| lpevest.com/whyevest_v1_af/?partner_id=c1a486dd6c8f128d0be36f669aa221fe&referal_id=35292_453865&affiliate_id=35292&src=https://tdaawl.com/&Aff_id=35292&Banner_id=whyevest_v1_af&clc_id=&crtv=link&chan=&Lp_id=6110&Banner_si=Unavailable&kyw= |  104.21.50.90 | 301 Moved Permanently | 0 B |
URL HTTP/1.1lpevest.com/whyevest_v1_af/?partner_id=c1a486dd6c8f128d0be36f669aa221fe&referal_id=35292_453865&affiliate_id=35292&src=https://tdaawl.com/&Aff_id=35292&Banner_id=whyevest_v1_af&clc_id=&crtv=link&chan=&Lp_id=6110&Banner_si=Unavailable&kyw= IP104.21.50.90:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /whyevest_v1_af/?partner_id=c1a486dd6c8f128d0be36f669aa221fe&referal_id=35292_453865&affiliate_id=35292&src=https://tdaawl.com/&Aff_id=35292&Banner_id=whyevest_v1_af&clc_id=&crtv=link&chan=&Lp_id=6110&Banner_si=Unavailable&kyw= HTTP/1.1
Host: lpevest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 29 Mar 2023 19:43:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 29 Mar 2023 20:43:53 GMT
Location: https://lpevest.com/whyevest_v1_af/?partner_id=c1a486dd6c8f128d0be36f669aa221fe&referal_id=35292_453865&affiliate_id=35292&src=https://tdaawl.com/&Aff_id=35292&Banner_id=whyevest_v1_af&clc_id=&crtv=link&chan=&Lp_id=6110&Banner_si=Unavailable&kyw=
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DX7qpt0LviydIRWn8YZYCoY9ShyKPo9dG2DNgWgWYrQ7f47iXGXVzZN6fmc2ymhENyJE7JwDrSlp4zXaF8310A0wOTjD%2BNCltB9tp9CV0pSRI7hWl4GPUHt5og1lYA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7afa9ab70818b4eb-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash93f633ce30c038eb581544323c5a971e 2f60526cb750c6babccc207f75fb5a8ae6f7598b 0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3226
Expires: Wed, 29 Mar 2023 20:37:39 GMT
Date: Wed, 29 Mar 2023 19:43:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc83d39f350161ed2f5d20dcd68e47c92 2695a888e652cb314f8094cc6073c3364336d272 62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4892
Expires: Wed, 29 Mar 2023 21:05:25 GMT
Date: Wed, 29 Mar 2023 19:43:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc0d9353dc46e88bf564ed464b0b073c7 0b5ce170e7db24267a3ba5b79a48548b1acd2e5b 7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3544
Expires: Wed, 29 Mar 2023 20:42:57 GMT
Date: Wed, 29 Mar 2023 19:43:53 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash4ad6984a756720fbfff47b37a75513a2 355e35258114452af8b9638985ed9d8ef3bf0aca 43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Retry-After, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 19:28:11 GMT
content-type: application/json
age: 942
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashe7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JdS0dqjp6Q07jDFAwMJ06fd0SpXZDlPQCc3WxLs9IjfGYBJpF6J4x7KJXi3Hk+GwSik09XWouPNiwv1I+kUfQA==
x-amz-request-id: W585FSNZMS1CT2DA
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 19:02:37 GMT
age: 2476
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 19:43:53 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashae064c74a3769d42109473ad05d56fb9 d48029ab8568cee6ab7416d3b476ed792d780a56 9852216f395a42f7b4792e852f9f9fa83e07d917a979237d5d7406a1d74edc4f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9852216F395A42F7B4792E852F9F9FA83E07D917A979237D5D7406A1D74EDC4F"
Last-Modified: Wed, 29 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7219
Expires: Wed, 29 Mar 2023 21:44:13 GMT
Date: Wed, 29 Mar 2023 19:43:54 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, ETag, Expires, Alert, Pragma, Content-Type, Retry-After, Last-Modified, Content-Length, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 19:14:36 GMT
age: 1758
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 34.117.65.55 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.117.65.55:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 38oF9eYmiuULuPWPWSlztw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UUYffwUBT02F98S5TMqB5sL91y8=
Date: Wed, 29 Mar 2023 19:43:54 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css | 104.17.25.14 | 200 OK | 3.3 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css IP104.17.25.14:0
File typeASCII text, with very long lines (52592) Hash9266f9107ebcfd5961b230047eb0bb94 082cca30d08963a57887613907e9c397889d3c10 d134df9ecd44a8aa61a0c0f309bc44664472f0555bdb7948021f2ed3b329368c
GET /ajax/libs/animate.css/3.5.2/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 19:43:54 GMT
content-type: text/css; charset=utf-8
content-length: 3279
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d2a-ce35"
last-modified: Mon, 04 May 2020 16:04:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2513825
expires: Mon, 18 Mar 2024 19:43:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bc7ZPe368uiekdGeOffgkgkCUmIuWrAVekq4T4vIe88Vp%2BvfH3sMrQ5HeEwbNm%2BxfKyTPk0st3SFy3nQDaxGMe8iyfPo7cXkm5e8ViEa938bAr4eOAy0GQpC5YDDWCdgX%2FNXA8be"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7afa9abc4c8e1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashd4fd78e1925a923742815feb55c9dab0 1b9fb6bb01a275ea7a74aa4185f39e4640a2c5eb 88bc292164002e5b8c4ea4dd317ff1116051a581997bd74b06d0fb231ea15b0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js | 142.250.74.74 | 200 OK | 33 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js IP142.250.74.74:0
File typeASCII text, with very long lines (32089) Hashbf899cc5ba60c522341e4d712a5246bf 2c92c54c9919c8b81b4e77a97bfd4d8f202e1a6a 4f8b9bf1630c24cf17444ec093052451c370c9371212db74b4bf8b4fd71a2817
GET /ajax/libs/jquery/1.9.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33018
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Mar 2023 18:05:11 GMT
expires: Thu, 28 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 5923
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 13 kB |
IP142.250.74.131:0
File typegzip compressed data, from Unix\012- data Hash0323cb443cf98ebff7573fb18ab99de2 bb1d265a4cf69f0f8daf607b31f3e6df031affce 25bc53dfe0c3e3b6fc0d16e77aec4a8ea995bd8a3d164b709d75761d09c622fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashd4fd78e1925a923742815feb55c9dab0 1b9fb6bb01a275ea7a74aa4185f39e4640a2c5eb 88bc292164002e5b8c4ea4dd317ff1116051a581997bd74b06d0fb231ea15b0c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtm.js?id=GTM-MTMX5FL | 142.250.74.168 | 200 OK | 88 kB |
URL HTTP/2www.googletagmanager.com/gtm.js?id=GTM-MTMX5FL IP142.250.74.168:0
Hash5b8918657dbb47053867d0097e928620 a0d3f005f462ea7128a24a262c2279746e8c7ff6 00410e1ff8f1d142053b3174a7aa6526fc7ba9315969b9fd5974ea61f8e80b8c
GET /gtm.js?id=GTM-MTMX5FL HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 29 Mar 2023 19:43:54 GMT
expires: Wed, 29 Mar 2023 19:43:54 GMT
cache-control: private, max-age=900
last-modified: Wed, 29 Mar 2023 19:11:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 87764
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashf6b3bb903e6f7394985c0ae662919208 ee3cb0fbd0017ed3a001ce195bc0cfa386979567 c6b84721f8ea52808c9884b612ffeaa16fe1e14345d9561135fbcf738a56dd2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| sc-static.net/scevent.min.js | 54.230.82.240 | 200 OK | 13 kB |
URL HTTP/2sc-static.net/scevent.min.js IP54.230.82.240:0
File typeASCII text, with very long lines (31112), with no line terminators Hashced43b482bc1e51ed1bccdc98f089862 3459a7c7ff82b6240b5fc31787365ce633680a50 978404ad8ad5ff756892de874487f8de79bb68bbb9b7c4b137d9f91f6977f8b4
GET /scevent.min.js HTTP/1.1
Host: sc-static.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 13327
server: CloudFront
date: Wed, 29 Mar 2023 19:43:54 GMT
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-headers: Content-Type
cache-control: private, s-maxage=0, max-age=600
set-cookie: X-AB=0d6e407936704bd380072f5891d28b0e;max-age=86400;expires=Thu, 30 Mar 2023 18:45:44 GMT;Path=/scevent.min.js; Secure; SameSite=None
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kugJbhBdd_aur_UYessbiKs2ZY0UD3rTQxpxvmMAKyqvITOTryA3Mg==
X-Firefox-Spdy: h2
|
|
| analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBLP4JJC77UFMFRPVAJG&lib=ttq | 23.36.79.17 | 200 OK | 1.1 kB |
URL HTTP/2analytics.tiktok.com/i18n/pixel/events.js?sdkid=CBLP4JJC77UFMFRPVAJG&lib=ttq IP23.36.79.17:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (2340) Hash7570a217f81eaba1d024a61e5c0a428b f1462ff02163c8132ab380cdb01b5b838ae600a7 2d3a61f0c5dc6ab07b041996e7b25bb249ca7a1cb8e3b0058287bc9acd52a4ac
GET /i18n/pixel/events.js?sdkid=CBLP4JJC77UFMFRPVAJG&lib=ttq HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2023032919435522EBC974265649CFC061
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf60b294eb1ae32bfdb0da8bf1819280156a30c391b9ec3776879db28ff0cda8932f8eed382d291c8f155921d104a252b625227edf5dc9b4fd7fa63036175a45ba83bcd97d7b95a1eca2592fed86870d8b5f
content-encoding: gzip
expires: Wed, 29 Mar 2023 19:43:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 29 Mar 2023 19:43:55 GMT
content-length: 1149
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
set-cookie: _ttp=2Nhb0B593hWXSLAyM4iElisBDIK; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=99
x-origin-response-time: 99,23.36.79.13
x-akamai-request-id: 3ed59da1
X-Firefox-Spdy: h2
|
|
| analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMQ.js | 23.36.79.17 | 200 OK | 69 kB |
URL HTTP/2analytics.tiktok.com/i18n/pixel/static/main.MTU1Nzk2ZDUwMQ.js IP23.36.79.17:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (21931) Hashdd1cc4a63768e501e6640b99c74a3f11 f6ac198395a44044d3f1d238c669c6605f256f7f 232842440ac5ce263a3298eec9a934261ee757e7d7b58af350a83f838e7ef7b7
GET /i18n/pixel/static/main.MTU1Nzk2ZDUwMQ.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Cookie: _ttp=2Nhb0B593hWXSLAyM4iElisBDIK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 20230328150652EEE406CA98E83B7F2BD9
x-tt-trace-host: 01829976ea135057990990cf942c749f54a1e834dc93d04de62c93cc7160eaff5c553ca161abd05a1187edd38b46710410b903b741d2250bc05db393d688e78c3f7699f4d0a325daad00cad702ff1366ee48fce8a8c0549304e7f3d563e0cd98ba
content-encoding: gzip
content-length: 68782
date: Wed, 29 Mar 2023 19:43:55 GMT
x-cache: TCP_MEM_HIT from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 3ed59fff
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash71d8f7c73746c14f00901ac80b49f736 cf1e23697db78cda212ebe10b211d082bdab0a21 a2a3d1f439e80f252ea3f14f529b1292cbb61849330e2b49792c59fc92341833
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2A3D1F439E80F252EA3F14F529B1292CBB61849330E2B49792C59FC92341833"
Last-Modified: Mon, 27 Mar 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16113
Expires: Thu, 30 Mar 2023 00:12:28 GMT
Date: Wed, 29 Mar 2023 19:43:55 GMT
Connection: keep-alive
|
|
| region1.google-analytics.com/g/collect?v=2&tid=G-176144164>m=45je33r0&_p=676769115&cid=953459093.1680119058&ul=en-us&sr=1280x1024&_s=1&sid=1680119058&sct=1&seg=0&dl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&dt=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&en=gtm.js&_fv=1&_nsi=1&_ss=1&ep.event_id=11d906e3-2ec0-4ce7-ad74-39b01c3c623f_1680119057955.1&ep.event_name=gtm.js | 216.239.32.36 | 204 No Content | 14 kB |
URL HTTP/2region1.google-analytics.com/g/collect?v=2&tid=G-176144164>m=45je33r0&_p=676769115&cid=953459093.1680119058&ul=en-us&sr=1280x1024&_s=1&sid=1680119058&sct=1&seg=0&dl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&dt=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&en=gtm.js&_fv=1&_nsi=1&_ss=1&ep.event_id=11d906e3-2ec0-4ce7-ad74-39b01c3c623f_1680119057955.1&ep.event_name=gtm.js IP216.239.32.36:0
File typegzip compressed data, from Unix\012- data Hash84fe926fffec111deb5904931a0aca03 853191c48f29c21eae4ff1cc2a93ba7ec74b195e d36500440db35cda28f96ff5061944b29fbb7a2f5d7da7fb283429d183cf5a3d
POST /g/collect?v=2&tid=G-176144164>m=45je33r0&_p=676769115&cid=953459093.1680119058&ul=en-us&sr=1280x1024&_s=1&sid=1680119058&sct=1&seg=0&dl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&dt=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&en=gtm.js&_fv=1&_nsi=1&_ss=1&ep.event_id=11d906e3-2ec0-4ce7-ad74-39b01c3c623f_1680119057955.1&ep.event_name=gtm.js HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lpevest.com
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://lpevest.com
date: Wed, 29 Mar 2023 19:43:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| analytics.tiktok.com/i18n/pixel/static/identify_08840.js | 23.36.79.17 | 200 OK | 31 kB |
URL HTTP/2analytics.tiktok.com/i18n/pixel/static/identify_08840.js IP23.36.79.17:0 ASN#20940 Akamai International B.V.
