lik.cl/?http://rapidshare.com/files/120714386/NOD32.rar
104.21.54.128301 Moved Permanently 0 B URL HTTP/1.1 lik.cl/?http://rapidshare.com/files/120714386/NOD32.rar
IP 104.21.54.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /?http://rapidshare.com/files/120714386/NOD32.rar HTTP/1.1
Host: lik.cl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 14:30:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 15:30:38 GMT
Location: http://url.vin/5hq0M
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQ%2FGObPxR2Q4%2B0eSLbBeH8uG2bcFl%2B5N7m%2BlnRqC792LeObKhLnS8hKZNCbkPWueea5HDhogwm%2B%2Bon1M8O5v%2B2WPtjRDB7PRSDFhJE7bnrkLstRL7FJ87XI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770b901c2ed3fabc-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7840
Expires: Sun, 27 Nov 2022 16:41:18 GMT
Date: Sun, 27 Nov 2022 14:30:38 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2659
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:30:38 GMT
Last-Modified: Sun, 27 Nov 2022 13:46:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 14:19:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 675
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7714
Expires: Sun, 27 Nov 2022 16:39:12 GMT
Date: Sun, 27 Nov 2022 14:30:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LKf4KrRXeu0cYFHLxgXVgnqbESDUkjvhe/zwNNVuLOm/XMWcDjMyuKGPUsYZCqlTJ+EqDsfhwyI=
x-amz-request-id: FHW7A2QG03TX9FYG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 13:41:39 GMT
age: 2939
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 14:30:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
url.vin/5hq0M
172.67.164.91200 OK 4.5 kB IP 172.67.164.91:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (525), with CRLF line terminators
Hash c522d485f2a0d391bf1c7aa16ac2237a
ec3834166c2142131806d527a3f431db124cf385
4904b068a98a1d28ee389836b7cd66900323efdaa72d720a4fcf41a1a80b4dfa
GET /5hq0M HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
Set-Cookie: user=referrer=5hq0M; expires=Sat, 25-Feb-2023 14:30:30 GMT; path=/
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEckLUl070vv%2BRAasEMShcDc6aJ0PjwrIiKvsACA2B5Q8iLC%2BhzLfGcbl5xvEpFFgXDMrEmcPQnSKpstWLR%2FklC0f9%2BfxoK7aLM9YaRroIBO8KS5sSJHN%2FdT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770b901d2a57b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
url.vin/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.164.91200 OK 655 B URL HTTP/1.1 url.vin/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.164.91:0
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/5hq0M
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 13:35:09 GMT
ETag: W/"637cd00d-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1spH0Txl0Q%2Finc3oEW3018OVE23GrALG42mdm%2BuRnq7sa%2FzxCHjGrS2EL52ljGYM487Qb%2FzzduhUuhb2uECXL0KQp2fD53gjjFQ0on7skFrMcQFaHMBIbpxu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770b901ee9b3b51e-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Tue, 29 Nov 2022 14:30:39 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
fonts.googleapis.com/css?family=Droid+Sans:400,700
142.250.74.10200 OK 304 B URL HTTP/1.1 fonts.googleapis.com/css?family=Droid+Sans:400,700
IP 142.250.74.10:0
Hash 37bd97ab5d600328cee799bbc856e70f
b81303809a55a104a709773e53737aedcaec1f44
37d6bf70e3ca3db4fc2d0ce9c7f364c91fdf3d8a5ff2bb17d5d7a94d3b63e64e
GET /css?family=Droid+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 27 Nov 2022 14:30:39 GMT
Date: Sun, 27 Nov 2022 14:30:39 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:30:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url.vin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 27 Nov 2022 14:30:39 GMT
date: Sun, 27 Nov 2022 14:30:39 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
url.vin/css/link?v=15ArdWHuRiPtEqDbL5dnMIlopRz5ivfwpZUs_GPDdkA1
172.67.164.91200 OK 1.0 kB URL HTTP/1.1 url.vin/css/link?v=15ArdWHuRiPtEqDbL5dnMIlopRz5ivfwpZUs_GPDdkA1
IP 172.67.164.91:0
File type ASCII text, with CRLF line terminators
Hash b15ef16f25b38af2f7ee48c6392f6081
d4729ee1cfdc4430048a43840e65144073ba0e20
7ee45ec66558ec7b83067d0828cdd5f3d1ce36458b7dee1b081db42ac0214b8c
GET /css/link?v=15ArdWHuRiPtEqDbL5dnMIlopRz5ivfwpZUs_GPDdkA1 HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/5hq0M
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 1001
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Mon, 27 Nov 2023 14:30:30 GMT
Last-Modified: Sun, 27 Nov 2022 14:30:30 GMT
Vary: User-Agent,Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yo3vUJ8SvFd48SBAPNquGY6be5X6Vq6XJMwnMDTfV9DLKBKu4YBCdPLhneAGwQ90AW4bUtFGMoeSBjaySazl760JbGFOdKJQIn87z1nqu8mvpNVmgcrkYRwD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770b901eebdbb500-OSL
alt-svc: h2=":443"; ma=60
url.vin/js/linkmaster?v=zfHVsU16lq6nNazNnTe2x6GzWrj4ryzHqj-YsnSgbQ01
172.67.164.91200 OK 4.4 kB URL HTTP/1.1 url.vin/js/linkmaster?v=zfHVsU16lq6nNazNnTe2x6GzWrj4ryzHqj-YsnSgbQ01
IP 172.67.164.91:0
File type ASCII text, with very long lines (315), with CRLF line terminators
Hash 9d6d48f318276bb0fcfc390044432c27
f12a8d56939233b3f28d313bdaff8b7d23190e6e
4cb89c407964901d3d9bc1b4c48a6153b5f7115054faa00759879e5d4ec7160d
GET /js/linkmaster?v=zfHVsU16lq6nNazNnTe2x6GzWrj4ryzHqj-YsnSgbQ01 HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/5hq0M
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 4376
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Mon, 27 Nov 2023 14:30:30 GMT
Last-Modified: Sun, 27 Nov 2022 14:30:30 GMT
Vary: User-Agent,Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FC1FRGRS8gjmj93rREh45%2FjrlyV1B5XTVqowuDzwDGoduCt07fnkXFSU9BMx%2FQYLG9eT%2FAMYzNEXTGXZGQTvTXtNEqGyClM%2B0ocsoF8OzvfKH0nk0jpxK7l"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770b901ef9bab51e-OSL
alt-svc: h2=":443"; ma=60
url.vin/js/linkclick?v=r-0H57G3ysMfE2G2fyvu8QHrncC9yy8_8cG1kikZgS01
172.67.164.91200 OK 1.0 kB URL HTTP/1.1 url.vin/js/linkclick?v=r-0H57G3ysMfE2G2fyvu8QHrncC9yy8_8cG1kikZgS01
