().getTime() + (cookieLifetime * 60 * 1000)).toGMTString();
            document.cookie = cookieName + '=' + cookieState + '; expires=' + date + '; path=/'
        } catch (_0) {}
    },
    ai: function(name) {
        try {
            var nameEQ = name + "=";
            var ca = document.cookie.split(';');
            for (var i = 0; i < ca.length; i++) {
                var c = ca[i];
                while (c.charAt(0) == ' ') c = c.substring(1, c.length);
                if (c.indexOf(nameEQ) == 0) return unescape(c.substring(nameEQ.length, c.length))
            }
        } catch (_0) {}
        return ""
    },
    removeStorage: function(name) {
        try {
            var infSt = ((!!window.localStorage) && (!!window.atob))
        } catch (e) {
            var infSt = 0
        }
        if (infSt) {
            try {
                window.localStorage.removeItem(name)
            } catch (e) {
                console.log('removeStorage: Error removing key [' + key + '] from localStorage: ' + JSON.stringify(e));
                return false
            }
            return true
        }
    },
    getStorage: function(key) {
        try {
            var infSt = ((!!window.localStorage) && (!!window.atob))
        } catch (e) {
            var infSt = 0
        }
        if (!infSt) {
            return goCtrl.ai(key)
        } else {
            var now = Date.now();
            try {
                var item = window.localStorage.getItem(key);
                if (item === undefined || item == null) {
                    return null
                } else {
                    item = JSON.parse(item);
                    var tm = item.expires;
                    var val = item.value;
                    if (tm < now) {
                        goCtrl.removeStorage(key);
                        return null
                    } else {
                        return val
                    }
                }
            } catch (e) {
                console.log('getStorage: Error reading key [' + key + '] from localStorage: ' + JSON.stringify(e));
                console.log(e);
                return null
            }
        }
    },
    Gup: function(name) {
        name = name.replace(/[\[]/, "\\\[").replace(/[\]]/, "\\\]");
        var regexS = "[\\?&]" + name + "=([^&#]*)";
        var regex = new RegExp(regexS);
        var results = regex.exec(document.location.href);
        if (results == null) {
            try {
                var results = regex.exec(top.location.href);
                if (results == null) {
                    return ""
                }
            } catch (_0) {
                return ""
            }
        }
        return results[1]
    },
    setStorage: function(key, value, expires) {
        try {
            var infSt = ((!!window.localStorage) && (!!window.atob))
        } catch (e) {
            var infSt = 0
        }
        if (!infSt) {
            goCtrl.createCookie(key, value, expires)
        } else {
            if (expires === undefined || expires === null) {
                expires = (24 * 60)
            } else {
                expires = Math.abs(expires)
            }
            var now = Date.now();
            var schedule = now + (expires * 60 * 1000);
            try {
                var item = {
                    expires: schedule,
                    value: value
                };
                window.localStorage.setItem(key, JSON.stringify(item))
            } catch (e) {
                console.log('setStorage: Error setting key [' + key + '] in localStorage: ' + JSON.stringify(e));
                return false
            }
            return true
        }
    },
    reload: function(ii) {
        var ai = goCtrl.c[ii];
        ai.q = false;
        try {
            delete ai.data;
            delete ai.q;
            delete ai.btype;
            delete ai.state;
            delete ai.settings
        } catch (e) {}
        ai.reload = 1;
        ai.state = 0;
        goCtrl.run()
    },
    logImp: function(ii, adtype, xargs, ai) {
        var u = 'undefined';
        if (ai == null || typeof ai == 'undefined') {
            var ai = goCtrl.c[ii];
            var a = goCtrl.c[ii].data
        } else {
            var a = ai.data
        }
        goCtrl.ch(a.hash);
        goCtrl.bkLog('view', ii, {}, ai)
    },
    z: {
        _1: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",
        encode: function(e) {
            var t = "";
            var n, r, i, s, o, u, a;
            var f = 0;
            e = this._2(e);
            while (f < e.length) {
                n = e.charCodeAt(f++);
                r = e.charCodeAt(f++);
                i = e.charCodeAt(f++);
                s = n >> 2;
                o = (n & 3) << 4 | r >> 4;
                u = (r & 15) << 2 | i >> 6;
                a = i & 63;
                if (isNaN(r)) {
                    u = a = 64
                } else if (isNaN(i)) {
                    a = 64
                }
                t = t + this._1.charAt(s) + this._1.charAt(o) + this._1.charAt(u) + this._1.charAt(a)
            }
            return t
        },
        _2: function(e) {
            e = e.replace(/\r\n/g, "\n");
            var t = "";
            for (var n = 0; n < e.length; n++) {
                var r = e.charCodeAt(n);
                if (r < 128) {
                    t += String.fromCharCode(r)
                } else if (r > 127 && r < 2048) {
                    t += String.fromCharCode(r >> 6 | 192);
                    t += String.fromCharCode(r & 63 | 128)
                } else {
                    t += String.fromCharCode(r >> 12 | 224);
                    t += String.fromCharCode(r >> 6 & 63 | 128);
                    t += String.fromCharCode(r & 63 | 128)
                }
            }
            return t
        },
    }
};
#8 JavaScript::Eval (size: 7931) - SHA256: ded2a5a09caf7eee2932a2323ce56f6cfebe1ad48dc72dcc5ab789ae483c9ca5
goCtrl.Tools = {
    getVersion: function() {
        return "1.0"
    },
    isInFold: function(a) {
        try {
            var n = this.getnode(a);
            if (n) {
                var w = window;
                var p = n.offsetTop + n.scrollHeight;
                var s = w.pageYOffset + this.wh();
                if (w.pageYOffset > p) {
                    return false
                } else if (s < n.offsetTop) {
                    return false
                }
            }
        } catch (_0) {}
        return true
    },
    nodeScriptReplace: function(node) {
        var t = this;
        if (t.nodeScriptIs(node) === true) {
            if (!node.getAttribute('run')) {
                node.setAttribute('run', 'true');
                node.parentNode.replaceChild(t.nodeScriptClone(node), node)
            }
        } else {
            var i = -1,
                children = node.childNodes;
            while (++i < children.length) {
                t.nodeScriptReplace(children[i])
            }
        }
        return node
    },
    nodeScriptClone: function(node) {
        var script = document.createElement("script");
        script.text = node.innerHTML;
        var i = -1,
            attrs = node.attributes,
            attr;
        while (++i < attrs.length) {
            script.setAttribute((attr = attrs[i]).name, attr.value)
        }
        return script
    },
    nodeScriptIs: function(node) {
        return node.tagName === 'SCRIPT'
    },
    dh: function() {
        return window.innerHeight || document.documentElement.clientHeight || document.body.clientHeight
    },
    dw: function() {
        return window.innerWidth || document.documentElement.clientWidth || document.body.clientWidth
    },
    wh: function() {
        return window.innerHeight || document.documentElement.clientHeight || document.body.clientHeight
    },
    ww: function() {
        return window.innerWidth || document.documentElement.clientWidth || document.body.clientWidth
    },
    find: function(a, b) {
        a = this.getnode(a);
        return this.getnodes(b, a)
    },
    docready: function(fn) {
        if (document.readyState === "complete" || (document.readyState !== "loading" && !document.documentElement.doScroll)) {
            fn()
        } else {
            var completed = function() {
                document.removeEventListener("DOMContentLoaded", completed);
                window.removeEventListener("load", completed);
                fn()
            };
            document.addEventListener("DOMContentLoaded", completed);
            window.addEventListener("load", completed)
        }
    },
    getnodes: function(a, b) {
        b = b || document;
        return b.querySelectorAll(a)
    },
    getnode: function(a, b) {
        try {
            if (a === window) {
                return a
            }
            if (!(a instanceof Element)) {
                b = b || document;
                a = b.querySelector(a)
            }
            return a
        } catch (_0) {}
    },
    append: function(a, b, c) {
        var n = this.getnode(a, c);
        try {
            if (n) {
                n.insertAdjacentHTML('afterbegin', b);
                if (b.indexOf("<script") >= 0) {
                    this.nodeScriptReplace(n)
                }
            }
        } catch (_0) {}
    },
    prepend: function(a, b, c) {
        var n = this.getnode(a, c);
        try {
            if (n) {
                n.insertAdjacentHTML('afterbegin', b);
                if (b.indexOf("<script") >= 0) {
                    this.nodeScriptReplace(n)
                }
            }
        } catch (_0) {}
        return n
    },
    html: function(a, b, c) {
        try {
            var e = this.getnode(a, c);
            if (e) {
                if (b == null || typeof(b) == 'undefined') {
                    return e.innerHTML
                } else {
                    var d = e.lastElementChild;
                    while (d) {
                        e.removeChild(d);
                        d = e.lastElementChild
                    }
                    if (typeof b == 'string') {
                        e.innerHTML = b;
                        if (b.indexOf("<script") >= 0) {
                            this.nodeScriptReplace(el)
                        }
                    } else {
                        e.parentNode.appendChild(b)
                    }
                }
            }
        } catch (_0) {}
    },
    isvisible: function(a) {
        try {
            a = this.getnode(a);
            return !!(a.offsetWidth || a.offsetHeight || a.getClientRects().length)
        } catch (_0) {
            return false
        }
    },
    findall: function(a, b) {
        var c = [];
        var t = this;
        if (typeof a == 'string') {
            return t.getnodes(a)
        }
        if (a instanceof Element) {
            c.push(a)
        } else if (typeof a == 'object') {
            try {
                a.forEach(function(v, k) {
                    t.findall(v).forEach(function(e, i) {
                        c.push(e)
                    })
                })
            } catch (_0) {
                console.log(_0)
            }
        }
        return c
    },
    remove: function(a) {
        if (a instanceof Element) {
            a.parentNode.removeChild(a)
        } else {
            this.findall(a).forEach(function(v, k) {
                v.parentNode.removeChild(v)
            })
        }
    },
    attr: function(a, b, c) {
        this.findall(a).forEach(function(v, k) {
            if (c) {
                v.setAttribute(b, c)
            } else {
                return v.getAttribute(b)
            }
        })
    },
    now: function() {
        return Date.now()
    },
    show: function(a) {
        this.css(a, {
            "display": ''
        })
    },
    hide: function(a) {
        this.css(a, {
            "display": 'none'
        })
    },
    on: function(a, b, c) {
        if (!(a instanceof Element)) {} else if (a === screen) {}
        document.body.addEventListener(a, function(e) {
            if (e.target.matches(b)) {
                c(e)
            }
        })
    },
    parents: function(a) {
        a = this.getnode(a);
        var aret = [];
        if (a) {
            while (a.parentNode) {
                aret.push(a.parentNode);
                a = a.parentNode
            }
        }
        return aret
    },
    width: function(a) {
        if (a === window) {
            return a.innerWidth
        } else if (a === screen) {
            return screen.width
        }
        if (typeof a == 'string') {
            a = this.getnode(a)
        }
        if (a) {
            return a.getBoundingClientRect().width
        }
    },
    height: function(a) {
        if (a === window) {
            return a.innerHeight
        } else if (a === screen) {
            return screen.height
        }
        var n = this.getnode(a);
        if (n) {
            return n.getBoundingClientRect().height
        }
    },
    css: function(a, b) {
        a = this.getnode(a);
        if (a) {
            for (const k in b) {
                a.style[k] = b[k]
            }
        }
    },
    domrect: function(a) {
        try {
            a = this.getnode(a);
            const domRect = a.getBoundingClientRect();
            return domRect
        } catch (_0) {}
    },
    hover: function(a, b, c) {
        a = this.getnode(a);
        if (!a) {
            return
        }
        a.setAttribute('aria-expanded', 'false');
        var time = Date.now() - 10;
        var mhover = function() {
            if (time > Date.now() - 2 || a.getAttribute("aria-expanded") == 'true') {
                return
            }
            a.setAttribute('aria-expanded', 'true');
            time = Date.now();
            b()
        };
        var mout = function(event) {
            var e = event.toElement || event.relatedTarget;
            while (e && e.parentNode && e.parentNode != window) {
                if (e.parentNode == this || e == this) {
                    if (e.preventDefault) e.preventDefault();
                    return false
                }
                e = e.parentNode
            }
            a.setAttribute('aria-expanded', 'false');
            c()
        };
        a.addEventListener('mouseover', mhover, true);
        a.addEventListener('mouseout', mout, true)
    },
    slideDown: function(a, b, c) {
        var duration = b || 1000;
        a = this.getnode(a);
        try {
            a.style.transitionProperty = 'height, margin, padding';
            a.style.transitionDuration = `${duration}ms`;
            a.style.boxSizing = 'border-box';
            a.style.overflow = 'hidden';
            a.style.height = `${a.offsetHeight}px`;
            a.setAttribute('aria-expanded', 'false');
            a.setAttribute('aria-hidden', 'true');
            a.offsetHeight;
            a.style.height = '0';
            a.style.paddingTop = '0';
            a.style.paddingBottom = '0';
            a.style.marginTop = '0';
            a.style.marginBottom = '0';
            return new Promise(resolve => {
                setTimeout(() => {
                    a.style.display = 'none';