File typeASCII text, with very long lines (65536), with no line terminators Hash78f733f814f483e525f0f7c55b37f79e a5c119be218f580b1a38e1b6a1a6cad6777ea47e e1a9766cda0320b4ae76feea994c735a5929e43d58f0a0358076f2fe3ab303de
GET /i18n/pixel/static/identify_08840.js HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Cookie: _ttp=2Nhb0B593hWXSLAyM4iElisBDIK
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2023032815064804B416663BFFED5C08C2
x-tt-trace-host: 015f42ed8b1ee289e45aa447bf148ea1047959cdabfbd59b02dcf698a30296cce37c467f7eb0e37b3ecfa0941033e3ae10c02eed823dea560ac6e1924ff5dbee8d15f0bf45b36fab648d02bad9db789f40ec6d4651f076c2925c2101f549ffe41c
content-encoding: gzip
date: Wed, 29 Mar 2023 19:43:55 GMT
content-length: 30691
x-cache: TCP_MEM_HIT from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=1
x-akamai-request-id: 3ed5a28d
X-Firefox-Spdy: h2
|
|
| ocsp.r2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 471 B |
URL HTTP/1.1ocsp.r2m02.amazontrust.com/ IP54.230.80.227:0
Hashad4b37f1f582fa6f3fc2719e1f5ea1a2 853660983696db914adcf535479553b5e1b1cb76 cba89f089995f851765e64fa75b9cd62825306cda22aede5fe1fa4ef7cda6011
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 29 Mar 2023 19:43:55 GMT
Last-Modified: Wed, 29 Mar 2023 18:45:55 GMT
Server: ECAcc (nya/7993)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: j1X2lPoyWPevWcslhOVT59xIIhYISXpdc2hjQGOWcpWbDd4DdxKYLQ==
Age: 3480
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash71d8f7c73746c14f00901ac80b49f736 cf1e23697db78cda212ebe10b211d082bdab0a21 a2a3d1f439e80f252ea3f14f529b1292cbb61849330e2b49792c59fc92341833
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2A3D1F439E80F252EA3F14F529B1292CBB61849330E2B49792C59FC92341833"
Last-Modified: Mon, 27 Mar 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16113
Expires: Thu, 30 Mar 2023 00:12:28 GMT
Date: Wed, 29 Mar 2023 19:43:55 GMT
Connection: keep-alive
|
|
| ob.robotflowermobile.com/i/2ec062e11ff1c8d7427ff441a149affa.js | 54.230.111.109 | 200 OK | 32 kB |
URL HTTP/2ob.robotflowermobile.com/i/2ec062e11ff1c8d7427ff441a149affa.js IP54.230.111.109:0
File typeUnicode text, UTF-8 text, with very long lines (65530), with no line terminators Hash3b6f73f493fc8264f5a386fed89ddbaa f9b5ea4fa25392aff619b63926d12e23e9cb13da 68d087fdeca11bf2e95b24f3b09f0c1ce16279b0f43971eb030fa57f20769877
GET /i/2ec062e11ff1c8d7427ff441a149affa.js HTTP/1.1
Host: ob.robotflowermobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 32086
content-encoding: gzip
server: Caddy
date: Wed, 29 Mar 2023 08:28:37 GMT
cache-control: max-age=43200
expires: Wed, 29 Mar 2023 20:28:21 GMT
etag: "15979-0OnaVpPwCSoX4+hao4XTfRHTXo8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lUi1X_LlEnWo_H43tC2SUNmZbd8DSyXrmI06xb6E31RYKAWowoeWtQ==
age: 40534
X-Firefox-Spdy: h2
|
|
| analytics.tiktok.com/api/v2/pixel | 23.36.79.17 | 200 OK | 0 B |
URL HTTP/2analytics.tiktok.com/api/v2/pixel IP23.36.79.17:0 ASN#20940 Akamai International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 990
Origin: https://lpevest.com
Connection: keep-alive
Referer: https://lpevest.com/
Cookie: _ttp=2Nhb0B593hWXSLAyM4iElisBDIK
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2023032919435520AD045E6C52FF06E7DD
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf605c931182f530d4a1d60831afa5ad6e86b7c2838a1ae9449639fbc798f272a9b788c01e21848f7bac49b9d46c5f33978630e263657e16d7ae8d6ed7d7d6cf8a80dbc028f3692c33cc75c5c3c5dd9b4d6915301874ebbda1d8e224e0d93fb16789
x-origin-response-time: 40,23.201.31.207
x-akamai-request-id: 41a7af4f.3ed5a337
expires: Wed, 29 Mar 2023 19:43:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 29 Mar 2023 19:43:55 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-cache-remote: TCP_MISS from a23-201-31-207.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=108, origin; dur=40, inner; dur=37
x-parent-response-time: 144,23.36.79.13
X-Firefox-Spdy: h2
|
|
| analytics.tiktok.com/api/v2/pixel | 23.36.79.17 | 200 OK | 0 B |
URL HTTP/2analytics.tiktok.com/api/v2/pixel IP23.36.79.17:0 ASN#20940 Akamai International B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v2/pixel HTTP/1.1
Host: analytics.tiktok.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 987
Origin: https://lpevest.com
Connection: keep-alive
Referer: https://lpevest.com/
Cookie: _ttp=2Nhb0B593hWXSLAyM4iElisBDIK
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2023032919435594CC37B4C7945B04616F
x-tt-trace-host: 016eabbbec2a80a817c88fdee8d986cf605c931182f530d4a1d60831afa5ad6e86625b759f0e3b1d960e79da76bb3e0e75612132315b511b310639802c6c1e83e5215128eb709b7b1347c9cd57be25681cc9a7c5876b305a696c6475a13156af24a448cacc4da566132bcf1845eacbee7d
x-origin-response-time: 53,23.201.31.205
x-akamai-request-id: 55ec4db0.3ed5a327
expires: Wed, 29 Mar 2023 19:43:55 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Wed, 29 Mar 2023 19:43:55 GMT
x-cache: TCP_MISS from a23-36-79-13.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-cache-remote: TCP_MISS from a23-201-31-205.deploy.akamaitechnologies.com (AkamaiGHost/11.0.2.2-47519392) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=152, origin; dur=53, inner; dur=24
x-parent-response-time: 201,23.36.79.13
X-Firefox-Spdy: h2
|
|
| ocsp.sectigo.com/ | 172.64.155.188 | 200 OK | 472 B |
IP172.64.155.188:0
Hash91e266c5db074aa94c9c61681aa5ef9a 8006fbcf653851510413a4446ff0c059d3463ed7 5835165468517cbafdc780ac14d55d1e710ff5377d505ba39c77d70adc6f48d3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 19:43:55 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 29 Mar 2023 01:24:23 GMT
Expires: Wed, 05 Apr 2023 01:24:22 GMT
Etag: "8006fbcf653851510413a4446ff0c059d3463ed7"
Cache-Control: max-age=538226,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7afa9ac4be1bb4fd-OSL
|
|
| ipinfo.io/?token=cc7afc256c9864 | 34.117.59.81 | 200 OK | 714 B |
URL HTTP/2ipinfo.io/?token=cc7afc256c9864 IP34.117.59.81:0
Hash536e8ce818f6a4a96c244b351761e039 95f46dcd09fcb671440a5a51dda7f7fdc3e36939 a12dcfe3a5cd32695d8fc74a5e2de02266e8b499e62b0d5eb6d29684777f4dd7
GET /?token=cc7afc256c9864 HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lpevest.com/
Origin: https://lpevest.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: application/json; charset=utf-8
date: Wed, 29 Mar 2023 19:43:55 GMT
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| mena-evest.pandats-api.io/api/v3/authorization |  35.233.15.205 | 200 OK | 0 B |
URL HTTP/2mena-evest.pandats-api.io/api/v3/authorization IP35.233.15.205:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v3/authorization HTTP/1.1
Host: mena-evest.pandats-api.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lpevest.com/
Origin: https://lpevest.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: *
x-powered-by: panda-new-forex-api
content-type: application/json; charset=utf-8
content-length: 0
date: Wed, 29 Mar 2023 19:43:55 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11183
Expires: Wed, 29 Mar 2023 22:50:18 GMT
Date: Wed, 29 Mar 2023 19:43:55 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash195589ff3c6c50463257f10da16de114 7119aeba010d5c5c224fa544feff6f1761739929 dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11183
Expires: Wed, 29 Mar 2023 22:50:18 GMT
Date: Wed, 29 Mar 2023 19:43:55 GMT
Connection: keep-alive
|
|
| mena-evest.pandats-api.io/api/v3/authorization | 35.233.15.205 | 200 OK | 846 B |
URL HTTP/2mena-evest.pandats-api.io/api/v3/authorization IP35.233.15.205:0
Hash87fdbde249bddb15c33107968bbe7d4c ef717a16f3a3f025e49384ebc210e9a4b0ab129e 3168d8c58ab79c5eb69753472b022c81f6ad0e57c0d46bdf7e5a904f6de1dc6c
POST /api/v3/authorization HTTP/1.1
Host: mena-evest.pandats-api.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lpevest.com/
Content-type: application/json; charset=UTF-8
Origin: https://lpevest.com
Content-Length: 94
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-ratelimit-remaining: 59
x-ratelimit-limit: 60
x-request-id: 6c26082aeb0c49cbd88c0ad5b6d2ff618b2ff4f9-d7650000-289b-449e-b0b2-e4d2bc02cbb9
x-server-time: 2023-03-29T19:43:55+00:00
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: *
x-powered-by: panda-new-forex-api
content-type: application/json; charset=utf-8
date: Wed, 29 Mar 2023 19:43:55 GMT
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashef54a1ed997cc09495edb102ccdf6803 f5637efb37b5eecff77e60e6bcf5f599991f334f fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: FHONNj6M7I5oVTKAKYspq0ZAJMYohURXs5ufSL-r--zCSdjuSvrpSA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 78738
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg | 34.120.237.76 | 200 OK | 7.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashfd1bc71c7e9eed7c086d752ea8b4b992 02a74cf88501d65b3dfcceb5adc79fd93ce785ed a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7605
x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GFPoAMFebQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 2LLHDcPZsSP1XPxH7agC7FhVwQQXfrWq3CEOSz0mBTjGykXxNQIq9Q==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:56:00 GMT
age: 78475
etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png | 34.120.237.76 | 200 OK | 8.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe828b7227de7aa7a7b7c54c96e0cef9a 9a717142ab25dabf9123485ef51ed586662d2a71 0390f8771432de010cc11e11be2e2dfa7c303664858a5b066e66a628a1f3dd66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8553
x-amzn-requestid: 05cb5115-a27b-485a-89fd-670bdb5bb06f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbofHHPIAMFkQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-774bb5d725336b35088e2527;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: NcKs_URb5dFDbkEoCqy2_fjKWneX7mifmEbd5MA5unqkhiPAIH9GPg==
via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:53:29 GMT