IP 172.67.164.91:0
File type HTML document, ASCII text, with CRLF line terminators
Hash b1d8040f62498592a2d7d50ea08b6c5b
d253133c61eb3300746f227e7dfc572049cc30e6
263fc000899512a1f1177b81071e5d167de343718842cc093c9c2e6682f47e5b
GET /js/linkclick?v=r-0H57G3ysMfE2G2fyvu8QHrncC9yy8_8cG1kikZgS01 HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/5hq0M
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 1023
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Mon, 27 Nov 2023 14:30:30 GMT
Last-Modified: Sun, 27 Nov 2022 14:30:30 GMT
Vary: User-Agent,Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hof8NIX%2Fd8H2sf0iFDySFu%2FHFOkPZJyqaN6ohsgw7ku5W%2Bx%2FN7hgEfwGoBwb0HgUfdvNh8sHQfX%2FQ%2FEA2SMg0jSd0GI3AozsThOvzzETSQ0smFYQV4cKifYt"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770b901eff20b4ee-OSL
alt-svc: h2=":443"; ma=60
url.vin/css/core?v=pKRcaZXI3UTqaVFwIyl6CMYCXaNqcMBs1QlKMh0YQkE1
172.67.164.91200 OK 34 kB URL HTTP/1.1 url.vin/css/core?v=pKRcaZXI3UTqaVFwIyl6CMYCXaNqcMBs1QlKMh0YQkE1
IP 172.67.164.91:0
File type ASCII text, with very long lines (65177)
Hash 37d30ccb38f13e9ecc644e652331c1ed
142774fc5a1cb99d3882e98a5a1e2d7a0e56abe4
6c8744bb96d69ec056acb49eb80cf3b646733de0fc23061e502d9d3d6cc23fb2
GET /css/core?v=pKRcaZXI3UTqaVFwIyl6CMYCXaNqcMBs1QlKMh0YQkE1 HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/5hq0M
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 34322
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Mon, 27 Nov 2023 14:30:30 GMT
Last-Modified: Sun, 27 Nov 2022 14:30:30 GMT
Vary: User-Agent,Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QhAUH4jTkQb4BPllvXAARAK8S1FEbwW3a1iJHsKxgMv8UHTIrDSZAtp01qIJ5glmhPgmtblSZ1ieNZhFfJYhtVSZmWc%2BiXmDupRHF97QA7gakUyf2%2FcURRJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770b901eecceb51b-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:30:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
url.vin/css/site?v=CTKNCZXhdkRb2RZF4dXEqQXOEWIPjWvyVeX-ku0Hpnk1
172.67.164.91200 OK 2.9 kB URL HTTP/1.1 url.vin/css/site?v=CTKNCZXhdkRb2RZF4dXEqQXOEWIPjWvyVeX-ku0Hpnk1
IP 172.67.164.91:0
File type ASCII text, with CRLF line terminators
Hash fc1d8f0ac49cfa48ad73d04c3d661a2a
fd7e8a01a26e6dc493cf603c228d6664cceeb1b0
df0459dc46b78649fc7e377f4041775ce054dab3cf5821a3e8e050884d8fde6a
GET /css/site?v=CTKNCZXhdkRb2RZF4dXEqQXOEWIPjWvyVeX-ku0Hpnk1 HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/5hq0M
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 2921
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Mon, 27 Nov 2023 14:30:30 GMT
Last-Modified: Sun, 27 Nov 2022 14:30:30 GMT
Vary: User-Agent,Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZLW4OV2eZ0ES5hxoKkBFOvFep5phXVBYmOxV22y1bmI%2B%2F9WmO3ZVmUnPETiEq6IyCEGExlTa2nIKY%2BeisIzCLLqS0h%2BHY2AJ5dbDfwWkrpKKDfNtzC2rSlk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770b901eeb131c12-OSL
alt-svc: h2=":443"; ma=60
mellowads.com/pop.js?ref=886DEF4F9B11
104.20.49.216200 OK 463 B URL HTTP/1.1 mellowads.com/pop.js?ref=886DEF4F9B11
IP 104.20.49.216:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 4ce1407756307193c041cfdfe1373560
886da9093426f0165c859ecf065a197d3f1d8c5a
1fce5d0c21b93c1af7c55f9f071854bb2f8b7f58d5d7fff0e0ca295c7fbca094
GET /pop.js?ref=886DEF4F9B11 HTTP/1.1
Host: mellowads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 463
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770b901ee8df0b02-OSL
url.vin/img/email.png
172.67.164.91200 OK 309 B IP 172.67.164.91:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash d8eb7601763678b974d77af23ec841c0
678d7d88a8ce585cef740d1fad0a47d41e2b5188
b32fe2bc97648982b82f242c220b9a39ba09fb809c99a91fb79c4b4ba01c51e3
GET /img/email.png HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/5hq0M
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: image/png
Content-Length: 309
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2017 00:11:24 GMT
ETag: "de52adab8ea6d21:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w72tFECT4oBWOgg4AwODLCei4ReiL3CCJN3fDTRlrF%2BVJqqe63O%2FmHwNoOmQC%2Fl5ix6aolgIfaMiDdwEbI3cyF1RAH%2ByeDwiNCgW9UJ%2BquH43ESd%2BCwJqCg6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770b9020bce31c12-OSL
alt-svc: h2=":443"; ma=60
url.vin/img/twitter.png
172.67.164.91200 OK 318 B IP 172.67.164.91:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash bad6b90604e54b86434eee695dfd9c1a
9093c81b80448ab5e4957c09ca321b4c04f5739c
2a104c91c8a006c4d24a48155fe672f57d8b15f71578919a8cdf4b6bb6abe9a3
GET /img/twitter.png HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/5hq0M
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: image/png
Content-Length: 318
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2017 00:11:25 GMT
ETag: "c1d8bac8ea6d21:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SrH22KYTc1iBcrnFRkw%2BW7RHJOlUz7lGe2vmvTVbJi8BpcDPKgj2KJYRnLnFDrap5ZeMusZUHQWcd0noM1spZ1I%2BE6JC0sUPF0z9YeMJgh3OERTqe1C2hERi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770b9020bdf9b500-OSL
alt-svc: h2=":443"; ma=60
url.vin/img/facebook.png
172.67.164.91200 OK 238 B IP 172.67.164.91:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 0648aca2d82008a853e5b25626287c7d
739c7afeeea3bbfe47b29709e442266573b42879
3d390c46dd948748ab46e9b81176d8621b66fab8629343ca50d7eabda6cdf531
GET /img/facebook.png HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/5hq0M
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: image/png
Content-Length: 238
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2017 00:11:24 GMT
ETag: "768be6ab8ea6d21:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M4V7cqUu5FoJfd02qVdWnXIkGDsmcIzH5HVmBowijfK8WPliF%2Bf2PoH%2B9L1t%2FktRorK3Fa9zMdCHkJ3o8FsdSrrsQSM6l4xImpUh9dPe8b%2FZ%2FdsDZ6HTzxdq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770b9020b9d4b4ee-OSL
alt-svc: h2=":443"; ma=60
url.vin/img/brand.png
172.67.164.91200 OK 5.5 kB IP 172.67.164.91:0
