r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bbea1550fedd5eb9c265712fab75b137
2c2f981747898a380265f766345f2bb9c8c983fd
c728286e38c31a4d3f7a39702e0a5f69c14bf69e01a88bc4479714953fbda278
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C728286E38C31A4D3F7A39702E0A5F69C14BF69E01A88BC4479714953FBDA278"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3536
Expires: Wed, 21 Dec 2022 00:23:52 GMT
Date: Tue, 20 Dec 2022 23:24:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 04c14564c7083355371e41c5a09acada
ea488e34661be5420c798c7e26f193b4dee7bb37
d7e5c37d8e6cbed236670d050f84f288539642f7a41a54b0abd39357f7c42232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7E5C37D8E6CBED236670D050F84F288539642F7A41A54B0ABD39357F7C42232"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11994
Expires: Wed, 21 Dec 2022 02:44:50 GMT
Date: Tue, 20 Dec 2022 23:24:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cf03270e3476f7482a2cc7ddc6a9e857
ab70d5ee87b01e0601f8e518bf36f97c8ceeba9a
43a4e796860a1481636dac103488cadc68c261d13cfe835d273efc368e569f97
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43A4E796860A1481636DAC103488CADC68C261D13CFE835D273EFC368E569F97"
Last-Modified: Sun, 18 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3534
Expires: Wed, 21 Dec 2022 00:23:50 GMT
Date: Tue, 20 Dec 2022 23:24:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 20 Dec 2022 22:34:30 GMT
content-type: application/json
age: 3026
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: zU/4bZ1LqJc0OeZbe5RisIypIDcyoQVGSSnqBnQhMyhxEkdpYDwZbc5QRktIMuJR3Ot+ZNjNWNA=
x-amz-request-id: ZA86G4ENP5R0TPZ8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 20 Dec 2022 22:29:37 GMT
age: 3319
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 23:24:56 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
track.hotvpn.io/bfde2a7b-ad9b-4dfe-9152-8e68c6da52c7
18.197.208.17302 0 B URL HTTP/1.1 track.hotvpn.io/bfde2a7b-ad9b-4dfe-9152-8e68c6da52c7
IP 18.197.208.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bfde2a7b-ad9b-4dfe-9152-8e68c6da52c7 HTTP/1.1
Host: track.hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Server: nginx
Date: Tue, 20 Dec 2022 23:24:56 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://hotvpn.io/landing-page?page=a1
Pragma: no-cache
Set-Cookie: bfde2a7b-ad9b-4dfe-9152-8e68c6da52c7-v4=_hLY1mXtv5sKW-2ItYjcFfYs2wMSehm1p0xREoFYlLc; Max-Age=86400; Expires=Wed, 21-Dec-2022 23:24:56 GMT; Domain=track.hotvpn.io; Path=/; HttpOnly
cc-v4=Jh2TBDjnnwLUXCPgmTga88alRMMEvaIROgwSMIyypSS3ZBfEH04n%2F4DcrV4HFCnozB7Ru5SDucuoXXjHGzqBVqInzqNuZdVIsNHZ5zy%2Be%2FZPLZZaUlRt3otTq68o07S00GSyjQEIYt7LlQiDVCgAPw%3D%3D; Max-Age=31536000; Expires=Wed, 20-Dec-2023 23:24:56 GMT; Domain=track.hotvpn.io; Path=/; HttpOnly
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 20 Dec 2022 22:33:24 GMT
age: 3092
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash e09f6183a17966c8b0a95cdd69c7406f
e71adaee1502701321d60cd255346c232e743b3d
c990267307d52e73574d45aed81f8c858220a0f204e4014c1850339e5d914d8e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171020
Date: Tue, 20 Dec 2022 23:24:56 GMT
Etag: "63a23d54-1d7"
Expires: Thu, 22 Dec 2022 22:55:16 GMT
Last-Modified: Tue, 20 Dec 2022 22:55:16 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fO_YKIshwWUXfyFxDoinlV9DrRPA_iBYNbZpxU11W5iM15d0h84-TQ==
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c2b6760f2b58f445446dd2276d5af4
aeedf417b1ebde86ce837ca02ba934abb938b1a4
8fe72d0ce839150559da5ddf46bf87d26b6b9cbe34d09641b29a53be24997c81
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1320
Cache-Control: max-age=122635
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:57 GMT
Etag: "63a17b2b-1d7"
Expires: Thu, 22 Dec 2022 09:28:52 GMT
Last-Modified: Tue, 20 Dec 2022 09:06:51 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.160.184.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.184.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 21w5XEJ6eIjuXeKI1QgbMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jQ2v3eH7PKE16cMnA1BbYz66Swo=
cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
151.101.193.229200 OK 11 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css
IP 151.101.193.229:0
Hash 9d925d15680cff8c6ea221e68d4da6fc
4feb53c66abd34264a976f4fae5f5819fa2a454a
42afd5d11d0b1f94ab684c456c19e39f1ddfae78f2f14118e9891f68558fc26b
GET /npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 20 Dec 2022 23:24:57 GMT
age: 2041
x-served-by: cache-fra-eddf8230038-FRA, cache-bma1653-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11403
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/js/bootstrap.bundle.min.js
151.101.193.229200 OK 23 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/js/bootstrap.bundle.min.js
IP 151.101.193.229:0
File type ASCII text, with very long lines (65293)
Hash 17be39c5c6fd45df16dfd5db3c085068
16e85f6095024d87f093975b392ee6d8307807a2
26323ab86481ea97bf21d9e5a84009ac48cd4fdce7a58ac15dd4c6391669a42e
GET /npm/bootstrap@5.2.0-beta1/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.2.0-beta1
x-jsd-version-type: version
etag: W/"1377e-a0uYWpCr16scLjX/O4dNB8+EEO4"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 20 Dec 2022 23:24:57 GMT
age: 11572426
x-served-by: cache-fra19140-FRA, cache-bma1653-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23010
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c92a63593449265941bccd2401ec3927
09bd5c279a11c5067d75300053d70e4e678d7140
a137e34a2d19637a6fe63ba801ce97be1ded72584f8a90798b4c0910526a4429
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7011324f8501f3c2c1e545068299bec1
f9ca3911f1c3f66cf89c1b7f2e251c3669636fcb
6afe60a2ce277e620ad2ab621a77fc140d3d28c70b3774afd07ee85e58465623
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4968
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:57 GMT
Last-Modified: Tue, 20 Dec 2022 22:02:10 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c92a63593449265941bccd2401ec3927
09bd5c279a11c5067d75300053d70e4e678d7140
a137e34a2d19637a6fe63ba801ce97be1ded72584f8a90798b4c0910526a4429
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c92a63593449265941bccd2401ec3927
09bd5c279a11c5067d75300053d70e4e678d7140
a137e34a2d19637a6fe63ba801ce97be1ded72584f8a90798b4c0910526a4429
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.24.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 23:24:57 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1819885
expires: Sun, 10 Dec 2023 23:24:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhWWVvxBUgYUCgJ2fidALHCmrNS82BUd1g59NHzJ62ga5%2BsOyEPS5d50xx12MKMmvbGaQncMeNLoqEYsMIP%2FAd9JVh199X5PB6Ht%2FndX47wt%2FUHxFDOkgs%2BviheIaEn8vrC1LZi1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77cc226aba1c0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash 7fddae96472d30050fdd417787e2a0e8
10f5db7a60a7aa225bd9b70c92167b7f955f768e
8a9c08995e2f91f4776ee8206d9b16764d91d9ed764aad70e46ba2b7604d0089
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 23:24:57 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "E13D025810EB83AE067B8592AC3B5894AE342326"
Expires: Wed, 21 Dec 2022 10:00:00 GMT
Last-Modified: Tue, 20 Dec 2022 22:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3504
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77cc226ac95ab51e-OSL
www.googletagmanager.com/gtag/js?id=AW-852685511
172.217.21.168200 OK 69 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-852685511
IP 172.217.21.168:0
File type ASCII text, with very long lines (3630)
Hash f2457e66b14f1ad2b2dab17f9c1993d4
15a8edf8ad97ef057538de4901ee3af6bbf6d712
33e29b2072a8633977fd44812899f6c9b998647f293b7d5e0f1f5ac726061c07
GET /gtag/js?id=AW-852685511 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Dec 2022 23:24:57 GMT
expires: Tue, 20 Dec 2022 23:24:57 GMT
cache-control: private, max-age=900
last-modified: Tue, 20 Dec 2022 23:05:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68818
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7011324f8501f3c2c1e545068299bec1
f9ca3911f1c3f66cf89c1b7f2e251c3669636fcb
6afe60a2ce277e620ad2ab621a77fc140d3d28c70b3774afd07ee85e58465623
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4968
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:57 GMT
Last-Modified: Tue, 20 Dec 2022 22:02:10 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=UA-151425496-1
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-151425496-1
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash e1add0156235c216c875642f2ccd7905
bbf47613e3c3d300f93c0e15f301dad7dc782353
6f0bf963eab8edf94280caab9824faf4c28392768a9d3287d9582eb49f123ece
GET /gtag/js?id=UA-151425496-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Dec 2022 23:24:57 GMT
expires: Tue, 20 Dec 2022 23:24:57 GMT
cache-control: private, max-age=900
last-modified: Tue, 20 Dec 2022 23:05:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-6705X2P2FH
172.217.21.168200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-6705X2P2FH
IP 172.217.21.168:0
File type ASCII text, with very long lines (22462)
Hash 87bc8a6c3425c1bf7e813c30ac223e48
2a9526329e097e157fbe75d5e55d80b271d4788b
20de0e1aba804709e8ed6d88f0e3b24c2fe4967fe9e41563aa85222cce4e4181
GET /gtag/js?id=G-6705X2P2FH HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Dec 2022 23:24:57 GMT
expires: Tue, 20 Dec 2022 23:24:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78051
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kit.fontawesome.com/a076d05399.js