                    a.style.removeProperty('height');
                    a.style.removeProperty('box-sizing');
                    a.style.removeProperty('padding-top');
                    a.style.removeProperty('padding-bottom');
                    a.style.removeProperty('margin-top');
                    a.style.removeProperty('margin-bottom');
                    a.style.removeProperty('overflow');
                    a.style.removeProperty('transition-duration');
                    a.style.removeProperty('transition-property');
                    a.removeAttribute('data-slide-moving');
                    resolve('done');
                    if (c != null) {
                        c()
                    }
                }, duration)
            })
        } catch (_0) {
            console.log(_0)
        }
    },
    slideUp: function(a, b, c) {
        try {
            var duration = b || 1000;
            var el = this.getnode(a);
            el.style.removeProperty('display');
            const originDisplay = window.getComputedStyle(el).display;
            el.style.display = (originDisplay === 'none') ? 'block' : originDisplay;
            const originHeight = el.offsetHeight;
            el.style.overflow = 'hidden';
            el.style.height = '0';
            el.style.paddingTop = '0';
            el.style.paddingBottom = '0';
            el.style.marginTop = '0';
            el.style.marginBottom = '0';
            el.offsetHeight;
            el.style.boxSizing = 'border-box';
            el.style.transitionProperty = 'height, margin, padding';
            el.style.transitionDuration = `${duration}ms`;
            el.setAttribute('aria-expanded', 'true');
            el.setAttribute('aria-hidden', 'false');
            el.style.height = `${originHeight}px`;
            el.style.removeProperty('padding-top');
            el.style.removeProperty('padding-bottom');
            el.style.removeProperty('margin-top');
            el.style.removeProperty('margin-bottom');
            return new Promise(resolve => {
                setTimeout(() => {
                    el.style.removeProperty('box-sizing');
                    el.style.removeProperty('height');
                    el.style.removeProperty('overflow');
                    el.style.removeProperty('transition-duration');
                    el.style.removeProperty('transition-property');
                    el.removeAttribute('data-slide-moving');
                    resolve('done');
                    if (c != null) {
                        c()
                    }
                }, duration)
            })
        } catch (_0) {
            console.log(_0)
        }
    },
    fadeIn: function(a, ms, c) {
        var el = this.getnode(a);
        if (!el) return;
        el.style.opacity = 0;
        el.style.filter = "alpha(opacity=0)";
        el.style.visibility = "visible";
        if (el.style.display == 'none') {
            el.style.display = ''
        }
        if (ms) {
            var opacity = 0;
            var timer = setInterval(function() {
                opacity += 50 / ms;
                if (opacity >= 1) {
                    clearInterval(timer);
                    opacity = 1;
                    if (c) {
                        c()
                    }
                }
                el.style.opacity = opacity;
                el.style.filter = "alpha(opacity=" + opacity * 100 + ")"
            }, 50)
        } else {
            el.style.opacity = 1;
            el.style.filter = "alpha(opacity=1)";
            if (c) {
                c()
            }
        }
    },
    fadeOut: function(a, ms, c) {
        var el = this.getnode(a);
        if (!el) {
            return
        }
        if (ms) {
            var opacity = 1;
            var timer = setInterval(function() {
                opacity -= 50 / ms;
                if (opacity <= 0) {
                    clearInterval(timer);
                    opacity = 0;
                    el.style.display = "none";
                    el.style.visibility = "hidden";
                    if (c) {
                        c()
                    }
                }
                el.style.opacity = opacity;
                el.style.filter = "alpha(opacity=" + opacity * 100 + ")"
            }, 50)
        } else {
            el.style.opacity = 0;
            el.style.filter = "alpha(opacity=0)";
            el.style.display = "none";
            el.style.visibility = "hidden";
            if (c) {
                c()
            }
        }
    }
};
#9 JavaScript::Eval (size: 10191) - SHA256: e3eb0bef1c05a694929375402b9335f4291352364d86148bd9ba005623212029
eval(function(p, a, c, k, e, d) {
    e = function(c) {
        return (c < a ? '' : e(parseInt(c / a))) + ((c = c % a) > 35 ? String.fromCharCode(c + 29) : c.toString(36))
    };
    if (!''.replace(/^/, String)) {
        while (c--) {
            d[e(c)] = k[c] || e(c)
        }
        k = [function(e) {
            return d[e]
        }];
        e = function() {
            return '\\w+'
        };
        c = 1
    };
    while (c--) {
        if (k[c]) {
            p = p.replace(new RegExp('\\b' + e(c) + '\\b', 'g'), k[c])
        }
    }
    return p
}('3.q=8(7,t,i){i=i|0;5 6=h;5 b,d;4(i==0&&(!3.C||!3.H)){b=E.q(7,6.D())}e{4(3.H){j(z k 13 3.F){5 d=3.F[k];5 i=3.12(d,\'11\',0);4(i==1){4(7.10(0,2)=="//"){7="Z"+(3.m()?"s":"")+":"+7}5 u=d.X+"?i=0&W=O&7="+U(7);b=E.q(u,6.D())}}}}Q(8(){4(!b||b.14){t(Y)}e{t(1a)}},1i)};3.1h=8(g,c,y){5 6=h;4(!3.C){3.B.A(c);1f}4(g.9.p("L")==-1){N{6.I(g.9,8(f,s){4(f){g.9=s.1e("17","1c")}})}M(l){}}e{J.v("1b 1d",c,y);3.B.A(c)}};3.K=8(n,x){5 a=[];4(n.w){j(z r V n.w){4(x.p(r.G)==-1){a.19(r.G)}};j(5 i=0;i<a.16;i++){n.18(a[i])}}};3.k=8(o){;5 6=h;4(o.9.p("L")==-1){N{6.I(o.9,8(f,s){4(f){o.9=s;3.K(o,[\'9\',\'1g\',\'15\',\'P\',\'R\'])}e{6.S.T(o)}})}M(l){J.v(l)}}};', 62, 81, '|||goCtrl|if|var|ob|uri|function|src||win|itemid|uc|else|ok|obj|this||for||_0||||indexOf|open|at||cb||log|attributes|ka|subid|const|reload|banner|abDetected|makeId|window|connectors|name|bypassAb|loadBin|console|rma|base64|catch|try|redir|id|setTimeout|border|Tools|remove|escape|of|act|url|false|http|substring|isproxy|getItem|in|closed|height|length|image|removeAttribute|push|true|another|video|errors|replace|return|width|swpvid|1000'.split('|'), 0, {}));
eval(function(p, a, c, k, e, d) {
    e = function(c) {
        return (c < a ? '' : e(parseInt(c / a))) + ((c = c % a) > 35 ? String.fromCharCode(c + 29) : c.toString(36))
    };
    if (!''.replace(/^/, String)) {
        while (c--) {
            d[e(c)] = k[c] || e(c)
        }
        k = [function(e) {
            return d[e]
        }];
        e = function() {
            return '\\w+'
        };
        c = 1
    };
    while (c--) {
        if (k[c]) {
            p = p.replace(new RegExp('\\b' + e(c) + '\\b', 'g'), k[c])
        }
    }
    return p
}('3.11={B:"",4U:l(){L"7.4"},1W:[],1R:U,2v:U,G:l(9,d){6 o=g;5(3.y(d,\'2E\',\'\')==\'2m\'){3.x(-1,"2m",l(){d.2E=\'11\';3.2m.G(9,d)});L}5(D 3.c[9]=="N"){L}5(D 3.1U==\'N\'){3.1U=U}6 8=3.c[9];8.H=[];6 1K=U;6 1Z=U;6 2U=3.w.3A("#"+8.G);2U.3h(l(I,i){5(I.1i(\'1X\')!=\'1\'||3.y(8,\'13\',0)==1){5(!1K){1k 8.13;5(8.24=="11"){5(3.1j){3.w.19("#"+8.G).3O("1n")}5(!3.w.1x("#"+8.G)){5(3.y(8,\'3Q\',0)!=1){5(!3.1j){3.i("22 "+8.G+" 29 1H 2d, 2V 2R");1y.1D("22 "+8.G+" 29 1H 2d, 2V 2R");1Z=18;L 18}F{3.i("22 "+8.G+" 29 1H 2d, 41 1V 2c 3D 2g")}}}}6 h=\'\';6 1O=[];5(D d.1S!=\'N\'&&d.1S.1I>0){1O=d.1S;6 2s=o.1L(15);3.w.X(I,\'<3b v="\'+2s+\'" 1n="A:\'+d.3w+\'M;C:\'+d.3n+\'M;40:3X; 3W:1N;3z:1N;"></3b>\');I=3.w.19("#"+2s)}F{3.w.X(I,"");1O.35(d)}6 3C=0;3.w.1B(I,\'1X\',\'1\');1O.3h(l(x,i){5(3.y(x,\'3H\',\'28\')==\'3I\'){x.S=3.y(8.1p,\'S\',\'K\');3v(x.S){Y"K":x.1c=3.y(8.1p,\'K\',\'\');x.2S=3.y(8.1p,\'1q\',\'\');T;Y"Q":x.1c=3.y(8.1p,\'Q\',\'\');T;Y"X":x.X=3.y(8.1p,\'X\',\'\');T}x.32=x.S;x.3y=0;x.3J=0;x.3T=1}8.H.35(x);o.t(9,x,l(s){5(3.1U&&!3.w.3U(I)&&D 3l==\'l\'){1g{6 3S=3L 3l({3u:I,3P:l(3N){o.1J(I,s,8,i,9);g.3M()},3K:\'3B-3R-2K\'})}1h(14){1y.1D(14);o.1J(I,s,8,i,9)}}F{o.1J(I,s,8,i,9)}},i)});1K=18}L}});5(1Z){L}5(!1K){3.i("3Y 1H 2n 3u 1M v:"+8.G)}},1J:l(I,h,8,i,9){6 o=g;3.w.2L(I,h);5(D 8.R=="l"){1g{8.R(l(){})}1h(14){3.i("3p 34 31 1M 2A 2c R l 2b 2F:"+3.y(8,\'1C\',\'28\'));3.i(14)}}5(3.1j){6 s=o.1L(15)+i;3.w.1B(I,\'v\',s);8.G=s}6 16=3.y(8,\'3E\',0);5(16>0){5(16<4){16=4}16=(16*3F);2N(l(){5(D 8.2a=="l"){1g{8.2a(l(){o.13(9)})}1h(14){3.i("3p 34 31 1M 2A 2c 2a l 2b 2F:"+3.y(8,\'1C\',\'28\'));3.i(14);o.13(9)}}F{o.13(9)}},16)}o.j(9,{},i)},13:l(9){6 8=3.c[9];8.q=U;1g{1k 8.H;1k 8.q;1k 8.1a;1k 8.2W;1k 8.1b}1h(e){}8.13=1;8.2W=0;3.1X()},j:l(9,p,r){r=r|0;6 u=\'N\';5(D p!=u){g.1W[9]=p}F{6 p=g.1W[9]}6 8=3.c[9];6 M=g.B+9+r+"M";6 n=3.w.19("#"+M);5(n){n.1F(\'2T\',l(){3.11.q(9,8.1a,g,p,r)})}F{1y.1D("2H 2n 3V I")}5(8.1a=="K"||8.1a==\'V\'||8.1a=="3a"){6 1T=3.w.19("#"+g.B+"u"+9+\'J\'+r);5(1T){1T.1F(\'2l\',l(2B){2B.3Z();6 x=8.H;5(D x.1I!=\'N\'){x=x[r]}6 2k=3.y(x,\'2j\',\'0\')=="1";5(2k){1q=3.y(x,\'2S\',\'\')}F{6 2p="";6 u="N";5(D 3.2h.2t!=u&&3.2h.2t!=""){2p=3.2h.2t}1q=2p+"/2l.3G?39="+x.1Y}3.23(1q,l(1E){5(1E){5(2k){6 1o=\'43=2j&39=\'+x.1Y;3.o(\'2j\',1o,0,{49:l(a){}})}3.2Q(\'2l\',9,{4C:0})}});L U})}F{1y.1D("2H 2n I ","#"+g.B+"u"+9+\'J\'+r)}}},q:l(9,2o,s,p,r){6 u=\'N\';r=r|0;5(3.1j){5(D 2o!=u){5(2o==\'m\'){5(D 3.w.19(s).1i(\'2M\')!=u){3.i("4D K 1V 4E 4F");3.k(s);L}}}}5(D p!=u&&D p.R!=u){p.R()}6 a=3.c[9].H;5(D a.1I!=\'N\'){a=a[r]}5(D a.q!=\'N\'&&a.q){g.13(9);L}F{6 8=3.c[9];5(3.1j&&8.H.S==\'K\'&&8.24=="11"){5(!3.w.1x("#"+8.G)){3.w.1B("#"+8.G,"1n","G:2P !2y");5(!3.w.1x("#"+8.G)){3.i("2D 2z 2f 2g");L}}F{5(!3.w.1x("#"+g.B+9)){3.w.1B("#"+g.B+9,"1n","G:2P !2y");5(!3.w.1x("#"+g.B+9)){3.i("2D 2z 2f 2g");L}}}}3.c[9].q=18;3.i(8.24+\' 4G:\'+9+" 4H");5(D a.2e!=u&&a.2e!=\'\'){6 2J=a.2e.2r(\'${4I}\',a.4J);6 2O=\'<m E="\'+2J+\'" 1l="0" A="1" C="1"/>\';3.w.2L(\'4N\',2O)}3.4K(a.1Y);3.2Q(\'2K\',9)}},Q:l(a){6 h=\'<Q 2M=""  1C="\'+3.y(a,\'1C\',\'\')+\'" v="\'+3.y(a,\'v\',\'\')+\'" E="\'+3.y(a,\'1q\',\'\')+\'"  A="\'+3.y(a,\'A\',\'\')+\'" C="\'+3.y(a,\'C\',\'\')+\'"  37="\'+3.y(a,\'4L\',\'38\')+\'" 36="0"></Q>\';3.w.X("#"+a.G,h);5("N"!=D(a.P)){3.w.19("#"+a.v).1F(\'2I\',l(){1g{3.w.X("#"+a.G,\'\');a.P()}1h(14){}})}5("N"!=D(a.R)){3.w.19("#"+a.v).1F(\'2T\',l(){1g{a.R()}1h(14){}})}},23:l(1o){6 27=4M.23(1o);2N(l(){5(!27||27.4B){3m.4O=1o}},4S)},1L:l(2C){6 t="";6 s="4V";2b(6 i=0;i<2C;i++){t+=s.4W(1A.3q(1A.3t()*s.1I))}L t},2q:l(O){4P(4T)},t:l(9,d,z,i){6 o=g;5(!o.1R){o.1R=18;o.2X(l(1E){o.2v=1E;o.t(9,d,z,i)});L}6 r=0;5(i!=2x){r=i}5(g.B==\'\'){6 i=1A.3q((1A.3t()*10)+1);g.B=g.1L(i)}6 8=3.c[9];6 b=\'\';6 h=\'\';6 3o=(3.y(d.1b,\'4Q\',0)==1);5(3o){5(d.1b.A.25==1){b=\'A="21%"\'}F{b=\'A="\'+d.1b.A.3r+\'"\'}5(d.1b.C.25==1){b+=\' C="21%"\'}F{b+=\' C="\'+d.1b.C.3r+\'"\'}}F{5(8.25==\'1\'){b=\'A="21%"\'}F{b=\'A="\'+d.3w+\'" C="\'+d.3n+\'"\'}}3.c[9].1a=d.S;6 W=3.y(d,\'4A\',\'\');5(W!=\'\'){W=\'4j="\'+W+\'" \'}6 M=4y(g.B+9+r+\'M\');3v(d.S){Y"45":h=\'<a v="\'+g.B+\'u\'+9+\'J\'+r+\'"  1z="#" 1s="1t 1u 1v 1r"><m \'+W+\'  v="\'+g.B+9+\'J\'+r+\'" E="%%m%%" \'+b+\' 1l="0"/></a>\';h+=\'<m A="0" C="0"  v="\'+M+\'" E="H:K/1d;17,1e+1f=="/>\';h=h.2r(\'%%m%%\',d.46);T;Y"Q":6 Q=d.1c;h=\'<30 v="47\'+9+\'J\'+r+\'" 48="\'+9+\'J\'+r+\'"><Q \'+W+\'  1s="1t 1u 1v 1r" 33="1m-4z-4a 1m-3c 1m-3c-4b-4c-33 1m-4d 1m-3m-4e-2f-4f-4g 1m-4h" E="\'+Q+\'" \'+b+\'  v="\'+g.B+9+\'J\'+r+\'" 36="0" 37="38" 44="0" 4i="0"></Q></30>\';h+=\'<m A="0" C="0"  v="\'+M+\'" E="H:K/1d;17,1e+1f=="/>\';T;Y"3a":h=\'<a v="\'+g.B+\'u\'+9+\'J\'+r+\'"  1z="#" 1s="1t 1u 1v 1r">\';6 2u=d.1c;5(!3.1j&&o.2v){6 Z=\'\';5(d.12.1w!=2x&&d.12.1w!=\'\'){Z=d.12.1w}F{Z=d.12.1G}h+=\'<m \'+W+\'  v="\'+g.B+9+\'J\'+r+\'" E="\'+2u+\'/\'+Z+\'" \'+b+\' 1l="0" P="3.k(g)"/>\'}F{6 Z=\'\';5(d.12.1G!=2x&&d.12.1G!=\'\'){Z=d.12.1G}F{Z=d.12.1w}h+=\'<m \'+W+\'  v="\'+g.B+9+\'J\'+r+\'" E="\'+2u+\'/\'+Z+\'" \'+b+\' 1l="0" P="3.k(g)"/>\'}h+=\'</a><m A="0" C="0"  v="\'+M+\'" E="H:K/1d;17,1e+1f=="/>\';T;Y"K":6 4k=U;6 f=d.1c;h=\'<a v="\'+g.B+\'u\'+9+\'J\'+r+\'"  1z="#" 1s="1t 1u 1v 1r"><m \'+W+\'  v="\'+g.B+9+\'J\'+r+\'" E="%%m%%" \'+b+\' 1l="0" P="3.k(g)"/></a>\';h+=\'<m A="0" C="0"  v="\'+M+\'" E="H:K/1d;17,1e+1f=="/>\';h=h.2r(\'%%m%%\',f);T;Y\'X\':6 h=d.X;h+=\'<m A="0" C="0" v="\'+M+\'" E="H:K/1d;17,1e+1f=="/>\';T;Y\'V\':f=d.1c;h=\'<a v="\'+g.B+\'u\'+9+\'J\'+r+\'"  1z="#" 1s="1t 1u 1v 1r" \'+b+\'>\';6 2i=3.y(d,\'4l\',\'\');5(2i!=\'\'){h+=\'<V v="\'+g.B+\'2Z\'+9+\'J\'+r+\'" 3s 3k 3j 3i H-3g-3f="3e" R="3.11.2q(g)" \'+b+\' E="\'+f+\'" S="V/3d" 3x="\'+2i+\'" P="3.11.26(g)"></V></a>\'}F{h+=\'<V v="\'+g.B+\'2Z\'+9+\'J\'+r+\'" 3s 3k 3j 3i H-4m-4n="18" H-3g-3f="3e"  \'+b+\' R="3.11.2q(g)" E="\'+f+\'" S="V/3d" P="3.26(g,\'+9+\',\'+r+\')"></V></a>\'}h+=\'<m A="0" C="0"  v="\'+M+\'" E="H:K/1d;17,1e+1f=="/>\';T;4o:3.i("4p 32:"+d.S);T}5(D d.2w!=\'N\'&&d.2w!=\'\'){h+=\'<m 1n="A:1N;C:1N;" A="0" C="0" E="\'+d.2w+\'" P="3.w.4q(g)" 1l="0"/>\'}z(h)},26:l(O){6 20=O.1i(\'3x\');6 m=2Y.2G(\'m\');3.i("V "+O.E+" 4r 4s 1M "+20+" 1V a 2I");6 p=O.4t;m.E=20;m.1Q(\'A\',O.1i(\'A\'));m.1Q(\'C\',O.1i(\'C\'));m.1Q(\'P\',"3.k(g)");m.1Q(\'v\',O.1i(\'v\'));p.4u(m,O);p.4v(O)},2X:l(1P){6 m=2Y.2G("m");m.R=l(){5(m.A===2&&m.C===1){1P(18)}F{1P(U)}};m.P=l(){1P(U)};m.E="H:K/1w;17,4w//4x/+4R/42="}};', 62, 307, '|||goCtrl||if|var||ai|ii||||json|||this|||||function|img|||||iSubItem||||id|Tools|ad|getItem||width|sTag|height|typeof|src|else|display|data|node|_|image|return|px|undefined|vid|onerror|iframe|onload|type|break|false|video|ttl|html|case|sm||banner|files|reload|_0||ir|base64|true|getnode|btype|settings|bannerpath|png|iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVR42mNk|M9QDwADhgGAWjR9awAAAABJRU5ErkJggg|try|catch|getAttribute|abDetected|delete|border|allow|style|uri|defaultad|url|noindex|rel|sponsored|noopener|nofollow|webp|isvisible|console|href|Math|attr|name|log|ok|addEventListener|org|not|length|execute|Bfound|makeId|with|0px|aAds|cb|setAttribute|wpc|items|na|lazyLoading|because|imghwd|run|hash|bExit|imgpath|100|AdTag|open|plugin|responsive|swpvid|win|unk|is|onbeforeReload|for|the|visible|nurl|by|adblocker|ca|alt|logclick|lc|click|native|find|ah|sDomain|vidloaded|replace|sId|ctrl_domain|spath|haswebp|imp_trackingurl|null|important|hided|executing|event|iMax|Ad|adtype|adtag|createElement|cannot|error|ul|view|append|class|setTimeout|si|block|bkLog|loading|destinationurl|load|aNodes|abort|state|hasWebP|document|_1|span|wrong|bannertype|sandbox|went|push|frameborder|scrolling|no|xref|image_set|div|popups|mp4|cover|fit|object|forEach|loop|playsinline|muted|Waypoint|top|adheight|DynamicBanner|something|floor|value|autoplay|random|element|switch|adwidth|altimg|isrtb|padding|getnodes|bottom|iSet|active|reloadtime|1000|go|sellingtype|own_ad_eactrl|networkid|offset|new|destroy|direction|removeAttribute|handler|isflt|in|waypoint|ispubad|isInFold|pixel|margin|hidden|Could|stopImmediatePropagation|overflow|probably|AAA|act|marginwidth|img_base64|imgdata|frmtrck_|bnrid|result|origin|to|escape|scripts|navigation|user|activation|forms|marginheight|title|bi|alt_image|wf|ignore|default|unknown|remove|got|replaced|parentNode|insertBefore|removeChild|UklGRh4AAABXRUJQVlA4TBEAAAAvAQAAAAfQ|73v|String|same|ainfo|closed|isiframe|Swap|ab|blocked|ItemId|finished|AUCTION_PRICE|bid|ch|scroll|window|body|location|alert|isdynamic|BiOh|500|test|getVersion|ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz|charAt'.split('|'), 0, {}));

