link1s.com/
151.139.128.10301 Moved Permanently 0 B IP 151.139.128.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 10 Sep 2022 02:14:52 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Location: https://link1s.com/
X-HW: 1662776092.cds250.sk1.h2,1662776092.cds222.sk1.c
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 10 Sep 2022 02:06:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8MQ25ZVzSrQ62nEj5N6D_CYTbKZgnLtGapBqyDrnJNHYrtex3BMskQ==
Age: 521
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5070
Expires: Sat, 10 Sep 2022 03:39:22 GMT
Date: Sat, 10 Sep 2022 02:14:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BLB3udzVr2DgJihn74o7azaOzLk1HM_GuqZ_2303z-zNlzIfpjFyMQ==
age: 80898
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 02:14:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
151.139.128.10200 OK 40 kB URL HTTP/2 link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
IP 151.139.128.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3796b62bdd0e516cfa7d3e75abd21b15
3a35fdc27fb351a15f9c35e56671405b770b0e48
3d3ba2547ac834abc8a61fffb0b8bbd7582e058d7fbb61b6e1465b5766d591b6
GET /cloud_theme/build/css/styles.min.css?ver=6.4.0 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=D-h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-encoding: gzip
content-length: 40374
content-type: text/css
last-modified: Wed, 23 Jun 2021 02:58:02 GMT
accept-ranges: bytes
etag: W/"60d2a33a-2fa30"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds249.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/logo1s.png
151.139.128.10200 OK 30 kB IP 151.139.128.10:0
File type PNG image data, 247 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash aa55ddb783a9ed3a7530dd55d848ee64
e2437805b86dc3858bea3c80567447ece8b96ec4
a1e2b0dcdc48527c85aa69b5f00854c11cb4b4554544098f2473119428c38017
GET /logo1s.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=D-h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-length: 30338
content-type: image/png
last-modified: Sun, 28 Feb 2021 03:13:41 GMT
accept-ranges: bytes
etag: "603b0a65-7682"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds069.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/cloud_theme/img/right-arrow.png
151.139.128.10200 OK 1.0 kB URL HTTP/2 link1s.com/cloud_theme/img/right-arrow.png
IP 151.139.128.10:0
File type PNG image data, 44 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash c0f153a1c3f57abe61c13df5cefc6cbf
3ad58121981a21e57441b063fe76cebf787950f7
8f5bf2fd8cc9c946145485b712fbde05ed3cb4feda99f52e256251385e8a20dc
GET /cloud_theme/img/right-arrow.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=D-h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-length: 1028
content-type: image/png
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: "5d6e69a2-404"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds229.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/particles.js
151.139.128.10200 OK 11 kB IP 151.139.128.10:0
Hash bc8455f7d1e73ff3fcb6994d5e75776a
fef86e9369aeef397e024cdaa3aa28d1270f95a3
e199f6ac0b4ad5623defbad1c9b33635fc25a45a484808768014aaddce469fc1
GET /particles.js HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=D-h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-encoding: gzip
content-length: 10806
content-type: application/javascript; charset=utf-8
last-modified: Sat, 25 Mar 2017 17:46:21 GMT
accept-ranges: bytes
etag: W/"58d6aced-a801"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds247.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/particles/js/app.js
151.139.128.10200 OK 929 B URL HTTP/2 link1s.com/particles/js/app.js
IP 151.139.128.10:0
Hash fdd9b605974edebc7f1180d24555b8c1
187255ff630bb9fcf56bcfe9dc2d07b1e43f8644
992aabe7a799d4637218b420c8ff6a9bf4c75ac4534e6141aab64b823a4a316b
GET /particles/js/app.js HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=D-h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-encoding: gzip
content-length: 929
content-type: application/javascript; charset=utf-8
last-modified: Sat, 25 Mar 2017 17:46:21 GMT
accept-ranges: bytes
