patiface.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: patiface.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 05 Dec 2022 04:09:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 05 Dec 2022 05:09:52 GMT
Location: https://patiface.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgVyFFH%2BYyWO8FEXjn7lMqBUm4%2BqzlYwWdIWB%2FKHvmpnGOE90630E0M8kgKltmBjYhBKCyaLYhDfucZoc6geSo6fyTO3FbpTiqvjFSNLy6hgtWRj64IxXndzW0l0g%2Bk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7749edc68c5bb529-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3393
Expires: Mon, 05 Dec 2022 05:06:25 GMT
Date: Mon, 05 Dec 2022 04:09:52 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4512
Expires: Mon, 05 Dec 2022 05:25:04 GMT
Date: Mon, 05 Dec 2022 04:09:52 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash d581fc8b215698a631dcaf19c049eb32
f908654fd3fbb1d17c70543ddbb5180509b23e23
d492ad6d069da2f78ec3e234b92c60d6a409c27da5b6bd22a3b0bbdb8733983e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D492AD6D069DA2F78EC3E234B92C60D6A409C27DA5B6BD22A3B0BBDB8733983E"
Last-Modified: Sat, 03 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=740
Expires: Mon, 05 Dec 2022 04:22:12 GMT
Date: Mon, 05 Dec 2022 04:09:52 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2272
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:52 GMT
Etag: "638c76f5-1d7"
Last-Modified: Mon, 05 Dec 2022 03:32:00 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hyNp7UXbnxSqnvmZ7gdagg9ceRCfngbu6PWL/1hFrDdjbmagpH2/pPYljYU77x8vKU44+8aZCOA=
x-amz-request-id: ZT90G68CWMKNDH00
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 03:47:49 GMT
age: 1323
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 03:18:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3086
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 04:09:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 04:08:58 GMT
cache-control: public,max-age=3600
age: 55
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2261
Cache-Control: max-age=106479
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:53 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:44:32 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: t+8HhnjqgE7neEPNiBwtrg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N7DWM5ebouy1fd6FTOqW7piAFJA=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8654
Expires: Mon, 05 Dec 2022 06:34:08 GMT
Date: Mon, 05 Dec 2022 04:09:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8654
Expires: Mon, 05 Dec 2022 06:34:08 GMT
Date: Mon, 05 Dec 2022 04:09:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8654
Expires: Mon, 05 Dec 2022 06:34:08 GMT
Date: Mon, 05 Dec 2022 04:09:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8654
Expires: Mon, 05 Dec 2022 06:34:08 GMT
Date: Mon, 05 Dec 2022 04:09:54 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8654
Expires: Mon, 05 Dec 2022 06:34:08 GMT
Date: Mon, 05 Dec 2022 04:09:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GS4yLzXiIZt-eL9T7gjbf2-vMu8i30WKPDmc2EQDxv0CELjdW1gMVA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:46:51 GMT
age: 22983
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RwhNdxS-EBTraqzS_TnCNXj3JXgz5NkO8oLyQaHOhHdtnvBbg4vsRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:13 GMT
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
age: 5081
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8e6f84dff61fedd8ff9baa9bb648883
f8d5cc7b315879b66a11b403463da1330617d2fa
025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ee7Rihwq-F-zcJWcnxZtfzfmhrn0w3mub_5F4j8u0r2Uc91oXrKPzA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 04:17:01 GMT
age: 85973
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8d76ec668361348eb17d54001fd2e6c6
534299a20a76ea6e3250f0fb35fe772cac04ef51
22676fae3909acf18e6cd4f505ec718fdac156990edb20926afdae2a359a2859
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 682056d5-7815-4fd1-b05b-723619128d8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXF5eoAMFRvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-6df5d866267739212832ee66;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TUn27-HAzSq5FHhr2K7W377QRIQqOh9owE1xVL6BQetiK9U-jtwbsg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:45:47 GMT
age: 1447
etag: "534299a20a76ea6e3250f0fb35fe772cac04ef51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6079166a1ed5bac7373183f03f33b84e
b0c9391b87a4560598e43d5084dda41e267974a9
3e2faccbc3e14a10da4a433d789068cdc3fb2d3e2a04a7e2b7ea5f6f6313dcd4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13647
x-amzn-requestid: 36276b12-9e02-4d00-a100-9aa5c794fc79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ueEWUoAMFj7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1329-7abb45a85c6bc2235c25d61e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oXeR8DTpEoK8E-BiI7gT4JEIdVBfiimfydNYIC62_rNLlTdem9Buig==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 23048
etag: "b0c9391b87a4560598e43d5084dda41e267974a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 22013
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash d581fc8b215698a631dcaf19c049eb32
f908654fd3fbb1d17c70543ddbb5180509b23e23
d492ad6d069da2f78ec3e234b92c60d6a409c27da5b6bd22a3b0bbdb8733983e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D492AD6D069DA2F78EC3E234B92C60D6A409C27DA5B6BD22A3B0BBDB8733983E"
Last-Modified: Sat, 03 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21102
Expires: Mon, 05 Dec 2022 10:01:39 GMT
Date: Mon, 05 Dec 2022 04:09:57 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 5.3 kB IP
Hash 22c776e78dcbe77257da1c34c4cd97a0
29dbd86a406d2230fef438deb574ff23a0640c70
cc9ca77e2c35374adc3bcc24d0cca699953ab6ff7c34d87b13aa569ab0305f90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-STBWPT3VRE
200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-STBWPT3VRE
IP
File type ASCII text, with very long lines (26337)
Hash 5d247fb4403ba383578ae1984419a9cd
3bce166581aa2ed78a763e441ef78d5cb3da4092
b4de0496d9176ff1d2517ad97bba3ab61f85dfbca72a06ef18901573cbd7ca9a
GET /gtag/js?id=G-STBWPT3VRE HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 04:09:57 GMT
expires: Mon, 05 Dec 2022 04:09:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78995
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
patiface.com/
200 OK 76 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (9458), with CRLF, LF line terminators
Hash eb15bf179c2635aab5cdf1ba58af6c55
550babec2d06f7caf4dcd813ee17ba539094a3bf
b25248dce078d381e6dc44b111e5b6acd6681d0033e8e323301c8ca3fcfd68ee
GET / HTTP/1.1
Host: patiface.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:09:56 GMT
content-type: text/html; charset=UTF-8
link: <https://patiface.com/wp-json/>; rel="https://api.w.org/", <https://patiface.com/wp-json/wp/v2/pages/2003>; rel="alternate"; type="application/json", <https://patiface.com/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 7f0_HTTP.200,7f0_front,7f0_URL.6666cd76f96956469e7be39d750cc7d9,7f0_F,7f0_Po.2003,7f0_PGS,7f0_
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6en6TK4HNArtuFEW43mcEm1ojQ0%2BN7NHeoaqQz83kAHFIk2akrbH3%2Fc2SN6OPA1%2BBsimR%2BtMqbcA%2BG0ljJrVQRTCC4%2BztIJTulCwmotOGobzK4%2FXkOulFQ5XUWHAXws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7749edc80a620b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 8.3 kB IP
Hash 9071cf34296bd98f35e507699641fcf3
ef1edd7b9b3b5bfb0b434ed492dd1152e92cefb8
ca53b767053507e8a35e572b2612f20c6d72056e112268719978461bc6ac6740
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://patiface.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 376563
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 72 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Hash cea52688b190a9ee42b30f384633f770
7d2105a0af78470c0df7e502464dc940e9a982cd
c1036c8e467070dfbf84bd26a0442d2d9ce87bd8c04ef8f5d9204ea17d66a769
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://patiface.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 551836
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 56 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Hash 7669f4c6f4ed94911681d782d5920f7e
69961686fd4f9e2afbe64b6159ee26013e234ec9
24a7e17b4ac1646120a2e37aa2bdd4eaac26cc3ef20a4e147a9476fa882327c0
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://patiface.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 376542
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://patiface.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 250786
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 89 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Hash 907a5a766e2f81dd306fd8a49885fbd7
842a93b45bbaa4c84742f10291a3479d700ed958
086fdcdab3ca6111d5be6d39be6b80658e01dd596b7f4b09e616b2d874ec8ac0
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://patiface.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 376561
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 221849fbdb805ad8122c5bd0c52cd9a6
9c916d6bc86626e6b6ff3bf91679b775f5061213
266339a789f8c9444037023d9b4d44f9fbfeb75ca322dcc4acc5735576868940
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "266339A789F8C9444037023D9B4D44F9FBFEB75CA322DCC4ACC5735576868940"
Last-Modified: Sat, 03 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2417
Expires: Mon, 05 Dec 2022 04:50:14 GMT
Date: Mon, 05 Dec 2022 04:09:57 GMT
Connection: keep-alive
runative-syndicate.com/api/v1/direct/1c89deb9261c47159f4563d468ee2000?
302 Found 0 B URL HTTP/2 runative-syndicate.com/api/v1/direct/1c89deb9261c47159f4563d468ee2000?
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/direct/1c89deb9261c47159f4563d468ee2000? HTTP/1.1
Host: runative-syndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 05 Dec 2022 04:09:57 GMT
content-length: 0
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
location: https://creative.xxxjmp.com/LPExperience?nonNudeContent=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&campaignId=nonnude&memberId=OhB5cl1UjORXU_KIVMWKOOZ8eJnLJXbec9DXY82NzX_T9OCjTq3NIbOHKe8O61Eee2KEGiB5sO4kVhPYgkwPfBaeZgFolghq-35sLCK6cSN0hfuSKg_gUIDRUi&sourceId=460140&p1=4193084
x-request-id: 980e85e71144bb2e
set-cookie: ts_uid=8f5f5608-7247-4700-b48a-b5b3c99a85f6; expires=Mon, 05 Jun 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; HttpOnly; secure; SameSite=None
ts_direct_tag=460140:2954798:18498:4193084:33883; expires=Thu, 05 Jan 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
way.specialblueitems.com/src/main.js?v=2.01
200 OK 567 B URL HTTP/1.1 way.specialblueitems.com/src/main.js?v=2.01
IP
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 00bf9dab165c9e69643bb4bf4ec767cb
50e12792e626537acc26b4e6a78deac577ed9ffb
95d18d4e39c16bb8026442992a82cbfc322f3be7c74dab5a62f79694c2e67ee4
GET /src/main.js?v=2.01 HTTP/1.1
Host: way.specialblueitems.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 04:09:57 GMT
Content-Type: application/javascript
Content-Length: 567
Last-Modified: Sat, 03 Dec 2022 21:10:23 GMT
Connection: keep-alive
ETag: "638bbb3f-237"
Expires: Thu, 15 Dec 2022 04:09:57 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
runative-syndicate.com/api/v1/direct/544fa7d10c734706885a9bcf3cfc2743?