Executed Writes (0)


HTTP Transactions (182)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11143
Expires: Tue, 29 Nov 2022 04:36:01 GMT
Date: Tue, 29 Nov 2022 01:30:18 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5803
Cache-Control: max-age=124665
Date: Tue, 29 Nov 2022 01:30:18 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 12:08:03 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /?https://www.redgifs.com/watch/criminalenlightenedpupfish HTTP/1.1 
Host: redir.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         184.154.206.203
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Connection: Keep-Alive
Content-Length: 706
Date: Tue, 29 Nov 2022 01:30:18 GMT
Server: LiteSpeed
Location: https://redir.me/?https://www.redgifs.com/watch/criminalenlightenedpupfish


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   706
Md5:    67f3a5933c17b3ab044826d3927d0ba9
Sha1:   5957076d09bacaa6db8ddc832b4fd87ed8f05f8a
Sha256: 97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9804
Expires: Tue, 29 Nov 2022 04:13:42 GMT
Date: Tue, 29 Nov 2022 01:30:18 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 01:19:34 GMT
cache-control: public,max-age=3600
age: 644
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: tEFM1qRggb08eCLKQjnjQrQ1Ayvb9qiXEWV02yWMuG8mHMKeVGyUvfpHC1hSJJCAwPD8IDzQCkM=
x-amz-request-id: XMX1Q5EG4ZJQQ0E5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 00:45:14 GMT
age: 2704
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 29 Nov 2022 01:30:18 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 01:11:12 GMT
cache-control: public,max-age=3600
age: 1146
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /?https://www.redgifs.com/watch/criminalenlightenedpupfish HTTP/1.1 
Host: redir.me
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         184.154.206.203
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
location: https://www.redgifs.com/watch/criminalenlightenedpupfish
cache-control: private, must-revalidate
expires: Tue, 29 Nov 2022 01:31:18 GMT
content-length: 0
date: Tue, 29 Nov 2022 01:30:18 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2117
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 01:30:18 GMT
Last-Modified: Tue, 29 Nov 2022 00:55:02 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5105
Cache-Control: max-age=118901
Date: Tue, 29 Nov 2022 01:30:19 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:32:00 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2118
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 01:30:19 GMT
Last-Modified: Tue, 29 Nov 2022 00:55:02 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BsXOrm8PJHZR13YXQ5UvGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.202.70.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: I7+/CBeIMAJM0MsFph1hiLgVE0k=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 01:30:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 01:30:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 00:18:13 GMT
expires: Sat, 25 Nov 2023 00:18:13 GMT
cache-control: public, max-age=31536000
age: 349926
last-modified: Thu, 05 Nov 2020 22:02:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   49687
Md5:    cc62c0c9ccecd2db6493f115cbb89731
Sha1:   3bf4c69c6af6677622f2a05314fc7bd614e4cb57
Sha256: d88e039a0465b0bbfafe762bc29a256ab2e37e9e5bafa91dbcf9b7b707f99108
                                        
                                            GET /s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7832
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 10:09:10 GMT
expires: Wed, 22 Nov 2023 10:09:10 GMT
cache-control: public, max-age=31536000
age: 573669
last-modified: Thu, 05 Nov 2020 22:01:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7832, version 1.0\012- data
Size:   7832
Md5:    f4f17fd53c7d040e56f91a3ecb692b22
Sha1:   1b51342175762634835645ba2f99cd3ab0ac615c
Sha256: b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 01:30:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   912
Md5:    1423ae24b3ca544f4faa48b9ff1f4a17
Sha1:   36b74f1b05329a0116f791d66423222a653b90f9
Sha256: 4d57ff1b87121f64bfbe3905c4c622b04ad16a0661f2e8d12651702bdfc62683
                                        
                                            OPTIONS /v2/auth/temporary HTTP/1.1 
Host: api.redgifs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-customheader
Referer: https://www.redgifs.com/
Origin: https://www.redgifs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         104.18.40.219
HTTP/2 200 OK
                                        
date: Tue, 29 Nov 2022 01:30:19 GMT
content-length: 0
access-control-allow-methods: CONNECT, GET, HEAD, DELETE, PUT, OPTIONS, PATCH, TRACE, POST
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-headers: content-type,x-customheader
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.redgifs.com
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771793d08fc50afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6FF94013E998C5B5EE73FCE81071EDBA0953B67F1508CC6113EF0F3928BDC8BA"
Last-Modified: Sun, 27 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4939
Expires: Tue, 29 Nov 2022 02:52:38 GMT
Date: Tue, 29 Nov 2022 01:30:19 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   5183
Md5:    7722b1b12f4cc167700bff0162b5166d
Sha1:   31a6d38d2a417469b4798fa0df6384fccd24a93e
Sha256: 11f285aead778200196359e255788a134450d8fd56945b473ab8f062056eac4f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 01:30:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=GTM-5SCT9DN HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 01:30:19 GMT
expires: Tue, 29 Nov 2022 01:30:19 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41432
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8436)
Size:   41432
Md5:    ef8d5a060aea1329c3fbe713cea06710
Sha1:   74a67db05e8525f1a943bd3f44e0fa04f490198a
Sha256: 03a2d3b1799f5b5c2b81d6da5f8fc61e8469e85996a948e703b02457ba89c392
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 01:30:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AF8C869ED8331124B726412A3194D8B86C6901AC5120A28CD38DE2CC9AEC06AD"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7939
Expires: Tue, 29 Nov 2022 03:42:38 GMT
Date: Tue, 29 Nov 2022 01:30:19 GMT
Connection: keep-alive

                                        
                                            OPTIONS /v2/gifs/criminalenlightenedpupfish?views=yes&users=yes HTTP/1.1 
Host: api.redgifs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-customheader
Referer: https://www.redgifs.com/
Origin: https://www.redgifs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         104.18.40.219
HTTP/2 200 OK
                                        
date: Tue, 29 Nov 2022 01:30:20 GMT
content-length: 0
access-control-allow-headers: authorization,content-type,x-customheader
access-control-max-age: 3600
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.redgifs.com
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, CONNECT, OPTIONS, PATCH, POST, HEAD, TRACE, DELETE
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771793d258260afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /v2/recommend/tags/criminalenlightenedpupfish HTTP/1.1 
Host: api.redgifs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,x-customheader
Referer: https://www.redgifs.com/
Origin: https://www.redgifs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         104.18.40.219
HTTP/2 200 OK
                                        