age: 78626
etag: "9a717142ab25dabf9123485ef51ed586662d2a71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg | 34.120.237.76 | 200 OK | 6.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash253f48aa7cbf667d52cb37fda10cdb1f e29478b866f90402b48d2b516d01d60a863c9cf9 b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: -XwoHom5AT8j5yHNvfnYQ-9xIqVpsyDffwFM0d_ESJicJvL8pTcABg==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:50:28 GMT
age: 78807
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp | 34.120.237.76 | 200 OK | 6.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashd0a85ec27ed4f7910e26b4ff023ab1fb f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0 fc31409ba6db565d4861a35ee6f74b7436eea5e5169bc1283f63cf6dfdb03764
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6722
x-amzn-requestid: a6de82bd-5b03-4ffd-90dd-9bd03331d123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GG2IAMFuzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-7cb1c8187fe3d2b0283fb3a0;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: y5vKgCZTlgD6ji-loyjRA9cPpJWpdR7yDH60LL0bRa1b8DtG4WsX9g==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 78738
etag: "f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fbdd640-8a87-474c-a4d5-f25e31609f46.jpeg | 34.120.237.76 | 200 OK | 9.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fbdd640-8a87-474c-a4d5-f25e31609f46.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5d389dd69e54e5d7b547a425f9b22ebf 604a65cfc5572c5da9d3fdea795be3942b8d14cb 5beda50c5f20633003e1f939673a6005eca314372e7f8fe0a1d4bb5702ae1712
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fbdd640-8a87-474c-a4d5-f25e31609f46.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9501
x-amzn-requestid: f073f55c-fd49-4b8b-8b9c-026f6a546378
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbunG2VIAMFnQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cc3-32af7701763d0f734f09a05d;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:38:11 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: wyrl1rguCM5LrsEN49aH42bNWc7ht0Je1UeO-dAx6Ujj1kjQgdfGEQ==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 0cf6c59c77f0fff670ae085179adc458.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 11:55:27 GMT
age: 28108
etag: "604a65cfc5572c5da9d3fdea795be3942b8d14cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| obs.robotflowermobile.com/ct?id=11133&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1680119059433&hl=1&op=0&ag=1317291471&rand=946278081259226661096189751265792157625272268112020817826598717167811606129&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDI5NTNdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCw0LDEsMSwxLDAsMSwyLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMiJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCI3LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lUREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxbLTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiZGF0YUxheWVyXCIsXCJnb29nbGVfdGFnX21hbmFnZXJcIixcInBvc3RzY3JpYmVcIixcImdvb2dsZV90YWdfbWFuYWdlcl9leHRlcm5hbFwiLFwiZ29vZ2xlX3RhZ19kYXRhXCIsXCJoalwiLFwiX2hqU2V0dGluZ3NcIixcInNuYXB0clwiLFwiR29vZ2xlQW5hbHl0aWNzT2JqZWN0XCIsXCJnYVwiLFwiR29vZ2xlYlFoQ3NPXCIsXCJ0d3FcIixcImdhR2xvYmFsXCIsXCIkXCIsXCJqUXVlcnlcIixcImpRdWVyeTMyMTAzODQyNzgyOTE1NzQ2NDQxMVwiLFwiaW50bFRlbElucHV0R2xvYmFsc1wiLFwiaW50bFRlbElucHV0XCIsXCJtYWlsXCIsXCJtYWlsRXJyb3JNc2dcIixcIm1haWxFcnJvclwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiZG90cVwiLFwiZmJxXCIsXCJfZmJxXCIsXCJUaWt0b2tBbmFseXRpY3NPYmplY3RcIixcInR0cVwiLFwiaW50bFRlbElucHV0VXRpbHNcIixcImZpcnN0TmFtZVwiLFwiZmlyc3ROYW1lRXJyb3JNc2dcIixcImZpcnN0TmFtZUVycm9yXCIsXCJsYXN0TmFtZVwiLFwibGFzdE5hbWVFcnJvck1zZ1wiLFwibGFzdE5hbWVFcnJvclwiLFwiY29kc1wiLFwidHJhbnNsYXRlXCIsXCJjY1wiLFwiaXBcIixcInNldGxhbmdcIixcImdldFRva2VuXCIsXCJTSEExXCIsXCJyZUVuYWJsZVwiLFwiY2xpZW50X3NyY1wiLFwiUEFSVE5FUl9JRFwiLFwiUEFSVE5FUl9TRUNSRVRfS0VZXCIsXCJUSU1FXCIsXCJjb25jYXRlbmF0ZWRfc3RyaW5nXCIsXCJBS0VZXCIsXCJzY3JvbGxNZVwiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCI5NTM0NTkwOTMuMTY4MDExOTA1OCJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY4MDExOTA1OTM4MywwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMzE1LDAsMTYsMCwwLDI3LDM2MSwtMSwwLCwxNDU5LDIyMzAsMjIzMCJdLFstMzksIltcIjIwMTAwMTAxXCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLFwiMjAxODEwMDEwMDAwMDBcIixudWxsLGZhbHNlLG51bGwsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjM3Il0sWy00MSwiLSJdLFstNDIsIjE3NzAwNTAwODEiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDExMTEwMDEwMCJdLFstNDQsIjAsNSwwLDUiXSxbLTQ1LCI3NTIsMCwwLDcxOSwwLDAsNzYxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIwMTAiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjQ3Mjg4OTc2OFwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNTUsIjEiXSxbImRkYiIsIjEsNywwLDAsMSwyLDAsMCwwLDEsMCwwLDAsMCw0LDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMiwwLDAsMCwyLDAsMCwwLDAsMCwwLDEsMSwyNywwLDE0LDEsMCwxLDAsMCwwLDAsMCJdLFsiYm5jaCIsODZdLFsiYWJuY2giLDg3XV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=HDoiHtHnmx&pto=2278&ver=50&gac=953459093.1680119058&mei=&ap=&duid=1.1680119059.FXKka82oowDPuywL&suid=1.1680119059.6ql9TJCfXO8f0H4n&tuid=1.1680119059.N8559GJVmQ8dnaQi&fbc=->m=W10%3D&it=66%2C1944%2C208&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0 | 50.16.211.97 | 200 OK | 1.4 kB |
URL HTTP/2obs.robotflowermobile.com/ct?id=11133&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1680119059433&hl=1&op=0&ag=1317291471&rand=946278081259226661096189751265792157625272268112020817826598717167811606129&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDI5NTNdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCw0LDEsMSwxLDAsMSwyLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMiJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCI3LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lUREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxbLTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiZGF0YUxheWVyXCIsXCJnb29nbGVfdGFnX21hbmFnZXJcIixcInBvc3RzY3JpYmVcIixcImdvb2dsZV90YWdfbWFuYWdlcl9leHRlcm5hbFwiLFwiZ29vZ2xlX3RhZ19kYXRhXCIsXCJoalwiLFwiX2hqU2V0dGluZ3NcIixcInNuYXB0clwiLFwiR29vZ2xlQW5hbHl0aWNzT2JqZWN0XCIsXCJnYVwiLFwiR29vZ2xlYlFoQ3NPXCIsXCJ0d3FcIixcImdhR2xvYmFsXCIsXCIkXCIsXCJqUXVlcnlcIixcImpRdWVyeTMyMTAzODQyNzgyOTE1NzQ2NDQxMVwiLFwiaW50bFRlbElucHV0R2xvYmFsc1wiLFwiaW50bFRlbElucHV0XCIsXCJtYWlsXCIsXCJtYWlsRXJyb3JNc2dcIixcIm1haWxFcnJvclwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiZG90cVwiLFwiZmJxXCIsXCJfZmJxXCIsXCJUaWt0b2tBbmFseXRpY3NPYmplY3RcIixcInR0cVwiLFwiaW50bFRlbElucHV0VXRpbHNcIixcImZpcnN0TmFtZVwiLFwiZmlyc3ROYW1lRXJyb3JNc2dcIixcImZpcnN0TmFtZUVycm9yXCIsXCJsYXN0TmFtZVwiLFwibGFzdE5hbWVFcnJvck1zZ1wiLFwibGFzdE5hbWVFcnJvclwiLFwiY29kc1wiLFwidHJhbnNsYXRlXCIsXCJjY1wiLFwiaXBcIixcInNldGxhbmdcIixcImdldFRva2VuXCIsXCJTSEExXCIsXCJyZUVuYWJsZVwiLFwiY2xpZW50X3NyY1wiLFwiUEFSVE5FUl9JRFwiLFwiUEFSVE5FUl9TRUNSRVRfS0VZXCIsXCJUSU1FXCIsXCJjb25jYXRlbmF0ZWRfc3RyaW5nXCIsXCJBS0VZXCIsXCJzY3JvbGxNZVwiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCI5NTM0NTkwOTMuMTY4MDExOTA1OCJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY4MDExOTA1OTM4MywwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMzE1LDAsMTYsMCwwLDI3LDM2MSwtMSwwLCwxNDU5LDIyMzAsMjIzMCJdLFstMzksIltcIjIwMTAwMTAxXCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLFwiMjAxODEwMDEwMDAwMDBcIixudWxsLGZhbHNlLG51bGwsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjM3Il0sWy00MSwiLSJdLFstNDIsIjE3NzAwNTAwODEiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDExMTEwMDEwMCJdLFstNDQsIjAsNSwwLDUiXSxbLTQ1LCI3NTIsMCwwLDcxOSwwLDAsNzYxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIwMTAiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjQ3Mjg4OTc2OFwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNTUsIjEiXSxbImRkYiIsIjEsNywwLDAsMSwyLDAsMCwwLDEsMCwwLDAsMCw0LDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMiwwLDAsMCwyLDAsMCwwLDAsMCwwLDEsMSwyNywwLDE0LDEsMCwxLDAsMCwwLDAsMCJdLFsiYm5jaCIsODZdLFsiYWJuY2giLDg3XV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=HDoiHtHnmx&pto=2278&ver=50&gac=953459093.1680119058&mei=&ap=&duid=1.1680119059.FXKka82oowDPuywL&suid=1.1680119059.6ql9TJCfXO8f0H4n&tuid=1.1680119059.N8559GJVmQ8dnaQi&fbc=->m=W10%3D&it=66%2C1944%2C208&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0 IP50.16.211.97:0
File typeASCII text, with very long lines (3957), with no line terminators Hash623f8047fc6f2c4ae2560533d9297bed b256e08e8d1a3a2dcd33bc3d99b42f11792b3eaa 784af6c494ecc47ffdf1a88b7a8573973b1cbe56f80be1c7c46539e333b6053c