302 Found 4.9 kB URL HTTP/2 runative-syndicate.com/api/v1/direct/544fa7d10c734706885a9bcf3cfc2743?
IP
ASN #24940 Hetzner Online GmbH
Hash 872b4b616ff340ac8899380ba16de95f
f982626dc86c576223c0c34d587fa0ccc13714b9
3e5df41380bde6c8592f9a2928df9af33ac9df7bcce95c5afd17be6ba20eadef
GET /api/v1/direct/544fa7d10c734706885a9bcf3cfc2743? HTTP/1.1
Host: runative-syndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 05 Dec 2022 04:09:57 GMT
content-length: 0
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
location: https://alt.com/go/g1454016
x-request-id: ada3e9f9e8ef5cd0
set-cookie: ts_uid=0714b017-64a7-468e-a100-b0faf19cd951; expires=Mon, 05 Jun 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; HttpOnly; secure; SameSite=None
ts_direct_tag=383811:2607517:34449:4193085:35762; expires=Thu, 05 Jan 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 1c76de51f4fd9438b7bf058d47ca79b4
4f8c378fd4261441094df706f6a18215498f62a1
84533e03ba7061ecb5d3902d884ec6cb8643e1db1d3272b30ec23e1d9f991950
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 492
Cache-Control: max-age=152209
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Etag: "638d1cbb-116"
Expires: Tue, 06 Dec 2022 22:26:46 GMT
Last-Modified: Sun, 04 Dec 2022 22:18:35 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 278
runative-syndicate.com/api/v1/direct/5d4d9e59d69245dd846fd19a6fd02ed7?
302 Found 0 B URL HTTP/2 runative-syndicate.com/api/v1/direct/5d4d9e59d69245dd846fd19a6fd02ed7?
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/direct/5d4d9e59d69245dd846fd19a6fd02ed7? HTTP/1.1
Host: runative-syndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 05 Dec 2022 04:09:57 GMT
content-length: 0
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
location: https://creative.xxxjmp.com/LPExperience?nonNudeContent=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&campaignId=nonnude&memberId=-5tiZpRluh83vkB_C-M7Af3WJuo5wcRdCnuddUyngfTrB7QWVu_LWXX1KOHAMDB82TKcINBuBAY6KkZxweLI9v5P2hEJWOoTqFv7898teSaT_MyDgg_gUIDRUi&sourceId=460140&p1=4193086
x-request-id: f3097ef85b4d6790
set-cookie: ts_uid=439005ca-18fe-4611-a9c7-d8a799b7f11a; expires=Mon, 05 Jun 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; HttpOnly; secure; SameSite=None
ts_direct_tag=460140:2954798:18498:4193086:34383; expires=Thu, 05 Jan 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 1c76de51f4fd9438b7bf058d47ca79b4
4f8c378fd4261441094df706f6a18215498f62a1
84533e03ba7061ecb5d3902d884ec6cb8643e1db1d3272b30ec23e1d9f991950
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 492
Cache-Control: max-age=152209
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Etag: "638d1cbb-116"
Expires: Tue, 06 Dec 2022 22:26:46 GMT
Last-Modified: Sun, 04 Dec 2022 22:18:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
tsyndicate.com/api/v1/direct/bb30fb9b396e424f837aa66b23bae6a6?
302 Found 0 B URL HTTP/2 tsyndicate.com/api/v1/direct/bb30fb9b396e424f837aa66b23bae6a6?
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/direct/bb30fb9b396e424f837aa66b23bae6a6? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Mon, 05 Dec 2022 04:09:57 GMT
content-length: 0
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
location: https://alt.com/go/g1454016
x-request-id: c8e4c70e178d0216
set-cookie: ts_uid=bf04d328-470a-41a9-bea7-0514b859d59f; expires=Mon, 05 Jun 2023 04:09:57 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
ts_direct_tag=383811:2607517:34449:4188482:36853; expires=Thu, 05 Jan 2023 04:09:57 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
runative-syndicate.com/api/v1/direct/1c89deb9261c47159f4563d468ee2000?
302 Found 0 B URL HTTP/2 runative-syndicate.com/api/v1/direct/1c89deb9261c47159f4563d468ee2000?
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/direct/1c89deb9261c47159f4563d468ee2000? HTTP/1.1
Host: runative-syndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 05 Dec 2022 04:09:57 GMT
content-length: 0
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
location: https://alt.com/go/g1454016
x-request-id: 98ab994f8d92c4ec
set-cookie: ts_uid=1182cb5a-bdb6-41ea-b58c-a29e2ad21d29; expires=Mon, 05 Jun 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; HttpOnly; secure; SameSite=None
ts_direct_tag=383811:2607517:34449:4193084:33883; expires=Thu, 05 Jan 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
runative-syndicate.com/api/v1/direct/544fa7d10c734706885a9bcf3cfc2743?
302 Found 0 B URL HTTP/2 runative-syndicate.com/api/v1/direct/544fa7d10c734706885a9bcf3cfc2743?
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/direct/544fa7d10c734706885a9bcf3cfc2743? HTTP/1.1
Host: runative-syndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 05 Dec 2022 04:09:57 GMT
content-length: 0
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
location: https://creative.xxxjmp.com/LPExperience?nonNudeContent=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&campaignId=nonnude&memberId=577UTbzZcTVlZDzo7tLfNCk_ZC7msocKqRv4-YeAgSgn6dS2wm7km78MZhYYL2DpHePG2NVeL95owDJljLzlR82X_KFqiG7QO3oOvYwm7UJgzEp33A_gUIDRUi&sourceId=460140&p1=4193085
x-request-id: d7ab69c830d2a220
set-cookie: ts_uid=fae7b045-a7ed-4235-b04e-785884e3cb3f; expires=Mon, 05 Jun 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; HttpOnly; secure; SameSite=None
ts_direct_tag=460140:2954798:18498:4193085:35762; expires=Thu, 05 Jan 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
runative-syndicate.com/api/v1/direct/544fa7d10c734706885a9bcf3cfc2743?
302 Found 0 B URL HTTP/2 runative-syndicate.com/api/v1/direct/544fa7d10c734706885a9bcf3cfc2743?
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/direct/544fa7d10c734706885a9bcf3cfc2743? HTTP/1.1
Host: runative-syndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 05 Dec 2022 04:09:57 GMT
content-length: 0
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
location: https://creative.xxxjmp.com/LPExperience?nonNudeContent=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&campaignId=nonnude&memberId=I1AptuwZNAp6DuAIQGhg7l38o-_W_tOBVU0UW2uEAIAGIMC_lDH9N_KDWguEH66qjywykiy-4NTs0YLWC1QSwsw28IOWcPlUO49NokEqcpet6mvktA_gUIDRUi&sourceId=460140&p1=4193085
x-request-id: ab2942d6f8496a0b
set-cookie: ts_uid=8cbb8e76-2490-4872-bb7f-82ff1aa95776; expires=Mon, 05 Jun 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; HttpOnly; secure; SameSite=None
ts_direct_tag=460140:2954798:18498:4193085:35762; expires=Thu, 05 Jan 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CMontserrat%3A400%2C600%2C700%7COswald%3A600%2C700%2C500%2C400&display=swap&ver=12
200 OK 1.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CMontserrat%3A400%2C600%2C700%7COswald%3A600%2C700%2C500%2C400&display=swap&ver=12
IP
Hash 77daaf8a917339fb417e969eac305579
40b9a0a772bdb01d7824c64cadd20e2ec5d2021a
099006c7098712d2596b68946fe0b247b43217c0e6ead626fdca92a7a09c1a75
GET /css?family=Open+Sans%3A400%2C600%2C700%7CRoboto%3A400%2C500%2C700%7CMontserrat%3A400%2C600%2C700%7COswald%3A600%2C700%2C500%2C400&display=swap&ver=12 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 04:09:57 GMT
date: Mon, 05 Dec 2022 04:09:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
runative-syndicate.com/api/v1/direct/544fa7d10c734706885a9bcf3cfc2743?
302 Found 0 B URL HTTP/2 runative-syndicate.com/api/v1/direct/544fa7d10c734706885a9bcf3cfc2743?
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/direct/544fa7d10c734706885a9bcf3cfc2743? HTTP/1.1
Host: runative-syndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 05 Dec 2022 04:09:57 GMT
content-length: 0
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
location: https://alt.com/go/g1454016
x-request-id: 342e7442cc373a11
set-cookie: ts_uid=8d9b5a46-e93f-4b14-b310-40753333efda; expires=Mon, 05 Jun 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; HttpOnly; secure; SameSite=None
ts_direct_tag=383811:2607517:34449:4193085:35762; expires=Thu, 05 Jan 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3971142653576740
200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3971142653576740
IP
File type ASCII text, with very long lines (4885)
Hash 8ab35d2bc7362f2562f9209e9f83120f
08f244abac0abdbeca8bddec54f51f44b3e50810
20a1168879966389f761724e6f78fe8e1a8c01c3eb62d3b2d3b86186f1ff306c
GET /pagead/js/adsbygoogle.js?client=ca-pub-3971142653576740 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patiface.com
Connection: keep-alive
Referer: https://patiface.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 05 Dec 2022 04:09:57 GMT
expires: Mon, 05 Dec 2022 04:09:57 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 14664358623201945123
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 48955
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.matomo.cloud/dmonies.matomo.cloud/matomo.js
200 OK 40 kB URL HTTP/2 cdn.matomo.cloud/dmonies.matomo.cloud/matomo.js
IP
Hash 425909d4c7b486f9ee92a4fa346a69a4
b342703b63903b1b86605d6203c4b218a7be50ee
5d4f350754cf95b44ad6a6090f1d928e755210d9b6c9a508c3df761e22d09f99
GET /dmonies.matomo.cloud/matomo.js HTTP/1.1
Host: cdn.matomo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 05 Dec 2022 00:00:39 GMT
x-amz-replication-status: COMPLETED
last-modified: Sat, 03 Dec 2022 21:08:48 GMT
etag: W/"df630c016b0a1d6d650d8d6a411f9d56"
x-amz-server-side-encryption: AES256
cache-control: max-age=691200
x-amz-version-id: jk4n52CC0YMoc9QXff8BfsrI5C3kmQJp
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: erW98K_-Rha4Q5KVMPTrPeBTDHBFr0Em0c6A_nAPhSXzUoPbukTOTw==
age: 14959
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
runative-syndicate.com/api/v1/direct/5d4d9e59d69245dd846fd19a6fd02ed7?
302 Found 0 B URL HTTP/2 runative-syndicate.com/api/v1/direct/5d4d9e59d69245dd846fd19a6fd02ed7?
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/direct/5d4d9e59d69245dd846fd19a6fd02ed7? HTTP/1.1
Host: runative-syndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 05 Dec 2022 04:09:57 GMT
content-length: 0
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
location: https://alt.com/go/g1454016
x-request-id: d18ab682122432b3
set-cookie: ts_uid=df2c979d-ff21-42fb-a147-45d72e801b20; expires=Mon, 05 Jun 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; HttpOnly; secure; SameSite=None
ts_direct_tag=383811:2607517:34449:4193086:34383; expires=Thu, 05 Jan 2023 04:09:57 GMT; domain=.runative-syndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
tsyndicate.com/api/v1/direct/bb30fb9b396e424f837aa66b23bae6a6?