104.18.23.52403 Forbidden 22 B URL HTTP/2 kit.fontawesome.com/a076d05399.js
IP 104.18.23.52:0
File type ASCII text, with no line terminators
Hash fd97e4f669829c0ab67c2203a6840a09
3cf1ecf50b3c929fb32a43896505db3ff9602275
6ee8906b2c990cc0ccd14c16ed0482a5b6dcacf438908ff2d8a98a4c4d5a35e3
GET /a076d05399.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Tue, 20 Dec 2022 23:24:57 GMT
content-type: text/plain; charset=utf-8
content-length: 22
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; preload
x-request-id: FzKj-A1WYvsf0cZrHw3i
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 77cc2269e8b4b52d-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c92a63593449265941bccd2401ec3927
09bd5c279a11c5067d75300053d70e4e678d7140
a137e34a2d19637a6fe63ba801ce97be1ded72584f8a90798b4c0910526a4429
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.paypal.com/sdk/js?client-id=AXiuTLh0HoBRzNyDB2w_NeR5wOZaLz8Ch6H9cr3mTA33XSeq5qgUi_AKPrNUfxxG1XLk6k0YDDVBtLwZ&vault=true&intent=subscription
192.229.221.25200 OK 94 kB URL HTTP/2 www.paypal.com/sdk/js?client-id=AXiuTLh0HoBRzNyDB2w_NeR5wOZaLz8Ch6H9cr3mTA33XSeq5qgUi_AKPrNUfxxG1XLk6k0YDDVBtLwZ&vault=true&intent=subscription
IP 192.229.221.25:0
File type ASCII text, with very long lines (65472)
Hash 96508615022b32b660d5a0442978ddf9
9e2906dc62ef6c4073c6b1579e0e369a708dd4af
f28c3da021ca62fdfd0ccb5fbdaf07dcb6d0e21bf1da5c80cb06fdc66b5f8c52
GET /sdk/js?client-id=AXiuTLh0HoBRzNyDB2w_NeR5wOZaLz8Ch6H9cr3mTA33XSeq5qgUi_AKPrNUfxxG1XLk6k0YDDVBtLwZ&vault=true&intent=subscription HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-nhroFmJuUVeQFy0c/rjeoORrVsDEMT94mxgSnBlZzC6yIKF5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-nhroFmJuUVeQFy0c/rjeoORrVsDEMT94mxgSnBlZzC6yIKF5' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: application/javascript; charset=utf-8
date: Tue, 20 Dec 2022 23:24:57 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"1701a-nikG3GLvbEBzxrFXng42mnCN1K8"
p3p: true
paypal-debug-id: 0a07a7b5baa7a
server: ECAcc (lhd/35AA)
server-timing: traceparent;desc="00-00000000000000000000a07a7b5baa7a-ee57b01452c6e061-01", content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: tsrce=clientsdknodeweb; Domain=.paypal.com; Path=/; Expires=Fri, 23 Dec 2022 23:24:57 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Tue, 20 Dec 2022 23:54:57 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1766273097%26vteXpYrS%3D1671580497%26vr%3D31dabf151850ad04a711c07afe9a5212%26vt%3D31dabf151850ad04a711c07afe9a5211%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 19 Dec 2025 23:24:57 GMT; HttpOnly; Secure
ts_c=vr%3D31dabf151850ad04a711c07afe9a5212%26vt%3D31dabf151850ad04a711c07afe9a5211; Path=/; Domain=paypal.com; Expires=Fri, 19 Dec 2025 23:24:57 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000a07a7b5baa7a-6f822b46cdb2d65b-01
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 94234
X-Firefox-Spdy: h2
www.paypal.com/tagmanager/pptm.js?id=hotvpn.io&t=xo&v=5.0.344&source=payments_sdk&client_id=AXiuTLh0HoBRzNyDB2w_NeR5wOZaLz8Ch6H9cr3mTA33XSeq5qgUi_AKPrNUfxxG1XLk6k0YDDVBtLwZ&vault=true
192.229.221.25200 OK 4.7 kB URL HTTP/2 www.paypal.com/tagmanager/pptm.js?id=hotvpn.io&t=xo&v=5.0.344&source=payments_sdk&client_id=AXiuTLh0HoBRzNyDB2w_NeR5wOZaLz8Ch6H9cr3mTA33XSeq5qgUi_AKPrNUfxxG1XLk6k0YDDVBtLwZ&vault=true
IP 192.229.221.25:0
File type ASCII text, with very long lines (13573)
Hash 345c20c981208e49bc2fb0a7a42df860
1da0f7aac99188f435c93f53729d7450ec0e985d
617874a82293c0d1e15eaf325c97b2ef84206916d20a4b011745bb7f7be3ca53
GET /tagmanager/pptm.js?id=hotvpn.io&t=xo&v=5.0.344&source=payments_sdk&client_id=AXiuTLh0HoBRzNyDB2w_NeR5wOZaLz8Ch6H9cr3mTA33XSeq5qgUi_AKPrNUfxxG1XLk6k0YDDVBtLwZ&vault=true HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Cookie: tsrce=clientsdknodeweb
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-expose-headers: Server-Timing
age: 46827
cache-control: public, max-age=3600
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-3qd+kJhSrxys1CTWLpO0RseGDiJa0QM+DVR+ggkuF/IADaXx' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-type: application/x-javascript; charset=utf-8
date: Tue, 20 Dec 2022 23:24:57 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"3531-LSy4dz3ldztKCE9Ut1bpoGvzvtE"
last-modified: Tue, 20 Dec 2022 10:24:30 GMT
paypal-debug-id: 07b02462a81a1
server: ECAcc (lhd/35A9)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000007b02462a81a1-2e550cf0ad1e1743-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 4742
X-Firefox-Spdy: h2
track.hotvpn.io/d/7a0b3336-5e57-4000-90ef-a7352824f6b9.js?oref=&ourl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&opt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&vtm=1671578709074
18.197.208.17400 Bad Request 152 B URL HTTP/2 track.hotvpn.io/d/7a0b3336-5e57-4000-90ef-a7352824f6b9.js?oref=&ourl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&opt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&vtm=1671578709074
IP 18.197.208.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d9bacc468aa23334526933389545e120
e26288b4bada404ce340ca72989f9f1193dc649c
0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4
GET /d/7a0b3336-5e57-4000-90ef-a7352824f6b9.js?oref=&ourl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&opt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&vtm=1671578709074 HTTP/1.1
Host: track.hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 400 Bad Request
server: nginx
date: Tue, 20 Dec 2022 23:24:58 GMT
content-type: text/html
content-length: 152
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
hotvpn.io/assets/images/landing%20page/Vector%20(1).svg
54.230.111.23200 OK 237 B URL HTTP/2 hotvpn.io/assets/images/landing%20page/Vector%20(1).svg
IP 54.230.111.23:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash bb1a601735361e405ac71027c44b0b40
b2622b5d940fa8f1aacc9d4b28d1441d99409cb1
88e44a74232d5ff22219c89e5fdd57e5bbb14d38e4f00022ee29e3711de164a7
GET /assets/images/landing%20page/Vector%20(1).svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 237
date: Tue, 20 Dec 2022 02:01:32 GMT
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
etag: "bb1a601735361e405ac71027c44b0b40"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: A6WashESBPGtfFrlt6fpOqAhBm9LuT4LvGLE98agpK1k261rEgeeEA==
age: 77007
X-Firefox-Spdy: h2
hotvpn.io/scripts.0050e7fef10bfa2f.js
54.230.111.23200 OK 50 kB URL HTTP/2 hotvpn.io/scripts.0050e7fef10bfa2f.js
IP 54.230.111.23:0
Hash 5db5616e6a96b55b6cadf14443e41ed0
10f03e80a55a7b1abec2e1fe09bd1936af04a114
2c5deebde060793a1b00ed34ced20e3048875974bc9eb58517df2ab40ec4d331
GET /scripts.0050e7fef10bfa2f.js HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Dec 2022 10:32:45 GMT
etag: W/"f9e24949cb40c6c413dc39b4236414b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cI6SnXQnpcPtF4TDvFZIKPoNRM3OJw-wl799bY11f5TYKomBO6BBeQ==
age: 46333
X-Firefox-Spdy: h2
hotvpn.io/assets/images/footer/Logo.png
54.230.111.23200 OK 2.5 kB URL HTTP/2 hotvpn.io/assets/images/footer/Logo.png
IP 54.230.111.23:0
File type PNG image data, 163 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 193e0e7a1f142a022d2aaceb79df740c
da90dcd9c7d081863974c84eebec136ad1c9d445
c189790d9fb51dcf3028893ee968eba0a787dc2c232cc9661e843e614af90679
GET /assets/images/footer/Logo.png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2491
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Dec 2022 14:45:53 GMT
etag: "193e0e7a1f142a022d2aaceb79df740c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xYxDWFrIj6r4uIO_enzzLEYv2r3vfwze2SkuRtfRuJHg6dndv9mD5Q==
age: 31146
X-Firefox-Spdy: h2
hotvpn.io/assets/images/footer/Trust%20pilot%20(1).png
54.230.111.23200 OK 1.0 kB URL HTTP/2 hotvpn.io/assets/images/footer/Trust%20pilot%20(1).png
IP 54.230.111.23:0
File type PNG image data, 132 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash fa57fd54a58da5beec7a5f32b46f4e56
c0836c5c240bb84964f8dea311ad69a25839a411
ce59484230d808a0a93cbd900ea626778b4fdfb7d1c9b50524a730f05ca1c760
GET /assets/images/footer/Trust%20pilot%20(1).png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1008
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Dec 2022 05:00:16 GMT
etag: "fa57fd54a58da5beec7a5f32b46f4e56"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bbOhw7avXwuuKQs38o9AXWhj67tGaKaUg0H1e2dyIt8_xZ0mbJRirw==
age: 66283
X-Firefox-Spdy: h2
unpkg.com/aos@next/dist/aos.js
104.16.123.175302 Found 1.3 kB URL HTTP/2 unpkg.com/aos@next/dist/aos.js
IP 104.16.123.175:0
Hash 635c5b0fbe22ab0cd20a6c3ecf811845
0283361b3ac7f92c5515a6e049acac7bbb4e0264
d82178b98df35cb2a6685366bf3bd2509c0d45207867e69361b510a0e88057e1
GET /aos@next/dist/aos.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 20 Dec 2022 23:24:57 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /aos@3.0.0-beta.6/dist/aos.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GMRXJ48C8FKXRK03D8W966XJ-ams
cf-cache-status: HIT
age: 107
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77cc226a6c84b51d-OSL
X-Firefox-Spdy: h2
hotvpn.io/775.289c570583ec38f3.js
54.230.111.23200 OK 54 kB URL HTTP/2 hotvpn.io/775.289c570583ec38f3.js
IP 54.230.111.23:0
Hash 6d63a93faea94799d34b18b8a06a8ccb
8d60eca38ed4c661da35af08e0b8985aba7f7c73
c4784ed922fefb9a5075e7a57f77aba6cbf4ee64805dab79c188c61ee95bd803
GET /775.289c570583ec38f3.js HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 17 Nov 2022 14:10:59 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Dec 2022 23:24:58 GMT
etag: W/"adfe4221aa54aee25282158481ad577d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G6tNO5PnDYTQvomGexOkBkPNCoIfg4U4V7Cp2Zog2f4yWoMx1jWi-Q==