date: Tue, 29 Nov 2022 01:30:20 GMT
content-length: 0
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Postman-Token
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH
access-control-allow-origin: https://www.redgifs.com
access-control-max-age: 86400
cache-control: max-age=3600
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771793d258270afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /impression/d35e5c47-8e8d-4bcf-86e8-b285e231bf95?vlmi=1&vlm=1&vlmd=v.vfgte.com&vlmcid=d35e5c47-8e8d-4bcf-86e8-b285e231bf95&subID1=VGIL_999528998_REDG_CHHD_ALL&source=TS507-999528998&affiliateID=108124&Location_Alias=CHHD&livefeed=karolBeckham&providers=streamate&genders=f%252Cff&skin=1&canHide=1&containerAlignment=center&cols=4&rows=1&number=4&background=transparent&useFeed=1&animateFeed=1&smoothAnimation=1&ratio=1&verticalSpace=10px&horizontalSpace=10px&colorFilter=0&colorFilterStrength=0&AuxiliaryCSS=%0A&token=fdecb600-9bd9-11ec-b9c9-0fb5c35adf26&isLive=1 HTTP/1.1 
Host: v.vfgte.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         18.196.84.70
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 29 Nov 2022 01:30:20 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: d35e5c47-8e8d-4bcf-86e8-b285e231bf95-osz-v4=DZ7hwEUXRNIzYCSjUaFMkjfk7lo8lHqR2_qZdkBnJOH-sPMdAVDs_7ZiYwxPZavrml00fwS0KrajGd01f0VmWJ5Zt7ZFwVUuRGxtTKbSlEDAMpTElOgIKXufdpjcesjjWItuBFodO4humc9NP6FHG4SAUIz6Ti0v6B268QZgw9JrgaPUiL_5OIZfOa1wx0WQh24YSs4E-c14CV6DfdaE0O8TkcUqQnTDpkUggVUa9fx-58Hql02YT5mzI50XACtvU8uX7G-CWTx3D40l_C9xUHxTiTzRtD8YIljVWgPg6TF0_dF2qfwmicsUqRd_mor_P4uwTJIUPGcN8sfwJ00lJGtRYjq25twdjSjYPHvZAk9j3dDtVaO453WL5q1YWrQkCZaNd7egUdGd1IvfLbQkT5D445vu-uX0QrzH7GaWXL02Q1OGaROljLOCum_K3h1kH43kpkRRngybhzL56TAKsxCMZ9HF1bk828BGOxCJMvfFL8I29h5KOSxAJC_NZOJ_ub3Taa2BNUG3uaJqNSc2X30h4qJSAE0MKghTP64Td8ss1STj7tmzW_Re1kjKsoaeBOEvE4mp79ai5ZtWqBDYenB2I_arwHYIldsjapqnjvx1T_qjvYB794BYGlbjXWftucEdjEBZ0T5xWzdANZR01PhjoPlihun_ofaPaISpHy0m__gmo6BeK2pKY4WaGYNrk7FRZIB5c1DqbQ5A-GAh42yCuRCdQGBAy6t-cwQ2azlgFJ-KmH2oBGKvF4OTUgRlkmRYkG33v32H0Mvnm0kGUQ3e6-aKz4TT3B_3YJnU_6a_e6IXYBks_OhjXUm5TrfPudt485vVl2HlsOxQH3iFXfsdmsdnI-Wv6r7Ic-QbH0wGEBS6mOJBdczbVB9nQi-2G-CNLCGlqGKpCM6ggv7qDqB0yhBvRBPmyOnUekKy5icpiZVRyySpuDoS-QdhICB3_2DxYNLD47MmMqQ3ChUdTzt6fFJr_nIi6xCuULBrruiLDx4fk5SqbssEByEh2LTkMtsBaszHzXtfRTEdzZaM-2DsekW21iZRVQzsVak9lAraLsopLgFIzrZqkOUb8LVFwLoXSbfXtJwUxVDogQxQqks0uI1G518T1qRDEizpHHT1CkgWKGqh_EbnmvylM4Kw; Domain=v.vfgte.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /jquery-3.6.0.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Tue, 29 Nov 2022 01:30:20 GMT
content-encoding: gzip
content-length: 30875
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669685420.dop023.sk1.t,1669685420.cds252.sk1.hn,1669685420.cds210.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30875
Md5:    899f0189aaf034bbba5340f724d91dfa
Sha1:   210ea9de03968edb9d839ba4a0ce2d48666a8ab8
Sha256: 949b6597c5ea907a7ef3c8ca6d5ffc73be2352f9df485b78704e5c4dabac5d0f
                                        
                                            GET /px.gif?event=view&region=main&gif=criminalenlightenedpupfish&position= HTTP/1.1 
Host: pixel.redgifs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redgifs.com/
Origin: https://www.redgifs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         104.18.40.219
HTTP/2 200 OK
content-type: image/gif
                                        
date: Tue, 29 Nov 2022 01:30:20 GMT
content-length: 43
access-control-allow-origin: https://www.redgifs.com
access-control-expose-headers: accept, cdn-loop, cf-ray, accept-encoding, sec-fetch-mode, sec-fetch-site, x-forwarded-proto, cf-visitor, cf-ipcountry, sec-fetch-dest, origin, accept-language, x-forwarded-for, user-agent, host, cf-connecting-ip, referer, x-amzn-trace-id, x-forwarded-port
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771793d548f40afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9726
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:30:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9726
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:30:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9726
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:30:20 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9726
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:30:20 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7faa45dd-b9de-4dae-a2d6-ee678d7d3906.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9015
x-amzn-requestid: 9f657586-a44e-46f0-8c38-f1bf26142486
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVOlEE6ZoAMFUPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852aed-1da2400f4165dd553418f8b9;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:41:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mqdz1NhVCqmSrhYLIF0miDzrBiS82SUU6ZRFzDMllbCwS70hC0rMRQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 13405
etag: "c6dfd277cdbd057472e6df6ad1a200f50684d442"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9015
Md5:    ae2e2986caa15a90b615147f229b51ec
Sha1:   c6dfd277cdbd057472e6df6ad1a200f50684d442
Sha256: ec3799922c38ee6394601744ff4b2c405ee44c4718a2b90c104134657f8b480b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:38:02 GMT
age: 64338
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10176
Md5:    03014221d7f49b50ffc2d1b0a0e75457
Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd
Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lzXj01ht9kpuwONgKM0xM0QRu8G9M9oX6rwYzv_Q_sI09Y3-RIVF-A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 03:47:05 GMT
age: 78195
etag: "433061bbb226048765a711deca3026ee3e52372f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9203
Md5:    5d574c4db20a68295dbd06cb08f5990b
Sha1:   433061bbb226048765a711deca3026ee3e52372f
Sha256: 8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 04:45:02 GMT
age: 74718
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3004
Md5:    22e7d3e11e78242383e452adb9299016
Sha1:   035a1b4a2a7889787532ec2637d5c21e06daf672
Sha256: 990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9162
x-amzn-requestid: f7fb3b99-6f1c-4ab3-9547-a337d54e8c9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVjI8E9poAMFaQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63854bd2-0679b83d1aa3b7c71aa6bf1c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 00:01:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DVS-FTO93p2gjrvMYzKgNjZmrPxmUuiJHWLuZqOMZzJFwEcWJbW35Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 00:36:14 GMT
etag: "6567069d9f5199205ba1ca7a937fcb0a52f95d06"
age: 3246
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9162
Md5:    c808183085a429c53515508678fc7ab2
Sha1:   6567069d9f5199205ba1ca7a937fcb0a52f95d06
Sha256: c7ca95730cbc97d7c243e05b23520166faefcd2dfe90f36f70fad1f7e4537e4c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1172c72b-d329-4446-80cb-92b8cf104425.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3944
x-amzn-requestid: 8a6732c1-72da-4a73-ba51-8533c6a01a9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNmfFgeIAMFjLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385295c-0c807d93277bfb7f6b13c2ee;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:20 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oW4xFfsPp-Jmf28Uc88iZ2jLgtMRjn2gW0orrJ4K201r6Y6OlHkacQ==
via: 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:51 GMT
age: 13409
etag: "5008d7344dd85ae61a598c17e7baf427def3e25d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3944
Md5:    9cd333c474420e235831d96ed881167e
Sha1:   5008d7344dd85ae61a598c17e7baf427def3e25d
Sha256: 2178a96e120661e43d8e8ed0df1fcf500caf4c58db9e1bedaf0706af0a80b286
                                        
                                            GET /v2/recommend/tags/criminalenlightenedpupfish HTTP/1.1 
Host: api.redgifs.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.redgifs.com/
authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJodHRwczovL3d3dy5yZWRnaWZzLmNvbS8iLCJpYXQiOjE2Njk2ODU0MTksImV4cCI6MTY2OTc3MTgxOSwic3ViIjoiY2xpZW50LzE4MjNjMzFmN2QzLTc0NWEtNjU4OS0wMDA1LWQ4ZThmZTBhNDRjMiIsInNjb3BlcyI6InJlYWQiLCJ2YWxpZF9hZGRyIjoiOTEuOTAuNDIuMTU0IiwidmFsaWRfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCJ9.ARU_AZlDBiWfMCAgf_n2ZxG4dUagD9AFRU13K0VXWfruwA9CNNuZTdwyFhFTeUVYadsEPQWZxO5g9NAlcrH9tpzJ_iRvNbARbGnHhLFYniHkuRFg3SdjW0xPa2GSkeH1f7ygKROqYoSzZ5Pvs-Se3tizVaTdfLxOxDG8YXJ58ti1atpw5rj7tF7X8AoxcfyqvRpL8F-kP7dMLZPAI4Tw4pSZ717tej65NLdxYCkqDIA10-Uy8jDQZgA0VB4IQPXAh1oqI5XoXemnlsMNyWJlAQwQxLNysb-MtWSjNw3uZ991HU63AGFJo1xCwk1flLusoUbwo8T36UK1KpMD0W4BTQ
content-type: application/json
x-customheader: https://www.redgifs.com/watch/criminalenlightenedpupfish
Origin: https://www.redgifs.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         104.18.40.219
HTTP/2 200 OK
content-type: application/json
                                        
date: Tue, 29 Nov 2022 01:30:20 GMT
content-length: 38046
access-control-allow-headers: Authorization,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Postman-Token
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, OPTIONS, PATCH
access-control-allow-origin: https://www.redgifs.com
access-control-max-age: 86400
cache-control: no-store
content-encoding: gzip
x-compressed-length: 38046
x-handler-duration: 0.46113204956055
x-pmu: 51783992
x-source-length: 160308
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771793d308670afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   38046
Md5:    d152752743748b79d7d8780b18ded112
Sha1:   94ad280586e25d0c356a18680167e7ff115f814d
Sha256: 7af74c1ce85492d24ba21869c94d33534ac78189fc65d5ffa7dc05d5b2bd2774
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "56CC86078F6C4FF84CB5B4FA86DFA61BD8B457B3766FE60EA994A1B2BD3D136A"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3487
Expires: Tue, 29 Nov 2022 02:28:27 GMT
Date: Tue, 29 Nov 2022 01:30:20 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 01:30:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-74EJ74VZ0E&cid=2009047811.1669685420&gtm=2oeb90&aip=1&z=777057441 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 01:30:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 01:30:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /g/collect?v=2&tid=G-74EJ74VZ0E&gtm=2oeb90&_p=674610025&_gaz=1&cid=2009047811.1669685420&ul=en-us&sr=1280x1024&_s=1&sid=1669685419&sct=1&seg=0&dl=https%3A%2F%2Fwww.redgifs.com%2Fwatch%2Fcriminalenlightenedpupfish&dt=Big%20Tits%20Bra%20Hotwife%20Porn%20GIF%20by%20marcipan%20%7C%20RedGIFs&en=gif_view&_fv=1&_nsi=1&_ss=1&_c=1&ep.page_type=watch&ep.is_user_logged_in=false&ep.user_name=&ep.gif_id=criminalenlightenedpupfish&ep.tags=Big%20Tits%2CBra%2CHotwife HTTP/1.1 
Host: region1.analytics.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://www.redgifs.com
date: Tue, 29 Nov 2022 01:30:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 01:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /g/collect?v=2&tid=G-74EJ74VZ0E&cid=2009047811.1669685420&gtm=2oeb90&aip=1 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         142.250.150.156
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://www.redgifs.com
date: Tue, 29 Nov 2022 01:30:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /purecam?performer=karolBeckham&performerid=107226752&widescreen=true&muted=1 HTTP/1.1 
Host: hybridclient.naiadsystems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cwchmb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         207.246.147.63
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 01:30:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Origin
X-Response-Time: 1ms
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   751
Md5:    1d40f9fe54b79bb9cb3824bf7e79d600
Sha1:   68916ca941787f995e73a8a4554f6feff8284440
Sha256: 809e17cb991bd79bae0d331576a9d26ea9ebb8bd9efcf16167ba822e1e348708
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 01:30:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/poppins/v15/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7844
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 12:33:47 GMT
expires: Sat, 25 Nov 2023 12:33:47 GMT
cache-control: public, max-age=31536000
age: 305794
last-modified: Thu, 05 Nov 2020 22:02:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7844, version 1.0\012- data
Size:   7844
Md5:    93c0db9332c3f46d1842b36bcf89dac0
Sha1:   7d5057e994e405022a1bfa3c6c668028ac222532
Sha256: e28d860a51754d183f6f97432fd94046cd31afb7ce65c8ea179b0ff63b3d84fa
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8B97266B71D44453BEC6519042D71F945DA7285813E380DB61E7DD70914ECDF3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16049
Expires: Tue, 29 Nov 2022 05:57:50 GMT
Date: Tue, 29 Nov 2022 01:30:21 GMT
Connection: keep-alive

                                        
                                            POST /eactrl.go HTTP/1.1 
Host: go.goasrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 1858
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         217.22.19.196
HTTP/2 200 OK
content-type: application/json;charset=utf-8
                                        
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
content-length: 16328
content-encoding: gzip
access-control-allow-origin: https://www.redgifs.com
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token,X-CSRFToken, Authorization
expires: Mon, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 29 11 2022 01:30:21 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
pragma: no-cache
x-backend-server: nl2-go-web-242
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (31993)
Size:   16889
Md5:    c224a1ace171f34872404460dee2460f
Sha1:   d4f3a6427a394d47a9a512c1ea3f93a2bff789f5
Sha256: 1f93c20ddea77881481dc139a23f9e967f551d76e936721a146dca7f827d3d2f
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6275
Cache-Control: max-age=88006
Date: Tue, 29 Nov 2022 01:30:22 GMT
Etag: "6383fcf1-139"
Expires: Wed, 30 Nov 2022 01:57:08 GMT
Last-Modified: Mon, 28 Nov 2022 00:12:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /dist/pure/2.4.3/pure.js HTTP/1.1 
Host: cdn.hybridclient.naiadsystems.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hybridclient.naiadsystems.com
Connection: keep-alive
Referer: https://hybridclient.naiadsystems.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         69.16.175.10
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Date: Tue, 29 Nov 2022 01:30:22 GMT
Connection: Keep-Alive
ETag: "1669164934"
Content-Encoding: gzip
Content-Length: 312469
Last-Modified: Wed, 23 Nov 2022 00:55:34 GMT
Accept-Ranges: bytes
Server: nginx
Cache-Control: max-age=600
X-Response-Time: 10ms
X-HW: 1669685422.dop202.sk1.t,1669685422.cds208.sk1.shn,1669685422.dop202.sk1.t,1669685422.cds026.sk1.c
Access-Control-Allow-Origin: *


--- Additional Info ---
Magic:  ASCII text, with very long lines (32022)
Size:   312469
Md5:    995c742f66d385cb9f10057f39212554
Sha1:   1f8fc07532582687ec0d887e74e797f8155a4d7e
Sha256: 6b2d669e663d45d3652bf612992c77e632aae6e3375bb510a69ff58032dcc759
                                        