File type PNG image data, 258 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash a52d275792fefb753b26b9ad736ea4c7
8dc8befb3e1f56634e6f438162e9775ce512ae15
e71a3f8beaac4fcbcd7ab32cd65593f47de134e68c23886c6e2c315a1d20a028
GET /img/brand.png HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/5hq0M
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: image/png
Content-Length: 5510
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2017 00:11:23 GMT
ETag: "20f62eab8ea6d21:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y9PqGzS1cv8fZspXSg9%2Fu2%2BBbWdxQ5aTbveVOl8Km8wClZ0FqXPaf%2B1Z8lohyQGKR5zIcpU7hn92uqxV4VHZjNdp6PLZIWSnjl%2BsLFwXRfHEG9Tzyhm6%2FRvf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770b9020bc10b51e-OSL
alt-svc: h2=":443"; ma=60
url.vin/js/core?v=HdZrPmrrwWSnKfulISHE-vPH6v2jvYm7KVl7SuMBS1Q1
172.67.164.91200 OK 154 kB URL HTTP/1.1 url.vin/js/core?v=HdZrPmrrwWSnKfulISHE-vPH6v2jvYm7KVl7SuMBS1Q1
IP 172.67.164.91:0
File type ASCII text, with very long lines (38689), with CRLF line terminators
Size 154 kB (153614 bytes)
Hash 6200f2156fe954ff547b1125208ffdfc
7d2886e4b7af2f490f5680ec76d050b340e98c59
120656644fee654850568353e1cfad81375ff61b4fb5701bad3f2d4029a0da0d
GET /js/core?v=HdZrPmrrwWSnKfulISHE-vPH6v2jvYm7KVl7SuMBS1Q1 HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/5hq0M
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Mon, 27 Nov 2023 14:30:30 GMT
Last-Modified: Sun, 27 Nov 2022 14:30:30 GMT
Vary: User-Agent,Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AbvlODQYi%2FW9s1sJm8%2BbzVVj%2FvxG2AtMTByfbtu8eQhd8C57xMhO%2FXHiN8rPJYwxr9P8eOHRpnDkn3sMl%2FEOShFhLuggDOdurpo%2Bwzr8Zd9VINB3RnFi7Rkj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770b901eeeac0b61-OSL
alt-svc: h2=":443"; ma=60
url.vin/img/background.jpg
172.67.164.91200 OK 230 kB URL HTTP/1.1 url.vin/img/background.jpg
IP 172.67.164.91:0
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 28x28, segment length 16, baseline, precision 8, 2560x1440, components 3\012- data
Size 230 kB (230389 bytes)
Hash f0beaef2e3921b6371668ac22e64acee
e01bc36cc4d299c093fbe81f5bca2a9a7db65e09
9019ff1c496b65f57b52ba878669fafd11cccd284b13dd525c8c5a0888f26857
GET /img/background.jpg HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/css/site?v=CTKNCZXhdkRb2RZF4dXEqQXOEWIPjWvyVeX-ku0Hpnk1
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: image/jpeg
Content-Length: 230389
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2017 00:11:23 GMT
ETag: "20536fab8ea6d21:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foXtAYahxUinTRn8v5l6CfUNoQfWgRBqJ8b69KePItr%2B07dbNEs%2BrPvfQraYJdSt7CBYtIQtPbVSpTwyjvq7Xw9X0P0BHGhekEzv8QemZ49SiKdXQcDgZMbS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770b902159320b61-OSL
alt-svc: h2=":443"; ma=60
url.vin/fonts/glyphicons-halflings-regular.woff2
172.67.164.91200 OK 18 kB URL HTTP/1.1 url.vin/fonts/glyphicons-halflings-regular.woff2
IP 172.67.164.91:0
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
GET /fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://url.vin/css/core?v=pKRcaZXI3UTqaVFwIyl6CMYCXaNqcMBs1QlKMh0YQkE1
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: application/font-woff2
Content-Length: 18028
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2017 00:11:39 GMT
ETag: "3b5cb8b48ea6d21:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmCGQ0VCjdzvCQtSJZO9u9s20yrQJuIdX9GbrSak8YR83KOWjyZHlgpuDUT%2Bt%2FiLLLJDfmImrXzoqd0SVtwysamPcQMVLhJfNr6JtfJ1grbYJRDiVsCUOouj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770b90215d0cb51e-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 14:08:54 GMT
cache-control: public,max-age=3600
age: 1305
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
216.58.207.195200 OK 21 kB URL HTTP/1.1 fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21224, version 1.0\012- data
Hash 13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://url.vin
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 21224
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 25 Nov 2022 23:30:37 GMT
Expires: Sat, 25 Nov 2023 23:30:37 GMT
Cache-Control: public, max-age=31536000
Age: 140402
Last-Modified: Tue, 19 Apr 2022 18:04:18 GMT
Content-Type: font/woff2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4588
Cache-Control: max-age=157961
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:30:39 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:23:20 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
mellowads.com/view/66D72704FBD3
104.20.49.216200 OK 803 B URL HTTP/1.1 mellowads.com/view/66D72704FBD3
IP 104.20.49.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash abdb678d45ca93f163698e954b848f89
30aa680c35891b36fe0970306312c9c085f1b10b
fe495af122e07b722c00e74de8259165b3d29ef580a00158ff6afcef35190596
GET /view/66D72704FBD3 HTTP/1.1
Host: mellowads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
Set-Cookie: user=referrer=; expires=Sat, 25-Feb-2023 14:30:46 GMT; path=/
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770b90213b680b02-OSL
Content-Encoding: gzip
mellowads.com/view/762E952FDF44
104.20.49.216200 OK 806 B URL HTTP/1.1 mellowads.com/view/762E952FDF44
IP 104.20.49.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 8c66d3e8f530ac326a1d1ae2d824f956
c90596e78c2ac15ee0fed1531c43f9c845b6c5a6
b640cc391bc5010e06635e94c5c859c8b0a750e576c16b20e28d6e3c5ee23c16
GET /view/762E952FDF44 HTTP/1.1
Host: mellowads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
Set-Cookie: user=referrer=; expires=Sat, 25-Feb-2023 14:30:51 GMT; path=/
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770b90213ae2b50c-OSL
Content-Encoding: gzip
mellowads.com/view/E51CE158A4DF
104.20.49.216200 OK 806 B URL HTTP/1.1 mellowads.com/view/E51CE158A4DF
IP 104.20.49.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash fa684158c815ebb42a351ddd1a2bf300
eb852c53661ecd641cf038c69bca3328263b1a6c
c846fb120975a70c0fefae118593810ab807deac1268746a84374e6a8da8d9cb
GET /view/E51CE158A4DF HTTP/1.1