age: 14351
X-Firefox-Spdy: h2
hotvpn.io/assets/images/benefits/security/browse.png
54.230.111.23200 OK 21 kB URL HTTP/2 hotvpn.io/assets/images/benefits/security/browse.png
IP 54.230.111.23:0
File type PNG image data, 732 x 513, 8-bit/color RGBA, non-interlaced\012- data
Hash 66229975a54182c5276f43a9a2e25aad
3d16a30c29b5d51ed605e61eea907bf646e12b52
fc99544aadacd8601622756376f8de205c226e01b8711637b81de9c0b9dfd432
GET /assets/images/benefits/security/browse.png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 20765
date: Tue, 20 Dec 2022 23:24:59 GMT
last-modified: Thu, 17 Nov 2022 14:11:02 GMT
etag: "66229975a54182c5276f43a9a2e25aad"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: H2orEf8oVH8AzXL3XMq5rztBS9V8qEnOGJyEUq23g4IJm-Bc5H6_4g==
X-Firefox-Spdy: h2
hotvpn.io/assets/images/benefits/features/Protected%20(1).png
54.230.111.23200 OK 17 kB URL HTTP/2 hotvpn.io/assets/images/benefits/features/Protected%20(1).png
IP 54.230.111.23:0
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced\012- data
Hash 3be99e4e570f3a59b6da8350094862dc
9322b45da5531c5402906abf91d5b5dfab337c2a
c85b1874672cc59c8fb7d7f4919302f9bf90d6bb869f8d11dc09f8d91c89e466
GET /assets/images/benefits/features/Protected%20(1).png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 16958
date: Tue, 20 Dec 2022 23:24:59 GMT
last-modified: Thu, 17 Nov 2022 14:11:02 GMT
etag: "3be99e4e570f3a59b6da8350094862dc"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S-MtNhSArFI5rx-Y3yTl6wSPb4DUQw5H9ursRjiVjPlIq7mluYuC1Q==
X-Firefox-Spdy: h2
hotvpn.io/assets/images/landing%20page/30%20days.svg
54.230.111.23200 OK 5.3 kB URL HTTP/2 hotvpn.io/assets/images/landing%20page/30%20days.svg
IP 54.230.111.23:0
Hash 7a6d57b2bea6c47b072985a872b72a9c
c019cd66e99d499814899c771cad1f6d2d23cd75
5540aefe7af471a711f2a599df88e8c685a1b7b222024d180c3bc815b653dc0d
GET /assets/images/landing%20page/30%20days.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 20 Dec 2022 02:01:32 GMT
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
etag: W/"5e4e31218bc904cc24af9aff698df180"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9i9D3VdUayhyDCIAWC9WfYzIGwWTZHhzRBmO7phdspmV8YYufBWozw==
age: 77007
X-Firefox-Spdy: h2
hotvpn.io/assets/images/footer/Linkedin.svg
54.230.111.23200 OK 4.7 kB URL HTTP/2 hotvpn.io/assets/images/footer/Linkedin.svg
IP 54.230.111.23:0
Hash 7c482b7b359c502097280a522a60c4b8
77b0902e3d20d5d237080cbafc08e469b85c7d62
d65f161c1031591468c2c9b552e237468d72cfb1e40fd90c796dc7f0d86628bd
GET /assets/images/footer/Linkedin.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Dec 2022 23:24:58 GMT
etag: W/"0a3751345eb8278a04a7d13636dbd1d4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TqBtSPxe-Kd96NztPR2EtdwHs9dZFSS1xfaUSpVDt2vRTiMTt1Odug==
age: 31146
X-Firefox-Spdy: h2
hotvpn.io/assets/images/landing%20page/Vector%20black.svg
54.230.111.23200 OK 239 B URL HTTP/2 hotvpn.io/assets/images/landing%20page/Vector%20black.svg
IP 54.230.111.23:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 4c81737f64a4d0cd7dbcfb6edaa8ebaf
3cc3ac1ac4bded89fdc384c46affa725b2062aaf
0655c0555b961e01d5e9b7d43bb7f89d8ecb1eea5bcfca2ec123aa6e33d4a3d1
GET /assets/images/landing%20page/Vector%20black.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 239
date: Tue, 20 Dec 2022 23:24:59 GMT
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
etag: "4c81737f64a4d0cd7dbcfb6edaa8ebaf"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R62rBGXb9vzxyA53NvFgAntefrZ7VbxomVjSEo8MMOO5zHTZwCWjVg==
X-Firefox-Spdy: h2
hotvpn.io/assets/images/header/header-icon-phone/header-icon-close-white.svg
54.230.111.23200 OK 194 B URL HTTP/2 hotvpn.io/assets/images/header/header-icon-phone/header-icon-close-white.svg
IP 54.230.111.23:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 7985f2445e9b1b02777c987962ccd8b7
55a5a4fbb2af5b488fe8db06b0b39c01a2b282ad
eac41dca7ccd1f121ce77c82bf72ddf7286263f2a960f32f337e5d6e9751b446
GET /assets/images/header/header-icon-phone/header-icon-close-white.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 194
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Dec 2022 23:24:58 GMT
etag: "7985f2445e9b1b02777c987962ccd8b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X-aqhnJ5a4SXFodmizOdoPLblnLSoRZFhtGwbk354RUnd6ybWOD8-A==
age: 31146
X-Firefox-Spdy: h2
unpkg.com/aos@next/dist/aos.css
104.16.123.175302 Found 405 B URL HTTP/2 unpkg.com/aos@next/dist/aos.css
IP 104.16.123.175:0
Hash a8a2289477d1d28658f0fde008004bb6
fc94f60624607c7858dbec3082b396c4bb6e74c2
d08dd9ad98299442ea02707130150f902be303cbcaa1fdd8f5fb77790026410c
GET /aos@next/dist/aos.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 20 Dec 2022 23:24:57 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /aos@3.0.0-beta.6/dist/aos.css
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GMRXKA4XYFQMEBXM1JQ3PX5D-ams
cf-cache-status: HIT
age: 71
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77cc226a7ca0b51d-OSL
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash dc3e27c5effc50265f1b93f5f908e8b5
0c230462ce2a2b24024e81f77d5ef72b62c9d856
89b3be44fb55f21ce362b9d7913fa72905737bae1c9abf93081a76687d85f450
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=112631
Date: Tue, 20 Dec 2022 23:24:58 GMT
Etag: "63a14198-1d7"
Expires: Thu, 22 Dec 2022 06:42:09 GMT
Last-Modified: Tue, 20 Dec 2022 05:01:12 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _7xsDh1tBIgdKC5KmBmUqr86wehDS5G27w6zca60U0HL8YFxHzuXnQ==
Age: 6057
hotvpn.io/assets/images/what-is-a-vpn/white/androidW.png
54.230.111.23200 OK 1.6 kB URL HTTP/2 hotvpn.io/assets/images/what-is-a-vpn/white/androidW.png
IP 54.230.111.23:0
File type PNG image data, 63 x 73, 8-bit/color RGBA, non-interlaced\012- data
Hash 505f8188e026c71b5b5717997c9db5d4
c3e91ed7b3cb76ee4099353cc62d6dc2f4ac9b72
1c323a0ba93e660c4de53d3cd64fc427e131831e1c2efd0ce2f5aec87bf6dfce
GET /assets/images/what-is-a-vpn/white/androidW.png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1648
date: Tue, 20 Dec 2022 02:01:32 GMT
last-modified: Thu, 17 Nov 2022 14:11:17 GMT
etag: "505f8188e026c71b5b5717997c9db5d4"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9i-jzVGWkMXVrKuMtDFUKWzf0VPqVzCTbLDGzA34KNyg6PrYP5ZaqQ==
age: 77007
X-Firefox-Spdy: h2
hotvpn.io/assets/images/footer/Google%20play.png
54.230.111.23200 OK 7.6 kB URL HTTP/2 hotvpn.io/assets/images/footer/Google%20play.png
IP 54.230.111.23:0
File type PNG image data, 217 x 71, 8-bit/color RGBA, non-interlaced\012- data
Hash 7c1b5c7a30992d96b575b3bfa9ba0c5b
fa070413dd5bb97fdc3ef873089b2ee8560bc847
99ee3647ece1055c38d3337b1a74b9feee1b6414f5cbfae54ba57715fee84193
GET /assets/images/footer/Google%20play.png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7609
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Dec 2022 05:00:16 GMT
etag: "7c1b5c7a30992d96b575b3bfa9ba0c5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rjZnBWsl8vj9DcoG_qaMLnTLjqoUGSCL5aeUz-JoEfGpWh3Ld_LCYA==
age: 66283
X-Firefox-Spdy: h2
chat-support-marketing66.herokuapp.com/support_chat?appname=HOTVPN
54.78.134.111200 OK 26 kB URL HTTP/1.1 chat-support-marketing66.herokuapp.com/support_chat?appname=HOTVPN
IP 54.78.134.111:0
File type Unicode text, UTF-8 text, with very long lines (531)
Hash ff348d5bb9fde0d3b526d41932a6e437
bcf76e89851371cae04ee183032bc0c6a92b73f3
0187aa29ff8453d226cbbb6a9687502c80c0c580fff1cc4a2cc51abbeacbba19
GET /support_chat?appname=HOTVPN HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 06 Oct 2022 13:42:38 GMT
Etag: W/"6431-183ad88a8b0"
Content-Type: application/javascript; charset=UTF-8
Content-Length: 25649
Date: Tue, 20 Dec 2022 23:24:58 GMT
Via: 1.1 vegur
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash eadadfec0a65bce69128230cfa49f936
1ae7fbb4969315fc2d13cf0a63d1909c499147db
bbd8831dd832214747d09faca8a7092b1e72dbaec35ee513bf6663caaea3e488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hotvpn.io/assets/images/what-is-a-vpn/white/ios.png
54.230.111.23200 OK 1.8 kB URL HTTP/2 hotvpn.io/assets/images/what-is-a-vpn/white/ios.png
IP 54.230.111.23:0
File type PNG image data, 61 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 7029ed636afabeb9f2cc0e9008700001
5401e27e72dfc23090d40baa4f7da4b674054b8c
86fdf40d31ae2af39762ea99c44c14c2c6ed2abc48e398df780ff96e2d654076
GET /assets/images/what-is-a-vpn/white/ios.png HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1783
date: Tue, 20 Dec 2022 23:24:59 GMT
last-modified: Thu, 17 Nov 2022 14:11:17 GMT
etag: "7029ed636afabeb9f2cc0e9008700001"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8siCeRN8Bxaw7mAU2XzDgiDe0I0uTkPoQl6Vkwq1IJhKW9mnaKlzqA==
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css
151.101.193.229200 OK 1.4 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css
IP 151.101.193.229:0
Hash fbdd85becd10bb9d59a846207231e66f
7599b27238324cf9f7b5c80f0c8a1c0281dab692
0c1f232e01f6aa689b4935b81f6a9d37a6c11e27283f08754ed7d9f894df6aa3
GET /npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.0-beta1
x-jsd-version-type: version
etag: W/"2f3f9-YnOsGiPXmhIvAi9qh8W3XCz6/Do"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 20 Dec 2022 23:24:57 GMT
age: 16403438
x-served-by: cache-fra19143-FRA, cache-bma1653-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 27328
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash eadadfec0a65bce69128230cfa49f936
1ae7fbb4969315fc2d13cf0a63d1909c499147db
bbd8831dd832214747d09faca8a7092b1e72dbaec35ee513bf6663caaea3e488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hotvpn.io/assets/images/header/grey/apple.svg