302 Found 0 B URL HTTP/2 tsyndicate.com/api/v1/direct/bb30fb9b396e424f837aa66b23bae6a6?
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/direct/bb30fb9b396e424f837aa66b23bae6a6? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 05 Dec 2022 04:09:57 GMT
content-length: 0
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
location: https://go.xxxjmp.com/smartpop/a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=199379&memberId=_GQF4Ycpzk2XZ_AMPcCW-3cu4QsFgi4xLsoEkYDsXg4dDNI-6w4ZEmozPcqAExfmMBI1yY5pv1IiPWlI_NgKzI-T4de7b3j3VHgsZO1MPJVNiMM_gUIDRUi&p1=4188482
x-request-id: db73d577defbe582
set-cookie: ts_uid=69bce60a-41d2-449d-91fb-9615bfc5ce5d; expires=Mon, 05 Jun 2023 04:09:57 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
ts_direct_tag=199379:1492396:14718:4188482:36853; expires=Thu, 05 Jan 2023 04:09:57 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tsyndicate.com/api/v1/direct/bb30fb9b396e424f837aa66b23bae6a6?
302 Found 0 B URL HTTP/2 tsyndicate.com/api/v1/direct/bb30fb9b396e424f837aa66b23bae6a6?
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v1/direct/bb30fb9b396e424f837aa66b23bae6a6? HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Mon, 05 Dec 2022 04:09:58 GMT
content-length: 0
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
location: https://go.xxxjmp.com/smartpop/a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=199379&memberId=2-w1_sYHRQGZUJNQ5ZGGbL0gPbnuSri4pB3cwMYeWLZjT5vFuPOmn4L-8igu2EAjX2HG1sYkPJMUfdCCb0I8bhAwWpWwsHof7Bni4jDl7vivVkA_gUIDRUi&p1=4188482
x-request-id: 8e3c5e8dec88c846
set-cookie: ts_uid=f19f0ad5-5e2a-4a8e-ac51-fa3f06d91a1d; expires=Mon, 05 Jun 2023 04:09:58 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None
ts_direct_tag=199379:1492396:14718:4188482:36853; expires=Thu, 05 Jan 2023 04:09:58 GMT; domain=.tsyndicate.com; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 079790abb045d44c96f3f0398755116f
6efe0a1e89e6a8eb8bec5f550cd84d28d490d850
32ae1794b3ae37f3693101fe994a83cc4ebccd57b1a03c8f953a50e71ee160fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5568
Cache-Control: max-age=115906
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638c7b19-118"
Expires: Tue, 06 Dec 2022 12:21:44 GMT
Last-Modified: Sun, 04 Dec 2022 10:48:57 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash 079790abb045d44c96f3f0398755116f
6efe0a1e89e6a8eb8bec5f550cd84d28d490d850
32ae1794b3ae37f3693101fe994a83cc4ebccd57b1a03c8f953a50e71ee160fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5121
Cache-Control: max-age=115460
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638c7b19-118"
Expires: Tue, 06 Dec 2022 12:14:18 GMT
Last-Modified: Sun, 04 Dec 2022 10:48:57 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 27e431b9c785af3670329d3428621152
b7fd43fe22b702873fec4534119d8148497fd675
c3111d375f56469f37bdac00ebf96d745ef3dcfeda593a2f7987c658386133ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3111D375F56469F37BDAC00EBF96D745EF3DCFEDA593A2F7987C658386133EE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16573
Expires: Mon, 05 Dec 2022 08:46:11 GMT
Date: Mon, 05 Dec 2022 04:09:58 GMT
Connection: keep-alive
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 04 Dec 2022 15:22:03 GMT
expires: Sun, 18 Dec 2022 15:22:03 GMT
cache-control: public, max-age=1209600
age: 46075
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
go.xxxjmp.com/smartpop/a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=199379&memberId=_GQF4Ycpzk2XZ_AMPcCW-3cu4QsFgi4xLsoEkYDsXg4dDNI-6w4ZEmozPcqAExfmMBI1yY5pv1IiPWlI_NgKzI-T4de7b3j3VHgsZO1MPJVNiMM_gUIDRUi&p1=4188482
302 Found 0 B URL HTTP/2 go.xxxjmp.com/smartpop/a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=199379&memberId=_GQF4Ycpzk2XZ_AMPcCW-3cu4QsFgi4xLsoEkYDsXg4dDNI-6w4ZEmozPcqAExfmMBI1yY5pv1IiPWlI_NgKzI-T4de7b3j3VHgsZO1MPJVNiMM_gUIDRUi&p1=4188482
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=199379&memberId=_GQF4Ycpzk2XZ_AMPcCW-3cu4QsFgi4xLsoEkYDsXg4dDNI-6w4ZEmozPcqAExfmMBI1yY5pv1IiPWlI_NgKzI-T4de7b3j3VHgsZO1MPJVNiMM_gUIDRUi&p1=4188482 HTTP/1.1
Host: go.xxxjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patiface.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 04:09:58 GMT
content-length: 0
location: https://go.xlivrdr.com/api/goToTheRoom?campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&campaignType=smartpop&creativeId=422dd3b237d981d7fe32577fcd58d477505736f889c6ee1d1c51bc4ed79eed3b&iterationId=373240&masterSmartpopId=1603&memberId=_GQF4Ycpzk2XZ_AMPcCW-3cu4QsFgi4xLsoEkYDsXg4dDNI-6w4ZEmozPcqAExfmMBI1yY5pv1IiPWlI_NgKzI-T4de7b3j3VHgsZO1MPJVNiMM_gUIDRUi&p1=4188482&ruleId=1&smartpopId=1055&sourceId=199379&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=29895
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=775617.29895; Path=/; HttpOnly; SameSite=Strict
__cflb=0H28uukSkGJRy5UBr2St4i2aEH3UZ9YMMs12fqQd4oW; SameSite=None; Secure; path=/; expires=Tue, 06-Dec-22 03:09:58 GMT; HttpOnly
server: cloudflare
cf-ray: 7749edea3c90b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 602 B IP
Hash b1e8d12c5a5e91f287cba2821dd3bc20
d269b7dcd10d15cbc5b4550eb0dcec494fc5b19e
a37247de478f2d09e42f671d8cb78656472ba2e40f8c9e38e3b4a5cbd114f713
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1105
Cache-Control: max-age=168339
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638d5958-118"
Expires: Wed, 07 Dec 2022 02:55:37 GMT
Last-Modified: Mon, 05 Dec 2022 02:37:12 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280
go.xxxjmp.com/smartpop/a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=199379&memberId=2-w1_sYHRQGZUJNQ5ZGGbL0gPbnuSri4pB3cwMYeWLZjT5vFuPOmn4L-8igu2EAjX2HG1sYkPJMUfdCCb0I8bhAwWpWwsHof7Bni4jDl7vivVkA_gUIDRUi&p1=4188482
302 Found 0 B URL HTTP/2 go.xxxjmp.com/smartpop/a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=199379&memberId=2-w1_sYHRQGZUJNQ5ZGGbL0gPbnuSri4pB3cwMYeWLZjT5vFuPOmn4L-8igu2EAjX2HG1sYkPJMUfdCCb0I8bhAwWpWwsHof7Bni4jDl7vivVkA_gUIDRUi&p1=4188482
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /smartpop/a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687?userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&sourceId=199379&memberId=2-w1_sYHRQGZUJNQ5ZGGbL0gPbnuSri4pB3cwMYeWLZjT5vFuPOmn4L-8igu2EAjX2HG1sYkPJMUfdCCb0I8bhAwWpWwsHof7Bni4jDl7vivVkA_gUIDRUi&p1=4188482 HTTP/1.1
Host: go.xxxjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patiface.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 04:09:58 GMT
content-length: 0
location: https://go.xlivrdr.com/api/goToTheRoom?campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&campaignType=smartpop&creativeId=422dd3b237d981d7fe32577fcd58d477505736f889c6ee1d1c51bc4ed79eed3b&iterationId=373240&masterSmartpopId=1603&memberId=2-w1_sYHRQGZUJNQ5ZGGbL0gPbnuSri4pB3cwMYeWLZjT5vFuPOmn4L-8igu2EAjX2HG1sYkPJMUfdCCb0I8bhAwWpWwsHof7Bni4jDl7vivVkA_gUIDRUi&p1=4188482&ruleId=1&smartpopId=1055&sourceId=199379&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=29895
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: DYNAMIC
set-cookie: _var=775617.29895; Path=/; HttpOnly; SameSite=Strict
__cflb=02DiuDfsBaY2bRYJiCeSF4mw3pyDiW7px14Tf6Cu5pLXv; SameSite=None; Secure; path=/; expires=Tue, 06-Dec-22 03:09:58 GMT; HttpOnly
server: cloudflare
cf-ray: 7749edea4c9fb4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video.ktkjmp.com/adsbygoogle.js
200 OK 16 B URL HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxjmp.com/
Origin: https://creative.xxxjmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:09:58 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: yfnLbjHcqiCKGcEggInepWRGzqSPmv9SpvNptQOeH+xbRhx1uK32oCBSNLBvi4pq6kvU5Qmg1r4=
x-amz-request-id: 3YWCRXYMJHDTCPQH
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.xxxjmp.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 5287
expires: Mon, 05 Dec 2022 08:09:58 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749edea8e8bb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash fc326602733e8b881028126ef0f5f120
c7c936d1b0aca79296e0ac265535525122b2f6cf
5da2a1576b70c6693d01d9106692d92829361f7f5faeb9935b25144df71cad88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1036
Cache-Control: max-age=168269
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638d5958-118"
Expires: Wed, 07 Dec 2022 02:54:27 GMT
Last-Modified: Mon, 05 Dec 2022 02:37:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash 079790abb045d44c96f3f0398755116f
6efe0a1e89e6a8eb8bec5f550cd84d28d490d850
32ae1794b3ae37f3693101fe994a83cc4ebccd57b1a03c8f953a50e71ee160fc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5121
Cache-Control: max-age=115460
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638c7b19-118"
Expires: Tue, 06 Dec 2022 12:14:18 GMT
Last-Modified: Sun, 04 Dec 2022 10:48:57 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash f1d4ec251f8d16ee5981d5f02e963418
21a951d06c0e0346f05b82a576a93f47e2585dae
17169e8fd3b29d1f71775eef27ec3dae834bfc27093ef85caf3e8d2435fa13bc
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134692
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638cc17c-1d7"
Expires: Tue, 06 Dec 2022 17:34:50 GMT