GET /ct?id=11133&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1680119059433&hl=1&op=0&ag=1317291471&rand=946278081259226661096189751265792157625272268112020817826598717167811606129&fs=1280x939&fst=1280x939&np=linux%20x86_64&nv=&ref=&ss=1280x1024&nc=0&at=&di=W1siZWYiLDI5NTNdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFsiY2IiLCIwLDAsMCwwLDAsMCwwLDAsMCw0LDEsMSwxLDAsMSwyLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwxLDAsMiJdLFstMSwiTGludXggeDg2XzY0Il0sWy0yLCI3LElMSFlMQjlCTFRhMkpxUWczRm9lZWwyd1liRTJvZ0JJS0o2Y1IwMDBNSkhRd1lUREdZYWh2M3V0NzFWcFhSOU84K001clZTS3Mxa1BCZS8vOTlzblZKR3BVZFBmZHp6bjNPZmMiXSxbLTMsIltdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3XCI6W1wiMFwiLFwiZGF0YUxheWVyXCIsXCJnb29nbGVfdGFnX21hbmFnZXJcIixcInBvc3RzY3JpYmVcIixcImdvb2dsZV90YWdfbWFuYWdlcl9leHRlcm5hbFwiLFwiZ29vZ2xlX3RhZ19kYXRhXCIsXCJoalwiLFwiX2hqU2V0dGluZ3NcIixcInNuYXB0clwiLFwiR29vZ2xlQW5hbHl0aWNzT2JqZWN0XCIsXCJnYVwiLFwiR29vZ2xlYlFoQ3NPXCIsXCJ0d3FcIixcImdhR2xvYmFsXCIsXCIkXCIsXCJqUXVlcnlcIixcImpRdWVyeTMyMTAzODQyNzgyOTE1NzQ2NDQxMVwiLFwiaW50bFRlbElucHV0R2xvYmFsc1wiLFwiaW50bFRlbElucHV0XCIsXCJtYWlsXCIsXCJtYWlsRXJyb3JNc2dcIixcIm1haWxFcnJvclwiLFwiTm90aWZ5UGFpbnRFdmVudFwiLFwiZG90cVwiLFwiZmJxXCIsXCJfZmJxXCIsXCJUaWt0b2tBbmFseXRpY3NPYmplY3RcIixcInR0cVwiLFwiaW50bFRlbElucHV0VXRpbHNcIixcImZpcnN0TmFtZVwiLFwiZmlyc3ROYW1lRXJyb3JNc2dcIixcImZpcnN0TmFtZUVycm9yXCIsXCJsYXN0TmFtZVwiLFwibGFzdE5hbWVFcnJvck1zZ1wiLFwibGFzdE5hbWVFcnJvclwiLFwiY29kc1wiLFwidHJhbnNsYXRlXCIsXCJjY1wiLFwiaXBcIixcInNldGxhbmdcIixcImdldFRva2VuXCIsXCJTSEExXCIsXCJyZUVuYWJsZVwiLFwiY2xpZW50X3NyY1wiLFwiUEFSVE5FUl9JRFwiLFwiUEFSVE5FUl9TRUNSRVRfS0VZXCIsXCJUSU1FXCIsXCJjb25jYXRlbmF0ZWRfc3RyaW5nXCIsXCJBS0VZXCIsXCJzY3JvbGxNZVwiXSxcIm5cIjpbXSxcImRcIjpbXX0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwiXCJ1bnNwZWNpZmllZFwiIl0sWy0xMywiLSJdLFstMTQsIi0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjE2Il0sWy0xOCwiWzEsMCwwLDBdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEsMjQsMjQsXCItXCIsMTI4MCwxMDAyLDEyODAsMTAyNCwxMjgwLDEwMjQsMTI4MCw5MzksMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCI5NTM0NTkwOTMuMTY4MDExOTA1OCJdLFstMjEsIi0iXSxbLTIyLCJbXCJuXCIsXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIi0iXSxbLTI3LCItIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTI5LCItIl0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCIwIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY4MDExOTA1OTM4MywwXSJdLFstMzYsIltcIjUvNFwiLFwiNS80XCJdIl0sWy0zNywiLSJdLFstMzgsImksLTEsLTEsMzE1LDAsMTYsMCwwLDI3LDM2MSwtMSwwLCwxNDU5LDIyMzAsMjIzMCJdLFstMzksIltcIjIwMTAwMTAxXCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLFwiMjAxODEwMDEwMDAwMDBcIixudWxsLGZhbHNlLG51bGwsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjM3Il0sWy00MSwiLSJdLFstNDIsIjE3NzAwNTAwODEiXSxbLTQzLCIwMDAwMDAwMTAwMDAwMDAwMDExMTEwMDEwMCJdLFstNDQsIjAsNSwwLDUiXSxbLTQ1LCI3NTIsMCwwLDcxOSwwLDAsNzYxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAiXSxbLTQ2LCIwIl0sWy00NywiVVRDLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbLTUwLCItIl0sWy01MSwiLSJdLFstNTIsIi0iXSxbLTUzLCIwMTAiXSxbLTU0LCJ7XCJoXCI6W1wiXzNcIixcIjQ3Mjg4OTc2OFwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNTUsIjEiXSxbImRkYiIsIjEsNywwLDAsMSwyLDAsMCwwLDEsMCwwLDAsMCw0LDAsMSwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMiwwLDAsMCwyLDAsMCwwLDAsMCwwLDEsMSwyNywwLDE0LDEsMCwxLDAsMCwwLDAsMCJdLFsiYm5jaCIsODZdLFsiYWJuY2giLDg3XV0%3D&dep=0&pre=0&sdd=%7B%7D&cri=HDoiHtHnmx&pto=2278&ver=50&gac=953459093.1680119058&mei=&ap=&duid=1.1680119059.FXKka82oowDPuywL&suid=1.1680119059.6ql9TJCfXO8f0H4n&tuid=1.1680119059.N8559GJVmQ8dnaQi&fbc=->m=W10%3D&it=66%2C1944%2C208&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0 HTTP/1.1
Host: obs.robotflowermobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/javascript
date: Wed, 29 Mar 2023 19:43:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
set-cookie: cg_uuid=03af0ab54e0d4d49999c07d2d36cf213; Max-Age=29030400; Path=/; Expires=Wed, 28 Feb 2024 19:43:56 GMT; HttpOnly; Secure; SameSite=None
content-length: 1392
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 142.250.74.142 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP142.250.74.142:0
File typeASCII text, with very long lines (1490) Hashca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 29 Mar 2023 18:05:11 GMT
expires: Wed, 29 Mar 2023 20:05:11 GMT
cache-control: public, max-age=7200
age: 5925
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| static.ads-twitter.com/uwt.js |  151.101.244.157 | 200 OK | 92 kB |
URL HTTP/2static.ads-twitter.com/uwt.js IP151.101.244.157:0
File typeOpenType font data\012- data Hashf095d0a16fd70bdb236f2b8495fca379 3f0f6a9686b710a8a018150fa681c3b1e22dcb60 684c1e32b87895efc896229813fb4a862fedf1f966e7c7ca7caf6bed9a10d4c7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption: AES256
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Wed, 29 Mar 2023 19:43:56 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash6674c1bff1cd533fa4a8992632d6d4e3 a2ca2162800e1401ac9a13d854faaa022997d823 c8a170da75fab65dd94c351514fc9304c9ea3b3682334607b65700b91f895201
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| obs.robotflowermobile.com/tracker/tc_imp.gif?e=37dfbd8ee84e001362eec634e347899b9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f108c6e2417071a10acf9f29f674981d2df077d6d1efa2d7750836fdb6bce0d3956239406020b36020c90bc6a4c77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2d1678510aa58b7a327402f1fb4e2c8ba2f47ac1e75a744825afa7f194ce74eccfc248b5038e523967cff488f0b46882d6f033d3774e92f3d6334456a2273aebd40a37b185e433d74faa00e7c75cad09caa02e92273ad6c8659c3bc59087aadbe2b0187bf227b0efae2f023cead26198e042e1104507815b5c8c81809891af81378c3ad79ab2987be0417032db297cc4cfc1737187b929ff56a39049927ca176415d53f13db9528d90fe24e8c329d71db885cacd759f010920eb5817506b4732c6a16cf901f7c88319ae983aacc77c81d2adde7e83bce04f5b758eb64b4ec0b01d5d13e2d1f667cb6bccfc0fb3b341eb28ad27c6119052daf465994131b7f6c33832291c434552081aace08d6cc470e61b10166b97f716d2fd465db8e986e6ed3e9eb8f2a7cfbfa2e3575d68ae558cb7457cc1163458883d4f7b6ff778b3644ad0e1d31df572cb37d9b926cfa41fdc2a1d2b241e6e51c996b1997e2e1788125787cfcbe8e8d85917cde8e83c928f3328cace006238bfc88e0765ee78db4d9508bd2d87008c9960a4e367bcdff1868a4d70e6e53867877fa684b3b5179a643417049d684658a3bf4dd9be6796c0ce9610b4d395391c2a55a22fe959b85fd985759533403d5c3c7d7ffd478d873738a57d94e2ac61cbc55f8d6a72a9197c2d9ee1d10f53f0079df54b8b0f335f15fb4f4cc7e69014d94b2cd9c04af5cdd7ed815cdb5b5d2214f37e2557958e0a1de6358384b27be7ace4585d04a6343214168b5209b28be40a108e6377db978640c0d4bfc6475cb235be0e1d2caa134277818e5520d2c4ffc4a0f245f330cd03c93783cb5bd6e7f93725bbd70493e2e1e195b78f926a20d9b17c0ac52d980b814cb5b169bac5ced472ae9495a5aa547195fdf4be1e8346820c533e4e74d8cf7a658d77e05cc99869ee446af067008b6cef926d2de61e306319c3a78374db8c4c282f1670938a90&cri=HDoiHtHnmx&ts=454&cb=1680119059888 | 50.16.211.97 | 200 OK | 43 B |
URL HTTP/2obs.robotflowermobile.com/tracker/tc_imp.gif?e=37dfbd8ee84e001362eec634e347899b9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f108c6e2417071a10acf9f29f674981d2df077d6d1efa2d7750836fdb6bce0d3956239406020b36020c90bc6a4c77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2d1678510aa58b7a327402f1fb4e2c8ba2f47ac1e75a744825afa7f194ce74eccfc248b5038e523967cff488f0b46882d6f033d3774e92f3d6334456a2273aebd40a37b185e433d74faa00e7c75cad09caa02e92273ad6c8659c3bc59087aadbe2b0187bf227b0efae2f023cead26198e042e1104507815b5c8c81809891af81378c3ad79ab2987be0417032db297cc4cfc1737187b929ff56a39049927ca176415d53f13db9528d90fe24e8c329d71db885cacd759f010920eb5817506b4732c6a16cf901f7c88319ae983aacc77c81d2adde7e83bce04f5b758eb64b4ec0b01d5d13e2d1f667cb6bccfc0fb3b341eb28ad27c6119052daf465994131b7f6c33832291c434552081aace08d6cc470e61b10166b97f716d2fd465db8e986e6ed3e9eb8f2a7cfbfa2e3575d68ae558cb7457cc1163458883d4f7b6ff778b3644ad0e1d31df572cb37d9b926cfa41fdc2a1d2b241e6e51c996b1997e2e1788125787cfcbe8e8d85917cde8e83c928f3328cace006238bfc88e0765ee78db4d9508bd2d87008c9960a4e367bcdff1868a4d70e6e53867877fa684b3b5179a643417049d684658a3bf4dd9be6796c0ce9610b4d395391c2a55a22fe959b85fd985759533403d5c3c7d7ffd478d873738a57d94e2ac61cbc55f8d6a72a9197c2d9ee1d10f53f0079df54b8b0f335f15fb4f4cc7e69014d94b2cd9c04af5cdd7ed815cdb5b5d2214f37e2557958e0a1de6358384b27be7ace4585d04a6343214168b5209b28be40a108e6377db978640c0d4bfc6475cb235be0e1d2caa134277818e5520d2c4ffc4a0f245f330cd03c93783cb5bd6e7f93725bbd70493e2e1e195b78f926a20d9b17c0ac52d980b814cb5b169bac5ced472ae9495a5aa547195fdf4be1e8346820c533e4e74d8cf7a658d77e05cc99869ee446af067008b6cef926d2de61e306319c3a78374db8c4c282f1670938a90&cri=HDoiHtHnmx&ts=454&cb=1680119059888 IP50.16.211.97:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashdb04c7b378cb2db912c3ba8a5a774ee3 dee34bd86c3484d31002182aa2b7caa4699126b8 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /tracker/tc_imp.gif?e=37dfbd8ee84e001362eec634e347899b9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5f108c6e2417071a10acf9f29f674981d2df077d6d1efa2d7750836fdb6bce0d3956239406020b36020c90bc6a4c77be26bb25cb43e29a3aee5b6fb2092f6410df57fe5aecd2948a7fe07f52a13ad2a24710d14e681f2d1586d31c64e56ac8bf88b71208fe59f1d329e921c46bcf40e25c7ea8290ee95c400027db0b68acdebcf179ef64fd718940a8116e71b9d637793a7a589513d0df4ca65b7de792b127537a30ca946c75ca92560c2d1678510aa58b7a327402f1fb4e2c8ba2f47ac1e75a744825afa7f194ce74eccfc248b5038e523967cff488f0b46882d6f033d3774e92f3d6334456a2273aebd40a37b185e433d74faa00e7c75cad09caa02e92273ad6c8659c3bc59087aadbe2b0187bf227b0efae2f023cead26198e042e1104507815b5c8c81809891af81378c3ad79ab2987be0417032db297cc4cfc1737187b929ff56a39049927ca176415d53f13db9528d90fe24e8c329d71db885cacd759f010920eb5817506b4732c6a16cf901f7c88319ae983aacc77c81d2adde7e83bce04f5b758eb64b4ec0b01d5d13e2d1f667cb6bccfc0fb3b341eb28ad27c6119052daf465994131b7f6c33832291c434552081aace08d6cc470e61b10166b97f716d2fd465db8e986e6ed3e9eb8f2a7cfbfa2e3575d68ae558cb7457cc1163458883d4f7b6ff778b3644ad0e1d31df572cb37d9b926cfa41fdc2a1d2b241e6e51c996b1997e2e1788125787cfcbe8e8d85917cde8e83c928f3328cace006238bfc88e0765ee78db4d9508bd2d87008c9960a4e367bcdff1868a4d70e6e53867877fa684b3b5179a643417049d684658a3bf4dd9be6796c0ce9610b4d395391c2a55a22fe959b85fd985759533403d5c3c7d7ffd478d873738a57d94e2ac61cbc55f8d6a72a9197c2d9ee1d10f53f0079df54b8b0f335f15fb4f4cc7e69014d94b2cd9c04af5cdd7ed815cdb5b5d2214f37e2557958e0a1de6358384b27be7ace4585d04a6343214168b5209b28be40a108e6377db978640c0d4bfc6475cb235be0e1d2caa134277818e5520d2c4ffc4a0f245f330cd03c93783cb5bd6e7f93725bbd70493e2e1e195b78f926a20d9b17c0ac52d980b814cb5b169bac5ced472ae9495a5aa547195fdf4be1e8346820c533e4e74d8cf7a658d77e05cc99869ee446af067008b6cef926d2de61e306319c3a78374db8c4c282f1670938a90&cri=HDoiHtHnmx&ts=454&cb=1680119059888 HTTP/1.1
Host: obs.robotflowermobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Cookie: cg_uuid=03af0ab54e0d4d49999c07d2d36cf213
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
date: Wed, 29 Mar 2023 19:43:56 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 43
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 471 B |