Host: mellowads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
Set-Cookie: user=referrer=; expires=Sat, 25-Feb-2023 14:30:43 GMT; path=/
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770b902139250b61-OSL
Content-Encoding: gzip
mellowads.com/view/40A901E8681E
104.20.49.216200 OK 803 B URL HTTP/1.1 mellowads.com/view/40A901E8681E
IP 104.20.49.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 5d300ecf77e28b3d12595529b4b56178
de49a810b300d7d3c796d8d398725fc93f7b1544
4fd329f222a2d4c3e058b0aedba92123a859eac5de67544ec154ceaac9fefe5f
GET /view/40A901E8681E HTTP/1.1
Host: mellowads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
Set-Cookie: user=referrer=; expires=Sat, 25-Feb-2023 14:30:46 GMT; path=/
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770b90213b350b41-OSL
Content-Encoding: gzip
mellowads.com/view/D0E1C6938B78
104.20.49.216200 OK 802 B URL HTTP/1.1 mellowads.com/view/D0E1C6938B78
IP 104.20.49.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 8077275957af74122bed33c979c09ba6
34d76fd5c7412ab2f670547b0a80b19c123cc985
a156e93a449a0c56144baf13f7848beff2c30fd7ab280ffbbc223f334f7786a4
GET /view/D0E1C6938B78 HTTP/1.1
Host: mellowads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
X-AspNet-Version: 4.0.30319
Set-Cookie: user=referrer=; expires=Sat, 25-Feb-2023 14:30:39 GMT; path=/
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770b90213b17b4f1-OSL
Content-Encoding: gzip
url.vin/largeicon.png
172.67.164.91200 OK 20 kB IP 172.67.164.91:0
File type PNG image data, 192 x 192, 8-bit/color RGB, non-interlaced\012- data
Hash cf59dff43548be6d54ceeb861a337797
e43940d869a2c29e8a1246675ee23ea37c4e9249
a1bab785206d0770813f7b92d10a7eec7559b44d3deec93b4ae88271917714ee
GET /largeicon.png HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/5hq0M
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: image/png
Content-Length: 20252
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2017 00:10:40 GMT
ETag: "87466c918ea6d21:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwMElvov%2FvIv5D4LswlV%2Bjmn%2FwIKgGXftfekveEUBtgZFEeDvCkWXr%2F7fkXwLoonk7SZTvwlchGzRB8ZP9jXgwjeZ15ZqhJIgMYtaiZJ9zU32%2BSW9urY00V%2F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770b9023894fb51e-OSL
alt-svc: h2=":443"; ma=60
url.vin/favicon.ico
172.67.164.91200 OK 765 B IP 172.67.164.91:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash d88b29ce25491fd27e1ee264729ca4ac
3a0063d8dcfa9f2b3469f1d93dd8768d63567d6b
2cfd378677f024b517924c647fcb7c3152ec2bc9aa1489ec575e17cc47015ed6
GET /favicon.ico HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/5hq0M
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2017 00:10:40 GMT
ETag: W/"e82fd5918ea6d21:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOHqZNqAKsFNHGikR1PJUlu%2Fu8BvBYFslBa6LYAAXPYyTK0xvngSfSoOFlWsWmW7iHO3cEEYyxIK2BCpZ8AEgGWXWXFfQS4xsWI2J%2BWl6v3UulBKqw3fT%2FMT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770b90238fc81c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
platform.twitter.com/widgets.js
192.229.233.25200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 192.229.233.25:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1273
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sun, 27 Nov 2022 14:30:39 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 0c5dff6c05300f261a1c629895a298e5
840ada948483cebfd30135e75e302a2d13457cd8
9ad0cf403122de152a6950ab5f0452ae0d48f599cdf07cb70513f9bc0eafb72b
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: fe2dfff3817b1cadb46e7fffc7e9e05f
ETag: "48e9ed3cc0156e8c96ff86f537739464"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Sun, 27 Nov 2022 14:42:56 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: DF3/bAUwDyYaHGKYlaKY5Q==
X-FB-Debug: Spx5HRbQIAdVGQzg00tGsOTkrCDq5Ly3Oiv993VeJckStY2/IuFNtIagLvQhkCmI4yRETBt1olz+nB5oTtoQRw==
Priority: u=3,i
X-FB-TRIP-ID: 1904183273
Date: Sun, 27 Nov 2022 14:30:39 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1687
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Sun, 27 Nov 2022 14:22:56 GMT
Expires: Sun, 27 Nov 2022 16:22:56 GMT
Cache-Control: public, max-age=7200
Age: 463
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
mellowads.com/js/wrez?v=pjk0aiSLrO9JaCrbDGb3JunlfVlYyYSFbgvXJfbR4Z81
104.20.49.216200 OK 42 kB URL HTTP/1.1 mellowads.com/js/wrez?v=pjk0aiSLrO9JaCrbDGb3JunlfVlYyYSFbgvXJfbR4Z81
IP 104.20.49.216:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash f70c4b9b8ed5d3738f324b0e18ca2734
1272db775d48140b20b11800863d9e5830d9f3a1
361acf772ff421233add639754cdc82ed168c5200bbac5c36651ba622a177808
GET /js/wrez?v=pjk0aiSLrO9JaCrbDGb3JunlfVlYyYSFbgvXJfbR4Z81 HTTP/1.1
Host: mellowads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://url.vin/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:39 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 42472
Connection: keep-alive
Cache-Control: public
Content-Encoding: gzip
Expires: Mon, 27 Nov 2023 14:30:37 GMT
Last-Modified: Sun, 27 Nov 2022 14:30:37 GMT
Vary: User-Agent,Accept-Encoding
X-AspNet-Version: 4.0.30319
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770b90213b330b41-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:30:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://url.vin
Connection: keep-alive
Referer: http://url.vin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 61475
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:30:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Furl.vin
192.229.233.25200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Furl.vin
IP 192.229.233.25:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=http%3A%2F%2Furl.vin HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url.vin/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2131787
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 27 Nov 2022 14:30:40 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
push.services.mozilla.com/