Last-Modified: Sun, 04 Dec 2022 15:49:16 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gksbdr81x-6aFNzu-mlTzoP6fp4WpISm6kC8vKPoy8mWdeM--0jfiw==
Age: 6334
ocsp.digicert.com/
200 OK 280 B IP
Hash fc326602733e8b881028126ef0f5f120
c7c936d1b0aca79296e0ac265535525122b2f6cf
5da2a1576b70c6693d01d9106692d92829361f7f5faeb9935b25144df71cad88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1105
Cache-Control: max-age=168339
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638d5958-118"
Expires: Wed, 07 Dec 2022 02:55:37 GMT
Last-Modified: Mon, 05 Dec 2022 02:37:12 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash ca20b22868f83d258c3424c2781dd1ce
b05abeced5046120a19a25cc81afad35d9fd2f1f
64b156fb7487e9228a06309481051507f616e2fc551856b05fdc97c169e353ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1713
Cache-Control: max-age=131850
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638cc86f-118"
Expires: Tue, 06 Dec 2022 16:47:28 GMT
Last-Modified: Sun, 04 Dec 2022 16:18:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
200 OK 280 B IP
Hash ca20b22868f83d258c3424c2781dd1ce
b05abeced5046120a19a25cc81afad35d9fd2f1f
64b156fb7487e9228a06309481051507f616e2fc551856b05fdc97c169e353ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1709
Cache-Control: max-age=131846
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638cc86f-118"
Expires: Tue, 06 Dec 2022 16:47:24 GMT
Last-Modified: Sun, 04 Dec 2022 16:18:55 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280
dmonies.matomo.cloud/matomo.php?action_name=Home%20-%20My%20Store&idsite=1&rec=1&r=934327&h=4&m=9&s=55&url=https%3A%2F%2Fpatiface.com%2F&_id=5553825d7b70bb0a&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=thWSUV&fa_pv=1&fa_fp[0][fa_vid]=jwLtKs&fa_fp[0][fa_fv]=1&fa_fp[1][fa_vid]=fbjBFP&fa_fp[1][fa_fv]=1&fa_fp[2][fa_vid]=Wj6zoj&fa_fp[2][fa_fv]=1&fa_fp[3][fa_vid]=WT5VlR&fa_fp[3][fa_id]=loginForm&fa_fp[3][fa_fv]=1&fa_fp[4][fa_vid]=9NaSd6&fa_fp[4][fa_id]=registerForm&fa_fp[4][fa_fv]=1&fa_fp[5][fa_vid]=LvBufS&fa_fp[5][fa_id]=forgotpassForm&fa_fp[5][fa_fv]=1&fa_fp[6][fa_vid]=fG1YdS&fa_fp[6][fa_fv]=1&fa_fp[7][fa_vid]=xluLcJ&fa_fp[7][fa_name]=mc-embedded-subscribe-form&fa_fp[7][fa_fv]=1&fa_fp[8][fa_vid]=9uUcEk&fa_fp[8][fa_name]=mc-embedded-subscribe-form&fa_fp[8][fa_fv]=1&pf_net=98&pf_srv=4346&pf_tfr=202&pf_dm1=657&uadata=%7B%7D
204 No Content 0 B URL HTTP/2 dmonies.matomo.cloud/matomo.php?action_name=Home%20-%20My%20Store&idsite=1&rec=1&r=934327&h=4&m=9&s=55&url=https%3A%2F%2Fpatiface.com%2F&_id=5553825d7b70bb0a&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=thWSUV&fa_pv=1&fa_fp[0][fa_vid]=jwLtKs&fa_fp[0][fa_fv]=1&fa_fp[1][fa_vid]=fbjBFP&fa_fp[1][fa_fv]=1&fa_fp[2][fa_vid]=Wj6zoj&fa_fp[2][fa_fv]=1&fa_fp[3][fa_vid]=WT5VlR&fa_fp[3][fa_id]=loginForm&fa_fp[3][fa_fv]=1&fa_fp[4][fa_vid]=9NaSd6&fa_fp[4][fa_id]=registerForm&fa_fp[4][fa_fv]=1&fa_fp[5][fa_vid]=LvBufS&fa_fp[5][fa_id]=forgotpassForm&fa_fp[5][fa_fv]=1&fa_fp[6][fa_vid]=fG1YdS&fa_fp[6][fa_fv]=1&fa_fp[7][fa_vid]=xluLcJ&fa_fp[7][fa_name]=mc-embedded-subscribe-form&fa_fp[7][fa_fv]=1&fa_fp[8][fa_vid]=9uUcEk&fa_fp[8][fa_name]=mc-embedded-subscribe-form&fa_fp[8][fa_fv]=1&pf_net=98&pf_srv=4346&pf_tfr=202&pf_dm1=657&uadata=%7B%7D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /matomo.php?action_name=Home%20-%20My%20Store&idsite=1&rec=1&r=934327&h=4&m=9&s=55&url=https%3A%2F%2Fpatiface.com%2F&_id=5553825d7b70bb0a&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=thWSUV&fa_pv=1&fa_fp[0][fa_vid]=jwLtKs&fa_fp[0][fa_fv]=1&fa_fp[1][fa_vid]=fbjBFP&fa_fp[1][fa_fv]=1&fa_fp[2][fa_vid]=Wj6zoj&fa_fp[2][fa_fv]=1&fa_fp[3][fa_vid]=WT5VlR&fa_fp[3][fa_id]=loginForm&fa_fp[3][fa_fv]=1&fa_fp[4][fa_vid]=9NaSd6&fa_fp[4][fa_id]=registerForm&fa_fp[4][fa_fv]=1&fa_fp[5][fa_vid]=LvBufS&fa_fp[5][fa_id]=forgotpassForm&fa_fp[5][fa_fv]=1&fa_fp[6][fa_vid]=fG1YdS&fa_fp[6][fa_fv]=1&fa_fp[7][fa_vid]=xluLcJ&fa_fp[7][fa_name]=mc-embedded-subscribe-form&fa_fp[7][fa_fv]=1&fa_fp[8][fa_vid]=9uUcEk&fa_fp[8][fa_name]=mc-embedded-subscribe-form&fa_fp[8][fa_fv]=1&pf_net=98&pf_srv=4346&pf_tfr=202&pf_dm1=657&uadata=%7B%7D HTTP/1.1
Host: dmonies.matomo.cloud
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: https://patiface.com
Connection: keep-alive
Referer: https://patiface.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Mon, 05 Dec 2022 04:09:58 GMT
server: Apache
access-control-allow-origin: https://patiface.com
access-control-allow-credentials: true
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
X-Firefox-Spdy: h2
go.xlivrdr.com/api/goToTheRoom?campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&campaignType=smartpop&creativeId=422dd3b237d981d7fe32577fcd58d477505736f889c6ee1d1c51bc4ed79eed3b&iterationId=373240&masterSmartpopId=1603&memberId=2-w1_sYHRQGZUJNQ5ZGGbL0gPbnuSri4pB3cwMYeWLZjT5vFuPOmn4L-8igu2EAjX2HG1sYkPJMUfdCCb0I8bhAwWpWwsHof7Bni4jDl7vivVkA_gUIDRUi&p1=4188482&ruleId=1&smartpopId=1055&sourceId=199379&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=29895
302 Found 0 B URL HTTP/2 go.xlivrdr.com/api/goToTheRoom?campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&campaignType=smartpop&creativeId=422dd3b237d981d7fe32577fcd58d477505736f889c6ee1d1c51bc4ed79eed3b&iterationId=373240&masterSmartpopId=1603&memberId=2-w1_sYHRQGZUJNQ5ZGGbL0gPbnuSri4pB3cwMYeWLZjT5vFuPOmn4L-8igu2EAjX2HG1sYkPJMUfdCCb0I8bhAwWpWwsHof7Bni4jDl7vivVkA_gUIDRUi&p1=4188482&ruleId=1&smartpopId=1055&sourceId=199379&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=29895
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/goToTheRoom?campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&campaignType=smartpop&creativeId=422dd3b237d981d7fe32577fcd58d477505736f889c6ee1d1c51bc4ed79eed3b&iterationId=373240&masterSmartpopId=1603&memberId=2-w1_sYHRQGZUJNQ5ZGGbL0gPbnuSri4pB3cwMYeWLZjT5vFuPOmn4L-8igu2EAjX2HG1sYkPJMUfdCCb0I8bhAwWpWwsHof7Bni4jDl7vivVkA_gUIDRUi&p1=4188482&ruleId=1&smartpopId=1055&sourceId=199379&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=29895 HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patiface.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 04:09:58 GMT
content-length: 0
location: https://stripchat.com/sexgreat?affiliateId=051222f01tavwr2vwt6h2ixyw1pgu7vpu9zyodjczrq9j9id0mnpjrs47l04vb5h&campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&p1=4188482&realDomain=go.xlivrdr.com&referrer=https%3A%2F%2Fpatiface.com%2F&sound=off&sourceId=199379&stripbotVariation=Empty&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: stripbotVariationName-StripcashTest16=Empty; Path=/; Domain=go.xlivrdr.com; Expires=Wed, 04 Jan 2023 04:09:58 GMT; Max-Age=2592000; Secure; SameSite=None
__cflb=02DiuDfsBaY2bRYJiCeSRSGTzNwtDfLbr572eUJaDGgmS; SameSite=None; Secure; path=/; expires=Tue, 06-Dec-22 03:09:58 GMT; HttpOnly
server: cloudflare
cf-ray: 7749edeb1caeb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.xlivrdr.com/api/goToTheRoom?campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&campaignType=smartpop&creativeId=422dd3b237d981d7fe32577fcd58d477505736f889c6ee1d1c51bc4ed79eed3b&iterationId=373240&masterSmartpopId=1603&memberId=_GQF4Ycpzk2XZ_AMPcCW-3cu4QsFgi4xLsoEkYDsXg4dDNI-6w4ZEmozPcqAExfmMBI1yY5pv1IiPWlI_NgKzI-T4de7b3j3VHgsZO1MPJVNiMM_gUIDRUi&p1=4188482&ruleId=1&smartpopId=1055&sourceId=199379&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=29895
302 Found 0 B URL HTTP/2 go.xlivrdr.com/api/goToTheRoom?campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&campaignType=smartpop&creativeId=422dd3b237d981d7fe32577fcd58d477505736f889c6ee1d1c51bc4ed79eed3b&iterationId=373240&masterSmartpopId=1603&memberId=_GQF4Ycpzk2XZ_AMPcCW-3cu4QsFgi4xLsoEkYDsXg4dDNI-6w4ZEmozPcqAExfmMBI1yY5pv1IiPWlI_NgKzI-T4de7b3j3VHgsZO1MPJVNiMM_gUIDRUi&p1=4188482&ruleId=1&smartpopId=1055&sourceId=199379&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=29895
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/goToTheRoom?campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&campaignType=smartpop&creativeId=422dd3b237d981d7fe32577fcd58d477505736f889c6ee1d1c51bc4ed79eed3b&iterationId=373240&masterSmartpopId=1603&memberId=_GQF4Ycpzk2XZ_AMPcCW-3cu4QsFgi4xLsoEkYDsXg4dDNI-6w4ZEmozPcqAExfmMBI1yY5pv1IiPWlI_NgKzI-T4de7b3j3VHgsZO1MPJVNiMM_gUIDRUi&p1=4188482&ruleId=1&smartpopId=1055&sourceId=199379&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca&variationId=29895 HTTP/1.1
Host: go.xlivrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patiface.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 04:09:58 GMT
content-length: 0
location: https://stripchat.com/sexgreat?affiliateId=051222e5e8pnk7xryy52q23p146sld98c8hsxfuesl5c8bmjsrklcxd98qvhmfhl&campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&p1=4188482&realDomain=go.xlivrdr.com&referrer=https%3A%2F%2Fpatiface.com%2F&sound=off&sourceId=199379&stripbotVariation=Empty&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca
access-control-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: stripbotVariationName-StripcashTest16=Empty; Path=/; Domain=go.xlivrdr.com; Expires=Wed, 04 Jan 2023 04:09:58 GMT; Max-Age=2592000; Secure; SameSite=None