etag: W/"58d6aced-b05"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds211.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/assets/methods/momo.png
151.139.128.10200 OK 19 kB URL HTTP/2 link1s.com/assets/methods/momo.png
IP 151.139.128.10:0
File type PNG image data, 143 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 988776ad0d5eb8b49d126dba3bc51ade
baac898a67b60de3510ba63cccd5990916eddc7b
eada25c2a16b50e9583e10e9b6369cfcc325f97da2ce81861adf6470cee8d745
GET /assets/methods/momo.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=D-h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-length: 18655
content-type: image/png
last-modified: Sat, 18 Apr 2020 11:14:38 GMT
accept-ranges: bytes
etag: "5e9ae11e-48df"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds221.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/assets/methods/banktransfer.png
151.139.128.10200 OK 3.3 kB URL HTTP/2 link1s.com/assets/methods/banktransfer.png
IP 151.139.128.10:0
File type PNG image data, 121 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 116a0e76121c94c1db02374da7ff01f8
b353b0461b6d3baafcca1e8f5a322408e20db585
e56da5aad27edc7800ba08b740b79812fd087b85c2aec3ac9e9dd084f7be69f8
GET /assets/methods/banktransfer.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=D-h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-length: 3302
content-type: image/png
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: "5d6e69a2-ce6"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds068.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/assets/methods/paypal.png
151.139.128.10200 OK 1.8 kB URL HTTP/2 link1s.com/assets/methods/paypal.png
IP 151.139.128.10:0
File type PNG image data, 114 x 31, 8-bit/color RGBA, non-interlaced\012- data
Hash dfa62945e1beeb5f4bded47212f3f36e
af6ea54eede0e22d59981dbc4655bb2530b35e92
defbca4e26ea9a0a5007e8598db97344a32fd8a87b27fce64199c78d79cf41b0
GET /assets/methods/paypal.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=D-h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-length: 1785
content-type: image/png
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: "5d6e69a2-6f9"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds242.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/assets/methods/payeer.png
151.139.128.10200 OK 2.1 kB URL HTTP/2 link1s.com/assets/methods/payeer.png
IP 151.139.128.10:0
File type PNG image data, 145 x 33, 8-bit/color RGBA, non-interlaced\012- data
Hash 704aec0dd43cdf3430dd0dfc79c44f9c
e89af65fb6457a7bab38223b06b505abc999e6f2
22b6bab913faaac57c74bd07e0b438c5530d08d0ac882c9106b342490bc7fafd
GET /assets/methods/payeer.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=D-h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-length: 2055
content-type: image/png
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: "5d6e69a2-807"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds257.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/assets/methods/webmoney.png
151.139.128.10200 OK 3.3 kB URL HTTP/2 link1s.com/assets/methods/webmoney.png
IP 151.139.128.10:0
File type PNG image data, 164 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash b2fd3c7672d3ee5866d48ec774485b13
ceae06112c97654fcb287c2887a9dac131979b2d
728fe3bda45fef6d71bce4760e1ecb9aefe4fac261554596a08b1f58bd1d348d
GET /assets/methods/webmoney.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=D-h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-length: 3333
content-type: image/png
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: "5d6e69a2-d05"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds249.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/assets/methods/zalopay.png
151.139.128.10200 OK 4.8 kB URL HTTP/2 link1s.com/assets/methods/zalopay.png
IP 151.139.128.10:0
File type PNG image data, 143 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 37efea818646ccbe19cafdac0cb51c60
1da2be7d4f3717452aa49d293d4029e1485086ce
47a68bc593339e34008c431ba5dd743ef25defb1fbe63bbcb616789c695e0462
GET /assets/methods/zalopay.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=D-h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-length: 4775
content-type: image/png