IP192.229.221.95:0
Hash77328ed8e02ac9cae0792f75595372ef 460d27de6dbe3be07e58336653bdaffd00fb4cd5 da423027e66ef28680522c9e325852f1c0d05c1e18e26c2265a29e6bdf02ad00
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5958
Cache-Control: max-age=101681
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Etag: "642367e7-1d7"
Expires: Thu, 30 Mar 2023 23:58:37 GMT
Last-Modified: Tue, 28 Mar 2023 22:19:19 GMT
Server: ECAcc (ska/F776)
X-Cache: HIT
Content-Length: 471
|
|
| googleads.g.doubleclick.net/pagead/viewthroughconversion/476226312/?random=1680119058332&cv=11&fst=1680119058332&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&hn=www.googleadservices.com&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&auid=1022015176.1680119058&rfmt=3&fmt=4 | 142.250.74.98 | 200 OK | 1.4 kB |
URL HTTP/2googleads.g.doubleclick.net/pagead/viewthroughconversion/476226312/?random=1680119058332&cv=11&fst=1680119058332&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&hn=www.googleadservices.com&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&auid=1022015176.1680119058&rfmt=3&fmt=4 IP142.250.74.98:0
File typeASCII text, with very long lines (3329), with no line terminators Hash76c1a9ce6b47ca070c0f19ac8cb42833 4439addfc600503dae76fea29579ec2e495dd487 fa79d623a2e72e1a44bf661d9d8e45e071be9f9c4550c58f762c19905cbb1ad9
GET /pagead/viewthroughconversion/476226312/?random=1680119058332&cv=11&fst=1680119058332&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&hn=www.googleadservices.com&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&auid=1022015176.1680119058&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1386
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 29-Mar-2023 19:58:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| connect.facebook.net/en_US/fbevents.js |  31.13.72.12 | 200 OK | 28 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP31.13.72.12:0
File typeASCII text, with very long lines (64347) Hash7716e124e19760049484d1bcde4a8af2 51d50c9e9b7fc658c1316d1844418cee0baffa2a fa7968a9a888e1a6dc6ac6126b8edd6e73974c2b0629f669bfb74916f0e7d534
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: yTf/84msLSLAfS+are/MxskHklScG5RYmH3upxC7pEdKepk4zXYe0Co56t+a16uz0of41E/xDCBm0gHKGLGtjQ==
content-length: 27909
x-fb-trip-id: 1904183273
date: Wed, 29 Mar 2023 19:43:56 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| googleads.g.doubleclick.net/pagead/viewthroughconversion/476232846/?random=1680119058330&cv=11&fst=1680119058330&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&hn=www.googleadservices.com&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&auid=1022015176.1680119058&rfmt=3&fmt=4 | 142.250.74.98 | 200 OK | 1.4 kB |
URL HTTP/2googleads.g.doubleclick.net/pagead/viewthroughconversion/476232846/?random=1680119058330&cv=11&fst=1680119058330&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&hn=www.googleadservices.com&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&auid=1022015176.1680119058&rfmt=3&fmt=4 IP142.250.74.98:0
File typeASCII text, with very long lines (3329), with no line terminators Hash2084148c93710c40509baf6a37a00951 18f313e2d068db95d05a25ae35b4d02a649a37f4 cf26fc2e9db83e6de34eb3631eaeeb46c00a13ee2686377ef843ed98a131556b
GET /pagead/viewthroughconversion/476232846/?random=1680119058330&cv=11&fst=1680119058330&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&hn=www.googleadservices.com&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&auid=1022015176.1680119058&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1386
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 29-Mar-2023 19:58:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| script.hotjar.com/modules.3f303823017921c313c7.js | 54.230.111.79 | 200 OK | 69 kB |
URL HTTP/2script.hotjar.com/modules.3f303823017921c313c7.js IP54.230.111.79:0
File typeUnicode text, UTF-8 text, with very long lines (50980) Hashb1bcc4fd7382665a4f4986bf6ddf6294 faee9c8c20398589cffcc5485843d4bd28b02c34 ea7d6cdf2e4047fcaa66af0ec010ed924ba01005eb62cfb48735b5326fc9c851
GET /modules.3f303823017921c313c7.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 69090
date: Tue, 28 Mar 2023 08:51:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "b1bcc4fd7382665a4f4986bf6ddf6294"
last-modified: Tue, 28 Mar 2023 08:50:20 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XcdGUUNKAfYfYZVQ6rj47HAmZ5Vh-2Aff51pQVq5Sfa9o3X9QMpmoQ==
age: 125569
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/j/collect?v=1&_v=j99&a=676769115&t=pageview&_s=1&dl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&ul=en-us&de=UTF-8&dt=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAAABAAAAAC~&jid=1500867549&gjid=797587732&cid=953459093.1680119058&tid=UA-176144164-3&_gid=1152110663.1680119060&_r=1&_slc=1>m=45He33r0n81MTMX5FL&z=1114706919 | 142.250.74.142 | 200 OK | 4 B |
URL HTTP/2www.google-analytics.com/j/collect?v=1&_v=j99&a=676769115&t=pageview&_s=1&dl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&ul=en-us&de=UTF-8&dt=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAAABAAAAAC~&jid=1500867549&gjid=797587732&cid=953459093.1680119058&tid=UA-176144164-3&_gid=1152110663.1680119060&_r=1&_slc=1>m=45He33r0n81MTMX5FL&z=1114706919 IP142.250.74.142:0
File typeASCII text, with no line terminators Hash9e92e190700c1af4539b40c2171320a9 209bcdb79e6067b51091ce8586d4b977f25b67d8 aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=676769115&t=pageview&_s=1&dl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&ul=en-us&de=UTF-8&dt=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YADAAAABAAAAAC~&jid=1500867549&gjid=797587732&cid=953459093.1680119058&tid=UA-176144164-3&_gid=1152110663.1680119060&_r=1&_slc=1>m=45He33r0n81MTMX5FL&z=1114706919 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lpevest.com
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://lpevest.com
date: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 471 B |
IP192.229.221.95:0
Hash77328ed8e02ac9cae0792f75595372ef 460d27de6dbe3be07e58336653bdaffd00fb4cd5 da423027e66ef28680522c9e325852f1c0d05c1e18e26c2265a29e6bdf02ad00
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5985
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Last-Modified: Wed, 29 Mar 2023 18:04:11 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash6674c1bff1cd533fa4a8992632d6d4e3 a2ca2162800e1401ac9a13d854faaa022997d823 c8a170da75fab65dd94c351514fc9304c9ea3b3682334607b65700b91f895201
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| s.yimg.com/wi/config/10145594.json | 188.125.94.206 | 200 OK | 46 B |
URL HTTP/2s.yimg.com/wi/config/10145594.json IP188.125.94.206:0
File typeJSON data\012- , ASCII text, with no line terminators Hashf8bc8e169f18de7ed537398993f4d2af f87305a371c6282893e3f36f3aa8ac83cdb52a2a 7fcba9128faa34147f40528cc8152a1bfb59405a347e808478961294e0d9ff07
GET /wi/config/10145594.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lpevest.com
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: urU5sVGqal2xUCcQhtRISAPlprhKWLRL+Hx5BWb4MoUBA9uQkrDflpbrfn9RrKNiac19K+i1MRc=
x-amz-request-id: SK41D5C25MD9EA5V
date: Tue, 28 Mar 2023 23:14:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Fri, 08 Jul 2022 01:00:25 GMT
x-amz-expiration: expiry-date="Sun, 13 Aug 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
x-amz-server-side-encryption: AES256
x-amz-version-id: QkDkQCp7_dKPjM8K8Sf3W_lEE5M84d_Z
accept-ranges: bytes
content-type: application/json
server: ATS
content-length: 46
referrer-policy: no-referrer-when-downgrade
etag: "f8bc8e169f18de7ed537398993f4d2af"
age: 73771
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 314 B |
IP192.229.221.95:0
Hashb86451da98495dd243a004bfc8316b48 1d7d712f41862b51935fa4b4868a51061f7edf53 415cb9236f0b4c73d618fbe085e416a16eaefaa7365fa3848892c3a6b7afebd2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5701
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Last-Modified: Wed, 29 Mar 2023 18:08:55 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 314
|
|
| t.co/i/adsct?bci=3&eci=2&event_id=06951ee5-d3de-4672-a360-d483315c143d&events=%5B%5B%22signup%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d4aeca2b-45aa-4beb-b2ce-cf2129423f2d&tw_document_href=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o80hv&type=javascript&version=2.3.29 | 104.244.42.5 | 200 OK | 43 B |
URL HTTP/2t.co/i/adsct?bci=3&eci=2&event_id=06951ee5-d3de-4672-a360-d483315c143d&events=%5B%5B%22signup%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d4aeca2b-45aa-4beb-b2ce-cf2129423f2d&tw_document_href=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o80hv&type=javascript&version=2.3.29 IP104.244.42.5:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash377d257f2d2e294916143c069141c1c5 b7cae69682cf31dd670b65088db8395acda6ed3e ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=06951ee5-d3de-4672-a360-d483315c143d&events=%5B%5B%22signup%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d4aeca2b-45aa-4beb-b2ce-cf2129423f2d&tw_document_href=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o80hv&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 19:43:56 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=1ad8fadc-46a3-4ce6-ad54-2117cbcc6ecf; Max-Age=63072000; Expires=Fri, 28 Mar 2025 19:43:56 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: caeba4df443cb82c
strict-transport-security: max-age=0
x-response-time: 106
x-connection-hash: 3c3ac49cdd995e3f3edc44bada507bff1923929e462e1be0cbc212eec80e0bd6
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash9f52e1a56e3580c1bf81562a9df645f8 7c0b65f04f7c1ce3cc65f0ab3207d8d18ba5350b 28f16d1df407bb8bf6b28d978c94a40ea1f151dbc9e4e73493c999d881c3dc25