__cflb=02DiuDfsBaY2bRYJiCeScBLPeXxw9eeb8mDPdj6r6pNaG; SameSite=None; Secure; path=/; expires=Tue, 06-Dec-22 03:09:58 GMT; HttpOnly
server: cloudflare
cf-ray: 7749edeb0ca9b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 181b661534dc3f6bbe887293452f685b
bf4e024b51870992b7b41ee50e570bebf4705bfb
4d7472e9a604e69e65040a318534883d14275d6ef7e19c6eb42a8a25099d8eeb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
go.xxxjmp.com/config?url=https%3A%2F%2Fcreative.xxxjmp.com%2FLPExperience%3FnonNudeContent%3D1%26userId%3Ded4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e%26campaignId%3Dnonnude%26memberId%3D-5tiZpRluh83vkB_C-M7Af3WJuo5wcRdCnuddUyngfTrB7QWVu_LWXX1KOHAMDB82TKcINBuBAY6KkZxweLI9v5P2hEJWOoTqFv7898teSaT_MyDgg_gUIDRUi%26sourceId%3D460140%26p1%3D4193086
200 OK 2.2 kB URL HTTP/2 go.xxxjmp.com/config?url=https%3A%2F%2Fcreative.xxxjmp.com%2FLPExperience%3FnonNudeContent%3D1%26userId%3Ded4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e%26campaignId%3Dnonnude%26memberId%3D-5tiZpRluh83vkB_C-M7Af3WJuo5wcRdCnuddUyngfTrB7QWVu_LWXX1KOHAMDB82TKcINBuBAY6KkZxweLI9v5P2hEJWOoTqFv7898teSaT_MyDgg_gUIDRUi%26sourceId%3D460140%26p1%3D4193086
IP
File type JSON data\012- , ASCII text
Hash b60156dc6dbb68e26ce31c73287aa57b
7f79357c86f112186eaacf4b92dab424d44d5fb5
9339bfe2382ca916ca633a55b302977a502241038fe5526bd8b602d04bcbe08f
GET /config?url=https%3A%2F%2Fcreative.xxxjmp.com%2FLPExperience%3FnonNudeContent%3D1%26userId%3Ded4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e%26campaignId%3Dnonnude%26memberId%3D-5tiZpRluh83vkB_C-M7Af3WJuo5wcRdCnuddUyngfTrB7QWVu_LWXX1KOHAMDB82TKcINBuBAY6KkZxweLI9v5P2hEJWOoTqFv7898teSaT_MyDgg_gUIDRUi%26sourceId%3D460140%26p1%3D4193086 HTTP/1.1
Host: go.xxxjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxjmp.com/
Origin: https://creative.xxxjmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:09:58 GMT
content-type: application/json
access-control-allow-origin: *
last-modified: Mon, 05 Dec 2022 04:09:58 GMT
cf-cache-status: MISS
set-cookie: __cflb=02DiuDfsBaY2bRYJiCeRhAptQvDh5wz7me65fXCrV7mtx; SameSite=None; Secure; path=/; expires=Tue, 06-Dec-22 03:09:58 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749edea4fc0b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash ca20b22868f83d258c3424c2781dd1ce
b05abeced5046120a19a25cc81afad35d9fd2f1f
64b156fb7487e9228a06309481051507f616e2fc551856b05fdc97c169e353ac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1709
Cache-Control: max-age=131846
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638cc86f-118"
Expires: Tue, 06 Dec 2022 16:47:24 GMT
Last-Modified: Sun, 04 Dec 2022 16:18:55 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 280
partner.googleadservices.com/gampad/cookie.js?domain=patiface.com&callback=_gfp_s_&client=ca-pub-3971142653576740&gpid_exp=1
200 OK 91 kB URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=patiface.com&callback=_gfp_s_&client=ca-pub-3971142653576740&gpid_exp=1
IP
Hash 5d6473653aabf9a43ee487aa74adbca7
42d2b8ad26048081a2ea2616904a490995c84856
831ce72965eef69815c27e638fcebff33c83c675191eff1689dd4e7e68a34f84
GET /gampad/cookie.js?domain=patiface.com&callback=_gfp_s_&client=ca-pub-3971142653576740&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Dec 2022 04:09:58 GMT
server: cafe
cache-control: private
content-length: 252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash dc0bb7cefd83bd30886b9d0d6c19a1a0
e3d1b94ed2ff0502a4748a3676ec8d6355adb8da
fb18ce8699ba8ac42365003f639284add895a1d750b98b99f2827f55380a738a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6326
Cache-Control: max-age=155563
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638d130b-117"
Expires: Tue, 06 Dec 2022 23:22:41 GMT
Last-Modified: Sun, 04 Dec 2022 21:37:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash dc0bb7cefd83bd30886b9d0d6c19a1a0
e3d1b94ed2ff0502a4748a3676ec8d6355adb8da
fb18ce8699ba8ac42365003f639284add895a1d750b98b99f2827f55380a738a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6568
Cache-Control: max-age=155805
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638d130b-117"
Expires: Tue, 06 Dec 2022 23:26:43 GMT
Last-Modified: Sun, 04 Dec 2022 21:37:15 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
adservice.google.com/adsid/integrator.js?domain=patiface.com
200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=patiface.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=patiface.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Dec 2022 04:09:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=patiface.com
200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=patiface.com
IP
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=patiface.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://patiface.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Dec 2022 04:09:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a2365b2356f35547e7a8a0eeac1a5e71
f070192cf1ad964c90dd00bdf6b04fa598618d61
50415514239bdc4345cb6f75e5aba42fe0f093aaf21de22276aaeceab84c0450
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-STBWPT3VRE>m=2oebu0&_p=1815346874&_gaz=1&cid=1387401007.1670213395&ul=en-us&sr=1280x1024&_s=1&sid=1670213395&sct=1&seg=0&dl=https%3A%2F%2Fpatiface.com%2F&dt=Home%20-%20My%20Store&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-STBWPT3VRE>m=2oebu0&_p=1815346874&_gaz=1&cid=1387401007.1670213395&ul=en-us&sr=1280x1024&_s=1&sid=1670213395&sct=1&seg=0&dl=https%3A%2F%2Fpatiface.com%2F&dt=Home%20-%20My%20Store&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-STBWPT3VRE>m=2oebu0&_p=1815346874&_gaz=1&cid=1387401007.1670213395&ul=en-us&sr=1280x1024&_s=1&sid=1670213395&sct=1&seg=0&dl=https%3A%2F%2Fpatiface.com%2F&dt=Home%20-%20My%20Store&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patiface.com
Connection: keep-alive
Referer: https://patiface.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://patiface.com
date: Mon, 05 Dec 2022 04:09:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-STBWPT3VRE&cid=1387401007.1670213395>m=2oebu0&aip=1
204 No Content 1.0 kB URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-STBWPT3VRE&cid=1387401007.1670213395>m=2oebu0&aip=1
IP
Hash 86f09323020a294a0dab31316d8cfe1d
2cd1238717552b5b4f67a731105d71ee2dcfbaf2
536c0fc28ebf667bc06743f32ac6b5b9068813680bcf7999f8cce7a708e97e3d
POST /g/collect?v=2&tid=G-STBWPT3VRE&cid=1387401007.1670213395>m=2oebu0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://patiface.com
Connection: keep-alive
Referer: https://patiface.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://patiface.com
date: Mon, 05 Dec 2022 04:09:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
alt.com/go/g1454016
200 OK 18 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (1094)
Hash 431758d891c5f8362a8bdd215f72630e
3cfb7831cf4736de6dc5e481677c7c335a52ce50
24a8854821d62fecf85c88cb7a38303d0b39cf23539d77cf22e48dde3aa63c27
GET /go/g1454016 HTTP/1.1
Host: alt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patiface.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:09:58 GMT
Server: Apache
X-PERF: 0.146234,0.038968,TS_38_0.0526180,TM_35_0.0282780,DB_15_0.0047120,CD_33_0.0122620,FS_39_0.0023840,PK_6_0.0001360,CE_71_0.0068760
Strict-Transport-Security: max-age=300; includeSubDomains
Set-Cookie: bdsm_who=r_bjYnLw0xAgZRvjkNibjoF6J_eJXE1T2W4PybcAJoU.hJtyoRGjE4ybn_dxffRVEPt2U.svbwi6MPk1wXCL9S2tAlZphD._gvnBDtq6aNUsIJ6kt2yGuQsw.FMCJ8mWeYx0Ir705st16x2STlCFkp8w--; Secure; path=/; domain=.alt.com; expires=Wed, 04-Dec-2024 04:09:58 GMT; secure;HttpOnly;Secure
v_hash=_english_0; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
IP_COUNTRY=Norway; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
bdsm_tr=r_U5eQ4NR_goZiQ3lJXmICilrIeUbccYt8ZKNAqdtBzFq2t5gT8UZrq4YwopvMc.tX; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.859&country_name&Norway&lat&59.955®ion_name&Oslo+County&country_code&NO®ion&03&state&&city&Oslo&postal_code&0103&latitude&59.955&lon&10.859&dma_code&&country_code3&NOR; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
HISTORY=20221204-1-Dc; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
AB_TRACKING=HMeigql6crV2H4w9DcvdQE; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
throttling={"time":1670213398,"AppD":1,"GTM":0}; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
REFERRAL_URL=https://patiface.com/; Secure; path=/; domain=.alt.com; expires=Mon, 05-Dec-2022 16:09:58 GMT; secure;HttpOnly;Secure
click_id_time=391512660_2022-12-04 20:09:58; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
X-Frame-Options: SAMEORIGIN
ETag: TESTBED
P3P: CP="DSP LAW"
X-ApacheServer: si213-282
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17995
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
ocsp.digicert.com/
200 OK 279 B IP
Hash dc0bb7cefd83bd30886b9d0d6c19a1a0
e3d1b94ed2ff0502a4748a3676ec8d6355adb8da
fb18ce8699ba8ac42365003f639284add895a1d750b98b99f2827f55380a738a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6568
Cache-Control: max-age=155805
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638d130b-117"
Expires: Tue, 06 Dec 2022 23:26:43 GMT
Last-Modified: Sun, 04 Dec 2022 21:37:15 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 9ea782e930008f5f02d42e7e54cab5cd