last-modified: Thu, 02 Dec 2021 04:36:26 GMT
accept-ranges: bytes
etag: "61a84d4a-12a7"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds221.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/assets/methods/viettelpay.png
151.139.128.10200 OK 4.9 kB URL HTTP/2 link1s.com/assets/methods/viettelpay.png
IP 151.139.128.10:0
File type PNG image data, 143 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 1e1f105538b543c11f723c52c1ae74ee
095fab94e7e863691acea2644a8b7757a845c7a6
1f17f832eb2f2f7a764d0cc68989cf7d7a607f450c6c649aa2a1bc189eff41ff
GET /assets/methods/viettelpay.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=D-h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-length: 4939
content-type: image/png
last-modified: Thu, 02 Dec 2021 04:37:08 GMT
accept-ranges: bytes
etag: "61a84d74-134b"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds230.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/js/ads.js
151.139.128.10200 OK 160 B IP 151.139.128.10:0
File type ASCII text, with no line terminators
Hash b12346c7343419a37f34307fbabe7b6d
966c50b7c0472e1459b0a42f85de2072bff58dfe
5af21e03acb972cce4f742a0a10357878a449e8ec9fcebf6a208d1e452e97ca7
GET /js/ads.js HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=D-h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-encoding: gzip
content-length: 160
content-type: application/javascript; charset=utf-8
last-modified: Tue, 03 Sep 2019 13:24:48 GMT
accept-ranges: bytes
etag: "5d6e69a0-bf"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds210.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/js/script.min.js?ver=6.4.0
151.139.128.10200 OK 69 kB URL HTTP/2 link1s.com/cloud_theme/build/js/script.min.js?ver=6.4.0
IP 151.139.128.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 361f27dfe223957b3cd90c42a4b006b8
7a6fb972982ba9945610500c567d0baf27573c0c
a41b7e569b2251ebc720aee925901d970874795d9f918fe6a3ee6cb0da8907bf
GET /cloud_theme/build/js/script.min.js?ver=6.4.0 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=D-h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-encoding: gzip
content-length: 69405
content-type: application/javascript; charset=utf-8
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: W/"5d6e69a2-32956"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds227.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1fa8224847ea7d9b4dc8e598fae4142
cb703a2944e58d97dd48a7e56ee9f4510ced78b4
920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-129758818-7
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-129758818-7
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 5a6b7a0e6892a4a36c3ea3ed5cab7a71
b2a683b94177124c8631f9a37cdfe1a01f6cc3d2
e86cf16448dec68b1202bdbdffbd478db0f7dd23473e3e7dc025d9a4d7440aff
GET /gtag/js?id=UA-129758818-7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 10 Sep 2022 02:14:52 GMT
expires: Sat, 10 Sep 2022 02:14:52 GMT
cache-control: private, max-age=900
last-modified: Sat, 10 Sep 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41970
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a4ae55dbf8e22a357ee36e37fafa37af
18d33f606a8bc692802cfaa3a22ceb4a5eedca8c
8343a46c0a87b15be71cab0ae84912ed07d3104d4b621c55e3cd69367f58ebb6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1fa8224847ea7d9b4dc8e598fae4142
cb703a2944e58d97dd48a7e56ee9f4510ced78b4
920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 10 Sep 2022 01:56:08 GMT
Cache-Control: max-age=3600
Expires: Sat, 10 Sep 2022 02:55:21 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3wry8dM29JeRgzXm_TCAoMhmUDl9Nkj3bk6OXPO3h3fyH13ugmgWnw==
Age: 1126
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link1s.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:10:21 GMT
expires: Wed, 06 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 291872
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssp.web1s.com/ser.php?t=AADIV35&f=35&psc=
151.139.128.11200 OK 637 kB URL HTTP/2 ssp.web1s.com/ser.php?t=AADIV35&f=35&psc=
IP 151.139.128.11:0
Size 637 kB (637104 bytes)
Hash 2569cc83f9f150bfb922dcf416e4eb6d
2f293ed35df98b522937eb92892390cb1d081dda
9d6b1b14e00406008d918c1b15fbcdebc9e69f5b05334b7cc273e7bcc8028b99