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashf161a33a46c303fe6941d93b84aa0db4 44f5db5883e92d3ced3250ef1af279ca6cd21ef6 106c024af015f65e48565d3dccc95942ce222f4a7e02de0966751ad6ff129129
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash9f52e1a56e3580c1bf81562a9df645f8 7c0b65f04f7c1ce3cc65f0ab3207d8d18ba5350b 28f16d1df407bb8bf6b28d978c94a40ea1f151dbc9e4e73493c999d881c3dc25
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashf161a33a46c303fe6941d93b84aa0db4 44f5db5883e92d3ced3250ef1af279ca6cd21ef6 106c024af015f65e48565d3dccc95942ce222f4a7e02de0966751ad6ff129129
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash9f52e1a56e3580c1bf81562a9df645f8 7c0b65f04f7c1ce3cc65f0ab3207d8d18ba5350b 28f16d1df407bb8bf6b28d978c94a40ea1f151dbc9e4e73493c999d881c3dc25
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 313 B |
IP192.229.221.95:0
Hash07448b9100fd16e4bb2a8201b878cf42 3fc91f252e50488e854985eee7fecd428782001d c5a1041956341339b23f9daa8d93e9b9f4c3231522d2da84fd2cd423e00dd65e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 719
Cache-Control: max-age=141797
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Etag: "64241912-139"
Expires: Fri, 31 Mar 2023 11:07:13 GMT
Last-Modified: Wed, 29 Mar 2023 10:55:14 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 313
|
|
| www.google.com/pagead/1p-conversion/476232846/?random=1680119060117&cv=11&fst=1680119060117&bg=ffffff&guid=ON&async=1>m=45be33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&label=G3jjCMTBqs8DEI75iuMB&hn=www.google.com&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B>m_ee=1&auid=1022015176.1680119058&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 | 142.250.74.132 | 302 Found | 63 B |
URL HTTP/2www.google.com/pagead/1p-conversion/476232846/?random=1680119060117&cv=11&fst=1680119060117&bg=ffffff&guid=ON&async=1>m=45be33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&label=G3jjCMTBqs8DEI75iuMB&hn=www.google.com&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B>m_ee=1&auid=1022015176.1680119058&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 IP142.250.74.132:0
File typeASCII text, with no line terminators Hash0339f8f57d1bf75003db591e28957e45 ae2286e497c9f76a02cb40c40a674b73bd293b76 609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/476232846/?random=1680119060117&cv=11&fst=1680119060117&bg=ffffff&guid=ON&async=1>m=45be33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&label=G3jjCMTBqs8DEI75iuMB&hn=www.google.com&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B>m_ee=1&auid=1022015176.1680119058&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/476232846/?random=1680119060117&cv=11&fst=1680119060117&bg=ffffff&guid=ON&async=1>m=45be33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&label=G3jjCMTBqs8DEI75iuMB&hn=www.google.com&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B>m_ee=1&auid=1022015176.1680119058&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.no/pagead/1p-user-list/476226312/?random=1680119058332&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&fmt=3&is_vtc=1&random=2195878101&rmt_tld=1&ipr=y | 142.250.74.163 | 200 OK | 42 B |
URL HTTP/2www.google.no/pagead/1p-user-list/476226312/?random=1680119058332&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&fmt=3&is_vtc=1&random=2195878101&rmt_tld=1&ipr=y IP142.250.74.163:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/476226312/?random=1680119058332&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&fmt=3&is_vtc=1&random=2195878101&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/pagead/1p-user-list/476232846/?random=1680119058330&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&fmt=3&is_vtc=1&random=1009926615&rmt_tld=0&ipr=y | 142.250.74.132 | 200 OK | 42 B |
URL HTTP/2www.google.com/pagead/1p-user-list/476232846/?random=1680119058330&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&fmt=3&is_vtc=1&random=1009926615&rmt_tld=0&ipr=y IP142.250.74.132:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/476232846/?random=1680119058330&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&fmt=3&is_vtc=1&random=1009926615&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.no/pagead/1p-user-list/476232846/?random=1680119058330&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&fmt=3&is_vtc=1&random=1009926615&rmt_tld=1&ipr=y | 142.250.74.163 | 200 OK | 42 B |
URL HTTP/2www.google.no/pagead/1p-user-list/476232846/?random=1680119058330&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&fmt=3&is_vtc=1&random=1009926615&rmt_tld=1&ipr=y IP142.250.74.163:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/476232846/?random=1680119058330&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&fmt=3&is_vtc=1&random=1009926615&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| s.yimg.com/wi/ytc.js | 188.125.94.206 | 200 OK | 6.4 kB |
IP188.125.94.206:0
Hash5bb151962ca68dbc216027b1d86a0b2a 2506d7720f5e4e285f644ad0b3511e02bf684c87 529b60ee5b2c55f0906e2d35d2aa22f958bed6affcc5eedf20b452f75046edd7
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Q89z5LN1iyeShzQlqnBfy3Fw3jX65Vof9PYuz3oLGZ0K63k7l/f8gGXtQBeMyxzJuSyCwL0g+Xk=
x-amz-request-id: 86WNH99B5QV5WQG5
date: Wed, 29 Mar 2023 19:34:04 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 593
content-encoding: gzip
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| www.google.com/pagead/1p-user-list/476226312/?random=1680119058332&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&fmt=3&is_vtc=1&random=2195878101&rmt_tld=0&ipr=y | 142.250.74.132 | 200 OK | 42 B |
URL HTTP/2www.google.com/pagead/1p-user-list/476226312/?random=1680119058332&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&fmt=3&is_vtc=1&random=2195878101&rmt_tld=0&ipr=y IP142.250.74.132:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/476226312/?random=1680119058332&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45He33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&fmt=3&is_vtc=1&random=2195878101&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/pagead/1p-user-list/476232846/?random=1680119060105&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45be33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=337826812&rmt_tld=0&ipr=y | 142.250.74.132 | 200 OK | 42 B |
URL HTTP/2www.google.com/pagead/1p-user-list/476232846/?random=1680119060105&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45be33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=337826812&rmt_tld=0&ipr=y IP142.250.74.132:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/476232846/?random=1680119060105&cv=11&fst=1680116400000&bg=ffffff&guid=ON&async=1>m=45be33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=337826812&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-176144164-3&cid=953459093.1680119058&jid=1500867549&gjid=797587732&_gid=1152110663.1680119060&_u=YADAAAAAAAAAAC~&z=1272830052 | 64.233.161.157 | 200 OK | 4 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-176144164-3&cid=953459093.1680119058&jid=1500867549&gjid=797587732&_gid=1152110663.1680119060&_u=YADAAAAAAAAAAC~&z=1272830052 IP64.233.161.157:0
File typeASCII text, with no line terminators Hash48c0473b7821185d937e685216e2168b 3743e47f8a429a5e87b86cb582d78940733d9d2e 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-176144164-3&cid=953459093.1680119058&jid=1500867549&gjid=797587732&_gid=1152110663.1680119060&_u=YADAAAAAAAAAAC~&z=1272830052 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lpevest.com
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://lpevest.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.no/pagead/1p-conversion/476232846/?random=1680119060117&cv=11&fst=1680119060117&bg=ffffff&guid=ON&async=1>m=45be33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&label=G3jjCMTBqs8DEI75iuMB&hn=www.google.com&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B>m_ee=1&auid=1022015176.1680119058&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 | 142.250.74.163 | 200 OK | 63 B |
URL HTTP/2www.google.no/pagead/1p-conversion/476232846/?random=1680119060117&cv=11&fst=1680119060117&bg=ffffff&guid=ON&async=1>m=45be33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&label=G3jjCMTBqs8DEI75iuMB&hn=www.google.com&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B>m_ee=1&auid=1022015176.1680119058&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 IP142.250.74.163:0
File typeASCII text, with no line terminators Hash0339f8f57d1bf75003db591e28957e45 ae2286e497c9f76a02cb40c40a674b73bd293b76 609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/476232846/?random=1680119060117&cv=11&fst=1680119060117&bg=ffffff&guid=ON&async=1>m=45be33r0&u_w=1280&u_h=1024&url=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&label=G3jjCMTBqs8DEI75iuMB&hn=www.google.com&frm=0&tiba=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B>m_ee=1&auid=1022015176.1680119058&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lpevest.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashf161a33a46c303fe6941d93b84aa0db4 44f5db5883e92d3ced3250ef1af279ca6cd21ef6 106c024af015f65e48565d3dccc95942ce222f4a7e02de0966751ad6ff129129
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashdc0cf0275c44e5495e8f323c00b9d588 f7f19e521a439f85915f7582797a060629b879c6 abc856a823e0d89a87f6a4d3b2a48f5dcb99cdd94ce5d3b8cb8d51e665a74c4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-176144164-3&cid=953459093.1680119058&jid=1500867549&_u=YADAAAAAAAAAAC~&z=862547100 | 142.250.74.132 | 200 OK | 42 B |
URL HTTP/2www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-176144164-3&cid=953459093.1680119058&jid=1500867549&_u=YADAAAAAAAAAAC~&z=862547100 IP142.250.74.132:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-176144164-3&cid=953459093.1680119058&jid=1500867549&_u=YADAAAAAAAAAAC~&z=862547100 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-176144164-3&cid=953459093.1680119058&jid=1500867549&_u=YADAAAAAAAAAAC~&z=862547100 | 142.250.74.163 | 200 OK | 42 B |