                                            GET /iframe.php?idzone=4341126&size=300x250 HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.76.9.14
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 01:30:22 GMT
expires: Tue, 29 Nov 2022 03:51:31 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694029
server: CDN77-Turbo
x-77-nzt: AblMCQ1DLjT/kQgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae60856314a5840e
x-cache: HIT
x-age: 2193
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   613
Md5:    1fb5f649e9d3f1a1d6785913ba035d2a
Sha1:   9e3c32b87da3b2ad711423a96ee186de630bb9c0
Sha256: 6cf68def2349fa22beeed526a62d9b48017cc93d8e32f3758274f10c87accadb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6224
Cache-Control: max-age=87610
Date: Tue, 29 Nov 2022 01:30:22 GMT
Etag: "6383fb98-117"
Expires: Wed, 30 Nov 2022 01:50:32 GMT
Last-Modified: Mon, 28 Nov 2022 00:06:48 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /ad-provider.js HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341078&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.76.9.14
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 01:30:22 GMT
etag: W/"f26c91d131ffc1bbddb296d644e"
expires: Mon, 28 Nov 2022 15:50:38 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669693864
server: CDN77-Turbo
x-77-nzt: AblMCQ2FnnT/NgkAAA
x-77-nzt-ray: c0a4cc281fcdb472ae608563ede9ef11
x-cache: HIT
x-age: 2358
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (51260)
Size:   21904
Md5:    af50c3821377c97a2b77e59a8aad0b62
Sha1:   b2980dee49b4dfd62dc305230c42df037b39dfa6
Sha256: b06e7bde7021e33f8e36f8ee65cb88707fc743912a54b4e9a3f0169197b28b8e
                                        
                                            GET /ee1e1742-0db4-40f5-aeaa-6258e83a66f9 HTTP/1.1 
Host: track.gpsecureads.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         18.193.146.82
HTTP/2 302 Found
                                        
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://tour.camsoda.com/promos/iframe/160x600g.php?id=redgntvsoda&vclid=wbk6vkmihvttm9qkit6qfkc2&ad_id=RedGifs_NTV_Json_160x600g&join_form=0&vidstop=2
pragma: no-cache
set-cookie: ee1e1742-0db4-40f5-aeaa-6258e83a66f9-v4=4X4gUeU0GhHO4d_RdMazekT5l7tClxrvehuqJ4ZnLFQ; Max-Age=86400; Expires=Wed, 30-Nov-2022 01:30:22 GMT; Domain=track.gpsecureads.com; Path=/; Secure; HttpOnly;SameSite=None cc-v4=TKAFP%2B9WyCp9PGygMc%2FP0F7iE53zQvZjmqlykXme4LcMdM5pr60txdJZiioEVhOH9Z3IzrvZEATiVOSFzOnuEYNDgH%2Fxefw4EXtZt9Q6NlJriTPv41R6bNEVD%2FCWaGX5H5ezjg4%2FhSaS0zIf5UNF9w%3D%3D; Max-Age=31536000; Expires=Wed, 29-Nov-2023 01:30:22 GMT; Domain=track.gpsecureads.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CB880A01060C42F973F6BC80EF18D2AFDC65E8BF55C4A2DBB2E865663D89C424"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10071
Expires: Tue, 29 Nov 2022 04:18:13 GMT
Date: Tue, 29 Nov 2022 01:30:22 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   961
Md5:    06766fb6c2dd5a529dbf74110712a93b
Sha1:   719dd292cbde605c88cdbd2614db43ce39379190
Sha256: 86080c0ec31ef68c4b3898ec7a11d1d6d084d5bd756a7fed45dd5fda9acaba61
                                        
                                            GET /iframe.js?idzone=4341124 HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341124&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.76.9.14
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 01:30:22 GMT
etag: W/"2ad63d3a1db60855e2aae8b0622"
expires: Mon, 28 Nov 2022 15:50:41 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694040
server: CDN77-Turbo
x-77-nzt: AblMCQ0Rvmz/hggAAA
x-77-nzt-ray: c0a4cc281fcdb472ae608563e4d20918
x-cache: HIT
x-age: 2182
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1810), with no line terminators
Size:   1262
Md5:    a2f2e3e4b569e9343a4cdd6653738f4e
Sha1:   0dd21682c8df1999690be48ab03692dbeaffee34
Sha256: d794eacd3b5ea7ba189ec7d5d83970a1d5fa892186912e76196d3078740cd543
                                        
                                            GET /data/creatives/390/37092.webp HTTP/1.1 
Host: data.goasrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         217.22.19.195
HTTP/2 200 OK
content-type: image/webp
                                        
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
content-length: 261000
last-modified: Tue, 22 Nov 2022 13:27:01 GMT
etag: "637cce25-3fb88"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-backend-server: nl2-static-223
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image\012- data
Size:   261000
Md5:    d3e87752d6c90dc7b120f0d9ab4858eb
Sha1:   0bf3e0033173600a314bab59f5308d4069a6dd8e
Sha256: 44e97c9d9fa178c5d4d6d93c463f805e1c94e0570093d6353f065b9617aa3f78
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6275
Cache-Control: max-age=88006
Date: Tue, 29 Nov 2022 01:30:22 GMT
Etag: "6383fcf1-139"
Expires: Wed, 30 Nov 2022 01:57:08 GMT
Last-Modified: Mon, 28 Nov 2022 00:12:33 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 313

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6224
Cache-Control: max-age=87610
Date: Tue, 29 Nov 2022 01:30:22 GMT
Etag: "6383fb98-117"
Expires: Wed, 30 Nov 2022 01:50:32 GMT
Last-Modified: Mon, 28 Nov 2022 00:06:48 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /iframe.js?idzone=4341074 HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341074&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.76.9.14
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 01:30:22 GMT
etag: W/"2dd1f9a6e759a2c71e8df5918bd"
expires: Mon, 28 Nov 2022 15:50:46 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669693970
server: CDN77-Turbo
x-77-nzt: AblMCQ3L1EP/zAgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae608563f321d01a
x-cache: HIT
x-age: 2252
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1810), with no line terminators
Size:   1107
Md5:    c1a1a50730822017bfef2640e2e5d833
Sha1:   17bfb62a1179ebbcbc1dd8d7fe09b43f35293342
Sha256: dc53d9752fcf7cf2d5890a775e33d85493cbfbea25d0c555b1b7c44b2fa003f1
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "8D59D1492F0E0E36C96FB023B1468CEBBC9F4519803C8AC34D22202306335465"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5276
Expires: Tue, 29 Nov 2022 02:58:18 GMT
Date: Tue, 29 Nov 2022 01:30:22 GMT
Connection: keep-alive

                                        
                                            GET /en/us/about?zid=15242&pid=0&custom1=VGIL_999529072_REDG_SQU&custom2=108124&custom3=TS507-999529072&custom5=SQU&Bnr={BanName}&custom8=v.vfgte.com&custom9=52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad HTTP/1.1 
Host: afgtrwd1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         192.99.16.68
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx/1.15.7
Date: Tue, 29 Nov 2022 01:30:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 31 Dec 1998 11:59:59 GMT
X-Robots-Tag: none
P3P: CP="NOI DSP COR NID"
Set-Cookie: AVPUID=02d22377cc10a818aa7c801155e62bd4; Expires=Wed, 29-Nov-2023 01:30:22 GMT; Path=/; Secure; HttpOnly; SameSite=None
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (1027), with CRLF, LF line terminators
Size:   1008
Md5:    cc73a6d1c924ac04bee689eac7d09f58
Sha1:   b22f609a9bd604fcf4eda18473108fbfb177eefc
Sha256: 03bd1ef2b15db2599a67ba4e9cd79a8d14c4a407fd4a238a7795c915fddd7766
                                        
                                            POST /v1/api.php HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae742f43.142256111855184562%22%3B%7D; expires=Thu, 28-Nov-2024 01:30:22 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5467)
Size:   2790
Md5:    171616016c1baf210c7e8f09c9660cd9
Sha1:   18f47a47cf2b4652b7ab7c5cc090c700175e949a
Sha256: 116601d2fbecd84719a6b02e7b17e97280c5aa9460c52f4bb5b71da99c403ddc
                                        
                                            POST /v1/api.php HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae756035.899076791754275121%22%3B%7D; expires=Thu, 28-Nov-2024 01:30:22 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5461), with no line terminators
Size:   2510
Md5:    4577c680a4f1dcbfa22ddd3ccc4bbb42
Sha1:   84455f446e1ace2d720bc40955e849a59e7df766
Sha256: cb58f07deb21a4afa002fdb3f4bc02aa6dd8336cad526a5dba4a5e34613f1a6a
                                        
                                            GET /en/us/about?zid=15246&pid=0&custom1=VGIL_999529071_REDG_UPL&custom2=108124&custom3=TS507-999529071&custom5=UPL&Bnr={BanName}&custom8=v.vfgte.com&custom9=a2b90567-4b77-4988-bbac-625e003ba282 HTTP/1.1 
Host: afgtrwd1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         192.99.16.68
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Server: nginx/1.15.7
Date: Tue, 29 Nov 2022 01:30:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store
Pragma: no-cache
Expires: Thu, 31 Dec 1998 11:59:59 GMT
X-Robots-Tag: none
P3P: CP="NOI DSP COR NID"
Set-Cookie: AVPUID=711b88f4663fe8af6d2c0d180c2860a1; Expires=Wed, 29-Nov-2023 01:30:22 GMT; Path=/; Secure; HttpOnly; SameSite=None
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (1027), with CRLF, LF line terminators
Size:   1002
Md5:    73b10db62e9a389a74cd2269353512a8
Sha1:   7db201041fb0fd3f5edc2ac6adcf512537e7ae28
Sha256: ab0647e0cdf411ffd05d3fc5862f44d622efc7475881efc2b125616c23332bef
                                        
                                            POST /v1/api.php HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae77f588.627391291910248869%22%3B%7D; expires=Thu, 28-Nov-2024 01:30:22 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5468), with no line terminators
Size:   2514
Md5:    ff01d3c5d5ccdf215ccd3fd093f88928
Sha1:   b8eba03c29d5722ccfa2bfd68dec7e61e517e462
Sha256: 6d7a262651b6a041fdb7ed9c367479f7537dcc8521eb023c0091912e8105d8ef
                                        
                                            GET /iframe.js?idzone=4341118 HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341118&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.76.9.14
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 01:30:22 GMT
etag: W/"e2f06d7e9e22aac719a49d0a8ee"
expires: Mon, 28 Nov 2022 15:50:41 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694108
server: CDN77-Turbo
x-77-nzt: AblMCQ3W9HH/QggAAA
x-77-nzt-ray: c0a4cc281fcdb472ae608563f0509112
x-cache: HIT
x-age: 2114
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1810), with no line terminators
Size:   1795
Md5:    cf6c7f959049fa9fa3f562c9384fb804
Sha1:   00f45539a0c9c0ead014a388f80cd2daf3a0671c
Sha256: dc2665733060cd6e0867559f87b5f8ffc00511ef1479f71ccb6cfc49236f6c5d
                                        
                                            POST /v1/api.php HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae7d5904.307211583146775193%22%3B%7D; expires=Thu, 28-Nov-2024 01:30:22 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
X-Robots-Tag: noindex, follow
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5470), with no line terminators
Size:   2518
Md5:    b3be76ec6a4ace04f2523bf37fbd5b67
Sha1:   5dc9f5e7544543d794d462c7c4420e1d28801d05
Sha256: 8dfdb19aa58d9bfaaabad48e49afd63631d577f4e756447a985d9097421fed95
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4499A9663D336B9ACF5B3EE63198782C9A136964E1AA4B617DC78C692A15858B"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3068
Expires: Tue, 29 Nov 2022 02:21:30 GMT
Date: Tue, 29 Nov 2022 01:30:22 GMT
Connection: keep-alive

                                        
                                            GET /iframe.js?idzone=4341078 HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341078&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.76.9.14
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 01:30:22 GMT
etag: W/"cc024d378e39b2973e0664f05a0"
expires: Mon, 28 Nov 2022 15:50:41 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694059
server: CDN77-Turbo
x-77-nzt: AblMCQ18VrT/cwgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae60856383bf4312
x-cache: HIT
x-age: 2163
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1810), with no line terminators
Size:   1791
Md5:    cb204e83a3d829e6b15ff4c9b79be9bd
Sha1:   6394d44dfa9b3d7bccafe42cbf88811097368991
Sha256: f1eaf8705af3cfacdffa529e4b2dc6ffbe6622976b3d8383efc1b02d43e421fd
                                        
                                            GET /iframe.php?idzone=4341124&size=300x250 HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.76.9.14
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 01:30:22 GMT
expires: Tue, 29 Nov 2022 03:51:56 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694019
server: CDN77-Turbo
x-77-nzt: AblMCQ3SSJ3/mwgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae6085631e5b7e0e
x-cache: HIT
x-age: 2203
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   3263
Md5:    6b4914802f0998dd1ed2b0578d6843c9
Sha1:   ec29de796887298f7726f1a2b2e6c9bf8dbc82b3
Sha256: 7ef6c2d7e144c1f4cafcb14a36604b1ea714f303d50d3c15e51eb2e4346c8bb9
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "8D59D1492F0E0E36C96FB023B1468CEBBC9F4519803C8AC34D22202306335465"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5276
Expires: Tue, 29 Nov 2022 02:58:18 GMT
Date: Tue, 29 Nov 2022 01:30:22 GMT
Connection: keep-alive

                                        
                                            POST /v1/api.php HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae7d5904.307211583146775193%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1411), with no line terminators
Size:   1076
Md5:    59ec9d13def7a64e4432333361fb2c7a
Sha1:   d470378e06476b8c890b6b50b5b617d7142d3df4
Sha256: a82763f7395fdf612c7bb23db1d22c83e4c54b268710fc450579ee8b2fb3632c
                                        