GET /ser.php?t=AADIV35&f=35&psc= HTTP/1.1
Host: ssp.web1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:53 GMT
accept-ranges: bytes
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
x-hw: 1662776092.cds072.sk1.hn,1662776092.cds242.sk1.sc,1662776093.cds242.sk1.p
server: nginx
cache-control: no-cache, must-revalidate
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6505
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:53 GMT
Last-Modified: Sat, 10 Sep 2022 00:26:29 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.80.131.74101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.80.131.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ndzEZIXJYZXrVN35qeVayQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wvFJD+BdGgBcRDnS77FW8BZW7hk=
ocsp.sectigo.com/
104.18.32.68200 OK 282 B IP 104.18.32.68:0
Hash 24594c52fdaacb48f825e0113c9e1f36
4c17f8f6d6324a9edca3c9e9b24242b70a4b2aeb
f49b2c7287c0b8bfaf899ae1bdfe9009f9add56e1994cc09a23220e058168d39
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 02:14:53 GMT
Content-Type: application/ocsp-response
Content-Length: 282
Connection: keep-alive
Last-Modified: Tue, 06 Sep 2022 18:29:39 GMT
Expires: Tue, 13 Sep 2022 18:29:38 GMT
Etag: "4c17f8f6d6324a9edca3c9e9b24242b70a4b2aeb"
Cache-Control: max-age=317084,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7484a7199809b4fa-OSL
lv.adocean.pl/files/js/aomini.js
51.83.210.184200 OK 3.2 kB URL HTTP/2 lv.adocean.pl/files/js/aomini.js
IP 51.83.210.184:0
File type ASCII text, with very long lines (8143), with no line terminators
Hash 42a9082055f120332d440310376961aa
0ba7e33900a133c432894b200fa39cfe1dcec977
482e1eb90494ada9bb9e01c1b10bfc739ae709a6dadd2f810f423f2afbd5e651
GET /files/js/aomini.js HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GAD
date: Sat, 10 Sep 2022 02:14:53 GMT
cache-control: public, must-revalidate, max-age=14400
last-modified: Mon, 25 Jul 2022 11:21:39 GMT
etag: "00001FCFAF20B624"
expires: Sat, 10 Sep 2022 06:14:53 GMT
accept-ranges: bytes
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 3211
content-encoding: gzip
X-Firefox-Spdy: h2
lv.adocean.pl/_1662776084652/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
51.83.210.184301 Moved Permanently 0 B URL HTTP/2 lv.adocean.pl/_1662776084652/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
IP 51.83.210.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_1662776084652/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024 HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: GAD
date: Sat, 10 Sep 2022 02:14:53 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Fri, 09 Sep 2022 02:14:53 GMT
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
set-cookie: GAD=KlQwsRGGQMGGjPC1e09lk2XissGMXP8cERySssX6Sssa; Domain=lv.adocean.pl; Path=/; SameSite=None; Secure; Expires=Tue, 10 Oct 2023 02:14:53 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1662776084652/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
content-length: 0
X-Firefox-Spdy: h2
lv.adocean.pl/__/_1662776084652/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
51.83.210.184200 OK 18 kB URL HTTP/2 lv.adocean.pl/__/_1662776084652/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024
IP 51.83.210.184:0
File type ASCII text, with very long lines (53947)
Hash aacde053a39b804e9e59a36902409da7
8314e27402b274fff8e73741549611689391d6d9
531e9f0b5b7a5bb75224a1787cb5b3fee2116a3423f25c93ca10136ea36cc672
GET /__/_1662776084652/ad.js?id=D1c3hwkhJvUTwbrPFVzjuYTiASIdeQdmouk3KQwVIUH.n7/x=1280/y=1024 HTTP/1.1
Host: lv.adocean.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: GAD
date: Sat, 10 Sep 2022 02:14:54 GMT
pragma: no-cache
cache-control: no-cache, must-revalidate, max-age=0
expires: Fri, 09 Sep 2022 02:14:54 GMT
accept-ranges: none
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 17782
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 280 B IP 104.18.32.68:0
Hash 4fa81072c282649d066d69227ddcf6f8
7b83363ab8bdabdc8f34b893e4fdf66b00975a02
f35e10ebcd644f1199b1ce754b8d732cf1e84f646ee39f7e870e0282ec4de6f8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 02:14:54 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 08:55:33 GMT