URL HTTP/2www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-176144164-3&cid=953459093.1680119058&jid=1500867549&_u=YADAAAAAAAAAAC~&z=862547100 IP142.250.74.163:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-176144164-3&cid=953459093.1680119058&jid=1500867549&_u=YADAAAAAAAAAAC~&z=862547100 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash1dae5c4411aebbdbe55cc5627e9e14eb b2f7c6416ab8ccbbab2ba595b1d73a261b15662b 25232ccee86630750360241c79083208b8cc72c492c018015e63ef535b86aa8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.e2m02.amazontrust.com/ | 54.230.80.227 | 200 OK | 279 B |
URL HTTP/1.1ocsp.e2m02.amazontrust.com/ IP54.230.80.227:0
Hash010fd669b5159a01bc017d684681b216 bb023a4d9fd661724a18fd848685a1f25c3d152f 90bf2c138c77dfb1449319c35d9be2e773ca1383c1ee5d833de0d8331414ad70
POST / HTTP/1.1
Host: ocsp.e2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 279
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 29 Mar 2023 19:43:56 GMT
Last-Modified: Wed, 29 Mar 2023 18:18:07 GMT
Server: ECAcc (nya/79E6)
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TVNlx-43rvT2oUV58RaxURvrKp01yz-M-m5JpHN7VFtymDkxVUdGVQ==
Age: 5149
|
|
| analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=06951ee5-d3de-4672-a360-d483315c143d&events=%5B%5B%22signup%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d4aeca2b-45aa-4beb-b2ce-cf2129423f2d&tw_document_href=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o80hv&type=javascript&version=2.3.29 | 104.244.42.67 | 200 OK | 43 B |
URL HTTP/2analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=06951ee5-d3de-4672-a360-d483315c143d&events=%5B%5B%22signup%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d4aeca2b-45aa-4beb-b2ce-cf2129423f2d&tw_document_href=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o80hv&type=javascript&version=2.3.29 IP104.244.42.67:0
File typeGIF image data, version 89a, 1 x 1\012- data Hash377d257f2d2e294916143c069141c1c5 b7cae69682cf31dd670b65088db8395acda6ed3e ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=06951ee5-d3de-4672-a360-d483315c143d&events=%5B%5B%22signup%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=d4aeca2b-45aa-4beb-b2ce-cf2129423f2d&tw_document_href=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o80hv&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 19:43:56 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_3JB6mnY/6bRlqEVFjK2TGQ=="; Max-Age=63072000; Expires=Fri, 28 Mar 2025 19:43:56 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: d92f152bf8ab7334
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: 4a36d5b919462deaf06530cbf6652c156c69826bcc52ee3c9a5957fb913a85c5
X-Firefox-Spdy: h2
|
|
| www.facebook.com/tr/?id=1349446475556247&ev=PageView&dl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&rl=&if=false&ts=1680119060426&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680119060425.1882882249&it=1680119060091&coo=false&rqm=GET | 31.13.72.36 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=1349446475556247&ev=PageView&dl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&rl=&if=false&ts=1680119060426&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680119060425.1882882249&it=1680119060091&coo=false&rqm=GET IP31.13.72.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1349446475556247&ev=PageView&dl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&rl=&if=false&ts=1680119060426&sw=1280&sh=1024&v=2.9.100&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1680119060425.1882882249&it=1680119060091&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 29 Mar 2023 19:43:56 GMT
X-Firefox-Spdy: h2
|
|
| www.facebook.com/tr/?id=1349446475556247&ev=gtm.js&dl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&rl=&if=false&ts=1680119060429&sw=1280&sh=1024&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680119060425.1882882249&it=1680119060091&coo=false&eid=11d906e3-2ec0-4ce7-ad74-39b01c3c623f_1680119057955.1&rqm=GET | 31.13.72.36 | 200 OK | 0 B |
URL HTTP/2www.facebook.com/tr/?id=1349446475556247&ev=gtm.js&dl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&rl=&if=false&ts=1680119060429&sw=1280&sh=1024&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680119060425.1882882249&it=1680119060091&coo=false&eid=11d906e3-2ec0-4ce7-ad74-39b01c3c623f_1680119057955.1&rqm=GET IP31.13.72.36:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1349446475556247&ev=gtm.js&dl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&rl=&if=false&ts=1680119060429&sw=1280&sh=1024&v=2.9.100&r=stable&ec=1&o=30&fbp=fb.1.1680119060425.1882882249&it=1680119060091&coo=false&eid=11d906e3-2ec0-4ce7-ad74-39b01c3c623f_1680119057955.1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 29 Mar 2023 19:43:56 GMT
X-Firefox-Spdy: h2
|
|
| s.yimg.com/wi/config/10184101.json | 188.125.94.206 | 200 OK | 22 B |
URL HTTP/2s.yimg.com/wi/config/10184101.json IP188.125.94.206:0
File typeJSON data\012- , ASCII text, with no line terminators Hash14293ad9ad0ffaf9f7a3acf1b0793b66 718dea6b65b9516e5e33fac53451056397deb255 73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10184101.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lpevest.com
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: M7D3XDC991391A8Y
x-amz-id-2: SRvzGFswdPGc8ta3WDdSZiRE3FD94cz1Iprj8WMFnNUeePgo5NnR4UsKysbkPPa8RhHEDD9NHcuqWDGjV9UBzr+fgA8oqNWYpZTtLLg6ySM=
content-type: application/json
date: Wed, 29 Mar 2023 19:43:55 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 1
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2029%20Mar%202023%2019%3A44%3A20%20GMT&n=0&b=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&.yp=10145594&f=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&enc=UTF-8&yv=1.13.0&tagmgr=gtm |  212.82.100.181 | 200 OK | 43 B |
URL HTTP/2sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2029%20Mar%202023%2019%3A44%3A20%20GMT&n=0&b=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&.yp=10145594&f=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&enc=UTF-8&yv=1.13.0&tagmgr=gtm IP212.82.100.181:0 ASN#34010 Yahoo! UK Services Limited
File typeGIF image data, version 89a, 1 x 1\012- data Hashbff56ce49dd485d195fdfa0a02342568 74fb4071deab7d3ab083562067b735df32c43397 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Wed%2C%2029%20Mar%202023%2019%3A44%3A20%20GMT&n=0&b=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&.yp=10145594&f=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 19:43:56 GMT
expires: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBPyUJGQCEPMhQmHA4hjj8YH9RBAKUxgFEgEBAQHmJWQuZAAAAAAA_eMAAA&S=AQAAAu1GADUD_-tEYUmZfqWWHTk; Expires=Fri, 29 Mar 2024 01:43:56 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
|
|
| sp.analytics.yahoo.com/sp.pl?a=10000&b=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&.yp=10184101&f=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&enc=UTF-8&yv=1.13.0&tagmgr=gtm | 212.82.100.181 | 200 OK | 43 B |
URL HTTP/2sp.analytics.yahoo.com/sp.pl?a=10000&b=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&.yp=10184101&f=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&enc=UTF-8&yv=1.13.0&tagmgr=gtm IP212.82.100.181:0 ASN#34010 Yahoo! UK Services Limited
File typeGIF image data, version 89a, 1 x 1\012- data Hashbff56ce49dd485d195fdfa0a02342568 74fb4071deab7d3ab083562067b735df32c43397 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&b=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&.yp=10184101&f=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&enc=UTF-8&yv=1.13.0&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 19:43:56 GMT
expires: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBPyUJGQCEA7UyY0NM-BCwhjLUA7zUoMFEgEBAQHmJWQuZAAAAAAA_eMAAA&S=AQAAAnyni13njzoM7aog7LUZLDU; Expires=Fri, 29 Mar 2024 01:43:56 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
|
|
| sp.analytics.yahoo.com/sp.pl?a=10000&b=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&.yp=10184101&f=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&enc=UTF-8&yv=1.13.0&et=custom&ea=register&tagmgr=gtm | 212.82.100.181 | 200 OK | 43 B |
URL HTTP/2sp.analytics.yahoo.com/sp.pl?a=10000&b=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&.yp=10184101&f=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&enc=UTF-8&yv=1.13.0&et=custom&ea=register&tagmgr=gtm IP212.82.100.181:0 ASN#34010 Yahoo! UK Services Limited
File typeGIF image data, version 89a, 1 x 1\012- data Hashbff56ce49dd485d195fdfa0a02342568 74fb4071deab7d3ab083562067b735df32c43397 0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&b=%D8%A5%D9%8A%DA%A4%D8%B3%D8%AA%20-%20%D9%88%D8%B3%D9%8A%D8%B7%20%D9%85%D8%B1%D8%AE%D9%91%D8%B5%20%D9%88%20%D9%85%D8%B9%D8%AA%D9%85%D8%AF%20%D9%83%D9%84%D9%8A%D9%91%D8%A7%D9%8B&.yp=10184101&f=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&enc=UTF-8&yv=1.13.0&et=custom&ea=register&tagmgr=gtm HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 19:43:56 GMT
expires: Wed, 29 Mar 2023 19:43:56 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBPyUJGQCEPsgKFsYRvtvul2OlMHbNvcFEgEBAQHmJWQuZAAAAAAA_eMAAA&S=AQAAAoyueNMadXaiylzk4_CNARM; Expires=Fri, 29 Mar 2024 01:43:56 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 471 B |
IP192.229.221.95:0
Hash5b3b1b69280a057786439792600d8c2a 43c759cd1439b8ea383c6d36c2792eaa20f710de 0c482c6e9941b42ff416dad6bed99a36e17363a84e1c0b7a888a9254d310d113
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1929
Cache-Control: max-age=124646
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:56 GMT
Etag: "6423d159-1d7"
Expires: Fri, 31 Mar 2023 06:21:22 GMT