54.230.111.23200 OK 31 kB URL HTTP/2 hotvpn.io/assets/images/header/grey/apple.svg
IP 54.230.111.23:0
Hash 81bed11f827b3189eda4a252583ee526
2fbd0f5f87f0556f723867fb176d7db1b4b5ed79
643072c81c44681036ee9a1f5c4c6129b22c8b26e51e8fdd2d0693caf2cf0efe
GET /assets/images/header/grey/apple.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Dec 2022 23:24:58 GMT
etag: W/"b7c88f903c82ea8d72656119c81e423f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AcJ8Jz8q4hnYgwmlrqFTSIOC7QA_EQJWlCbjpLI350Y56jxa19xlZg==
age: 31146
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash eadadfec0a65bce69128230cfa49f936
1ae7fbb4969315fc2d13cf0a63d1909c499147db
bbd8831dd832214747d09faca8a7092b1e72dbaec35ee513bf6663caaea3e488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13924
Expires: Wed, 21 Dec 2022 03:17:02 GMT
Date: Tue, 20 Dec 2022 23:24:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13924
Expires: Wed, 21 Dec 2022 03:17:02 GMT
Date: Tue, 20 Dec 2022 23:24:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13924
Expires: Wed, 21 Dec 2022 03:17:02 GMT
Date: Tue, 20 Dec 2022 23:24:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13924
Expires: Wed, 21 Dec 2022 03:17:02 GMT
Date: Tue, 20 Dec 2022 23:24:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25a093de-42e4-4a82-ae88-ffa4606c2565.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25a093de-42e4-4a82-ae88-ffa4606c2565.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ee781b4dac0e5f31cad54166a2bf7ae
a5357119d272bbe12c5b04ce485adde44baab79e
888def1ab766561e373c83c6e9479a0ac0a8644f92bcf02ebf4cd110d0f53579
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25a093de-42e4-4a82-ae88-ffa4606c2565.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6809
x-amzn-requestid: 392b7c42-81b7-4ab8-84bc-e2bc48eb6c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dX5RAE19oAMFVKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639fd59f-78738e5d7cec75db6ccc5507;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 03:08:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: khJQIYa8pgVvRmBe4gdU5a8InsztW9pdj0wBDk7Ih-W4wJjNJm-GTg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 04:47:22 GMT
age: 67056
etag: "a5357119d272bbe12c5b04ce485adde44baab79e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13924
Expires: Wed, 21 Dec 2022 03:17:02 GMT
Date: Tue, 20 Dec 2022 23:24:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4aa7e9e3fe28e9c401786f7415171f7
8482a47175ff105957d640269bc14ee1fbc97448
2215ff2537f927e2baf4f713fc947afefc83b416719113ce516aa00f2a4e0708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 4fb9a698-c429-49e1-a2c5-b9388f03b044
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: daGQIEuSoAMFnBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0b733-53b8088f0d8863f813b9967e;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 19:10:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: MiX_AJgXGldkYjkeHO1OUPzraljox6v7B1M54cJPBdmfUZ7QETowOw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:55:36 GMT
age: 5362
etag: "8482a47175ff105957d640269bc14ee1fbc97448"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda2ee895-fc83-4df7-99f1-2bbc9cf77c8b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda2ee895-fc83-4df7-99f1-2bbc9cf77c8b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b67d0976563ea9460d94e27ff920f9da
f1998577eb3bc2214f195f72a8a1b4ad8aa6bc92
c7ec3c4b87b700796008690562a6033481a7ad826fb2f45875cd6add06189568
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda2ee895-fc83-4df7-99f1-2bbc9cf77c8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10154
x-amzn-requestid: f317432b-7dda-439b-bc02-9c76412e9de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ddt_DGlfoAMF5Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a229f9-13a5af4c477a1019544222f4;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 21:32:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hmIpamyZaOLQ8eQrYQBFhpOuRUVo-QDZJHVaPq0Pv7FGpRMIOTAOmw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:54:39 GMT
age: 5419
etag: "f1998577eb3bc2214f195f72a8a1b4ad8aa6bc92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45b5057a-7f1e-4401-a991-6c35e54140aa.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45b5057a-7f1e-4401-a991-6c35e54140aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b63f37d9455ec0fdeb46d628b1cef90
1d0384cf30a2b1e7ad5748f4ec820b432b0bb1af
196b899e4776dad86a6e2b7a82fb583194389c950e4ae4fd41e0ebda40a133ca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45b5057a-7f1e-4401-a991-6c35e54140aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9447
x-amzn-requestid: c76e38ad-4a6e-4fde-89ba-451fb9755dcb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dX5QpGXmIAMF59g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639fd59d-5e63bdd969ff01ff1d08d096;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 03:08:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ra-tbuwEx2ZzQXldz7E32wXM8y3j5_o0DKUGMWiQhXarRQpqfUxEvA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 04:47:22 GMT
age: 67056
etag: "1d0384cf30a2b1e7ad5748f4ec820b432b0bb1af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ccd69f0-2174-4a60-b9c2-46141742ba9c.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ccd69f0-2174-4a60-b9c2-46141742ba9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 685a370dbd8daf59af56aa50cdcb06f0
45ff61e7536301bd2914808309827c6b75169f91
eaee830f130a76af7ed96519ede5a2fb08283ccbf619c61b11453c74c1b676a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ccd69f0-2174-4a60-b9c2-46141742ba9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5905
x-amzn-requestid: b5654aab-2736-4b70-9321-562a3bf004d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ddt_BHfroAMFZKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a229f9-0774a1eb6edcfa2d24433abe;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 21:32:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 4eUIbaroq9s9LGbZqtjwHY0AW99CUWE5MuyzdTnNNYOIn6o3ixYmdA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d15b6a95f7c8298444f59a99d8027cec.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:37:22 GMT
age: 6456
etag: "45ff61e7536301bd2914808309827c6b75169f91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hotvpn.io/assets/images/flag.svg
54.230.111.23200 OK 9.6 kB URL HTTP/2 hotvpn.io/assets/images/flag.svg
IP 54.230.111.23:0
Hash d9ed38bb448b72050fd3224a2c0409e4
c59f6c0593257ce225e02da82ccbe99a83e4c79b
b92f1941a0617ba3eaf8cafc3d2e656db0820b4af8c3b985aa72b3b4c15d297d
GET /assets/images/flag.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 20 Dec 2022 01:57:03 GMT
last-modified: Thu, 17 Nov 2022 14:11:02 GMT
etag: W/"570be0d1dfc23a7f8a153ef581fcffaf"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9DiPabZKzsdvFffr7eEHuekjsdSYgmknRb7FVuGE8DIVszvFRPItQg==
age: 77276
X-Firefox-Spdy: h2
www.paypalobjects.com/muse/muse.js
151.101.2.133200 OK 16 kB URL HTTP/2 www.paypalobjects.com/muse/muse.js
IP 151.101.2.133:0
File type ASCII text, with very long lines (55891)
Hash 6aebbe482c72000aea20895991f70478
eff1d3370786f9ee4ea539776bc43ab9bece89ba
2acb950bc7678b9e6c265194821fac386bf555db582ee8c0e2d9e68ff3eaa862
GET /muse/muse.js HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: application/javascript
etag: W/"6271663d-da91"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 84840867de170
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 20 Dec 2022 23:24:58 GMT
x-served-by: cache-sjc10029-SJC, cache-bma1630-BMA
x-cache: HIT, HIT
x-cache-hits: 2, 110773
x-timer: S1671578699.667533,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 16464
X-Firefox-Spdy: h2
t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AHWS36JWC6K8UJ-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AHWS36JWC6K8UJ-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=02852b0b-5823-4148-a6f5-931ea32a1ad1&fltp=analytics&mrid=HWS36JWC6K8UJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1671578709635&g=0&completeurl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1
151.101.193.35200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AHWS36JWC6K8UJ-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AHWS36JWC6K8UJ-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=02852b0b-5823-4148-a6f5-931ea32a1ad1&fltp=analytics&mrid=HWS36JWC6K8UJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1671578709635&g=0&completeurl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1
IP 151.101.193.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Athird-party%3Aanalytics-xo%3A%3AHWS36JWC6K8UJ-1&page=muse%3Athird-party%3Aanalytics-xo%3A%3AHWS36JWC6K8UJ-1%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=02852b0b-5823-4148-a6f5-931ea32a1ad1&fltp=analytics&mrid=HWS36JWC6K8UJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&flag_consume=yes&pt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1671578709635&g=0&completeurl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1 HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Cookie: tsrce=clientsdknodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Tue, 20 Dec 2022 23:24:58 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: d1a5d17c77ac3