34.215.56.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.56.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q+r7yADNCTko9LOXxKVzmg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZwfKqIr1uD/ZkMu9EDy3VIy+ExE=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f79de44e08c43da30a3c6c5291fdc427
1a07b622d844d4793fe4767199f5f33f0f3229e2
d536b31b46e283bf64ff0c3e3bf29c706f1d5c2b63d82bc41c76e15bf4a06fe2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 643
Cache-Control: max-age=130962
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:30:40 GMT
Etag: "6382ce9f-1d7"
Expires: Tue, 29 Nov 2022 02:53:22 GMT
Last-Modified: Sun, 27 Nov 2022 02:42:39 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
mellowads.com/view/66D72704FBD3/?ref=1859ybANskvoVR3AoV7BrBm1IkMtLC2X9odwym9oIe8pwPsH5vq8ZEfRsiiKVWR59yaCPvxiU6AOVFihe7Pm9L&w=728&h=90
104.20.49.216200 OK 1.4 kB URL HTTP/1.1 mellowads.com/view/66D72704FBD3/?ref=1859ybANskvoVR3AoV7BrBm1IkMtLC2X9odwym9oIe8pwPsH5vq8ZEfRsiiKVWR59yaCPvxiU6AOVFihe7Pm9L&w=728&h=90
IP 104.20.49.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash c9d979bc2314215f92b6782c36c86e71
1b10904617ded205ae44de1efa0d5324648dc78e
224df944b4bf7a433de49bc8bd418eeb454bfc8a654454bc6dde65e93c9666b1
GET /view/66D72704FBD3/?ref=1859ybANskvoVR3AoV7BrBm1IkMtLC2X9odwym9oIe8pwPsH5vq8ZEfRsiiKVWR59yaCPvxiU6AOVFihe7Pm9L&w=728&h=90 HTTP/1.1
Host: mellowads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mellowads.com/view/66D72704FBD3
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
Set-Cookie: user=referrer=1859ybANskvoVR3AoV7BrBm1IkMtLC2X9odwym9oIe8pwPsH5vq8ZEfRsiiKVWR59yaCPvxiU6AOVFihe7Pm9L; expires=Sat, 25-Feb-2023 14:30:43 GMT; path=/
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770b90231d76b50c-OSL
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:30:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mellowads.com/view/E51CE158A4DF/?ref=1859ybANskvoVR3AoV7BrBn2yJFvN8UI6on45OWWHpypoAtInPk0AC4yfGjiLgW02KdINSccwyCmoOxCTBnszc2&w=160&h=600
104.20.49.216200 OK 1.5 kB URL HTTP/1.1 mellowads.com/view/E51CE158A4DF/?ref=1859ybANskvoVR3AoV7BrBn2yJFvN8UI6on45OWWHpypoAtInPk0AC4yfGjiLgW02KdINSccwyCmoOxCTBnszc2&w=160&h=600
IP 104.20.49.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 31053a7c4923ebd0b370d38a8aaf8276
f58df3497e55e11d0171f027478be47a75d37b0a
647d6d411c4991ef6c0cfee9514e5207c4afcba962e61f94e0cdacfd7872b6b3
GET /view/E51CE158A4DF/?ref=1859ybANskvoVR3AoV7BrBn2yJFvN8UI6on45OWWHpypoAtInPk0AC4yfGjiLgW02KdINSccwyCmoOxCTBnszc2&w=160&h=600 HTTP/1.1
Host: mellowads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mellowads.com/view/E51CE158A4DF
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
Set-Cookie: user=referrer=1859ybANskvoVR3AoV7BrBn2yJFvN8UI6on45OWWHpypoAtInPk0AC4yfGjiLgW02KdINSccwyCmoOxCTBnszc2; expires=Sat, 25-Feb-2023 14:30:46 GMT; path=/
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770b90232d830b02-OSL
Content-Encoding: gzip
mellowads.com/view/762E952FDF44/?ref=1859ybANskvoVR3AoV7Br8KUpQtcLm8eprmZ13heXolGakjaaMzfZkOtFY9bOBJy4smHlsR67CR74ESCF47tRN&w=728&h=90
104.20.49.216200 OK 1.1 kB URL HTTP/1.1 mellowads.com/view/762E952FDF44/?ref=1859ybANskvoVR3AoV7Br8KUpQtcLm8eprmZ13heXolGakjaaMzfZkOtFY9bOBJy4smHlsR67CR74ESCF47tRN&w=728&h=90
IP 104.20.49.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 76ca863db49d0fa1fae0f320929230e3
e5e81475f587158310f13669582e972b11196941
1a16822bc9892e80391aab47b9955f6840ce0c9324183a13abdf5d5056bb177f
GET /view/762E952FDF44/?ref=1859ybANskvoVR3AoV7Br8KUpQtcLm8eprmZ13heXolGakjaaMzfZkOtFY9bOBJy4smHlsR67CR74ESCF47tRN&w=728&h=90 HTTP/1.1
Host: mellowads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mellowads.com/view/762E952FDF44
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
X-AspNet-Version: 4.0.30319
Set-Cookie: user=referrer=1859ybANskvoVR3AoV7Br8KUpQtcLm8eprmZ13heXolGakjaaMzfZkOtFY9bOBJy4smHlsR67CR74ESCF47tRN; expires=Sat, 25-Feb-2023 14:30:39 GMT; path=/
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770b90232b4d0b61-OSL
Content-Encoding: gzip
mellowads.com/view/40A901E8681E/?ref=1859ybANskvoVR3AoV7BrBm1IkMtLC2X9odwym9oIe8pwPsH5vq8ZEfRsiiKVWR59yaCPvxiU6AOVFihe7Pm9L&w=160&h=600
104.20.49.216200 OK 1.5 kB URL HTTP/1.1 mellowads.com/view/40A901E8681E/?ref=1859ybANskvoVR3AoV7BrBm1IkMtLC2X9odwym9oIe8pwPsH5vq8ZEfRsiiKVWR59yaCPvxiU6AOVFihe7Pm9L&w=160&h=600
IP 104.20.49.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash c4c67af0e79684889bdfcb34b196bd9f
de83d46e64483e5852749ab302d29d45d24e5761
eb6b7d754cf1305d6461b510faff9742409515ebd0428bb6a374095d6b37c4b7
GET /view/40A901E8681E/?ref=1859ybANskvoVR3AoV7BrBm1IkMtLC2X9odwym9oIe8pwPsH5vq8ZEfRsiiKVWR59yaCPvxiU6AOVFihe7Pm9L&w=160&h=600 HTTP/1.1
Host: mellowads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mellowads.com/view/40A901E8681E
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
Set-Cookie: user=referrer=1859ybANskvoVR3AoV7BrBm1IkMtLC2X9odwym9oIe8pwPsH5vq8ZEfRsiiKVWR59yaCPvxiU6AOVFihe7Pm9L; expires=Sat, 25-Feb-2023 14:30:37 GMT; path=/
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770b90233d5f0b41-OSL
Content-Encoding: gzip
connect.facebook.net/en_US/sdk.js?hash=f0618996ea940a7cb316af92fff19d28
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=f0618996ea940a7cb316af92fff19d28
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash 8bf40cbf859f839b981201529dee8e9a
caa85c7b4005007b77332ceb62ac607f24125815
2032940a0bebb9f56649f398e32bb62b30221d7c0015368db3e80ccfd5d76a34
GET /en_US/sdk.js?hash=f0618996ea940a7cb316af92fff19d28 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://url.vin
Connection: keep-alive
Referer: http://url.vin/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ede88ec0992c328f2420dcf2433485a6
etag: "84e0649ec0ea4160ad36f7188f53ea0a"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 27 Nov 2023 12:20:44 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: i/QMv4Wfg5uYEgFSne6Omg==