0028f7ad613180c87e0c34546592a15d2f0ca76b
d61b40980d09223bdbd8a8a9677ab00d29b87ea62a06fb511f638d81bc5974b4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5946
Cache-Control: max-age=119140
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638c8640-117"
Expires: Tue, 06 Dec 2022 13:15:38 GMT
Last-Modified: Sun, 04 Dec 2022 11:36:32 GMT
Server: ECS (amb/6B88)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 9ea782e930008f5f02d42e7e54cab5cd
0028f7ad613180c87e0c34546592a15d2f0ca76b
d61b40980d09223bdbd8a8a9677ab00d29b87ea62a06fb511f638d81bc5974b4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1327
Cache-Control: max-age=114521
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638c8640-117"
Expires: Tue, 06 Dec 2022 11:58:39 GMT
Last-Modified: Sun, 04 Dec 2022 11:36:32 GMT
Server: ECS (amb/6B81)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 9ea782e930008f5f02d42e7e54cab5cd
0028f7ad613180c87e0c34546592a15d2f0ca76b
d61b40980d09223bdbd8a8a9677ab00d29b87ea62a06fb511f638d81bc5974b4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=113194
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:58 GMT
Etag: "638c8640-117"
Expires: Tue, 06 Dec 2022 11:36:32 GMT
Last-Modified: Sun, 04 Dec 2022 11:36:32 GMT
Server: nginx
Content-Length: 279
alt.com/go/g1454016
200 OK 18 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (1094)
Hash a0a877d53ce2253201d9bba10e3dd3e8
c3e06a3e5f06359f7e30553beba78aa61dedac1d
69a61e33aaf5d787874abc3e3aad952f7b347c4004dafb7d880a83351bf419a6
GET /go/g1454016 HTTP/1.1
Host: alt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patiface.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:09:58 GMT
Server: Apache
X-PERF: 0.124768,0.034130,TS_38_0.0451780,TM_35_0.0234690,DB_15_0.0046270,CD_33_0.0088330,FS_39_0.0019380,PK_6_0.0001550,CE_71_0.0064380
Strict-Transport-Security: max-age=300; includeSubDomains
Set-Cookie: bdsm_who=r_4su6Wl0iM2JoQCSdv8oIsjxsSf7g4sms1WcOGbiREBtJtyoRGjE4ybn_dxffRVEPqcoPwGr4F.Vq4sbiwCkQHdAlZphD._gvnBDtq6aNUsIJ6kt2yGuQsw.FMCJ8mWeYx0Ir705st16x2STlCFkp8w--; Secure; path=/; domain=.alt.com; expires=Wed, 04-Dec-2024 04:09:58 GMT; secure;HttpOnly;Secure
v_hash=_english_0; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
IP_COUNTRY=Norway; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
bdsm_tr=r_.p8Ph2Wve8C.DkSBnV6omVrIeUbccYt8ZKNAqdtBzFq2t5gT8UZrq4YwopvMc.tX; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.859&country_name&Norway&lat&59.955®ion_name&Oslo+County&country_code&NO®ion&03&state&&city&Oslo&postal_code&0103&latitude&59.955&lon&10.859&dma_code&&country_code3&NOR; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
HISTORY=20221204-1-Dc; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
AB_TRACKING=C9VVcWGhjF7iMCPAAYAgwY; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
throttling={"time":1670213398,"AppD":1,"GTM":0}; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
REFERRAL_URL=https://patiface.com/; Secure; path=/; domain=.alt.com; expires=Mon, 05-Dec-2022 16:09:58 GMT; secure;HttpOnly;Secure
click_id_time=1988988169_2022-12-04 20:09:58; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
X-Frame-Options: SAMEORIGIN
ETag: TESTBED
P3P: CP="DSP LAW"
X-ApacheServer: si204-342
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18009
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
alt.com/go/g1454016
200 OK 18 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (1094)
Hash 739032cc1052d47f2368481f78539f3d
2a957d08fdc1e823cd6e5212d6bd627ca07f694d
1baac8863e249161fc1dd8a13f8c788dc1193ccf58ed9d3694a0d52937f6bdaf
GET /go/g1454016 HTTP/1.1
Host: alt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patiface.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:09:58 GMT
Server: Apache
X-PERF: 0.126220,0.032853,TS_38_0.0438720,TM_35_0.0269300,DB_15_0.0046560,CD_33_0.0095300,FS_39_0.0019670,PK_6_0.0001570,CE_71_0.0062550
Strict-Transport-Security: max-age=300; includeSubDomains
Set-Cookie: bdsm_who=r_NWdYy6ljfpvcGimGtoI8MRzsiDrjpHwamp6MJFo0.HJJtyoRGjE4ybn_dxffRVEPucguR3hH23zavBOwmFbMCNAlZphD._gvnBDtq6aNUsIJ6kt2yGuQsw.FMCJ8mWeYx0Ir705st16x2STlCFkp8w--; Secure; path=/; domain=.alt.com; expires=Wed, 04-Dec-2024 04:09:58 GMT; secure;HttpOnly;Secure
v_hash=_english_0; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
IP_COUNTRY=Norway; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
bdsm_tr=r_y2KkAmpd411ABmQiLbbWAFrIeUbccYt8ZKNAqdtBzFq2t5gT8UZrq4YwopvMc.tX; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.859&country_name&Norway&lat&59.955®ion_name&Oslo+County&country_code&NO®ion&03&state&&city&Oslo&postal_code&0103&latitude&59.955&lon&10.859&dma_code&&country_code3&NOR; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
HISTORY=20221204-1-Dc; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
AB_TRACKING=QZWC9uBP2XQT2BZew7Mfda; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
throttling={"time":1670213398,"AppD":1,"GTM":0}; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
REFERRAL_URL=https://patiface.com/; Secure; path=/; domain=.alt.com; expires=Mon, 05-Dec-2022 16:09:58 GMT; secure;HttpOnly;Secure
click_id_time=27661461_2022-12-04 20:09:58; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
X-Frame-Options: SAMEORIGIN
ETag: TESTBED
P3P: CP="DSP LAW"
X-ApacheServer: si210-162
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17985
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7889b2bc6f932635fcaa5092a121abfd
cc1ed134e94daf140a77f71b8da33fefd495595e
c948939c415ef40a400e2be440171a10f55c821003fc4f5b67a2de73e00b5688
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 13dc85b9faf49e6a9bf32608b0fcf56d
2ded5a6b67364d3f7875ce1598683ac2c97937d0
7924016b948a369b3a0bcb336f32dd8f10b14893ba1d9437c4fc171190eb5899
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
200 OK 9.4 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
IP
File type ASCII text, with very long lines (1596)
Hash 6b277303de172776fc303dfc195982ef
fe6c6af5791742485ae21c4dc02edbee2b426886
c536ada7aa8f4679e0e4f0b99703aab79f6fe32659d777f9c01a7785aa06a36d
GET /pagead/js/r20221110/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9428
x-xss-protection: 0
date: Sun, 04 Dec 2022 13:29:36 GMT
expires: Sun, 18 Dec 2022 13:29:36 GMT
cache-control: public, max-age=1209600
age: 52823
etag: 246362764157784863
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
IP
File type ASCII text, with very long lines (1540)
Hash d22e40b1bc4f1b0f1727b96a0f32f7dd
57030c5040f0013120cca1e77fe38af35d4610e0
6f6d3797f9b19ffcd2f416a7566a58cf70fd4fb0ab17dec03fa5b690c6939494
GET /pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7458
x-xss-protection: 0
date: Sun, 04 Dec 2022 15:59:33 GMT
expires: Sun, 18 Dec 2022 15:59:33 GMT
cache-control: public, max-age=1209600
age: 43826
etag: 16870613375306414947
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
alt.com/go/g1454016
200 OK 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go/g1454016 HTTP/1.1
Host: alt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patiface.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 04:09:58 GMT
Server: Apache
X-PERF: 0.117922,0.032043,TS_38_0.0401480,TM_35_0.0229410,DB_15_0.0049720,CD_33_0.0093310,FS_39_0.0019800,PK_6_0.0001300,CE_71_0.0063770
Strict-Transport-Security: max-age=300; includeSubDomains
Set-Cookie: bdsm_who=r_Tw6AktSLS5N0imYccJEIU80.ooIikzLLeL0XL2VgO1hJtyoRGjE4ybn_dxffRVEPcO6jWP2h4oZQYVmOq1RGJdAlZphD._gvnBDtq6aNUsIJ6kt2yGuQsw.FMCJ8mWeYx0Ir705st16x2STlCFkp8w--; Secure; path=/; domain=.alt.com; expires=Wed, 04-Dec-2024 04:09:58 GMT; secure;HttpOnly;Secure
v_hash=_english_0; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
IP_COUNTRY=Norway; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
bdsm_tr=r_0X4MRbbRmmEHHAQ9GKUT8lrIeUbccYt8ZKNAqdtBzFq2t5gT8UZrq4YwopvMc.tX; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
LOCATION_FROM_IP=country&Norway&area_code&&longitude&10.859&country_name&Norway&lat&59.955®ion_name&Oslo+County&country_code&NO®ion&03&state&&city&Oslo&postal_code&0103&latitude&59.955&lon&10.859&dma_code&&country_code3&NOR; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
HISTORY=20221204-1-Dc; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
AB_TRACKING=mwJ0fCwTvbJvLuHj3BDVhR; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
throttling={"time":1670213398,"AppD":1,"GTM":0}; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
REFERRAL_URL=https://patiface.com/; Secure; path=/; domain=.alt.com; expires=Mon, 05-Dec-2022 16:09:58 GMT; secure;HttpOnly;Secure
click_id_time=1051150465_2022-12-04 20:09:58; Secure; path=/; domain=.alt.com; expires=Wed, 04-Jan-2023 04:09:58 GMT; secure;HttpOnly;Secure
X-Frame-Options: SAMEORIGIN
ETag: TESTBED
P3P: CP="DSP LAW"
X-ApacheServer: si205-133
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17983
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html;charset=UTF-8
stripchat.com/sexgreat?affiliateId=051222e5e8pnk7xryy52q23p146sld98c8hsxfuesl5c8bmjsrklcxd98qvhmfhl&campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&p1=4188482&realDomain=go.xlivrdr.com&referrer=https%3A%2F%2Fpatiface.com%2F&sound=off&sourceId=199379&stripbotVariation=Empty&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca