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1766273098%26vteXpYrS%3D1671580498%26vr%3D31dac40f1850a8a391b1d9fdffffffff%26vt%3D31dac40f1850a8a391b1d9fdfffffffe; Expires=Sat, 20 Dec 2025 23:24:58 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D31dac40f1850a8a391b1d9fdffffffff%26vt%3D31dac40f1850a8a391b1d9fdfffffffe; Expires=Sat, 20 Dec 2025 23:24:58 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-0000000000000000000d1a5d17c77ac3-465bbdca3dee0115-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Dec 2022 23:24:58 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220064-HHN, cache-bma1630-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1671578699.682403,VS0,VE163
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
www.paypalobjects.com/muse/analytics/index.html
151.101.2.133200 OK 17 kB URL HTTP/2 www.paypalobjects.com/muse/analytics/index.html
IP 151.101.2.133:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (55410)
Hash 56fc10c2e8100a7e4418dc987c23d7a5
5c11880437f36368f82da60522bfcb0d57b395cf
326df6156907ef357f13bf48a5a3798dd4e692345d04fb4edad8370058d1198a
GET /muse/analytics/index.html HTTP/1.1
Host: www.paypalobjects.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-type: text/html
etag: W/"6271663d-d994"
last-modified: Tue, 03 May 2022 17:28:29 GMT
paypal-debug-id: 50b39f10d2761
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
dc: ccg11-origin-www-1.paypal.com
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Tue, 20 Dec 2022 23:24:58 GMT
x-served-by: cache-sjc10077-SJC, cache-bma1630-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 125683
x-timer: S1671578699.938610,VS0,VE0
vary: Accept-Encoding
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
content-length: 16791
X-Firefox-Spdy: h2
chat-support-marketing66.herokuapp.com/random-conversation-id
54.78.134.111200 OK 35 B URL HTTP/1.1 chat-support-marketing66.herokuapp.com/random-conversation-id
IP 54.78.134.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f7a29de9074b5fe6bdb7700ba12c1685
14bdbe2e077f42797db8e4ebf2fe3e290dc98cb0
0da646af634cbd7bc0baf7ca35d0b0991c96238ecabd974b92eaec599403dd73
GET /random-conversation-id HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Type: application/json; charset=utf-8
Content-Length: 35
Etag: W/"23-FL2+Lgd/Qnl9uOTr8v4+KQ3JjLA"
Date: Tue, 20 Dec 2022 23:24:59 GMT
Via: 1.1 vegur
chat-support-marketing66.herokuapp.com/random-conversation-id
54.78.134.111200 OK 35 B URL HTTP/1.1 chat-support-marketing66.herokuapp.com/random-conversation-id
IP 54.78.134.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f926e261b4df1850cc38f0bdc627bdaf
229c951c2fb0b71f252cf3dbdc7dcf41f44a8107
b89c84d07480eeda90784b0791a44372ceeca2e895aef4e14bfb6565453c9720
GET /random-conversation-id HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Type: application/json; charset=utf-8
Content-Length: 35
Etag: W/"23-IpyVHC+wtx8lLPPb3H3PQfRKgQc"
Date: Tue, 20 Dec 2022 23:24:59 GMT
Via: 1.1 vegur
chat-support-marketing66.herokuapp.com/support_chat_hotvpn.css
54.78.134.111200 OK 8.3 kB URL HTTP/1.1 chat-support-marketing66.herokuapp.com/support_chat_hotvpn.css
IP 54.78.134.111:0
Hash 84516f5cee03e7dd17ae4f0508750657
bac728cb24539d19eab82c86b53451c795bfd6ea
eee446b060475634dceeaea23604a3346c7e6a2635f6bc1303f45c49ccf4a575
GET /support_chat_hotvpn.css HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 06 Oct 2022 13:42:38 GMT
Etag: W/"209d-183ad88a8b0"
Content-Type: text/css; charset=UTF-8
Content-Length: 8349
Date: Tue, 20 Dec 2022 23:24:59 GMT
Via: 1.1 vegur
chat-support-marketing66.herokuapp.com/get_fromsupport_notread?appname=HOTVPN
54.78.134.111200 OK 14 B URL HTTP/1.1 chat-support-marketing66.herokuapp.com/get_fromsupport_notread?appname=HOTVPN
IP 54.78.134.111:0
File type JSON data\012- , ASCII text, with no line terminators
Hash bab3e657fe24918a9dbdaf0512a91690
02756c4d67b7c712c483ad3ca070f8ea04358a88
add4663d52bdb001123f209eea844c0b189322a67fb7d014559efbeee6e72edb
POST /get_fromsupport_notread?appname=HOTVPN HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 29
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Type: application/json; charset=utf-8
Content-Length: 14
Etag: W/"e-AnVsTWe3xxLEg608oHD46gQ1iog"
Date: Tue, 20 Dec 2022 23:24:59 GMT
Via: 1.1 vegur
hotvpn.io/assets/images/flags/svg/NO.svg
54.230.111.23200 OK 340 B URL HTTP/2 hotvpn.io/assets/images/flags/svg/NO.svg
IP 54.230.111.23:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash b884cec9fb2d4762a79626f841796979
33d80190dba81f56da7c543ce33048d3e0137fa0
7c0bbcbb75427a982b1c478b32cf8f6d93405e129f0af424d00d6bf3fd7be367
GET /assets/images/flags/svg/NO.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 340
last-modified: Thu, 17 Nov 2022 14:11:12 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Dec 2022 23:25:00 GMT
etag: "b884cec9fb2d4762a79626f841796979"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2N1vNUA94GJB-3PsU7SCg7C8jNa51x7iwPoo9dv1YrflNXcltVTobw==
X-Firefox-Spdy: h2
chat-support-marketing66.herokuapp.com/socket.io.js
54.78.134.111200 OK 62 kB URL HTTP/1.1 chat-support-marketing66.herokuapp.com/socket.io.js
IP 54.78.134.111:0
File type ASCII text, with very long lines (32031)
Hash ad682b888ad99cbd0a1e17bf68b97204
2c7440696029e79b94a93c4db05c579439691a1e
cabe1f464fc65357a16093c0b3c3f82654e0bb41ddb29e192abc7c6c31030b72
GET /socket.io.js HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 06 Oct 2022 13:42:49 GMT
Etag: W/"f3d5-183ad88d3a8"
Content-Type: application/javascript; charset=UTF-8
Content-Length: 62421
Date: Tue, 20 Dec 2022 23:24:59 GMT
Via: 1.1 vegur
t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AHWS36JWC6K8UJ-1&page=muse%3Aoffer%3A%3A%3AHWS36JWC6K8UJ-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=02852b0b-5823-4148-a6f5-931ea32a1ad1&es=visitorInfoFlowStarted&mrid=HWS36JWC6K8UJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1671578710218&g=0&completeurl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1
151.101.193.35200 OK 42 B URL HTTP/2 t.paypal.com/ts?pgrp=muse%3Aoffer%3A%3A%3AHWS36JWC6K8UJ-1&page=muse%3Aoffer%3A%3A%3AHWS36JWC6K8UJ-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=02852b0b-5823-4148-a6f5-931ea32a1ad1&es=visitorInfoFlowStarted&mrid=HWS36JWC6K8UJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1671578710218&g=0&completeurl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1
IP 151.101.193.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4682377ddfbe4e7dabfddb2e543e842
328e472721a93345801ed5533240eac2d1f8498c
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
GET /ts?pgrp=muse%3Aoffer%3A%3A%3AHWS36JWC6K8UJ-1&page=muse%3Aoffer%3A%3A%3AHWS36JWC6K8UJ-1%3A%3AvisitorInfoFlowStarted%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&item=02852b0b-5823-4148-a6f5-931ea32a1ad1&es=visitorInfoFlowStarted&mrid=HWS36JWC6K8UJ&code=CHECKOUT_BUTTON&partner_name=CHECKOUT_BUTTON&pt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&dh=1024&dw=1280&bh=939&bw=1280&cd=24&sh=1024&sw=1280&v=NA&rosetta_language=en-US%2Cen&e=im&t=1671578710218&g=0&completeurl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1 HTTP/1.1
Host: t.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Cookie: tsrce=clientsdknodeweb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: image/gif
expires: Tue, 20 Dec 2022 23:24:59 GMT
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
paypal-debug-id: 902f6213927c6
pragma: no-cache
set-cookie: ts=vreXpYrS%3D1766273099%26vteXpYrS%3D1671580499%26vr%3D31dac6181850a5b29a24ea99ffffffff%26vt%3D31dac6181850a5b29a24ea99fffffffe; Expires=Sat, 20 Dec 2025 23:24:59 GMT; Domain=.paypal.com; Path=/; Secure; HttpOnly
ts_c=vr%3D31dac6181850a5b29a24ea99ffffffff%26vt%3D31dac6181850a5b29a24ea99fffffffe; Expires=Sat, 20 Dec 2025 23:24:59 GMT; Domain=.paypal.com; Path=/; Secure
traceparent: 00-0000000000000000000902f6213927c6-6a3360275612ac26-01
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
date: Tue, 20 Dec 2022 23:24:59 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn-etou8220092-HHN, cache-bma1630-BMA
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1671578699.164999,VS0,VE200
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-length: 42
X-Firefox-Spdy: h2
www.paypal.com/targeting/graphql
192.229.221.25204 No Content 0 B URL HTTP/2 www.paypal.com/targeting/graphql
IP 192.229.221.25:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /targeting/graphql HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.paypalobjects.com/
Origin: https://www.paypalobjects.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 20 Dec 2022 23:24:59 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: 010a816aa7067
server: ECAcc (lhd/35FA)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Wed, 21 Dec 2022 08:10:55 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 20 Dec 2023 23:24:59 GMT; Secure
x-pp-s=eyJ0IjoiMTY3MTU3ODY5OTM0MCIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
nsid=s%3AcFT7_18xvZH4rrZeMNFNJjpWzZMUvFLx.3kVwbM5UoHHzMCoQbXYQ4x7yAGKvADxXZ5wlELyez7E; Path=/; HttpOnly; Secure
l7_az=dcg14.slc; Path=/; Domain=paypal.com; Expires=Tue, 20 Dec 2022 23:54:59 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1766273099%26vteXpYrS%3D1671580499%26vr%3D31dac63d1850ad04c59ef6aefe9a0a53%26vt%3D31dac63d1850ad04c59ef6aefe9a0a52%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 19 Dec 2025 23:24:59 GMT; HttpOnly; Secure
ts_c=vr%3D31dac63d1850ad04c59ef6aefe9a0a53%26vt%3D31dac63d1850ad04c59ef6aefe9a0a52; Path=/; Domain=paypal.com; Expires=Fri, 19 Dec 2025 23:24:59 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000010a816aa7067-dd5f297bcc7dd5c4-01
vary: Origin, Access-Control-Request-Headers
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb120a816fcf4f6afe7a3aeab18e7bbd
1f15e81595a0b524a2401d5566beaa0b8d4f61e6