x-fb-debug: /R2y3n+CCbal59Oa8Zxtq8/b1utV53Nhz3EtMs2q/MS4uYFC6KlGlrb10HFmQK/d1S0gH9rJzgTwBbpVYusqRQ==
content-length: 86898
x-fb-trip-id: 1904183273
date: Sun, 27 Nov 2022 14:30:40 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=710799291&t=pageview&_s=1&dl=http%3A%2F%2Furl.vin%2F5hq0M&ul=en-us&de=UTF-8&dt=Mellow%20Ads%3A%20Shorten%20links%20and%20earn%20bitcoin&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1326222065&gjid=1724461820&cid=2042073343.1669559440&tid=UA-49827542-6&_gid=880820979.1669559440&_r=1&_slc=1&z=1462163499
142.250.74.174200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=710799291&t=pageview&_s=1&dl=http%3A%2F%2Furl.vin%2F5hq0M&ul=en-us&de=UTF-8&dt=Mellow%20Ads%3A%20Shorten%20links%20and%20earn%20bitcoin&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1326222065&gjid=1724461820&cid=2042073343.1669559440&tid=UA-49827542-6&_gid=880820979.1669559440&_r=1&_slc=1&z=1462163499
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 38684612f0c6bb6dfa16da92f4a6878f
6fe62d0dd7db314b7f9bb945672f078e01d27f0f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
POST /j/collect?v=1&_v=j98&a=710799291&t=pageview&_s=1&dl=http%3A%2F%2Furl.vin%2F5hq0M&ul=en-us&de=UTF-8&dt=Mellow%20Ads%3A%20Shorten%20links%20and%20earn%20bitcoin&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAEABAAAAACAAI~&jid=1326222065&gjid=1724461820&cid=2042073343.1669559440&tid=UA-49827542-6&_gid=880820979.1669559440&_r=1&_slc=1&z=1462163499 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://url.vin
Connection: keep-alive
Referer: http://url.vin/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://url.vin
date: Sun, 27 Nov 2022 14:30:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mellowads.com/view/D0E1C6938B78/?ref=1859ybANskvoVR3AoV7Br91tmKwkZFVQhgxy6ebdz4qTsseH9e13pcI0bw1Bc4f6ErAgGrZvmwckzLuZqYgCNe&w=160&h=600
104.20.49.216200 OK 1.1 kB URL HTTP/1.1 mellowads.com/view/D0E1C6938B78/?ref=1859ybANskvoVR3AoV7Br91tmKwkZFVQhgxy6ebdz4qTsseH9e13pcI0bw1Bc4f6ErAgGrZvmwckzLuZqYgCNe&w=160&h=600
IP 104.20.49.216:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash f4c125044e7cf417fc5e6632ec6aa873
a0e876165f05f066df8aa34317b32c9f9fd3b667
86842f0007b8221ff293543e02867b6ae02e906793b7f96d0dd628978e07a949
GET /view/D0E1C6938B78/?ref=1859ybANskvoVR3AoV7Br91tmKwkZFVQhgxy6ebdz4qTsseH9e13pcI0bw1Bc4f6ErAgGrZvmwckzLuZqYgCNe&w=160&h=600 HTTP/1.1
Host: mellowads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mellowads.com/view/D0E1C6938B78
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:40 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
Set-Cookie: user=referrer=1859ybANskvoVR3AoV7Br91tmKwkZFVQhgxy6ebdz4qTsseH9e13pcI0bw1Bc4f6ErAgGrZvmwckzLuZqYgCNe; expires=Sat, 25-Feb-2023 14:30:52 GMT; path=/
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770b90234d63b4f1-OSL
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f79de44e08c43da30a3c6c5291fdc427
1a07b622d844d4793fe4767199f5f33f0f3229e2
d536b31b46e283bf64ff0c3e3bf29c706f1d5c2b63d82bc41c76e15bf4a06fe2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 643
Cache-Control: max-age=130962
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:30:40 GMT
Etag: "6382ce9f-1d7"
Expires: Tue, 29 Nov 2022 02:53:22 GMT
Last-Modified: Sun, 27 Nov 2022 02:42:39 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:30:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mellowads.b-cdn.net/css/size1.css?v18
138.199.37.229200 OK 465 B URL HTTP/1.1 mellowads.b-cdn.net/css/size1.css?v18
IP 138.199.37.229:0
ASN #60068 Datacamp Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash b549e68ba831dce8e4faa8f574276e73
f9fdf3a2f45bcbe7638e04f8039a835d34905f7c
f0c0cc25a7501ebfe759710c5167a89a24dff5894ae7ab37a1cf407a2d6082a1
GET /css/size1.css?v18 HTTP/1.1
Host: mellowads.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mellowads.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:40 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: BunnyCDN-DE1-865
CDN-PullZone: 419676
CDN-Uid: 5aae3959-a123-4877-a9c8-a7b3eb94fb05
CDN-RequestCountryCode: NO
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
Access-Control-Expose-Headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
Cache-Control: max-age=2678400
Content-Encoding: gzip
ETag: W/"a41e6926a2fd61:0"
Last-Modified: Thu, 21 May 2020 00:52:49 GMT
CF-Cache-Status: MISS
CF-RAY: 76a75ec6fe5e5b68-FRA
CDN-ProxyVer: 1.03
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 200
CDN-CachedAt: 11/15/2022 10:40:42
CDN-EdgeStorageId: 1054
CDN-Status: 200
CDN-RequestId: b40154876b6da74803952a276de2e28b
CDN-Cache: HIT
mellowads.b-cdn.net/css/size2.css?v18
138.199.37.229200 OK 469 B URL HTTP/1.1 mellowads.b-cdn.net/css/size2.css?v18
IP 138.199.37.229:0
ASN #60068 Datacamp Limited
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash df04d2cdc1bef0c74fcf75a0efce716f
a499fe88e5de7fe9735a678f2f15db2d8a8b36ca
46af96f2c978b212024091ad1fd0b58c042cbf2ba7e8cce3f0034715887bd3be
GET /css/size2.css?v18 HTTP/1.1
Host: mellowads.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mellowads.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:40 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: BunnyCDN-DE1-865
CDN-PullZone: 419676
CDN-Uid: 5aae3959-a123-4877-a9c8-a7b3eb94fb05
CDN-RequestCountryCode: NO
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
Access-Control-Expose-Headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
Cache-Control: max-age=2678400
Content-Encoding: gzip
ETag: W/"33854928f85dd31:0"
Last-Modified: Wed, 15 Nov 2017 09:57:33 GMT
CF-Cache-Status: MISS
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
CF-RAY: 7401c5373f0592ad-FRA
CDN-ProxyVer: 1.02
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 200
CDN-CachedAt: 08/25/2022 05:01:32
CDN-EdgeStorageId: 860
CDN-Status: 200
CDN-RequestId: 45ac11fb115445e5c6fd2ca471506f3e
CDN-Cache: HIT
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 6e7a9737056c0944fb160616617816b7