200 OK 66 kB URL HTTP/2 stripchat.com/sexgreat?affiliateId=051222e5e8pnk7xryy52q23p146sld98c8hsxfuesl5c8bmjsrklcxd98qvhmfhl&campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&p1=4188482&realDomain=go.xlivrdr.com&referrer=https%3A%2F%2Fpatiface.com%2F&sound=off&sourceId=199379&stripbotVariation=Empty&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65444), with no line terminators
Hash 47cdac785a872c2ce8ab47bf83639725
e82f4607f0dc8998aa5f1ac0da80bd3190c59567
702f9d7b2ef521de93d9c8d17f481e335c70608b672b6ceea970da8738732857
GET /sexgreat?affiliateId=051222e5e8pnk7xryy52q23p146sld98c8hsxfuesl5c8bmjsrklcxd98qvhmfhl&campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&p1=4188482&realDomain=go.xlivrdr.com&referrer=https%3A%2F%2Fpatiface.com%2F&sound=off&sourceId=199379&stripbotVariation=Empty&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca HTTP/1.1
Host: stripchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patiface.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:09:58 GMT
content-type: text/html; charset=utf-8
content-security-policy-report-only: default-src 'self' *.stripchat.com data: blob: *.amplitude.com *.google-analytics.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.stripcdn.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.doppiocdn.com *.doppiocdn.net *.doppiocdn.org *.trafficjunky.net main.exoclick.com tsyndicate.com *.hotjar.com *.hotjar.io;img-src 'self' * data: blob: android-webview-video-poster:;script-src 'self' *.stripchat.com data: 'unsafe-inline' 'unsafe-eval' blob: *.amplitude.com *.google-analytics.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.hpyrdr.dev *.hytto.com *.lovense.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.trafficjunky.net *.google.com platform.twitter.com main.exoclick.com tsyndicate.com wss://*.sc-apps.com www.googleadservices.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.2/fingerprint2.min.js *.crowdin.com cdntechone.com *.nktrdr.com *.ktkjmp.com *.xhamster.com *.llyjmp.com *.lxzrdr.com *.mgdjmp.com *.rdfxgo.com *.smljmp.com *.stripcash.com *.xxxjmp.com *.xxxivjmp.com *.xxxvjmp.com *.xxxviijmp.com *.xxxviiijmp.com *.xlrdr.com *.xlirdr.com *.xliirdr.com *.xlivrdr.com *.xlvrdr.com *.xlviirdr.com *.xlviiirdr.com *.zybrdr.com *.bbrdbr.com *.dmsktmld.com *.fxmnba.com;connect-src 'self' *.stripchat.com *.amplitude.com *.doubleclick.net *.flixstorage.com *.google-analytics.com *.googletagmanager.com *.googleapis.com *.hytto.com *.lovense.club *.lovense.club:34568 *.lovense.com *.stripcdn.com *.xhamsterlive.com *.xlivesex.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.doppiocdn.com *.doppiocdn.net *.doppiocdn.org syndication.twitter.com wss://*.stripchat.com wss://*.stripcdn.com wss://*.stripcdn.com:8090 wss://*.stripst.com wss://*.stripst.dev wss://*.strpst.com wss://*.strwst.com wss://*.doppiocdn.com wss://*.lovense.com wss://*.sc-apps.com *.crowdin.com crowdin.com datatechone.com accounts.google.com *.nktrdr.com *.ktkjmp.com *.xhamster.com *.llyjmp.com *.lxzrdr.com *.mgdjmp.com *.rdfxgo.com *.smljmp.com *.stripcash.com *.xxxjmp.com *.xxxivjmp.com *.xxxvjmp.com *.xxxviijmp.com *.xxxviiijmp.com *.xlrdr.com *.xlirdr.com *.xliirdr.com *.xlivrdr.com *.xlvrdr.com *.xlviirdr.com *.xlviiirdr.com *.zybrdr.com *.bbrdbr.com *.dmsktmld.com *.fxmnba.com;media-src 'self' *.stripchat.com data: blob: *.ahcdn.com *.stripcdn.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.doppiocdn.com *.doppiocdn.net *.doppiocdn.org;style-src 'self' *.stripchat.com 'unsafe-inline' *.googleapis.com *.hytto.com *.lovense.com *.stripcdn.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.tagmanager.google.com *.crowdin.com accounts.google.com;frame-src * data:;report-uri /_csp
strict-transport-security: max-age=15768000
x-frame-options: deny
cf-cache-status: DYNAMIC
set-cookie: ABTest_ab_25_tokens_instead_20_key=A; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT
ABTest_ab_index_header_names_girls_key=B; path=/; domain=stripchat.com; expires=Thu, 05 Jan 2023 00:00:00 GMT
ABTest_start_private_with_price_key=B; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT
ABTest_ab_index_header_names_couples_key=B; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT
ABTest_ab_onboarding_dialog_key=A; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT
__cflb=04dToXEV8Dh5T1zNFFDEFhpqfhBmbQYM5qHZo6yyiC; SameSite=None; Secure; path=/; expires=Tue, 06-Dec-22 03:09:58 GMT; HttpOnly
server: cloudflare
cf-ray: 7749edebe95bfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 04:09:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
200 OK 0 B URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48508
date: Mon, 05 Dec 2022 04:09:59 GMT
expires: Mon, 05 Dec 2022 04:09:59 GMT
cache-control: private, max-age=3000
etag: "1669811598765935"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/measurement/l?ebcid=ALh7CaRVLBwPAHi0cRXmRkLDcPcO3vhJbnIJg8LthXkAzSLRVGqXIsGz09A5p6XpUoXd6vHqYv85Vi1RDZh3_IM_-GmlDJ8Ubg
204 No Content 0 B URL HTTP/2 www.google.com/ads/measurement/l?ebcid=ALh7CaRVLBwPAHi0cRXmRkLDcPcO3vhJbnIJg8LthXkAzSLRVGqXIsGz09A5p6XpUoXd6vHqYv85Vi1RDZh3_IM_-GmlDJ8Ubg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/measurement/l?ebcid=ALh7CaRVLBwPAHi0cRXmRkLDcPcO3vhJbnIJg8LthXkAzSLRVGqXIsGz09A5p6XpUoXd6vHqYv85Vi1RDZh3_IM_-GmlDJ8Ubg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 04:09:59 GMT
server: jumble_frontend_server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
p4-bxa7dcryvg72m-clanoyzlz7ejiigz-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
200 OK 203 B URL HTTP/2 p4-bxa7dcryvg72m-clanoyzlz7ejiigz-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 17576682ecda91103224b9900b19c071
fdc24156b3a1d9843673e438ec00bc906c4fd09f
e706a19d0de0632a92ebc3e22ec86a2c8f7cb9e91d3cdeddab465b392f1904e6
GET /v6exp3/redir.html HTTP/1.1
Host: p4-bxa7dcryvg72m-clanoyzlz7ejiigz-if-v6exp3-v4.metric.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-eQBuxZnEw6DUrCuFstji8A' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 203
date: Mon, 05 Dec 2022 04:09:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
go.xxxjmp.com/config?url=https%3A%2F%2Fcreative.xxxjmp.com%2FLPExperience%3FnonNudeContent%3D1%26userId%3Ded4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e%26campaignId%3Dnonnude%26memberId%3DI1AptuwZNAp6DuAIQGhg7l38o-_W_tOBVU0UW2uEAIAGIMC_lDH9N_KDWguEH66qjywykiy-4NTs0YLWC1QSwsw28IOWcPlUO49NokEqcpet6mvktA_gUIDRUi%26sourceId%3D460140%26p1%3D4193085
200 OK 0 B URL HTTP/2 go.xxxjmp.com/config?url=https%3A%2F%2Fcreative.xxxjmp.com%2FLPExperience%3FnonNudeContent%3D1%26userId%3Ded4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e%26campaignId%3Dnonnude%26memberId%3DI1AptuwZNAp6DuAIQGhg7l38o-_W_tOBVU0UW2uEAIAGIMC_lDH9N_KDWguEH66qjywykiy-4NTs0YLWC1QSwsw28IOWcPlUO49NokEqcpet6mvktA_gUIDRUi%26sourceId%3D460140%26p1%3D4193085
IP
GET /config?url=https%3A%2F%2Fcreative.xxxjmp.com%2FLPExperience%3FnonNudeContent%3D1%26userId%3Ded4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e%26campaignId%3Dnonnude%26memberId%3DI1AptuwZNAp6DuAIQGhg7l38o-_W_tOBVU0UW2uEAIAGIMC_lDH9N_KDWguEH66qjywykiy-4NTs0YLWC1QSwsw28IOWcPlUO49NokEqcpet6mvktA_gUIDRUi%26sourceId%3D460140%26p1%3D4193085 HTTP/1.1
Host: go.xxxjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxjmp.com/
Origin: https://creative.xxxjmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:09:58 GMT
content-type: application/json
access-control-allow-origin: *
last-modified: Mon, 05 Dec 2022 04:09:58 GMT
cf-cache-status: MISS
set-cookie: __cflb=02DiuDfsBaY2bRYJiCddNhqGgfsRfgxdYuRVWw8QLRYjN; SameSite=None; Secure; path=/; expires=Tue, 06-Dec-22 03:09:58 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749edeb784cb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creative.xxxjmp.com/LPExperience?nonNudeContent=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&campaignId=nonnude&memberId=OhB5cl1UjORXU_KIVMWKOOZ8eJnLJXbec9DXY82NzX_T9OCjTq3NIbOHKe8O61Eee2KEGiB5sO4kVhPYgkwPfBaeZgFolghq-35sLCK6cSN0hfuSKg_gUIDRUi&sourceId=460140&p1=4193084
200 OK 0 B URL HTTP/2 creative.xxxjmp.com/LPExperience?nonNudeContent=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&campaignId=nonnude&memberId=OhB5cl1UjORXU_KIVMWKOOZ8eJnLJXbec9DXY82NzX_T9OCjTq3NIbOHKe8O61Eee2KEGiB5sO4kVhPYgkwPfBaeZgFolghq-35sLCK6cSN0hfuSKg_gUIDRUi&sourceId=460140&p1=4193084
IP
GET /LPExperience?nonNudeContent=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&campaignId=nonnude&memberId=OhB5cl1UjORXU_KIVMWKOOZ8eJnLJXbec9DXY82NzX_T9OCjTq3NIbOHKe8O61Eee2KEGiB5sO4kVhPYgkwPfBaeZgFolghq-35sLCK6cSN0hfuSKg_gUIDRUi&sourceId=460140&p1=4193084 HTTP/1.1
Host: creative.xxxjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patiface.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:09:57 GMT
content-type: text/html
last-modified: Wed, 30 Nov 2022 08:40:34 GMT
expires: Mon, 05 Dec 2022 04:10:05 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status: HIT