cca2f14595c5ba6446c4e522883036fa07e31599909870ad42bc678587b1a91d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3190
Cache-Control: max-age=134197
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:59 GMT
Etag: "63a1a10a-1d7"
Expires: Thu, 22 Dec 2022 12:41:36 GMT
Last-Modified: Tue, 20 Dec 2022 11:48:26 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 20 Dec 2022 22:41:08 GMT
expires: Wed, 21 Dec 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 2631
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 8b26cd4609e2025e51e90573a0fbd6f7
efc2006ae5297ad5ae5e064188b9fba73f6b868f
e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Sqm9ekopiATyb8Jo7ujmDBmnBO6Hq8VI1VIjtcZbqEd8T4EKUWyCc4tq1ZbQ83tNpHYQBqo8N54+qQYh+ED19w==
priority: u=3,i
content-length: 27298
x-fb-trip-id: 1904183273
date: Tue, 20 Dec 2022 23:24:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bb120a816fcf4f6afe7a3aeab18e7bbd
1f15e81595a0b524a2401d5566beaa0b8d4f61e6
cca2f14595c5ba6446c4e522883036fa07e31599909870ad42bc678587b1a91d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3190
Cache-Control: max-age=134197
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:59 GMT
Etag: "63a1a10a-1d7"
Expires: Thu, 22 Dec 2022 12:41:36 GMT
Last-Modified: Tue, 20 Dec 2022 11:48:26 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/852685511/?random=1671578710355&cv=11&fst=1671578710355&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&auid=1441271817.1671578710&rfmt=3&fmt=4
142.250.74.34200 OK 964 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/852685511/?random=1671578710355&cv=11&fst=1671578710355&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&auid=1441271817.1671578710&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2042), with no line terminators
Hash 496edfc5527d84337a82c4e2e7b6bf34
a1682cdcc578e18fd4d9011edbbecd4494a34fe0
225c1099dc7a3b252a879d138ac34439b08eeeebfc047e4d22143c4bbc39ca00
GET /pagead/viewthroughconversion/852685511/?random=1671578710355&cv=11&fst=1671578710355&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&auid=1441271817.1671578710&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 23:24:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 964
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 20-Dec-2022 23:39:59 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/852685511/?random=1671578710339&cv=11&fst=1671578710339&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&auid=1441271817.1671578710&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 930 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/852685511/?random=1671578710339&cv=11&fst=1671578710339&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&auid=1441271817.1671578710&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2011), with no line terminators
Hash 693b6edae98a7e8abbc521c068206fa0
8a2953808a7abea1f12cb907bd7947803c8bbd46
400813dc20c424b7ffb2ad227a67f086551bc1be29ff33add8bc50ccd4e44d74
GET /pagead/viewthroughconversion/852685511/?random=1671578710339&cv=11&fst=1671578710339&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&auid=1441271817.1671578710&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 23:24:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 930
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 20-Dec-2022 23:39:59 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
143.204.55.118200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
IP 143.204.55.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash e0652b84b7b3b650769c759fc520c3f8
0b55d6e28613350c7f41b88f19e726e6751ad03b
94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: I_Fo3NWGhqMWKqG9mF7-Yx3K567iuqrJI1pcLqvJ-_0BHZEFLqeIfQ==
age: 2369693
X-Firefox-Spdy: h2
www.paypal.com/targeting/graphql
192.229.221.25200 OK 291 B URL HTTP/2 www.paypal.com/targeting/graphql
IP 192.229.221.25:0
File type JSON data\012- , ASCII text, with very long lines (434)
Hash 64c3b552746e29ba5a81036f38be76a0
25545fd0573ecfab2e47e9b1b820e585b9183836
3e71b9317612927489a057627f7fece42f8f1d6932f234595a2ece19aa045be2
POST /targeting/graphql HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.paypalobjects.com/
Content-Type: application/json
Origin: https://www.paypalobjects.com
Content-Length: 319
Connection: keep-alive
Cookie: tsrce=clientsdknodeweb
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.paypalobjects.com
access-control-expose-headers: Paypal-Debug-Id
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; img-src 'self' https:; script-src 'nonce-XGnnZ2YoPWtXYE2v9rOYpcw/UDvT6DO3wcq/2pt12ZPS3hYI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' ; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'none'; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com;
content-type: application/json; charset=utf-8
date: Tue, 20 Dec 2022 23:24:59 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"1b3-UPN0yJn6pWokX3uczR+AGCQ35D8"
paypal-debug-id: 0691780838578
server: ECAcc (lhd/35F0)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Wed, 21 Dec 2022 08:10:55 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 20 Dec 2023 23:24:59 GMT; Secure
x-pp-s=eyJ0IjoiMTY3MTU3ODY5OTYxMyIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=targetingnodeweb; Domain=.paypal.com; Path=/; Expires=Fri, 23 Dec 2022 23:24:59 GMT; HttpOnly; Secure; SameSite=None
nsid=s%3AxnkhJPLKGPPcT0IWJ51stAuF_Krz2REe.q1BO11ODlGZPmzvIQZAiV3hIWBimwrjFDha7ht8yfuo; Path=/; HttpOnly; Secure
l7_az=dcg01.phx; Path=/; Domain=paypal.com; Expires=Tue, 20 Dec 2022 23:54:59 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1766273099%26vteXpYrS%3D1671580499%26vr%3D31dac7081850ad009b42e16dfe9a3ede%26vt%3D31dac7081850ad009b42e16dfe9a3edd%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 19 Dec 2025 23:24:59 GMT; HttpOnly; Secure
ts_c=vr%3D31dac7081850ad009b42e16dfe9a3ede%26vt%3D31dac7081850ad009b42e16dfe9a3edd; Path=/; Domain=paypal.com; Expires=Fri, 19 Dec 2025 23:24:59 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000691780838578-4059a2a31cbca377-01
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 291
X-Firefox-Spdy: h2
script.hotjar.com/modules.bc1117deb4413903e9ac.js
143.204.55.40200 OK 69 kB URL HTTP/2 script.hotjar.com/modules.bc1117deb4413903e9ac.js
IP 143.204.55.40:0
File type Unicode text, UTF-8 text, with very long lines (48638)
Hash f13ff1e59c6576e6eab8ec5da41ce435
acf2ec2850862583dc32932161f0c96f5355d089
c0150bde41daff1d7295a1353da9ae05dd3f5f50a5a41a37ec404a3960b7c4bf
GET /modules.bc1117deb4413903e9ac.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68859
date: Fri, 16 Dec 2022 08:10:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "f13ff1e59c6576e6eab8ec5da41ce435"
last-modified: Fri, 16 Dec 2022 08:09:37 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uM1P2IKuvLcF5AYrziLt-0yJeCdiheenEzhAJVhIJ4c0g2cAp2kHhw==
age: 400493
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0b3a38d8057f8c59aa4db5a405d1004c
3c25e79903c1854f482800c6649da26764730a90
910fbf0b154d2cb38f02f87065f7e94f0aa98a11ffd1c87b04eecf80975d4a51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 0b3a38d8057f8c59aa4db5a405d1004c
3c25e79903c1854f482800c6649da26764730a90
910fbf0b154d2cb38f02f87065f7e94f0aa98a11ffd1c87b04eecf80975d4a51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 44d1b97ebc6772b76319806ff504cf27
e7e520951d9f34cfc991932a62b0bd8cf390b1f7
b30398f6056dcc04122b413d78c632ea15df7cff07471850a1603a121efba20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 44d1b97ebc6772b76319806ff504cf27
e7e520951d9f34cfc991932a62b0bd8cf390b1f7
b30398f6056dcc04122b413d78c632ea15df7cff07471850a1603a121efba20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.paypal.com/xoplatform/logger/api/logger
192.229.221.25200 OK 609 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 192.229.221.25:0
File type JSON data\012- , ASCII text, with very long lines (1017), with no line terminators
Hash 742f8d82b05e8b4e8ec2fb5fb40b07e0
9a41f30fbbc01fcfbf867e7634d2d9a7304d09ae
aefd62bca82216225a4c9a9cf1f4703f3c1047264e4c41ce1bf256aa18deec4f
POST /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1460
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://hotvpn.io
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-type: application/json; charset=utf-8
date: Tue, 20 Dec 2022 23:24:59 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"3f9-8xGHrd5Dn4VrT643hOMcfuwXAQA"
paypal-debug-id: 021136658b208
server: ECAcc (lhd/35A6)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 20 Dec 2023 23:24:59 GMT; Secure
LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Wed, 21 Dec 2022 08:10:55 GMT; HttpOnly; Secure
tsrce=loggernodeweb; Max-Age=259199; Domain=.paypal.com; Path=/; Expires=Fri, 23 Dec 2022 23:24:58 GMT; HttpOnly; Secure
x-pp-s=eyJ0IjoiMTY3MTU3ODY5OTY3NSIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Tue, 20 Dec 2022 23:54:59 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1766273099%26vteXpYrS%3D1671580499%26vr%3D31dac76c1850ad009d3a3bfffe9a234b%26vt%3D31dac76c1850ad009d3a3bfffe9a234a%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 19 Dec 2025 23:24:59 GMT; HttpOnly; Secure
ts_c=vr%3D31dac76c1850ad009d3a3bfffe9a234b%26vt%3D31dac76c1850ad009d3a3bfffe9a234a; Path=/; Domain=paypal.com; Expires=Fri, 19 Dec 2025 23:24:59 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000021136658b208-1474795331ba2797-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-ec-security-audit: 403
content-length: 609