ef02228d621f14f18ad967641ece868a680625bf
2522de4f2972e4feabfb37dce08f6d6bc684d927ff2cac3a5ad4c1945241d3e3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4049
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:30:40 GMT
Last-Modified: Sun, 27 Nov 2022 13:23:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
mellowads.b-cdn.net/img/minibrand.png
138.199.37.229200 OK 880 B URL HTTP/1.1 mellowads.b-cdn.net/img/minibrand.png
IP 138.199.37.229:0
ASN #60068 Datacamp Limited
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b891c459c30e04f07f4596c24d48ba1a
ee7df940c242cb3d25d9cfaab8505bb7a5b91acf
2e14c1a668a02a6e7d92ccef711b8ecb2d73523c4c2f41f6ec4218da1953c0f0
GET /img/minibrand.png HTTP/1.1
Host: mellowads.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mellowads.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:40 GMT
Content-Type: image/png
Content-Length: 880
Connection: keep-alive
Server: BunnyCDN-DE1-865
CDN-PullZone: 419676
CDN-Uid: 5aae3959-a123-4877-a9c8-a7b3eb94fb05
CDN-RequestCountryCode: NO
Cache-Control: max-age=2678400
ETag: "db70512bf85dd31:0"
Last-Modified: Wed, 15 Nov 2017 09:57:38 GMT
CF-Cache-Status: MISS
CF-RAY: 768383a61c4292a2-FRA
CDN-ProxyVer: 1.03
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 200
CDN-CachedAt: 11/11/2022 02:14:25
CDN-EdgeStorageId: 1047
CDN-Status: 200
CDN-RequestId: ae4da41a3898998ae54de8084e8f7534
CDN-Cache: HIT
Accept-Ranges: bytes
syndication.twitter.com/settings?session_id=5994c8817744eb4f00cb855f4e3edc2c71c7b431
104.244.42.72200 OK 374 B URL HTTP/2 syndication.twitter.com/settings?session_id=5994c8817744eb4f00cb855f4e3edc2c71c7b431
IP 104.244.42.72:0
File type JSON data\012- , ASCII text, with very long lines (913), with no line terminators
Hash 925c2a7587f39436ea29513221652474
695b7f2f3d99f407bcdfd0b372db0e28193cc60c
62e36e14e5c219119cb51c3cdf43a2005512a1bd6ebf2d68d0c610a2e6e3ef0f
GET /settings?session_id=5994c8817744eb4f00cb855f4e3edc2c71c7b431 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 14:30:39 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sun, 27 Nov 2022 14:30:40 GMT
content-length: 374
content-encoding: gzip
x-transaction-id: c8aa0c296cd2841a
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 105
x-connection-hash: a95e6a9d1ae15092d787ddd1fc51bae8aef18fef24fe5563063da376ab4525c4
X-Firefox-Spdy: h2
mellowads.b-cdn.net/ads/FAE05CB36689.gif
138.199.37.229200 OK 582 kB URL HTTP/1.1 mellowads.b-cdn.net/ads/FAE05CB36689.gif
IP 138.199.37.229:0
ASN #60068 Datacamp Limited
File type GIF image data, version 89a, 728 x 90\012- data
Size 582 kB (581500 bytes)
Hash 5fcd37eba9dad8f76d5b445b69822c83
7676645800d3accc9c7c718a40d61db9234917a2
9eb0806c295ffc803e30a85f722d8a510a9e04c3d449f15e850ebf0fe421b006
GET /ads/FAE05CB36689.gif HTTP/1.1
Host: mellowads.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mellowads.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:40 GMT
Content-Type: image/gif
Content-Length: 581500
Connection: keep-alive
Server: BunnyCDN-DE1-865
CDN-PullZone: 419676
CDN-Uid: 5aae3959-a123-4877-a9c8-a7b3eb94fb05
CDN-RequestCountryCode: NO
Cache-Control: max-age=2678400
ETag: "f61491f2587ad81:0"
Last-Modified: Tue, 07 Jun 2022 10:25:45 GMT
CF-Cache-Status: MISS
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
CF-RAY: 73da7cf518f79143-FRA
CDN-ProxyVer: 1.02
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 200
CDN-CachedAt: 08/20/2022 10:36:28
CDN-EdgeStorageId: 723
CDN-Status: 200
CDN-RequestId: 8d00b29ed8b42718034045d3f4b102ca
CDN-Cache: HIT
Accept-Ranges: bytes
mellowads.b-cdn.net/ads/8BB77EB0A57D.gif
138.199.37.229200 OK 869 kB URL HTTP/1.1 mellowads.b-cdn.net/ads/8BB77EB0A57D.gif
IP 138.199.37.229:0
ASN #60068 Datacamp Limited
File type GIF image data, version 89a, 160 x 600\012- data
Size 869 kB (869296 bytes)
Hash 53928370112a91d6bd744505e24d9c8f
79e7c8a518de975429684e5f7b08a8e70de8ca61
b8d7ad9bbca115004536c594ca178ad0fb02d32bdbe08e4d41542fc2c98ab623
GET /ads/8BB77EB0A57D.gif HTTP/1.1
Host: mellowads.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mellowads.com/
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:40 GMT
Content-Type: image/gif
Content-Length: 869296
Connection: keep-alive
Server: BunnyCDN-DE1-865
CDN-PullZone: 419676
CDN-Uid: 5aae3959-a123-4877-a9c8-a7b3eb94fb05
CDN-RequestCountryCode: NO
Cache-Control: max-age=2678400
ETag: "d9f37496577ad81:0"
Last-Modified: Tue, 07 Jun 2022 10:16:01 GMT
CF-Cache-Status: MISS
CF-RAY: 754f57cc98b0902e-FRA
CDN-ProxyVer: 1.02
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 200
CDN-CachedAt: 10/04/2022 16:37:35
CDN-EdgeStorageId: 864
CDN-Status: 200
CDN-RequestId: 34594c1205a481de749dbf414dc15b83
CDN-Cache: HIT
Accept-Ranges: bytes
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 12:31:58 GMT
expires: Sun, 26 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 93522
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3670
Expires: Sun, 27 Nov 2022 15:31:51 GMT
Date: Sun, 27 Nov 2022 14:30:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3670
Expires: Sun, 27 Nov 2022 15:31:51 GMT
Date: Sun, 27 Nov 2022 14:30:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 59940
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 892849386662d30042f01ab952a3ec14
3b349ac17a00d68875e64bee110ec85d07cffda2
893797d55f15081d45af7a31af9fefe106ace9ba236e9b113787d07ab416faf9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9926
x-amzn-requestid: b03f4d3b-b144-4466-ab11-96c8201d75a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8Je2G_NIAMFZRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b22c5-5ef5e11a198cd8202372d8da;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:03:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Eeu-CbRcm2Zv8ZVXNO3vhUt2shbKNQZ1YqsxCMk96twd7zL_rceGYg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:05:31 GMT
age: 59110
etag: "3b349ac17a00d68875e64bee110ec85d07cffda2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 59944