Expires: Wed, 14 Sep 2022 08:55:32 GMT
Etag: "7b83363ab8bdabdc8f34b893e4fdf66b00975a02"
Cache-Control: max-age=369037,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7484a71d49e3b4fa-OSL
adlv.hit.gemius.pl/gdejs/xgde.js
51.77.53.76200 OK 19 kB URL HTTP/2 adlv.hit.gemius.pl/gdejs/xgde.js
IP 51.77.53.76:0
File type ASCII text, with very long lines (1202)
Hash 9aa7eb9278e76072c921e6e462099a4f
aa02cc49999555344513f15e6e6e6fb2900ddfd7
b9c2686e1b4861c3d4adc18f21797c43e5848ccb4a032d1f857700f5ffcda9a6
GET /gdejs/xgde.js HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
expires: Sun, 11 Sep 2022 02:14:54 GMT
server: GHC
accept-ranges: none
cache-control: public, max-age=86400
last-modified: Wed, 31 Aug 2022 06:49:43 GMT
etag: "630F04870000D964BC018988"
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 19348
content-encoding: gzip
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/img/header.jpg
151.139.128.10200 OK 32 kB URL HTTP/2 link1s.com/cloud_theme/build/img/header.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2020:06:15 13:00:39], baseline, precision 8, 1921x900, components 3\012- data
Hash cfb50952d88e992695dddecdc3cf3998
59ce92345516d98f1f688933e6aa3ce72c7226c9
fb6ea9089178b18c66e8110965f05a461c772ce16debb14c3e61d4bae3e6c3ca
GET /cloud_theme/build/img/header.jpg HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==; PRLST=hv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
content-length: 32352
content-type: image/jpeg
last-modified: Mon, 15 Jun 2020 06:00:41 GMT
accept-ranges: bytes
etag: "5ee70e89-7e60"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1662776094.cds222.sk1.hn,1662776094.cds069.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/img/cloud.png
151.139.128.10200 OK 3.8 kB URL HTTP/2 link1s.com/cloud_theme/build/img/cloud.png
IP 151.139.128.10:0
File type PNG image data, 1921 x 140, 8-bit colormap, non-interlaced\012- data
Hash 22bc95e8efbe27f08e0f2d35574a73b6
c1ff2c2fbf1719c0ecbf6ae71c64fb6e515a67ce
2e37718a909edef13c23f47b2e5bfb1b5a167d524b3c0d6de9965d1bb6873c86
GET /cloud_theme/build/img/cloud.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==; PRLST=hv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
content-length: 3763
content-type: image/png
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: "5d6e69a2-eb3"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1662776094.cds222.sk1.hn,1662776094.cds244.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://link1s.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 17:10:21 GMT
expires: Wed, 06 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 291873
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/fonts/fontawesome-webfont.woff2
151.139.128.10200 OK 77 kB URL HTTP/2 link1s.com/cloud_theme/build/fonts/fontawesome-webfont.woff2
IP 151.139.128.10:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /cloud_theme/build/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==; PRLST=hv
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
content-length: 77160
content-type: font/woff2
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: "5d6e69a2-12d68"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1662776094.cds222.sk1.hn,1662776094.cds015.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/img/chart.png
151.139.128.10200 OK 5.6 kB URL HTTP/2 link1s.com/cloud_theme/build/img/chart.png
IP 151.139.128.10:0
File type PNG image data, 1920 x 441, 8-bit colormap, non-interlaced\012- data
Hash 279bfacaeb4320d7cacd299edf3947f6
7afe9fe47bbef9e934c77b5f21084082c0bf4435
2ff08b430f1252b7e73f0a96c5f905f34160d75272b1d5a7b4d0ce347047e8ba
GET /cloud_theme/build/img/chart.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==; PRLST=hv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
content-length: 5622
content-type: image/png
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: "5d6e69a2-15f6"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1662776094.cds222.sk1.hn,1662776094.cds242.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/img/spritesheet.png
151.139.128.10200 OK 17 kB URL HTTP/2 link1s.com/cloud_theme/build/img/spritesheet.png