                                            GET /impression/52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad?subID1=VGIL_999529072_REDG_SQU&affiliateID=108124&source=TS507-999529072&subID2=ADV15242_33537_89799;&Location_Alias=SQU&Pub=&Target=&cost=&Bnr=012069A&FileID=581193 HTTP/1.1 
Host: v.vfgte.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afgtrwd1.com/
Cookie: d35e5c47-8e8d-4bcf-86e8-b285e231bf95-osz-v4=DZ7hwEUXRNIzYCSjUaFMkjfk7lo8lHqR2_qZdkBnJOH-sPMdAVDs_7ZiYwxPZavrml00fwS0KrajGd01f0VmWJ5Zt7ZFwVUuRGxtTKbSlEDAMpTElOgIKXufdpjcesjjWItuBFodO4humc9NP6FHG4SAUIz6Ti0v6B268QZgw9JrgaPUiL_5OIZfOa1wx0WQh24YSs4E-c14CV6DfdaE0O8TkcUqQnTDpkUggVUa9fx-58Hql02YT5mzI50XACtvU8uX7G-CWTx3D40l_C9xUHxTiTzRtD8YIljVWgPg6TF0_dF2qfwmicsUqRd_mor_P4uwTJIUPGcN8sfwJ00lJGtRYjq25twdjSjYPHvZAk9j3dDtVaO453WL5q1YWrQkCZaNd7egUdGd1IvfLbQkT5D445vu-uX0QrzH7GaWXL02Q1OGaROljLOCum_K3h1kH43kpkRRngybhzL56TAKsxCMZ9HF1bk828BGOxCJMvfFL8I29h5KOSxAJC_NZOJ_ub3Taa2BNUG3uaJqNSc2X30h4qJSAE0MKghTP64Td8ss1STj7tmzW_Re1kjKsoaeBOEvE4mp79ai5ZtWqBDYenB2I_arwHYIldsjapqnjvx1T_qjvYB794BYGlbjXWftucEdjEBZ0T5xWzdANZR01PhjoPlihun_ofaPaISpHy0m__gmo6BeK2pKY4WaGYNrk7FRZIB5c1DqbQ5A-GAh42yCuRCdQGBAy6t-cwQ2azlgFJ-KmH2oBGKvF4OTUgRlkmRYkG33v32H0Mvnm0kGUQ3e6-aKz4TT3B_3YJnU_6a_e6IXYBks_OhjXUm5TrfPudt485vVl2HlsOxQH3iFXfsdmsdnI-Wv6r7Ic-QbH0wGEBS6mOJBdczbVB9nQi-2G-CNLCGlqGKpCM6ggv7qDqB0yhBvRBPmyOnUekKy5icpiZVRyySpuDoS-QdhICB3_2DxYNLD47MmMqQ3ChUdTzt6fFJr_nIi6xCuULBrruiLDx4fk5SqbssEByEh2LTkMtsBaszHzXtfRTEdzZaM-2DsekW21iZRVQzsVak9lAraLsopLgFIzrZqkOUb8LVFwLoXSbfXtJwUxVDogQxQqks0uI1G518T1qRDEizpHHT1CkgWKGqh_EbnmvylM4Kw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         18.196.84.70
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: 52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad-osz-v4=2Br88ljtdc2WrFd4CGQXdPc0B4y58l_jOAMTFP-uUvDL9X6w5BV2KOqmARaqdJKdurFF71LG-ldqWH77iUp9kna45I_IjhftAWx4unfvA5_9TnAfYflZqEmR17CPvd3xfkBcdMElk1YqyQ8Q8C9IMnENDt_YOe0cH6IJrAf2QPM7_ktI2o_vbqHl083hziRx3LvHOSoAGPYtSQL2CYhP_ssZn4hTvCeS1eKog5D7Kt6WsPKYJb4rJiNqViCtP1vrBPLHeMtL7juR_j5FcFWCfiB1S7Vjh_I8ShPrwEZ-nmbnh7ohhjoiWC4-XttOxFirFnNNAvMVsFv6AnLO_xKe7aGG0dCgmMNzHrLoH23BPxmRJh7lKMLRRQTknH_8DAljBv_BBU2H3XzUs5DuwfR-n8oeas3pERyylgHPWCTGoLOsYPodc7yMW2XR-uYGKnriYpa50aQiw6slh9sAxePEtX8ac0GEwRvBip1SvmdRwVp355aWbQlfT15FeM8uqZAWRoNzFULhSlng9gpgoNKjS_ZfruNfddpVfyfJ2cM-k7elmhqFS7n9E8FlUbDLiIOsUNQsPdVawzYgk3ijHwSRP0WzDE6p79VMaL0mH8rGmmMDHbIq46TIx8CLY5RkMIDIqTzo35-f70KszKNIRUJs3J_5irNuvlUoL4cyE3T_O2lxeMcaSLHTv38vN1tkGCnoPejt2FEEWeRDjqlAhIIkKw; Domain=v.vfgte.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /impression/a2b90567-4b77-4988-bbac-625e003ba282?subID1=VGIL_999529071_REDG_UPL&affiliateID=108124&source=TS507-999529071&subID2=ADV15246_33628_88247;&Location_Alias=UPL&Pub=&Target=&cost=&Bnr=010481B&FileID=560332 HTTP/1.1 
Host: v.vfgte.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afgtrwd1.com/
Cookie: d35e5c47-8e8d-4bcf-86e8-b285e231bf95-osz-v4=DZ7hwEUXRNIzYCSjUaFMkjfk7lo8lHqR2_qZdkBnJOH-sPMdAVDs_7ZiYwxPZavrml00fwS0KrajGd01f0VmWJ5Zt7ZFwVUuRGxtTKbSlEDAMpTElOgIKXufdpjcesjjWItuBFodO4humc9NP6FHG4SAUIz6Ti0v6B268QZgw9JrgaPUiL_5OIZfOa1wx0WQh24YSs4E-c14CV6DfdaE0O8TkcUqQnTDpkUggVUa9fx-58Hql02YT5mzI50XACtvU8uX7G-CWTx3D40l_C9xUHxTiTzRtD8YIljVWgPg6TF0_dF2qfwmicsUqRd_mor_P4uwTJIUPGcN8sfwJ00lJGtRYjq25twdjSjYPHvZAk9j3dDtVaO453WL5q1YWrQkCZaNd7egUdGd1IvfLbQkT5D445vu-uX0QrzH7GaWXL02Q1OGaROljLOCum_K3h1kH43kpkRRngybhzL56TAKsxCMZ9HF1bk828BGOxCJMvfFL8I29h5KOSxAJC_NZOJ_ub3Taa2BNUG3uaJqNSc2X30h4qJSAE0MKghTP64Td8ss1STj7tmzW_Re1kjKsoaeBOEvE4mp79ai5ZtWqBDYenB2I_arwHYIldsjapqnjvx1T_qjvYB794BYGlbjXWftucEdjEBZ0T5xWzdANZR01PhjoPlihun_ofaPaISpHy0m__gmo6BeK2pKY4WaGYNrk7FRZIB5c1DqbQ5A-GAh42yCuRCdQGBAy6t-cwQ2azlgFJ-KmH2oBGKvF4OTUgRlkmRYkG33v32H0Mvnm0kGUQ3e6-aKz4TT3B_3YJnU_6a_e6IXYBks_OhjXUm5TrfPudt485vVl2HlsOxQH3iFXfsdmsdnI-Wv6r7Ic-QbH0wGEBS6mOJBdczbVB9nQi-2G-CNLCGlqGKpCM6ggv7qDqB0yhBvRBPmyOnUekKy5icpiZVRyySpuDoS-QdhICB3_2DxYNLD47MmMqQ3ChUdTzt6fFJr_nIi6xCuULBrruiLDx4fk5SqbssEByEh2LTkMtsBaszHzXtfRTEdzZaM-2DsekW21iZRVQzsVak9lAraLsopLgFIzrZqkOUb8LVFwLoXSbfXtJwUxVDogQxQqks0uI1G518T1qRDEizpHHT1CkgWKGqh_EbnmvylM4Kw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         18.196.84.70
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: a2b90567-4b77-4988-bbac-625e003ba282-osz-v4=G02fyyExpETDjeXyn_BAkk6mNtJ7TNDRHPuVtsQzTxZ_ahYEWqNU0F-NvPqNE2vx6W98w9xucNQu1Z-_gGnkgOL8ywZahb8uVNt7VxBgbf8VsVyCF2xVIMc87id_rHfnd6R0rFk6eo2ACA5cBioyOR_20ea0NKe1tJwFwTiqgnOOaHFPv-fAWrwJnSsixBoUoYchUF9eRL0Yrk6CXYxspLwWT75uadWqYpKtSHeANOF32YAXEBJ1q_qqd5Dm1S0ZFZ8UqfBZKjSyR1pWXYXxBCXmvTuMtA8JR8S9vzrw3B5WV2RNYt0JZ9fWZeBDh3i4n4z-b7rk1u1oC4HFTj4D-QyJy5SslvwbLYGa5gyxAgFOE3ragA_8zWYBiuEcBaEmUXoeSnUdII2E0QXtV4tIaiWlFi0Mn1ygnjxLQ6FjBqgt6s3pLD_1U0MY1JCG5eCVp4VuUC0FYuoet04QoEalWZTNN8Aa_OPpma6V9tImXxOC5ZaEVR-O-7qtDQgcTDW41QpEV3bs7z_v39hzxlASnuyOJN96hGrrluxwLuzYGiUFb4Y1ApU8hymmoMPrdXmlStCfFbNY-4BDM_gHoktZ0QSGxws7c--kldMXc1ZcpIV1SHeqKYA6kOULQS_okPmNon5bvQ8-BMdA0LuNkfn3UCfHmnQ_4uwWCQ4lqaHA0_ENYaHT2r9n17EL2RVJIxTQ_3rIFaLeCz-x9Pby9dOQng; Domain=v.vfgte.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST /v1/api.php HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae7d5904.307211583146775193%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5342), with no line terminators
Size:   2436
Md5:    a3638bfc1fff1c6591ddf269def23660
Sha1:   8ff0c617b51d984a62fe137efa7c35d13fea663d
Sha256: 8920ecf69bb396b36ee962ede7f3eda18c3d6f6cbea2d64c97fd3ab0d44df850
                                        
                                            POST /v1/api.php HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae7d5904.307211583146775193%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (5334), with no line terminators
Size:   2433
Md5:    716636510e9fc27a5858cbd854390b70
Sha1:   0c91765435dd8abbf114f009f6bafb63b198a5c7
Sha256: 5a00dd38fcc2559d72e67926ea30381a2583be70f7e5334527be8a567abd90c2
                                        
                                            POST /v1/api.php HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%22638560ae905057.24475050550525390%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1396), with no line terminators
Size:   1065
Md5:    6325651b3bed4b844f4ee27a27c06e15
Sha1:   d39cef9d4b617968b11eaf9e7cd392512d6c1405
Sha256: df0cfa82ecb07b82b01cbfe59b257cb7bc0f4055bca1ee5ca20fefada7e646e5
                                        
                                            GET /5643/010481B_JRKM_18_ALL_EN_71_L.gif HTTP/1.1 
Host: www.imglnke.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afgtrwd1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         205.185.216.42
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 29 Nov 2022 01:30:22 GMT
Connection: Keep-Alive
ETag: "1632412617"
Cache-Control: max-age=3382
Content-Length: 15744
Last-Modified: Thu, 23 Sep 2021 15:56:57 GMT
Accept-Ranges: bytes
X-HW: 1669685422.dop012.sk1.t,1669685422.cds012.sk1.shn,1669685422.cds012.sk1.c


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 250\012- data
Size:   15744
Md5:    8348f985faa43a24505b33495e5a6fe2
Sha1:   9fb40bacaaa545c0b7ea68e07d4087d6cc9cac7a
Sha256: b98aa1c81ee4eafd235aff9a43ddae150f157bc816d44488a98709d311c4b82f
                                        
                                            GET /5643/012069A_JRKM_18_ALL_EN_71_L.jpg HTTP/1.1 
Host: www.imglnke.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afgtrwd1.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         205.185.216.42
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Tue, 29 Nov 2022 01:30:22 GMT
Connection: Keep-Alive
ETag: "1669134891"
Cache-Control: max-age=2094
Content-Length: 40996
Last-Modified: Tue, 22 Nov 2022 16:34:51 GMT
Accept-Ranges: bytes
X-HW: 1669685422.dop216.sk1.t,1669685422.cds018.sk1.shn,1669685422.dop216.sk1.t,1669685422.cds206.sk1.c


--- Additional Info ---
Magic:  JPEG image data, progressive, precision 8, 300x250, components 3\012- data
Size:   40996
Md5:    faa37cfad9203de88a47ecc7eba7c531
Sha1:   b53195ccfd09876811c093ae00053e515d37f6c1
Sha256: 41008d982c629be2e598ad017e52ccd29003d48a1d36637774ebd7963d66abf4
                                        
                                            POST /eactrl.go HTTP/1.1 
Host: go.goasrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 15666
Origin: https://www.redgifs.com
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         217.22.19.196
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
content-length: 2
access-control-allow-origin: https://www.redgifs.com
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token,X-CSRFToken, Authorization
expires: Mon, 03 Jul 2001 06:00:00 GMT
last-modified: Tue, 29 11 2022 01:30:22 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0,post-check=0, pre-check=0
pragma: no-cache
x-backend-server: nl2-go-web-242
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   2
Md5:    99914b932bd37a50b983c5e7c90ae93b
Sha1:   bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
Sha256: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
                                        
                                            GET /js/interactive2.js HTTP/1.1 
Host: afgtrwd1.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afgtrwd1.com/en/us/about?zid=15242&pid=0&custom1=VGIL_999529072_REDG_SQU&custom2=108124&custom3=TS507-999529072&custom5=SQU&Bnr={BanName}&custom8=v.vfgte.com&custom9=52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad
Cookie: AVPUID=711b88f4663fe8af6d2c0d180c2860a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         192.99.16.68
HTTP/1.1 200 OK
Content-Type: text/javascript;charset=UTF-8
                                        
Server: nginx/1.15.7
Date: Tue, 29 Nov 2022 01:30:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=86400
Expires: Tue, 29 Nov 2022 13:53:14 GMT
Vary: Accept-Encoding
Last-Modified: Fri, 14 Feb 2020 21:12:20 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (11195), with no line terminators
Size:   11195
Md5:    905f3ddae4774c92242e4813407cdbd5
Sha1:   f698ad7ba5a4a0d2093d6def137d55bca54bd030
Sha256: 94a16af23f5b8c309dc7fa05d0ea2de49f6da7de105159b46241a046e407e056
                                        
                                            POST /v1/api.php HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 312
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Tue, 29 Nov 2022 01:30:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex, follow
Content-Encoding: gzip


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4070)
Size:   3110
Md5:    ceb61ac5ec0adad6de25e34928c81fa9
Sha1:   517d169c30f902151cb5f64995dfe8259d413bab
Sha256: 39293b936a71312a7029b38de3b09a29a8cab731f86ecfbfeefcb793002bbe61
                                        
                                            GET /loader?a=4789805&v=2&t=1&s=4779152&p=11473&if=false&url=https%3A%2F%2Fwww.redgifs.com%2Fwatch%2Fcriminalenlightenedpupfish&title=Big%20Tits%20Bra%20Hotwife%20Porn%20GIF%20by%20marcipan%20%7C%20RedGIFs HTTP/1.1 
Host: a.medfoodsafety.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         172.64.172.19
HTTP/2 200 OK
content-type: text/html
                                        
date: Tue, 29 Nov 2022 01:30:22 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7bc4CoN5LNuJH8ZhRzQ04muqzUPBrRmMROqWaRYhzxJ1ljuOCc5ghBD5lM1A%2BojguGrXDeaZk7kyBqoYAom3yjTrQAf8YVPb6WszkiZcZBKdjE2wBI1Rkykpt%2FxNrRWx9WADMTu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771793e3593b7744-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   383
Md5:    46136b9e435a7f991ec49299f61c10c7
Sha1:   df9b06c505f31ddfe3042386e0d64f5aaa83c37e
Sha256: f70198f37f2f6e64175e6147e5b19a4e4ac21add5d915892df8afc0fb9cff14c
                                        