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/852685511/?random=1671578710355&cv=11&fst=1671577200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&fmt=3&is_vtc=1&random=297194383&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/852685511/?random=1671578710355&cv=11&fst=1671577200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&fmt=3&is_vtc=1&random=297194383&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/852685511/?random=1671578710355&cv=11&fst=1671577200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&fmt=3&is_vtc=1&random=297194383&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 23:24:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/852685511/?random=1671578710339&cv=11&fst=1671577200000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=429539760&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/852685511/?random=1671578710339&cv=11&fst=1671577200000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=429539760&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/852685511/?random=1671578710339&cv=11&fst=1671577200000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=429539760&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 23:24:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/852685511/?random=1671578710355&cv=11&fst=1671577200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&fmt=3&is_vtc=1&random=297194383&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/852685511/?random=1671578710355&cv=11&fst=1671577200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&fmt=3&is_vtc=1&random=297194383&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/852685511/?random=1671578710355&cv=11&fst=1671577200000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=9b60CImNo9wDEMfly5YD&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&fmt=3&is_vtc=1&random=297194383&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 23:24:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/852685511/?random=1671578710339&cv=11&fst=1671577200000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=429539760&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/852685511/?random=1671578710339&cv=11&fst=1671577200000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=429539760&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/852685511/?random=1671578710339&cv=11&fst=1671577200000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&tiba=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=429539760&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 23:24:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 44d1b97ebc6772b76319806ff504cf27
e7e520951d9f34cfc991932a62b0bd8cf390b1f7
b30398f6056dcc04122b413d78c632ea15df7cff07471850a1603a121efba20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 97216d9347c0d3c1bab297df919688d5
61eca83749fd58d5ce753bf65419435d522c2ce5
7277b81f23f6516aa706c00202e0705421837431095d5b1f7fb0f283ab5736ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 23:24:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-6705X2P2FH>m=2oebu0&_p=1184916361&cid=1850113821.1671578710&ul=en-us&sr=1280x1024&_s=1&sid=1671578710&sct=1&seg=0&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&dt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-6705X2P2FH>m=2oebu0&_p=1184916361&cid=1850113821.1671578710&ul=en-us&sr=1280x1024&_s=1&sid=1671578710&sct=1&seg=0&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&dt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6705X2P2FH>m=2oebu0&_p=1184916361&cid=1850113821.1671578710&ul=en-us&sr=1280x1024&_s=1&sid=1671578710&sct=1&seg=0&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&dt=Hot%20VPN%3A%20Fast%20Secure%20%26%20Private%20Hide%20Your%20IP%20%7C%20Unlock%20Browsers&en=page_view&_fv=1&_nsi=1&_ss=2&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://hotvpn.io
date: Tue, 20 Dec 2022 23:24:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 9a50cfd84054673c0cb31fbbf3bc0213
ca637c63893ac782a0e2eaea8707cc06563acd21
68009ad838f43aad5b0e219a9cd0b2131d9c04e5cadd9280526e7eddb9dc4481
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144787
Date: Tue, 20 Dec 2022 23:25:00 GMT
Etag: "63a1d3d8-1d7"
Expires: Thu, 22 Dec 2022 15:38:07 GMT
Last-Modified: Tue, 20 Dec 2022 15:25:12 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YF15JBJ1lbSO7pkwgZLGQ6ffPw9_yGiG7RJhTqPemur6N2N01P8rhQ==
Age: 775
ws1.hotjar.com/api/v2/client/ws
34.252.149.215101 Switching Protocols 0 B URL HTTP/1.1 ws1.hotjar.com/api/v2/client/ws
IP 34.252.149.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/v2/client/ws HTTP/1.1
Host: ws1.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://hotvpn.io
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nYE2juTNZQ7kf8ECxsXuYg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 20 Dec 2022 23:25:00 GMT
Content-Type: application/octet-stream
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +cYtbjstFgQqeXzQG/cpFdO10kw=
Sec-WebSocket-Extensions: permessage-deflate
www.facebook.com/tr/?id=821702848785505&ev=PageView&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&rl=&if=false&ts=1671578711425&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1671578711424.2119061072&it=1671578710650&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=821702848785505&ev=PageView&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&rl=&if=false&ts=1671578711425&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1671578711424.2119061072&it=1671578710650&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=821702848785505&ev=PageView&dl=https%3A%2F%2Fhotvpn.io%2Flanding-page%3Fpage%3Da1&rl=&if=false&ts=1671578711425&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1671578711424.2119061072&it=1671578710650&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 20 Dec 2022 23:25:00 GMT
X-Firefox-Spdy: h2
chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1671578699031&EIO=3&transport=polling&t=OKnsmJy
54.78.134.111200 OK 103 B URL HTTP/1.1 chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1671578699031&EIO=3&transport=polling&t=OKnsmJy
IP 54.78.134.111:0
File type ASCII text, with no line terminators
Hash 4424e3a4e1e2c38ef1d516da3135119c
d60dc3063d2f1711c58d931b11ad82ee052dcf29
df190d8eed1f0286da2c6d496fff1c437d8ce8036667b1ba13b931627af184f2
GET /socket.io/?conversation_id=1671578699031&EIO=3&transport=polling&t=OKnsmJy HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 103
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hotvpn.io
Set-Cookie: io=cGr3QWDwK86etrPNAAA0; Path=/; HttpOnly
Date: Tue, 20 Dec 2022 23:25:04 GMT
Via: 1.1 vegur
chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1671578699031&EIO=3&transport=polling&t=OKnsmKr&sid=cGr3QWDwK86etrPNAAA0
54.78.134.111200 OK 38 B URL HTTP/1.1 chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1671578699031&EIO=3&transport=polling&t=OKnsmKr&sid=cGr3QWDwK86etrPNAAA0
IP 54.78.134.111:0
File type ASCII text, with no line terminators
Hash a9482f5f2f9c6ce003861662854e78a1
3b15bd2eb60c8be297f2bea9eda897a2b391dc9f
1bb16fbb679f44f5543e23c9ec0791bf3c0342f4d6ed1ad83909a9549fca7670
GET /socket.io/?conversation_id=1671578699031&EIO=3&transport=polling&t=OKnsmKr&sid=cGr3QWDwK86etrPNAAA0 HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 38
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hotvpn.io
Set-Cookie: io=cGr3QWDwK86etrPNAAA0; Path=/; HttpOnly
Date: Tue, 20 Dec 2022 23:25:04 GMT
Via: 1.1 vegur
chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1671578699031&EIO=3&transport=websocket&sid=cGr3QWDwK86etrPNAAA0
54.78.134.111101 Switching Protocols 0 B URL HTTP/1.1 chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1671578699031&EIO=3&transport=websocket&sid=cGr3QWDwK86etrPNAAA0
IP 54.78.134.111:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?conversation_id=1671578699031&EIO=3&transport=websocket&sid=cGr3QWDwK86etrPNAAA0 HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://hotvpn.io
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2j7W05PzjMD9vqLf962hpQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-Websocket-Accept: aFCRSERMwhOiqB5a8jxyFyk4GGQ=
Sec-Websocket-Extensions: permessage-deflate
Via: 1.1 vegur
chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1671578699031&EIO=3&transport=polling&t=OKnsmLt&sid=cGr3QWDwK86etrPNAAA0
54.78.134.111200 OK 3 B URL HTTP/1.1 chat-support-marketing66.herokuapp.com/socket.io/?conversation_id=1671578699031&EIO=3&transport=polling&t=OKnsmLt&sid=cGr3QWDwK86etrPNAAA0
IP 54.78.134.111:0
File type ASCII text, with no line terminators
Hash 9b9065b3ba2c3c87f1e30fdf998d791e
cc471c1ac39e9f79d65111b47de18d7bf187f1ed
62325dfc1fc675255519674da6e2c4aad5f51cc6c3217ed3c6fbf6cabe0d86b0
GET /socket.io/?conversation_id=1671578699031&EIO=3&transport=polling&t=OKnsmLt&sid=cGr3QWDwK86etrPNAAA0 HTTP/1.1
Host: chat-support-marketing66.herokuapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Cowboy
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 3
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hotvpn.io
Set-Cookie: io=cGr3QWDwK86etrPNAAA0; Path=/; HttpOnly
Date: Tue, 20 Dec 2022 23:25:04 GMT
Via: 1.1 vegur
www.paypal.com/xoplatform/logger/api/logger
192.229.221.25200 OK 0 B URL HTTP/2 www.paypal.com/xoplatform/logger/api/logger
IP 192.229.221.25:0
OPTIONS /xoplatform/logger/api/logger HTTP/1.1
Host: www.paypal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotvpn.io/
Origin: https://hotvpn.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://hotvpn.io