IP 151.139.128.10:0
File type PNG image data, 168 x 1335, 8-bit colormap, non-interlaced\012- data
Hash 8d906cd25dea958a3290324f5fc90305
d6cd85c96de7a412078a5753ca00037ed3e1796b
da8ebdeb52d0b627a9d06cca99a8c49ae9e8a9ee1aaf771ce772fbfb1758cca9
GET /cloud_theme/build/img/spritesheet.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==; PRLST=hv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
content-length: 17070
content-type: image/png
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: "5d6e69a2-42ae"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1662776094.cds222.sk1.hn,1662776094.cds210.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/img/world-map.png
151.139.128.10200 OK 8.7 kB URL HTTP/2 link1s.com/cloud_theme/build/img/world-map.png
IP 151.139.128.10:0
File type PNG image data, 954 x 534, 2-bit colormap, non-interlaced\012- data
Hash 5cd71e57c88252b5de982e0c80b0cbbf
4b0e415837fa337abc823a3287ed412dace175a9
a1f529b0bf8a224c8893f001fe0dd8b22532f1086f90a88bf75fead1ba9143fe
GET /cloud_theme/build/img/world-map.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==; PRLST=hv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
content-length: 8650
content-type: image/png
last-modified: Tue, 03 Sep 2019 13:24:50 GMT
accept-ranges: bytes
etag: "5d6e69a2-21ca"
cache-control: max-age=2592000, public
server: fbs
x-hw: 1662776094.cds222.sk1.hn,1662776094.cds226.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
link1s.com/cloud_theme/build/img/footer.jpg
151.139.128.10200 OK 19 kB URL HTTP/2 link1s.com/cloud_theme/build/img/footer.jpg
IP 151.139.128.10:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Windows), datetime=2020:06:15 13:02:54], baseline, precision 8, 1920x321, components 3\012- data
Hash 3fa1e91dd1aa28e99f307af4ed2105bd
43f48e0120f36b533465250967e8b225d797f485
4490d0650e3dfb1cbad3fff7bd9d56e557e3894956c4ba05900723803fab21ff
GET /cloud_theme/build/img/footer.jpg HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/cloud_theme/build/css/styles.min.css?ver=6.4.0
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==; PRLST=hv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
content-length: 18564
content-type: image/jpeg
last-modified: Mon, 15 Jun 2020 06:02:55 GMT
accept-ranges: bytes
etag: "5ee70f0f-4884"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1662776094.cds222.sk1.hn,1662776094.cds226.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19192
Expires: Sat, 10 Sep 2022 07:34:46 GMT
Date: Sat, 10 Sep 2022 02:14:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19192
Expires: Sat, 10 Sep 2022 07:34:46 GMT
Date: Sat, 10 Sep 2022 02:14:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19192
Expires: Sat, 10 Sep 2022 07:34:46 GMT
Date: Sat, 10 Sep 2022 02:14:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19192
Expires: Sat, 10 Sep 2022 07:34:46 GMT
Date: Sat, 10 Sep 2022 02:14:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 849e8614e814486ec15c5bc5af2afc56
d9d1b0eac89aef64ccd6f7b2747c8415e304b55c
80bc100aa916e7e82db7a7cbcdd90080ba0e30aeae170ce1d64446fc06ed01fb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3111
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:54 GMT
Last-Modified: Sat, 10 Sep 2022 01:23:03 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8f11aeba65478b039cfb4100aa23435
88db17a82ea0207ccb4826c2961875c5106b427a
6f6ec5922ec54d824e7f933de87608c5a763da119ae9461d99c6525649b1a9af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e72c2e9-6d47-42ac-9514-316cd8f8f6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 64a58aa8-8321-4c91-98fe-dbf97996c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNiuZEjnIAMFRFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb18f-77b635593b202d7d3cd0ac84;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: VWwNSpFvcDq3nrn91QvYjrJX5hLjp96vrKgZzR-pOdrdHx7MlcagGQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:56:34 GMT
age: 15500
etag: "88db17a82ea0207ccb4826c2961875c5106b427a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fa03262bb3728f24a4c7a8177ec788
09dcbdc6043f01dd56920cca3ce3920d0d07b795