                                            GET /iframe.js?idzone=4341126 HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341126&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.76.9.14
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 01:30:22 GMT
etag: W/"f9b2ca4e3eaa66ea00feffd4127"
expires: Mon, 28 Nov 2022 15:50:41 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669694029
server: CDN77-Turbo
x-77-nzt: AblMCQ2mkjr/kQgAAA
x-77-nzt-ray: c0a4cc281fcdb472ae6085633aa61718
x-cache: HIT
x-age: 2193
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1810), with no line terminators
Size:   11144
Md5:    65ce67c20e56f9646712052c872c96fb
Sha1:   56d7ed7951626571ed2054a0716a74bb4a724d97
Sha256: 44ea8e0bda5af59418846eac0c48ac4f488b8a0ee80699b9000e14fea74a5161
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 794
Cache-Control: max-age=147677
Date: Tue, 29 Nov 2022 01:30:22 GMT
Etag: "6384fb71-118"
Expires: Wed, 30 Nov 2022 18:31:39 GMT
Last-Modified: Mon, 28 Nov 2022 18:18:25 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /impression/52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad?subID1=VGIL_999529072_REDG_SQU&affiliateID=108124&source=TS507-999529072&subID2=ADV15242_33537_89799;&Location_Alias=SQU&Pub=&Target=&cost=&Bnr=012069A&FileID=581193 HTTP/1.1 
Host: v.vfgte.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afgtrwd1.com/
Cookie: d35e5c47-8e8d-4bcf-86e8-b285e231bf95-osz-v4=DZ7hwEUXRNIzYCSjUaFMkjfk7lo8lHqR2_qZdkBnJOH-sPMdAVDs_7ZiYwxPZavrml00fwS0KrajGd01f0VmWJ5Zt7ZFwVUuRGxtTKbSlEDAMpTElOgIKXufdpjcesjjWItuBFodO4humc9NP6FHG4SAUIz6Ti0v6B268QZgw9JrgaPUiL_5OIZfOa1wx0WQh24YSs4E-c14CV6DfdaE0O8TkcUqQnTDpkUggVUa9fx-58Hql02YT5mzI50XACtvU8uX7G-CWTx3D40l_C9xUHxTiTzRtD8YIljVWgPg6TF0_dF2qfwmicsUqRd_mor_P4uwTJIUPGcN8sfwJ00lJGtRYjq25twdjSjYPHvZAk9j3dDtVaO453WL5q1YWrQkCZaNd7egUdGd1IvfLbQkT5D445vu-uX0QrzH7GaWXL02Q1OGaROljLOCum_K3h1kH43kpkRRngybhzL56TAKsxCMZ9HF1bk828BGOxCJMvfFL8I29h5KOSxAJC_NZOJ_ub3Taa2BNUG3uaJqNSc2X30h4qJSAE0MKghTP64Td8ss1STj7tmzW_Re1kjKsoaeBOEvE4mp79ai5ZtWqBDYenB2I_arwHYIldsjapqnjvx1T_qjvYB794BYGlbjXWftucEdjEBZ0T5xWzdANZR01PhjoPlihun_ofaPaISpHy0m__gmo6BeK2pKY4WaGYNrk7FRZIB5c1DqbQ5A-GAh42yCuRCdQGBAy6t-cwQ2azlgFJ-KmH2oBGKvF4OTUgRlkmRYkG33v32H0Mvnm0kGUQ3e6-aKz4TT3B_3YJnU_6a_e6IXYBks_OhjXUm5TrfPudt485vVl2HlsOxQH3iFXfsdmsdnI-Wv6r7Ic-QbH0wGEBS6mOJBdczbVB9nQi-2G-CNLCGlqGKpCM6ggv7qDqB0yhBvRBPmyOnUekKy5icpiZVRyySpuDoS-QdhICB3_2DxYNLD47MmMqQ3ChUdTzt6fFJr_nIi6xCuULBrruiLDx4fk5SqbssEByEh2LTkMtsBaszHzXtfRTEdzZaM-2DsekW21iZRVQzsVak9lAraLsopLgFIzrZqkOUb8LVFwLoXSbfXtJwUxVDogQxQqks0uI1G518T1qRDEizpHHT1CkgWKGqh_EbnmvylM4Kw; 52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad-osz-v4=2Br88ljtdc2WrFd4CGQXdPc0B4y58l_jOAMTFP-uUvDL9X6w5BV2KOqmARaqdJKdurFF71LG-ldqWH77iUp9kna45I_IjhftAWx4unfvA5_9TnAfYflZqEmR17CPvd3xfkBcdMElk1YqyQ8Q8C9IMnENDt_YOe0cH6IJrAf2QPM7_ktI2o_vbqHl083hziRx3LvHOSoAGPYtSQL2CYhP_ssZn4hTvCeS1eKog5D7Kt6WsPKYJb4rJiNqViCtP1vrBPLHeMtL7juR_j5FcFWCfiB1S7Vjh_I8ShPrwEZ-nmbnh7ohhjoiWC4-XttOxFirFnNNAvMVsFv6AnLO_xKe7aGG0dCgmMNzHrLoH23BPxmRJh7lKMLRRQTknH_8DAljBv_BBU2H3XzUs5DuwfR-n8oeas3pERyylgHPWCTGoLOsYPodc7yMW2XR-uYGKnriYpa50aQiw6slh9sAxePEtX8ac0GEwRvBip1SvmdRwVp355aWbQlfT15FeM8uqZAWRoNzFULhSlng9gpgoNKjS_ZfruNfddpVfyfJ2cM-k7elmhqFS7n9E8FlUbDLiIOsUNQsPdVawzYgk3ijHwSRP0WzDE6p79VMaL0mH8rGmmMDHbIq46TIx8CLY5RkMIDIqTzo35-f70KszKNIRUJs3J_5irNuvlUoL4cyE3T_O2lxeMcaSLHTv38vN1tkGCnoPejt2FEEWeRDjqlAhIIkKw; a2b90567-4b77-4988-bbac-625e003ba282-osz-v4=G02fyyExpETDjeXyn_BAkk6mNtJ7TNDRHPuVtsQzTxZ_ahYEWqNU0F-NvPqNE2vx6W98w9xucNQu1Z-_gGnkgOL8ywZahb8uVNt7VxBgbf8VsVyCF2xVIMc87id_rHfnd6R0rFk6eo2ACA5cBioyOR_20ea0NKe1tJwFwTiqgnOOaHFPv-fAWrwJnSsixBoUoYchUF9eRL0Yrk6CXYxspLwWT75uadWqYpKtSHeANOF32YAXEBJ1q_qqd5Dm1S0ZFZ8UqfBZKjSyR1pWXYXxBCXmvTuMtA8JR8S9vzrw3B5WV2RNYt0JZ9fWZeBDh3i4n4z-b7rk1u1oC4HFTj4D-QyJy5SslvwbLYGa5gyxAgFOE3ragA_8zWYBiuEcBaEmUXoeSnUdII2E0QXtV4tIaiWlFi0Mn1ygnjxLQ6FjBqgt6s3pLD_1U0MY1JCG5eCVp4VuUC0FYuoet04QoEalWZTNN8Aa_OPpma6V9tImXxOC5ZaEVR-O-7qtDQgcTDW41QpEV3bs7z_v39hzxlASnuyOJN96hGrrluxwLuzYGiUFb4Y1ApU8hymmoMPrdXmlStCfFbNY-4BDM_gHoktZ0QSGxws7c--kldMXc1ZcpIV1SHeqKYA6kOULQS_okPmNon5bvQ8-BMdA0LuNkfn3UCfHmnQ_4uwWCQ4lqaHA0_ENYaHT2r9n17EL2RVJIxTQ_3rIFaLeCz-x9Pby9dOQng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         18.196.84.70
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: 52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad-osz-v4=9BOH5DydMd9UPEQkwdQXPaSUDCF_K5l-gPTHg10I-4ys7Is_pvsAVDTgCFnZ0yzU9vx0tgV8pbEgRUwQ0DrElSD2cxGPW-zJT7iKCfusphH8BrDZyjOSUK3sr5XBAC928rVr39JRRv6P4QHipG-YQvwJSK0mGpv-gvbGf7-71Y-zKyYo08qBACUX1-PAyXTjwHn5tzwoMUhkei96XRI6AYemFvKLhqjaWJNn4NG2VpewuEO1qrGTiESSzemvcQoDyWs8dL5ps4wsI8xG4ak3sM0oA-5j7wCg2I4Va9s3-K936hPMlzq_SKMjbiYKdvNdiTYmJIY29ARPO4v1rBnySu0ktKy2ONJ-jLHX_z7I2chFodQvclDWd3YE4pwhIQn8YbZuZu97kHEmAnggouK8reJcNDUMKxIN-GCDetMT3dKFJAX0VAoehuvyKyVy_oHzEGncrv972ZsQhmcEXJV4UbC82pwEHmPqfukP-Muqp0CSnt4GvSgvPZ1rSvvijI90nMWLfO9z4MyIs4hxcRRsr6IoM3kzRStdm9wv5ws14fMc5eoEDYPgaMUq0JvE2xmAV6wxA9_2PGKfXWMQvdT0MAOxCjhMWyjR7AvGbKzCNTdRKpnirDyXsHjDR3TgNiGbWb5RJzNz4ZBoUEia94FRDmdzM5hqozp_9GR7V5HHJuauIdStKbzW43GATb5wr6aAnklPOxRyZI9DXs9DES-iEw; Domain=v.vfgte.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /iframe.js?idzone=4341110 HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=4341110&size=300x250
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae7d5904.307211583146775193%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         185.76.9.14
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 01:30:22 GMT
etag: W/"d26c6daa00666d7200c7ccc830f"
expires: Mon, 28 Nov 2022 15:50:40 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669696222
server: CDN77-Turbo
x-77-nzt: AblMCQ3CrfXe5jAAAA
x-77-nzt-ray: c0a4cc281fcdb472ae608563d4c1e92a
x-cache: REVALIDATED
x-age: 12518
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1810), with no line terminators
Size:   819
Md5:    3a90fdb9caa12d037006de88d89bd34f
Sha1:   6fb6fb51eabc3c0de7aa55629f4682780d00b215
Sha256: 28ba19a79bd8e879ce7fb51c0b69dbd55fbc4cde489f536466357598cec56705
                                        
                                            GET /impression/a2b90567-4b77-4988-bbac-625e003ba282?subID1=VGIL_999529071_REDG_UPL&affiliateID=108124&source=TS507-999529071&subID2=ADV15246_33628_88247;&Location_Alias=UPL&Pub=&Target=&cost=&Bnr=010481B&FileID=560332 HTTP/1.1 
Host: v.vfgte.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afgtrwd1.com/
Cookie: d35e5c47-8e8d-4bcf-86e8-b285e231bf95-osz-v4=DZ7hwEUXRNIzYCSjUaFMkjfk7lo8lHqR2_qZdkBnJOH-sPMdAVDs_7ZiYwxPZavrml00fwS0KrajGd01f0VmWJ5Zt7ZFwVUuRGxtTKbSlEDAMpTElOgIKXufdpjcesjjWItuBFodO4humc9NP6FHG4SAUIz6Ti0v6B268QZgw9JrgaPUiL_5OIZfOa1wx0WQh24YSs4E-c14CV6DfdaE0O8TkcUqQnTDpkUggVUa9fx-58Hql02YT5mzI50XACtvU8uX7G-CWTx3D40l_C9xUHxTiTzRtD8YIljVWgPg6TF0_dF2qfwmicsUqRd_mor_P4uwTJIUPGcN8sfwJ00lJGtRYjq25twdjSjYPHvZAk9j3dDtVaO453WL5q1YWrQkCZaNd7egUdGd1IvfLbQkT5D445vu-uX0QrzH7GaWXL02Q1OGaROljLOCum_K3h1kH43kpkRRngybhzL56TAKsxCMZ9HF1bk828BGOxCJMvfFL8I29h5KOSxAJC_NZOJ_ub3Taa2BNUG3uaJqNSc2X30h4qJSAE0MKghTP64Td8ss1STj7tmzW_Re1kjKsoaeBOEvE4mp79ai5ZtWqBDYenB2I_arwHYIldsjapqnjvx1T_qjvYB794BYGlbjXWftucEdjEBZ0T5xWzdANZR01PhjoPlihun_ofaPaISpHy0m__gmo6BeK2pKY4WaGYNrk7FRZIB5c1DqbQ5A-GAh42yCuRCdQGBAy6t-cwQ2azlgFJ-KmH2oBGKvF4OTUgRlkmRYkG33v32H0Mvnm0kGUQ3e6-aKz4TT3B_3YJnU_6a_e6IXYBks_OhjXUm5TrfPudt485vVl2HlsOxQH3iFXfsdmsdnI-Wv6r7Ic-QbH0wGEBS6mOJBdczbVB9nQi-2G-CNLCGlqGKpCM6ggv7qDqB0yhBvRBPmyOnUekKy5icpiZVRyySpuDoS-QdhICB3_2DxYNLD47MmMqQ3ChUdTzt6fFJr_nIi6xCuULBrruiLDx4fk5SqbssEByEh2LTkMtsBaszHzXtfRTEdzZaM-2DsekW21iZRVQzsVak9lAraLsopLgFIzrZqkOUb8LVFwLoXSbfXtJwUxVDogQxQqks0uI1G518T1qRDEizpHHT1CkgWKGqh_EbnmvylM4Kw; 52a4f1c7-c4d2-4a66-b6d6-65bf7b19f3ad-osz-v4=2Br88ljtdc2WrFd4CGQXdPc0B4y58l_jOAMTFP-uUvDL9X6w5BV2KOqmARaqdJKdurFF71LG-ldqWH77iUp9kna45I_IjhftAWx4unfvA5_9TnAfYflZqEmR17CPvd3xfkBcdMElk1YqyQ8Q8C9IMnENDt_YOe0cH6IJrAf2QPM7_ktI2o_vbqHl083hziRx3LvHOSoAGPYtSQL2CYhP_ssZn4hTvCeS1eKog5D7Kt6WsPKYJb4rJiNqViCtP1vrBPLHeMtL7juR_j5FcFWCfiB1S7Vjh_I8ShPrwEZ-nmbnh7ohhjoiWC4-XttOxFirFnNNAvMVsFv6AnLO_xKe7aGG0dCgmMNzHrLoH23BPxmRJh7lKMLRRQTknH_8DAljBv_BBU2H3XzUs5DuwfR-n8oeas3pERyylgHPWCTGoLOsYPodc7yMW2XR-uYGKnriYpa50aQiw6slh9sAxePEtX8ac0GEwRvBip1SvmdRwVp355aWbQlfT15FeM8uqZAWRoNzFULhSlng9gpgoNKjS_ZfruNfddpVfyfJ2cM-k7elmhqFS7n9E8FlUbDLiIOsUNQsPdVawzYgk3ijHwSRP0WzDE6p79VMaL0mH8rGmmMDHbIq46TIx8CLY5RkMIDIqTzo35-f70KszKNIRUJs3J_5irNuvlUoL4cyE3T_O2lxeMcaSLHTv38vN1tkGCnoPejt2FEEWeRDjqlAhIIkKw; a2b90567-4b77-4988-bbac-625e003ba282-osz-v4=G02fyyExpETDjeXyn_BAkk6mNtJ7TNDRHPuVtsQzTxZ_ahYEWqNU0F-NvPqNE2vx6W98w9xucNQu1Z-_gGnkgOL8ywZahb8uVNt7VxBgbf8VsVyCF2xVIMc87id_rHfnd6R0rFk6eo2ACA5cBioyOR_20ea0NKe1tJwFwTiqgnOOaHFPv-fAWrwJnSsixBoUoYchUF9eRL0Yrk6CXYxspLwWT75uadWqYpKtSHeANOF32YAXEBJ1q_qqd5Dm1S0ZFZ8UqfBZKjSyR1pWXYXxBCXmvTuMtA8JR8S9vzrw3B5WV2RNYt0JZ9fWZeBDh3i4n4z-b7rk1u1oC4HFTj4D-QyJy5SslvwbLYGa5gyxAgFOE3ragA_8zWYBiuEcBaEmUXoeSnUdII2E0QXtV4tIaiWlFi0Mn1ygnjxLQ6FjBqgt6s3pLD_1U0MY1JCG5eCVp4VuUC0FYuoet04QoEalWZTNN8Aa_OPpma6V9tImXxOC5ZaEVR-O-7qtDQgcTDW41QpEV3bs7z_v39hzxlASnuyOJN96hGrrluxwLuzYGiUFb4Y1ApU8hymmoMPrdXmlStCfFbNY-4BDM_gHoktZ0QSGxws7c--kldMXc1ZcpIV1SHeqKYA6kOULQS_okPmNon5bvQ8-BMdA0LuNkfn3UCfHmnQ_4uwWCQ4lqaHA0_ENYaHT2r9n17EL2RVJIxTQ_3rIFaLeCz-x9Pby9dOQng
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         18.196.84.70
HTTP/2 204 No Content
                                        