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Tue, 20 Dec 2022 23:24:59 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: 08a43b11a6132
server: ECAcc (lhd/35A6)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
set-cookie: LANG=en_US%3BUS; Max-Age=31556; Domain=.paypal.com; Path=/; Expires=Wed, 21 Dec 2022 08:10:55 GMT; HttpOnly; Secure
enforce_policy=ccpa; Max-Age=31536000; Domain=.paypal.com; Path=/; Expires=Wed, 20 Dec 2023 23:24:59 GMT; Secure
x-pp-s=eyJ0IjoiMTY3MTU3ODY5OTQyNyIsImwiOiIwIiwibSI6IjAifQ; Domain=.paypal.com; Path=/; HttpOnly; Secure
tsrce=loggernodeweb; Domain=.paypal.com; Path=/; Expires=Fri, 23 Dec 2022 23:24:59 GMT; HttpOnly; Secure; SameSite=None
l7_az=dcg02.phx; Path=/; Domain=paypal.com; Expires=Tue, 20 Dec 2022 23:54:59 GMT; HttpOnly; Secure
ts=vreXpYrS%3D1766273099%26vteXpYrS%3D1671580499%26vr%3D31dac6841850a7a0933788b1fe71fd97%26vt%3D31dac6841850a7a0933788b1fe71fd96%26vtyp%3Dnew; Path=/; Domain=paypal.com; Expires=Fri, 19 Dec 2025 23:24:59 GMT; HttpOnly; Secure
ts_c=vr%3D31dac6841850a7a0933788b1fe71fd97%26vt%3D31dac6841850a7a0933788b1fe71fd96; Path=/; Domain=paypal.com; Expires=Fri, 19 Dec 2025 23:24:59 GMT; Secure
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000008a43b11a6132-3fd224c778ef9ed2-01
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ws1.hotjar.com/api/v2/sites/879925/recordings/content
34.252.149.215200 OK 0 B URL HTTP/2 ws1.hotjar.com/api/v2/sites/879925/recordings/content
IP 34.252.149.215:0
POST /api/v2/sites/879925/recordings/content HTTP/1.1
Host: ws1.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 159436
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 23:25:00 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
hotvpn.io/assets/images/header/grey/android.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/header/grey/android.svg
IP 54.230.111.23:0
GET /assets/images/header/grey/android.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Dec 2022 23:24:58 GMT
etag: W/"c3e91803247861d5faa3d9021372f906"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: icYiYkKzPTjg7oZvbp7D8ulOdoogrp25H1Jaw2R8H-5NEqmxTj6xeA==
age: 66283
X-Firefox-Spdy: h2
hotvpn.io/assets/video/landing-page.mp4
54.230.111.23206 Partial Content 0 B URL HTTP/2 hotvpn.io/assets/video/landing-page.mp4
IP 54.230.111.23:0
GET /assets/video/landing-page.mp4 HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
content-length: 4968081
date: Tue, 20 Dec 2022 23:24:59 GMT
last-modified: Thu, 17 Nov 2022 14:11:26 GMT
etag: "febc7568007a95362b5e3e31c38cacc4"
accept-ranges: bytes
server: AmazonS3
content-range: bytes 0-4968080/4968081
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Qumu2aV0y6qtBCP_SOb5AchmqHdmllSAvWgTvUb6Cx_aGmS4DOLU-A==
X-Firefox-Spdy: h2
hotvpn.io/landing-page?page=a1
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/landing-page?page=a1
IP 54.230.111.23:0
GET /landing-page?page=a1 HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Dec 2022 23:24:57 GMT
etag: W/"2de5b723aa3dc928e6595d8f7e8b58ee"
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ATxqgEaOKHtDgH7m8FalloxDJJRpn7OdsBhnkZx_oSWdkllEpsLDKg==
age: 41857
X-Firefox-Spdy: h2
unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
104.16.123.175302 Found 0 B URL HTTP/2 unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
IP 104.16.123.175:0
GET /@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 20 Dec 2022 23:24:57 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /@lottiefiles/lottie-player@1.6.2/dist/lottie-player.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GMRXDEDT8KAXAZKS6DTXEY9Y-ams
cf-cache-status: HIT
age: 263
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77cc226a7ca2b51d-OSL
X-Firefox-Spdy: h2
unpkg.com/@lottiefiles/lottie-player@1.6.2/dist/lottie-player.js
104.16.123.175200 OK 0 B URL HTTP/2 unpkg.com/@lottiefiles/lottie-player@1.6.2/dist/lottie-player.js
IP 104.16.123.175:0
GET /@lottiefiles/lottie-player@1.6.2/dist/lottie-player.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotvpn.io/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 20 Dec 2022 23:24:57 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"5987c-IoYnJ/J/l4gDcuN1QzFEDG8Wwsk"
via: 1.1 fly.io
fly-request-id: 01GKP1Z505Q1KCCP7W9KGDF68F-ams
cf-cache-status: HIT
age: 1169851
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 77cc226acce0b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
hotvpn.io/styles.b9a4fa6e7890685a.css
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/styles.b9a4fa6e7890685a.css
IP 54.230.111.23:0
GET /styles.b9a4fa6e7890685a.css HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Dec 2022 23:24:58 GMT
etag: W/"c2ee6588791c454ff9408db24725fe70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KGH0mhVzPyW6Ayp2ZQs_i4gYJrLeVI3XOFMfP2smUgGFBebhOPmAvg==
age: 46313
X-Firefox-Spdy: h2
hotvpn.io/assets/images/footer/instegram.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/footer/instegram.svg
IP 54.230.111.23:0
GET /assets/images/footer/instegram.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Dec 2022 23:24:58 GMT
etag: W/"fda72ebb78bf1ab5b62035060bc5e27a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8qZD7fL_KkOfmh1mijAuGAtQ70tTtDTG6paD_7QZ7C2f22byfgS9Sw==
age: 31146
X-Firefox-Spdy: h2
hotvpn.io/assets/images/page-pricing/trustpilot.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/page-pricing/trustpilot.svg
IP 54.230.111.23:0
GET /assets/images/page-pricing/trustpilot.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 20 Dec 2022 00:06:04 GMT
last-modified: Thu, 17 Nov 2022 14:11:15 GMT
etag: W/"d7262cb1d2838e1bfc3b7941bd9ac7f6"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r7uIFwoAb9-eAr8egpMceAp_X2QPgNB9OeknSN0pk6mhMOHNzT4KYQ==
age: 83935
X-Firefox-Spdy: h2
hotvpn.io/assets/images/stars.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/stars.svg
IP 54.230.111.23:0
GET /assets/images/stars.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:16 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Dec 2022 23:24:58 GMT
etag: W/"02afbfecfe7a31940923b538364e2a86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gpvBFQ5-XdQwDdj5qH5XS4OYIR1lZL35H_LN8E3W2qDH383qrKSAKQ==
age: 77276
X-Firefox-Spdy: h2
hotvpn.io/polyfills.bbb3a18906f94e2a.js
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/polyfills.bbb3a18906f94e2a.js
IP 54.230.111.23:0
GET /polyfills.bbb3a18906f94e2a.js HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Dec 2022 11:47:22 GMT
etag: W/"c1f5d9dca2f41e57c75a633ab34bb597"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J9x42FptmTuWZlztbeh7Mq9COVVNlYN96yqAFDur9-h4FJ4ff3XEKA==
age: 41856
X-Firefox-Spdy: h2
hotvpn.io/assets/images/hotvpn-icon.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/hotvpn-icon.svg
IP 54.230.111.23:0
GET /assets/images/hotvpn-icon.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 17 Nov 2022 14:11:14 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Dec 2022 14:45:53 GMT
etag: W/"5025f7aa8aed5e41a95aaee2f12d795e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -7ZLrPJeokx1Rf2isrFLpUSaJNMREQUkNmI7fYwt5vn0QF7kUiaIHA==
age: 31146
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-879925.js?sv=7
143.204.55.84200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-879925.js?sv=7
IP 143.204.55.84:0
GET /c/hotjar-879925.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Tue, 20 Dec 2022 23:24:59 GMT
cache-control: max-age=60
etag: W/619fceb14fcc5828f35ce7e79463abe7
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: j-ywAwboyB5yH7tvpLyWP4B483JvOlNBbmT1E3Umwbt9SZALhmW0eA==
X-Firefox-Spdy: h2
hotvpn.io/assets/images/trust-pilot-stars.svg
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/assets/images/trust-pilot-stars.svg
IP 54.230.111.23:0
GET /assets/images/trust-pilot-stars.svg HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 20 Dec 2022 07:11:09 GMT
last-modified: Thu, 17 Nov 2022 14:11:16 GMT
etag: W/"bf87087b66c1a7338592085d092fbe63"
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3CBH-RTa9PDJTMrPlROfI9k99EG9FVBb2J1vUb3vX4qeariqjK7rMg==
age: 58430
X-Firefox-Spdy: h2
hotvpn.io/runtime.9f5e0f1c47831410.js
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/runtime.9f5e0f1c47831410.js
IP 54.230.111.23:0
GET /runtime.9f5e0f1c47831410.js HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Dec 2022 20:28:15 GMT
etag: W/"45396769f2ec783c20b8aa7bcce84d47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sCSxXZVSN53Dpa3c4oYIC5nUs0ZVT5oKxNVmEb_V5J_yatwTtb0IJA==
age: 10603
X-Firefox-Spdy: h2
hotvpn.io/main.4557e971c45388af.js
54.230.111.23200 OK 0 B URL HTTP/2 hotvpn.io/main.4557e971c45388af.js
IP 54.230.111.23:0
GET /main.4557e971c45388af.js HTTP/1.1
Host: hotvpn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hotvpn.io/landing-page?page=a1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Thu, 17 Nov 2022 14:11:27 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 20 Dec 2022 23:24:57 GMT
etag: W/"a320ec920f0f95a537590c90e573d89d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iINcGmhBwa5xS3uoiLRUqlpvwQvyRGIoKGCPNasHHN19HBZCIpdfAw==
age: 34959
X-Firefox-Spdy: h2
in.hotjar.com/api/v2/client/sites/879925/visit-data?sv=7
52.49.37.246200 OK 0 B URL HTTP/2 in.hotjar.com/api/v2/client/sites/879925/visit-data?sv=7
IP 52.49.37.246:0
POST /api/v2/client/sites/879925/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://hotvpn.io
Connection: keep-alive
Referer: https://hotvpn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 20 Dec 2022 23:25:00 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2