e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: bb6a7928-9bdc-44e7-8478-b415bc504343
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJu0bGYdoAMF5jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2b4f-208339fd72e62dff4a2ba339;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:50:07 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: UaU9GK4lcCuAN2WghBDa7f-21dRTA4Fh1tlAmGFMKh4wQOGZlKdmOw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:46:20 GMT
age: 16114
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe535d149-d5c6-4543-8a5b-a5a98be48b9e.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe535d149-d5c6-4543-8a5b-a5a98be48b9e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 362d0931425ffa11f3287246f0480cc8
cc0f8bf63d11aeb3ea780af092523833f3b1abd3
75619cdf413b35451f109180e084a3630d0665a24b29e45510fed938d381db75
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe535d149-d5c6-4543-8a5b-a5a98be48b9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6676
x-amzn-requestid: 97140273-f327-4ec8-b076-cea440ce1d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNi34HNxoAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb1cb-6356b02944a048db1be05d1c;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2s35YFxVMMVFBVoSTyoCp0w0ivNRYerua-rmRWXdbvtP2UHafYwUmw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:13:18 GMT
etag: "cc0f8bf63d11aeb3ea780af092523833f3b1abd3"
content-type: image/jpeg
age: 14496
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084d9cc4-53b3-451a-b338-2150cda2f06c.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084d9cc4-53b3-451a-b338-2150cda2f06c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfadcca0fbc9780f8975c53481914c0d
bb613c04bdeab6ea13249d1cd48bb3268a830018
72f1c42b60eb8fa3893db6c226fe5a2dff41b45d8786d5c8095bdf31abff35ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084d9cc4-53b3-451a-b338-2150cda2f06c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9633
x-amzn-requestid: 85fa9747-6edf-45ae-b15e-85482c1dbf6c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNkC-GrIoAMFueg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb3ac-7ea5f2ef3d9478e530f0f888;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:44:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Tsmb4LofjcXS6wnblUm8fEHrZcbblznnR1DZwo_jbbGIUV7Mp_qXqA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 22:14:57 GMT
age: 14397
etag: "bb613c04bdeab6ea13249d1cd48bb3268a830018"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0081388d87e45c0261f7d46130b7d8e
1d4079b65ad678358c53a09384f7bce015b08eda
7294b1c1f1f4753bc8395daf7400ffe56b8ef502819dcdabd5fd50dc8f57f647
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7294B1C1F1F4753BC8395DAF7400FFE56B8EF502819DCDABD5FD50DC8F57F647"
Last-Modified: Wed, 07 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2146
Expires: Sat, 10 Sep 2022 02:50:40 GMT
Date: Sat, 10 Sep 2022 02:14:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 412441a2a064555c5d7f1400c2741360
7532d9543b93248891324e07e8edff10a36d174d
421b3e9db572f1077abd4ef2748696b38a4117e33db6ae0b5fa46841afa2693f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa03f5a55-72fc-42e1-bf3b-1c427237302d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14312
x-amzn-requestid: 4d301754-9ed3-401f-9ad5-1862533d7559
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNj5wGowIAMF4WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb371-7729383d0bc0f729231ad5b8;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:43:13 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 5L_sCLvWm6TIQnZbgg29I4wkY6HFFrbUkIB9NzrcEamyLP3FV9bBqQ==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:53:49 GMT
age: 15665
etag: "7532d9543b93248891324e07e8edff10a36d174d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71bafbee3867c04c3712ff98a123d52c
ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf
58ff1700e0b125caefb73719e2b3d734b2fbcc5ed1aabe5a11bb73b43edab831
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdde1c872-426a-4aec-b295-a2cac8b36edf.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4477