set-cookie: __cflb=02DiuDfsBaY2bRYJiCdcdyuoKGiEHEbzX1nHn5JmNWn5r; SameSite=None; Secure; path=/; expires=Tue, 06-Dec-22 03:09:57 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749ede7ae010b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
go.xxxjmp.com/config?url=https%3A%2F%2Fcreative.xxxjmp.com%2FLPExperience%3FnonNudeContent%3D1%26userId%3Ded4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e%26campaignId%3Dnonnude%26memberId%3DOhB5cl1UjORXU_KIVMWKOOZ8eJnLJXbec9DXY82NzX_T9OCjTq3NIbOHKe8O61Eee2KEGiB5sO4kVhPYgkwPfBaeZgFolghq-35sLCK6cSN0hfuSKg_gUIDRUi%26sourceId%3D460140%26p1%3D4193084
200 OK 0 B URL HTTP/2 go.xxxjmp.com/config?url=https%3A%2F%2Fcreative.xxxjmp.com%2FLPExperience%3FnonNudeContent%3D1%26userId%3Ded4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e%26campaignId%3Dnonnude%26memberId%3DOhB5cl1UjORXU_KIVMWKOOZ8eJnLJXbec9DXY82NzX_T9OCjTq3NIbOHKe8O61Eee2KEGiB5sO4kVhPYgkwPfBaeZgFolghq-35sLCK6cSN0hfuSKg_gUIDRUi%26sourceId%3D460140%26p1%3D4193084
IP
GET /config?url=https%3A%2F%2Fcreative.xxxjmp.com%2FLPExperience%3FnonNudeContent%3D1%26userId%3Ded4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e%26campaignId%3Dnonnude%26memberId%3DOhB5cl1UjORXU_KIVMWKOOZ8eJnLJXbec9DXY82NzX_T9OCjTq3NIbOHKe8O61Eee2KEGiB5sO4kVhPYgkwPfBaeZgFolghq-35sLCK6cSN0hfuSKg_gUIDRUi%26sourceId%3D460140%26p1%3D4193084 HTTP/1.1
Host: go.xxxjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.xxxjmp.com/
Origin: https://creative.xxxjmp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:09:58 GMT
content-type: application/json
access-control-allow-origin: *
last-modified: Mon, 05 Dec 2022 04:09:58 GMT
cf-cache-status: MISS
set-cookie: __cflb=02DiuDfsBaY2bRYJiCg3Rc4wrBy1LXpo7trmh6pv1M4Eg; SameSite=None; Secure; path=/; expires=Tue, 06-Dec-22 03:09:58 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749edea4fbdb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
creative.xxxjmp.com/LPExperience?nonNudeContent=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&campaignId=nonnude&memberId=-5tiZpRluh83vkB_C-M7Af3WJuo5wcRdCnuddUyngfTrB7QWVu_LWXX1KOHAMDB82TKcINBuBAY6KkZxweLI9v5P2hEJWOoTqFv7898teSaT_MyDgg_gUIDRUi&sourceId=460140&p1=4193086
200 OK 0 B URL HTTP/2 creative.xxxjmp.com/LPExperience?nonNudeContent=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&campaignId=nonnude&memberId=-5tiZpRluh83vkB_C-M7Af3WJuo5wcRdCnuddUyngfTrB7QWVu_LWXX1KOHAMDB82TKcINBuBAY6KkZxweLI9v5P2hEJWOoTqFv7898teSaT_MyDgg_gUIDRUi&sourceId=460140&p1=4193086
IP
GET /LPExperience?nonNudeContent=1&userId=ed4e3449202a44afa8131507a9d12a1c962321860e4bfcc2aa1b33a18897b60e&campaignId=nonnude&memberId=-5tiZpRluh83vkB_C-M7Af3WJuo5wcRdCnuddUyngfTrB7QWVu_LWXX1KOHAMDB82TKcINBuBAY6KkZxweLI9v5P2hEJWOoTqFv7898teSaT_MyDgg_gUIDRUi&sourceId=460140&p1=4193086 HTTP/1.1
Host: creative.xxxjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patiface.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:09:57 GMT
content-type: text/html
last-modified: Wed, 30 Nov 2022 08:40:34 GMT
expires: Mon, 05 Dec 2022 04:10:05 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }
cf-cache-status: HIT
set-cookie: __cflb=0H28uukSkGJRy5UBr1MAvzNuwf2BatEperU3sGdq1Qp; SameSite=None; Secure; path=/; expires=Tue, 06-Dec-22 03:09:57 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749ede7ae040b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video.hpyrdr.com/models/Oxyana-nsfw.mp4
206 Partial Content 0 B URL HTTP/2 video.hpyrdr.com/models/Oxyana-nsfw.mp4
IP
GET /models/Oxyana-nsfw.mp4 HTTP/1.1
Host: video.hpyrdr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://creative.xxxjmp.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
date: Mon, 05 Dec 2022 04:09:58 GMT
content-type: video/mp4
content-length: 18736875
x-amz-id-2: HBpwEi23mjSc59Jc/az2E84wKXbzZNOmakimxYYJaSwxBEf6m3qHuCJ/AoVxBQINflzy5I+29+Y=
x-amz-request-id: RM17VJBPKY88YKSC
last-modified: Sat, 30 Jan 2021 17:48:22 GMT
etag: "cbf6702efedb3e6d5432ae6250a7e2b7-2"
x-amz-meta-s3cmd-attrs: md5:9617ec2b0c5fa256358d705a53d4edec
x-amz-version-id: Kq.IImypcHiJIAAm1ZHa790cp1FHZZPn
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 5195
expires: Mon, 05 Dec 2022 08:09:58 GMT
cache-control: public, max-age=14400
content-range: bytes 0-18736874/18736875
server: cloudflare
cf-ray: 7749ededfb580b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stripchat.com/sexgreat?affiliateId=051222f01tavwr2vwt6h2ixyw1pgu7vpu9zyodjczrq9j9id0mnpjrs47l04vb5h&campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&p1=4188482&realDomain=go.xlivrdr.com&referrer=https%3A%2F%2Fpatiface.com%2F&sound=off&sourceId=199379&stripbotVariation=Empty&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca
200 OK 0 B URL HTTP/2 stripchat.com/sexgreat?affiliateId=051222f01tavwr2vwt6h2ixyw1pgu7vpu9zyodjczrq9j9id0mnpjrs47l04vb5h&campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&p1=4188482&realDomain=go.xlivrdr.com&referrer=https%3A%2F%2Fpatiface.com%2F&sound=off&sourceId=199379&stripbotVariation=Empty&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca
IP
GET /sexgreat?affiliateId=051222f01tavwr2vwt6h2ixyw1pgu7vpu9zyodjczrq9j9id0mnpjrs47l04vb5h&campaignId=a96c4365c7d308d3376afe0272ee2b463518c44d17621f80b7dec6f060bcb687&p1=4188482&realDomain=go.xlivrdr.com&referrer=https%3A%2F%2Fpatiface.com%2F&sound=off&sourceId=199379&stripbotVariation=Empty&userId=d100f7df1b38527c59f2a01ce658dbfb8b696949c12c1469164f408167d4a1ca HTTP/1.1
Host: stripchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://patiface.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 04:09:58 GMT
content-type: text/html; charset=utf-8
content-security-policy-report-only: default-src 'self' *.stripchat.com data: blob: *.amplitude.com *.google-analytics.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.stripcdn.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.doppiocdn.com *.doppiocdn.net *.doppiocdn.org *.trafficjunky.net main.exoclick.com tsyndicate.com *.hotjar.com *.hotjar.io;img-src 'self' * data: blob: android-webview-video-poster:;script-src 'self' *.stripchat.com data: 'unsafe-inline' 'unsafe-eval' blob: *.amplitude.com *.google-analytics.com *.googletagmanager.com *.googleapis.com *.gstatic.com *.hpyrdr.dev *.hytto.com *.lovense.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.trafficjunky.net *.google.com platform.twitter.com main.exoclick.com tsyndicate.com wss://*.sc-apps.com www.googleadservices.com cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.2/fingerprint2.min.js *.crowdin.com cdntechone.com *.nktrdr.com *.ktkjmp.com *.xhamster.com *.llyjmp.com *.lxzrdr.com *.mgdjmp.com *.rdfxgo.com *.smljmp.com *.stripcash.com *.xxxjmp.com *.xxxivjmp.com *.xxxvjmp.com *.xxxviijmp.com *.xxxviiijmp.com *.xlrdr.com *.xlirdr.com *.xliirdr.com *.xlivrdr.com *.xlvrdr.com *.xlviirdr.com *.xlviiirdr.com *.zybrdr.com *.bbrdbr.com *.dmsktmld.com *.fxmnba.com;connect-src 'self' *.stripchat.com *.amplitude.com *.doubleclick.net *.flixstorage.com *.google-analytics.com *.googletagmanager.com *.googleapis.com *.hytto.com *.lovense.club *.lovense.club:34568 *.lovense.com *.stripcdn.com *.xhamsterlive.com *.xlivesex.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.doppiocdn.com *.doppiocdn.net *.doppiocdn.org syndication.twitter.com wss://*.stripchat.com wss://*.stripcdn.com wss://*.stripcdn.com:8090 wss://*.stripst.com wss://*.stripst.dev wss://*.strpst.com wss://*.strwst.com wss://*.doppiocdn.com wss://*.lovense.com wss://*.sc-apps.com *.crowdin.com crowdin.com datatechone.com accounts.google.com *.nktrdr.com *.ktkjmp.com *.xhamster.com *.llyjmp.com *.lxzrdr.com *.mgdjmp.com *.rdfxgo.com *.smljmp.com *.stripcash.com *.xxxjmp.com *.xxxivjmp.com *.xxxvjmp.com *.xxxviijmp.com *.xxxviiijmp.com *.xlrdr.com *.xlirdr.com *.xliirdr.com *.xlivrdr.com *.xlvrdr.com *.xlviirdr.com *.xlviiirdr.com *.zybrdr.com *.bbrdbr.com *.dmsktmld.com *.fxmnba.com;media-src 'self' *.stripchat.com data: blob: *.ahcdn.com *.stripcdn.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.doppiocdn.com *.doppiocdn.net *.doppiocdn.org;style-src 'self' *.stripchat.com 'unsafe-inline' *.googleapis.com *.hytto.com *.lovense.com *.stripcdn.com *.stripst.com *.stripst.dev *.strpst.com *.strwst.com *.tagmanager.google.com *.crowdin.com accounts.google.com;frame-src * data:;report-uri /_csp
strict-transport-security: max-age=15768000
x-frame-options: deny
cf-cache-status: DYNAMIC
set-cookie: ABTest_ab_25_tokens_instead_20_key=A; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT
ABTest_ab_index_header_names_girls_key=A; path=/; domain=stripchat.com; expires=Thu, 05 Jan 2023 00:00:00 GMT
ABTest_start_private_with_price_key=B; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT
ABTest_ab_index_header_names_couples_key=B; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT
ABTest_ab_onboarding_dialog_key=A; path=/; domain=stripchat.com; expires=Mon, 15 Jul 2024 00:00:00 GMT
__cflb=02DiuFntVtrkFMde1dj3qzKLFgQxTHyxRMX5rnKYuVeHr; SameSite=None; Secure; path=/; expires=Tue, 06-Dec-22 03:09:58 GMT; HttpOnly
server: cloudflare
cf-ray: 7749edebe95dfab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
104.21.91.153
216.58.207.194
188.114.96.1
136.243.83.47
104.18.59.150
23.36.76.226
93.184.220.29