Last-Modified: Wed, 29 Mar 2023 05:49:13 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 471 B |
IP192.229.221.95:0
Hash5b3b1b69280a057786439792600d8c2a 43c759cd1439b8ea383c6d36c2792eaa20f710de 0c482c6e9941b42ff416dad6bed99a36e17363a84e1c0b7a888a9254d310d113
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1934
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:57 GMT
Last-Modified: Wed, 29 Mar 2023 19:11:43 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 471 B |
IP192.229.221.95:0
Hash5b3b1b69280a057786439792600d8c2a 43c759cd1439b8ea383c6d36c2792eaa20f710de 0c482c6e9941b42ff416dad6bed99a36e17363a84e1c0b7a888a9254d310d113
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1930
Cache-Control: max-age=124646
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:57 GMT
Etag: "6423d159-1d7"
Expires: Fri, 31 Mar 2023 06:21:23 GMT
Last-Modified: Wed, 29 Mar 2023 05:49:13 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
|
|
| tr.snapchat.com/cm/i?pid=ee8d5f41-d920-43fd-83a0-11b50e49c57e&u_scsid=e92c6d63-9f67-47d6-b848-cd4ff46168b4&u_sclid=398b7eb5-770a-4169-8290-52e80274dcdf | 35.190.43.134 | 200 OK | 0 B |
URL HTTP/2tr.snapchat.com/cm/i?pid=ee8d5f41-d920-43fd-83a0-11b50e49c57e&u_scsid=e92c6d63-9f67-47d6-b848-cd4ff46168b4&u_sclid=398b7eb5-770a-4169-8290-52e80274dcdf IP35.190.43.134:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/i?pid=ee8d5f41-d920-43fd-83a0-11b50e49c57e&u_scsid=e92c6d63-9f67-47d6-b848-cd4ff46168b4&u_sclid=398b7eb5-770a-4169-8290-52e80274dcdf HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 19:43:57 GMT
content-type: text/html
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 0
x-envoy-upstream-service-time: 0
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| tr.snapchat.com/p?pid=ee8d5f41-d920-43fd-83a0-11b50e49c57e&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&bt=1d53c387&if=false&m_dcl=0&m_pi=0&m_pl=0&m_pv=v2&m_rd=3587&m_sl=1320&rf=&trackId=dcc29b12-9449-4bc7-ad55-0dda26162e87&ts=1680119060742&u_c1=14d7ef57-e622-4cd0-9594-99da85d06953&u_sclid=398b7eb5-770a-4169-8290-52e80274dcdf&u_scsid=e92c6d63-9f67-47d6-b848-cd4ff46168b4&v=2.0.0 | 35.190.43.134 | 200 OK | 68 B |
URL HTTP/2tr.snapchat.com/p?pid=ee8d5f41-d920-43fd-83a0-11b50e49c57e&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&bt=1d53c387&if=false&m_dcl=0&m_pi=0&m_pl=0&m_pv=v2&m_rd=3587&m_sl=1320&rf=&trackId=dcc29b12-9449-4bc7-ad55-0dda26162e87&ts=1680119060742&u_c1=14d7ef57-e622-4cd0-9594-99da85d06953&u_sclid=398b7eb5-770a-4169-8290-52e80274dcdf&u_scsid=e92c6d63-9f67-47d6-b848-cd4ff46168b4&v=2.0.0 IP35.190.43.134:0
File typePNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data Hashc4a2b870062c2bb98c500bc1526c0498 528666ccdb12997358077bc8fcdbfb6b825c7788 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
GET /p?pid=ee8d5f41-d920-43fd-83a0-11b50e49c57e&ev=PAGE_VIEW&intg=gtm&pl=https%3A%2F%2Flpevest.com%2Fwhyevest_v1_af%2F%3Fpartner_id%3Dc1a486dd6c8f128d0be36f669aa221fe%26referal_id%3D35292_453865%26affiliate_id%3D35292%26src%3Dhttps%3A%2F%2Ftdaawl.com%2F%26Aff_id%3D35292%26Banner_id%3Dwhyevest_v1_af%26clc_id%3D%26crtv%3Dlink%26chan%3D%26Lp_id%3D6110%26Banner_si%3DUnavailable%26kyw%3D&bt=1d53c387&if=false&m_dcl=0&m_pi=0&m_pl=0&m_pv=v2&m_rd=3587&m_sl=1320&rf=&trackId=dcc29b12-9449-4bc7-ad55-0dda26162e87&ts=1680119060742&u_c1=14d7ef57-e622-4cd0-9594-99da85d06953&u_sclid=398b7eb5-770a-4169-8290-52e80274dcdf&u_scsid=e92c6d63-9f67-47d6-b848-cd4ff46168b4&v=2.0.0 HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 19:43:57 GMT
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ3AMAgDsIuQkpUSOIdV6xUcPzteHWwdK//CPK8sV19r73hUBDZnGAmysDT4AbLMi7wyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
content-type: image/png
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 68
x-envoy-upstream-service-time: 1
server: API Gateway
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 192.229.221.95 | 200 OK | 471 B |
IP192.229.221.95:0
Hash5b3b1b69280a057786439792600d8c2a 43c759cd1439b8ea383c6d36c2792eaa20f710de 0c482c6e9941b42ff416dad6bed99a36e17363a84e1c0b7a888a9254d310d113
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1148
Cache-Control: max-age=123864
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 19:43:57 GMT
Etag: "6423d159-1d7"
Expires: Fri, 31 Mar 2023 06:08:21 GMT
Last-Modified: Wed, 29 Mar 2023 05:49:13 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
|
|
| obs.robotflowermobile.com/mon | 50.16.211.97 | 200 OK | 0 B |
URL HTTP/2obs.robotflowermobile.com/mon IP50.16.211.97:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.robotflowermobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1933
Origin: https://lpevest.com
Connection: keep-alive
Referer: https://lpevest.com/
Cookie: cg_uuid=03af0ab54e0d4d49999c07d2d36cf213
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://lpevest.com
content-type: application/json
date: Wed, 29 Mar 2023 19:43:57 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| obs.robotflowermobile.com/mon | 50.16.211.97 | 200 OK | 0 B |
URL HTTP/2obs.robotflowermobile.com/mon IP50.16.211.97:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.robotflowermobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1928
Origin: https://lpevest.com
Connection: keep-alive
Referer: https://lpevest.com/
Cookie: cg_uuid=03af0ab54e0d4d49999c07d2d36cf213
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://lpevest.com
content-type: application/json
date: Wed, 29 Mar 2023 19:43:57 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| obs.robotflowermobile.com/mon | 50.16.211.97 | 200 OK | 0 B |
URL HTTP/2obs.robotflowermobile.com/mon IP50.16.211.97:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.robotflowermobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1928
Origin: https://lpevest.com
Connection: keep-alive
Referer: https://lpevest.com/
Cookie: cg_uuid=03af0ab54e0d4d49999c07d2d36cf213
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://lpevest.com
content-type: application/json
date: Wed, 29 Mar 2023 19:43:59 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| obs.robotflowermobile.com/mon | 50.16.211.97 | 200 OK | 0 B |
URL HTTP/2obs.robotflowermobile.com/mon IP50.16.211.97:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /mon HTTP/1.1
Host: obs.robotflowermobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1928
Origin: https://lpevest.com
Connection: keep-alive
Referer: https://lpevest.com/
Cookie: cg_uuid=03af0ab54e0d4d49999c07d2d36cf213
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://lpevest.com
content-type: application/json
date: Wed, 29 Mar 2023 19:44:01 GMT
content-length: 0
X-Firefox-Spdy: h2
|
|
| static.hotjar.com/c/hotjar-2235415.js?sv=7 | 54.230.111.113 | 200 OK | 0 B |
URL HTTP/2static.hotjar.com/c/hotjar-2235415.js?sv=7 IP54.230.111.113:0
GET /c/hotjar-2235415.js?sv=7 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Wed, 29 Mar 2023 19:43:56 GMT
cache-control: max-age=60
etag: W/779522a40cb2f7d0865f29c7bded50a8
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LvgTO8nXfTQUiJO7pjbRaU17ZHrvbE6vTRjCBUj_2SIJ2OPk6M8frg==
age: 1
X-Firefox-Spdy: h2
|
|
| ipinfo.io/?token=cc7afc256c9864&callback=jQuery32103842782915746441_1680119058710&_=1680119058711 | 34.117.59.81 | 200 OK | 0 B |
URL HTTP/2ipinfo.io/?token=cc7afc256c9864&callback=jQuery32103842782915746441_1680119058710&_=1680119058711 IP34.117.59.81:0
GET /?token=cc7afc256c9864&callback=jQuery32103842782915746441_1680119058710&_=1680119058711 HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: text/javascript; charset=utf-8
date: Wed, 29 Mar 2023 19:43:55 GMT
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| in.hotjar.com/api/v2/client/sites/2235415/visit-data?sv=7 | 52.213.97.225 | 200 OK | 0 B |
URL HTTP/2in.hotjar.com/api/v2/client/sites/2235415/visit-data?sv=7 IP52.213.97.225:0
POST /api/v2/client/sites/2235415/visit-data?sv=7 HTTP/1.1
Host: in.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 131
Origin: https://lpevest.com
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 19:43:56 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2
|
|
| tr.snapchat.com/config/com/ee8d5f41-d920-43fd-83a0-11b50e49c57e.js | 35.190.43.134 | 200 OK | 0 B |
URL HTTP/2tr.snapchat.com/config/com/ee8d5f41-d920-43fd-83a0-11b50e49c57e.js IP35.190.43.134:0
GET /config/com/ee8d5f41-d920-43fd-83a0-11b50e49c57e.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lpevest.com
Connection: keep-alive
Referer: https://lpevest.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 19:43:57 GMT
access-control-allow-origin: https://lpevest.com
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| lpevest.com/whyevest_v1_af/?partner_id=c1a486dd6c8f128d0be36f669aa221fe&referal_id=35292_453865&affiliate_id=35292&src=https://tdaawl.com/&Aff_id=35292&Banner_id=whyevest_v1_af&clc_id=&crtv=link&chan=&Lp_id=6110&Banner_si=Unavailable&kyw= | 104.21.50.90 | 200 OK | 0 B |
URL HTTP/2lpevest.com/whyevest_v1_af/?partner_id=c1a486dd6c8f128d0be36f669aa221fe&referal_id=35292_453865&affiliate_id=35292&src=https://tdaawl.com/&Aff_id=35292&Banner_id=whyevest_v1_af&clc_id=&crtv=link&chan=&Lp_id=6110&Banner_si=Unavailable&kyw= IP104.21.50.90:0
GET /whyevest_v1_af/?partner_id=c1a486dd6c8f128d0be36f669aa221fe&referal_id=35292_453865&affiliate_id=35292&src=https://tdaawl.com/&Aff_id=35292&Banner_id=whyevest_v1_af&clc_id=&crtv=link&chan=&Lp_id=6110&Banner_si=Unavailable&kyw= HTTP/1.1
Host: lpevest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 29 Mar 2023 19:43:54 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vLzfbMG%2BxXw%2F87pHsLIrY7cnBjLB%2FW7P%2FGXZQRlu8yxVbHk%2FHpHtk8wI%2Fj4%2FvQq7%2FphGZR9jSHfaHRD6WTguHBxkWr2aLR4%2BTm3U030D%2Fc9Cdc66nBeS57IVSCdjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7afa9ab8cd73b503-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|