server: nginx
date: Tue, 29 Nov 2022 01:30:22 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: a2b90567-4b77-4988-bbac-625e003ba282-osz-v4=vnxxdks4eaqEIctpP1dM49QRoafh1oh1Q7IYSa1Jz1sN-4154PUQqTyWLSBn9pKCBanxVORWeTdsh4KbDPZjm4llVit_YYzpBG4E3JBBC12gWkXEyYtiVkC8hRZHx0H6CF9xzmW0yBqIp0ZLAKYyco7AflDeIsOa6eAnHzJC--qKmCeuaANb-5wEPy-cVYi1XoyC8Bc70lz1wQnrutekBuYQym9em8cuUv6IkNLb-wEcR1gulzPb5-zm0t4eB3dQIdCqVF9aRRu648hwNS9VlF51rmZ1OxU0_YxPhyDhN1waHOeaKH_BWTvLG_jZOvdUsH2r9gINu2sIoNuf-0YF3F7BPy-hyRma5toAwsmxSQM1tEfbd93ESei3krKVlpKNZpFjegke3sHIgmNZazZo1YDfYJaTx1JRjqQ5Fj9upW3S5BQIwyuY55WRjSQiXFTJo1zq1utGfVTfxznWlj8LthBa91QqdUrBGtGgFZYSYCT_Ws1QIrcPIq0m9H8yfnvVI7EmqM7zi09rtDj937atInJou-YhMRjmA_HRxzfQpmHjU_lvkLgnJ-32QRfbute7PcAkFkxh_CFgkh9mdowUDZTOoBj088S5znqir3lPPVJpR-vEHnNrk6wHLThF-2_NwftcjN9QKfI7c0qnaqKNjiqQznqprQepKDHMm2MfcRwU90ZjVbsK5SwiqoOFLQfLDEuY_5LEsTOW7w1ZOutJRA; Domain=v.vfgte.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /warp/4789803?r=92527 HTTP/1.1 
Host: a.bestcontentfood.top
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.64.104.34
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 01:30:22 GMT
referer: a.medfoodsafety.com
cache-control: public, max-age=900
etag: W/"b5bfe5efa4321a0b085300dd0d4edb9f"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6U%2FOlBqqFw89rqh%2Bhs2pujn2PjYmqdLLzU0NcymW2iTShvdmTTjQZab5ginQb2BsSOxS1PE3b2zTwPt3djduMNz2H4tc%2FwF6%2FI5CEkjBVVNC7Uv2Mouq0IW86A5qgBxTf8NygQMv4Us%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771793e1baf1746c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4179), with no line terminators
Size:   656674
Md5:    519cdc82be5a22a9e9b1347676cf054b
Sha1:   9bdb8a59b0ada0a217174e7bf6307093918a4c2d
Sha256: 430843c05b751a3101aee905e6311ccd45aaeceed059b6f2653ac0d25156a8af

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /iframe.php?idzone=4341110&size=300x250 HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         185.76.9.14
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 01:30:22 GMT
expires: Tue, 29 Nov 2022 03:52:04 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669696222
server: CDN77-Turbo
x-77-nzt: AblMCQ1mZwTb5zAAAA
x-77-nzt-ray: c0a4cc281fcdb472ae608563c134cd0e
x-cache: EXPIRED
x-age: 12519
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   171
Md5:    e3f238a1f1a27f7585957a5fcb2a0e94
Sha1:   0cd6bb98efcba98e07c77b2e5dbeddca2a67917e
Sha256: f18a31bf5b982cbfb8a762dea40fa54f6e032415c6409ac875488cc8b88b5818
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 01:30:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PQW7DMAz7yj4QQ6Lk2O55u25Ahz7ASd2hwIoCKTD0wMfPSdGKB9MmJVMQYFAdkN8gO5MdwKKhSHAEjc7Prz1dubTjz/l0C/P1wgxzB5NHR+7umCF0c1U4o2RGH2Ofy5TUYk5dFBqlA7G3riyIKJPx8P3Oj8OeGsSQngdoIndEoW4BqJneudzXIa0l83REFXjRFlPzUnSaW7Q251pXI2tYWv29LX9bZHkgSI/WZTwfaOqGvsygr4uzl3CTz6elXhr58j+Qti+M6r5G5KRtrin55MdpGqcZkFpRSjWto9n4D7hisFNmAQAA HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 795
Cache-Control: max-age=147677
Date: Tue, 29 Nov 2022 01:30:23 GMT
Etag: "6384fb71-118"
Expires: Wed, 30 Nov 2022 18:31:40 GMT
Last-Modified: Mon, 28 Nov 2022 18:18:25 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /iframe.php?idzone=4341118&size=300x250 HTTP/1.1 
Host: a.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.redgifs.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.76.9.14
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Tue, 29 Nov 2022 01:30:22 GMT
expires: Tue, 29 Nov 2022 03:52:08 GMT
cache-control: max-age=10800
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1669693944
server: CDN77-Turbo
x-77-nzt: AblMCQ1wd87/5ggAAA
x-77-nzt-ray: c0a4cc281fcdb472ae60856366944d0e
x-cache: HIT
x-age: 2278
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   130
Md5:    6bb869297a16a19e977f966f1f5d1c5f
Sha1:   b6c30a2ac2b048a391c54b58aaef6a48c3461a55
Sha256: aa4cf7603d3abdec72d4309ec4ce021cca5065957970cdece3b3efc020e5eaf7
                                        
                                            GET /library/676799/cd5710823e62b921a06dc0045d7f2b1b663076c9.jpg HTTP/1.1 
Host: s3t3d2y8.afcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.76.9.16
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 29 Nov 2022 01:30:23 GMT
content-length: 18726
last-modified: Fri, 29 May 2020 12:09:23 GMT
etag: "5ed0fb73-4926"
expires: Fri, 30 Jun 2023 18:47:20 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195208
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ2bv6L/p8PGAA
x-77-nzt-ray: c0a4cc288dd44876af6085635eb4df05
x-cache: HIT
x-age: 13026215
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Size:   18726
Md5:    e14b72a35908bf1d0aa5be9f877917e1
Sha1:   cd5710823e62b921a06dc0045d7f2b1b663076c9
Sha256: ace2d7b48d4ce56f5df3d44e08dacb1ee3251c631af636a3ca793005309a31b3
                                        
                                            GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PS2oEIRS8Si7Q8n7+Zp11Agk5gN1qGMgQ6IGQRR0+amAsSkqsZ5VCIhvzJulJ6KJ0EUFml8mZOPaGl9c3GONs9fPa7+74viHEEHNGNG+ShtsnIZgaMyd4mpQYUkLknAYNRlDQgHg1m8oRMaLi4/15kQfGK2OfgVPa0PS7hiy3noR71Zp4aFZroqXWtnfROo0o7mzl637+rIoEL0EJTBRmoGNhnRGrxYSyqZhg48fBMBZhXV/7WW4NePj/ayOuMAHb+BMDhwSvscheulXrO4vt1hIpHd5i9H9G7XtbYAEAAA== HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PQWoEIRD8Sj4w0t22drvnnBNIyAOcGQ0LWQKzEHKox0cnsBYlJZZdpZDIwryIPwldIl1EUDgUCiqBk+Ll9Q3KONr+ee33sH3fkC1bKTBNKj7cyYWgUZnMkWhSLLvDuPigQgkRNCApqk4ViBgW8fH+fJIHxpSxz8ApdWj6nY9crZruObM6sfbNRLaeeqe99bT6NKKGo9Wv+/FzViQkyZHARHkGBuYiM+JsMRFZo6hg4cdBMRbhvL72o94a8PD/14adYWOUjj8xUK1ZbG2lVnKv0mpT8231rZesVeMfMRjQ+2ABAAA= HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            GET /library/823442/794fe4db09942bbcd0f811a3af04fef96264fc5e.mp4 HTTP/1.1 
Host: s3t3d2y8.afcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.76.9.16
HTTP/2 206 Partial Content
content-type: video/mp4
                                        
date: Tue, 29 Nov 2022 01:30:23 GMT
content-length: 288663
last-modified: Fri, 18 Nov 2022 09:40:10 GMT
etag: "637752fa-46797"
expires: Sat, 18 Nov 2023 09:59:48 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-cache-op: HIT
x-accel-expires: @1700649253
server: CDN77-Turbo
x-77-nzt: AblMCQ2mU+j/CrsIAA
x-77-nzt-ray: c0a4cc288dd44876af6085638866c108
x-cache: HIT
x-age: 572170
x-77-pop: stockholmSE
x-77-cache: HIT
content-range: bytes 0-288662/288663
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size:   288663
Md5:    83ce08a491c2d4359a900084c73ba022
Sha1:   794fe4db09942bbcd0f811a3af04fef96264fc5e
Sha256: 3aaa3b9881aeb00f73b38cf93461da274dfaa783055475cb96dddccfe28d0502
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 01:30:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1Py2rDMBD8lf5AxL5krXNury2k5ANkWyqBhoADJYf5+G4cEs1hV5rZ2ZGQyI55J/4mtFfai2DkNFIySZwNn18HGGNty8+pX9N8OcNFzQTFsomHOrsQTI05aiZHtiGHL0phzV6CJCgoIDlG710iYhTF8fsdH8cDOJFKeRaBEt0kE3gLAHZY9HS7m2jrbZymvNhgsy86dy2NsvXe6qKxP4SoaW3197r+bZHpgUR50KDl+QBlU4nP7Ph1McQhbPSpr/XcgJf+gbKtCCeze0RM4qXXWudlWobZx8HZe+U+lql7ZPsH6zfkTmYBAAA= HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.0199%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         95.211.229.248
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Tue, 29 Nov 2022 01:30:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=; domain=.realsrv.com; Secure; SameSite=none __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D; expires=Thu, 28 Nov 2024 01:30:23 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip

                                        
                                            GET /library/623611/ed0885e8288645e4cca003a57f3a486611122606.jpg HTTP/1.1 
Host: s3t3d2y8.afcdn.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         185.76.9.16
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Tue, 29 Nov 2022 01:30:23 GMT
content-length: 28796
last-modified: Mon, 25 May 2020 13:58:36 GMT
etag: "5ecbcf0c-707c"
expires: Fri, 30 Jun 2023 11:10:15 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-cache-op: HIT
x-accel-expires: @1688195204
server: CDN77-Turbo
x-robots-tag: noindex, follow
x-77-nzt: AblMCQ1Yidn/q8PGAA
x-77-nzt-ray: c0a4cc288dd44876af608563b36e180c
x-cache: HIT
x-age: 13026219
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x300, components 3\012- data
Size:   28796
Md5:    de65c02764f5d04b7ac0a815d366c969
Sha1:   ed0885e8288645e4cca003a57f3a486611122606
Sha256: 05e417d7c0294dfb542e9de1f1f8c763d8bbfe3f08316fd1b0c78ebb1c22e7f9
                                        
                                            GET /cimp.php?t=api&data=H4sIAAAAAAAAAz1PWUoEMRS8ihfo8LZs8+23guIB0llkwEHoAfGjDm/SwqSoUCGvUhUhkY15k/QkdFG6iCCzy+RMHHvDy+sbjHH09nkdd1e/bwgxxJwRzZukOe2TEEyNmQ2e0qTEkBIi5zRpMIKCJsSr2VKOiBEVH+/PJ3livjL3FbikTU2/y+RDDrXVYVS9TznaiHstreRiuVVaVkJxRy9f9+PnrDhNEpTARGEFOhbzK+JssaBsKibY+HEwzEU4r6/jKLcOPOb/ayOeYQK2+ScGLI9eRtC9pujHsL1rC1Gabz1o1/0Pqxf7dGABAAA= HTTP/1.1 
Host: syndication.realsrv.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22638560ae96a653.531677272976893641%22%3B%7D; __upt=%7B%22v%22%3A1%2C%22id%22%3A%22638560ae96a653.531677272976893641%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%22508.029701%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search