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 60033
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7f16c0f8a8e710210ce77c0e4c1c2a2
590c34be54c9889eec4ff7993e070fda836f711f
4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GT3Futv4Ztnl2Og2TQFk5311m92Mv_jfvkIZYJXpjJMdkxSB6MI06g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 06:42:16 GMT
age: 28105
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e97baa4851785eac92c719abf481c64
c32a57038d3cdbc514c9081c9938eca6a04fb481
adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8387
x-amzn-requestid: e4ce369f-7654-4c1a-94c2-70c913eb1a01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFL0tEcqIAMFXHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec01d-37bd969f4cdfe220096b8c1f;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:51:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: __2hrJIdzCKzhuJ_YfbSSfz-WwyIqnPugk7P6SuYSjn6b2wwm0otCw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 20:58:18 GMT
age: 63143
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
url.vin/api/publishing/service.svc/GetNetworkLink
172.67.164.91200 OK 3.4 kB URL HTTP/1.1 url.vin/api/publishing/service.svc/GetNetworkLink
IP 172.67.164.91:0
File type JSON data\012- , ASCII text, with very long lines (21977), with no line terminators
Hash d5834cc8e3c40369b055160b629c3b68
0efc617023f8cbc9a87d88e7f9e64bda90c2e4c5
1876f2408268bcc44b158fbec94740f9c4d8e69455bdc1bbbd9b44c87a43a281
POST /api/publishing/service.svc/GetNetworkLink HTTP/1.1
Host: url.vin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json; charset=utf-8
CSRFToken: w1f47P0xYp-4iPjpDghmv57VLpG9WJ0moNBs43fm7sYRED-Tz-Na3Ues75XWr27P1k6-8kZ7Xo2xZ2nqPQEUXxy-ExLPjtXjFMLWV_Z-BxA1:WzJVFqzSb7zMfknYEO5nVvOlgblLR70IAFKc28hMsU4pFa1RToQL2ncYwUEE8BlKIDXqDOnjdOeJ4bJBmOoPfrwvHKK9Ene3h0qBmdUHkTE1
X-Requested-With: XMLHttpRequest
Content-Length: 31
Origin: http://url.vin
Connection: keep-alive
Referer: http://url.vin/5hq0M
Cookie: user=referrer=5hq0M
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:30:41 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s13ISXoB5xhsmtjUkV4LzmWZ6Oelc3WDK5vBrDeRy45ZoLLw5B7m1567joCnfB4OTUkNsDwBaeZU%2B5K6vVO8%2F1ZgiH56CMqTFcPko0e4X4Hn6G493mt7ktrR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770b90224a650b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 4dd84cb8d66e9ea488fd2c8ac74fc531
ab5dd3fb5ee281c68073087ed31d9d19ee4493a6
ccaf98c022324a16ea5df039750eb5f0a6248ab09bdca62e8e252ee8e8fe0690
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4523
Cache-Control: max-age=125835
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:30:41 GMT
Etag: "6382ab71-13a"
Expires: Tue, 29 Nov 2022 01:27:56 GMT
Last-Modified: Sun, 27 Nov 2022 00:12:33 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 4dd84cb8d66e9ea488fd2c8ac74fc531
ab5dd3fb5ee281c68073087ed31d9d19ee4493a6
ccaf98c022324a16ea5df039750eb5f0a6248ab09bdca62e8e252ee8e8fe0690
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4523
Cache-Control: max-age=125835
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:30:41 GMT
Etag: "6382ab71-13a"
Expires: Tue, 29 Nov 2022 01:27:56 GMT
Last-Modified: Sun, 27 Nov 2022 00:12:33 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 314
static-pub.highwebmedia.com/uploads/avatar/2019/08/10/21/45/76c2f5de0718c82933755795a9bdc613aaf2f87f.jpg
104.16.94.42200 OK 8.2 kB URL HTTP/2 static-pub.highwebmedia.com/uploads/avatar/2019/08/10/21/45/76c2f5de0718c82933755795a9bdc613aaf2f87f.jpg
IP 104.16.94.42:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 493x102, components 3\012- data
Hash 78823e8d6efa6821433c6da8c283f01f
36084058437317375849b0a330a29deb40babca7
00219c0560c4172c547fc9f7c70701dbd8c1d5f054ef4cfdaff8f1873c5e7642
GET /uploads/avatar/2019/08/10/21/45/76c2f5de0718c82933755795a9bdc613aaf2f87f.jpg HTTP/1.1
Host: static-pub.highwebmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://url.vin/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 14:30:41 GMT
content-type: image/jpeg
content-length: 8245
cache-control: public, max-age=315360000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=9687
etag: "9e7f562590651cc1815c63f0db78d0d5"
expires: Wed, 24 Nov 2032 14:30:41 GMT
last-modified: Thu, 24 Oct 2019 16:57:42 GMT
x-amz-id-2: jTZdhPN6lueXlo9Rsil7Z2Y8XexYRvYswBUuVzPJtDZJuwRpKyzRiZsOXW1i/NxjYcKaBYV+sK8=
x-amz-request-id: VPF5FHYRTE785XXK
x-amz-version-id: FDOxfqL3hV.3eA_t7Z.3khuIJW9MFVDQ
cf-cache-status: HIT
age: 8
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nSw%2Bt5aZZwxPzfcsvEjNQ%2BD5yiIfQ7zdwYqW%2Fqf%2FnuQzb%2F%2F5zeW1hFTiKhUvT8tNbNp9b70W8DU6%2BmmnF5CHnGlCcN9zP0bNjFEe5KfAe%2FMdriYMFNPnqwvKw1ZGvFOwBqsuoSzSLKCygy1wQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: _cfuvid=qVbomtWJp9NvcRhK00vh2A8f_T5oLNJCRCE_XZIbHkc-1669559441988-0-604800000; path=/; domain=.highwebmedia.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 770b90305b030b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
public.chaturbate.com/uploads/avatar/2019/08/10/21/45/76c2f5de0718c82933755795a9bdc613aaf2f87f.jpg
104.18.100.40302 Found 0 B URL HTTP/2 public.chaturbate.com/uploads/avatar/2019/08/10/21/45/76c2f5de0718c82933755795a9bdc613aaf2f87f.jpg
IP 104.18.100.40:0
GET /uploads/avatar/2019/08/10/21/45/76c2f5de0718c82933755795a9bdc613aaf2f87f.jpg HTTP/1.1
Host: public.chaturbate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://url.vin/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 27 Nov 2022 14:30:41 GMT
location: https://static-pub.highwebmedia.com/uploads/avatar/2019/08/10/21/45/76c2f5de0718c82933755795a9bdc613aaf2f87f.jpg
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPE7nwJLxIPg%2Fj9CEOwDNCEPYQleLXX3HxfbrMc%2BVvV2QzWcza05guhkEEiLtGKlqo%2FrEIreYpEOxRPCeFdvrM1RMocac64FzxTBnnrlJlPfOKoXFoqSdtOQW%2FvVY2tB1TFEHBIJUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 770b90302e5cb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2