x-amzn-requestid: bbdca46e-5628-4faf-a0fe-ea1b5b39ac2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YNjzaHrIoAMF-iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bb348-567e946e7cf77f2e11c17c97;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 21:42:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: f2Av7EDI_l1jZfe0kR6K2yQNzxbBXdcXJGycIZbOTp4ZkCuusLk4Sw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 27fe6f224e0cfa3f3a446471ee256e56.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:50:47 GMT
age: 15847
etag: "ccf471cd30f5aa96f4e5fdb9e0fbbcdbb475a0bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1662776085398
51.89.9.253204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1662776085398
IP 51.89.9.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?pubId=2a897e3f18e6769&cb=1662776085398 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
c.tmyzer.com/c/?s=79438&f=5&fi=99
54.38.64.100200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=79438&f=5&fi=99
IP 54.38.64.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=79438&f=5&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 10 Sep 2022 02:14:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:4AF0_36264064:01BB_631BF31E_1656636E:2FDA
X-IPLB-Instance: 20686
tag.leadplace.fr/libJsLP.js
145.239.192.166200 OK 5.5 kB URL HTTP/1.1 tag.leadplace.fr/libJsLP.js
IP 145.239.192.166:0
Hash a0c24f993bc0901cfe62d1e801cb2b45
7eb2bdce06161ae486bc8e7ecd0b5c9c4f7b2984
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
GET /libJsLP.js HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Sat, 10 Sep 2022 02:14:54 GMT
Content-Type: application/javascript
Content-Length: 5547
Last-Modified: Thu, 14 Oct 2021 07:27:52 GMT
ETag: "6167dbf8-15ab"
Accept-Ranges: bytes
X-IPLB-Request-ID: 5B5A2A9A:CFD3_91EFC0A6:01BB_631BF31E_7A88E441:232FB
X-IPLB-Instance: 30196
link1s.com/favicon.ico
151.139.128.10200 OK 1.2 kB IP 151.139.128.10:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 03ab1dfddb257dcdfd97fec99d8a657b
52a797db29d8c765b51ed8aea361c4d52f80346e
f00b1e46b99dc5c05a6bdb89b442da969bf90c7dc59f43e798b2f8ebc2bdbfff
GET /favicon.ico HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==; PRLST=hv; ab=2; adOtr=fdd6d0a1c3b
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
cache-control: max-age=1933
content-length: 1150
content-type: image/x-icon
last-modified: Mon, 15 Jun 2020 09:56:40 GMT
accept-ranges: bytes
etag: "5ee745d8-47e"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1662776095.cds222.sk1.hn,1662776095.cds018.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ced.sascdn.com/tag/1097/smart.js
23.36.77.24200 OK 32 kB URL HTTP/1.1 ced.sascdn.com/tag/1097/smart.js
IP 23.36.77.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 49500abbb82370f8c4a7fa14ba4d5139
ca65e8e3171c3813f70e69521242e75fe9d7c923
20fbb0be7f491f42fc4db5cb41a9beb68802c89a757fe8ada9a7a22a5afc0deb
GET /tag/1097/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 32364
Cache-Control: public, max-age=900
Expires: Sat, 10 Sep 2022 02:29:55 GMT
Date: Sat, 10 Sep 2022 02:14:55 GMT
Connection: keep-alive
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
143.204.42.64200 OK 26 kB URL HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP 143.204.42.64:0
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Sat, 10 Sep 2022 00:45:51 GMT
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2tRSZxuInonmUxZ0fXmcl48l3EzZQuJ_ocVwP2HZHV-ghoTdm_dakA==
Age: 6206
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 2ee07290516197b50bbce96a9348bdc0
8126565d55adfa9ff8d100835fdf6c6d6d305f2b
9aa371e6e8193189e74f6079a7cfe6d6fa93df8b1b7273cf5f68e44f18f77ba2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 02:14:55 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 12:12:00 GMT
Expires: Fri, 16 Sep 2022 12:11:59 GMT
Etag: "8126565d55adfa9ff8d100835fdf6c6d6d305f2b"
Cache-Control: max-age=553623,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7484a7212bb9b4fa-OSL
ads.themoneytizer.com/moneybile.js
185.76.9.21200 OK 16 kB URL HTTP/2 ads.themoneytizer.com/moneybile.js
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (33237)
Hash daae65e6358b3bffb84b5244bfea9ae5
32be4f3b011aa5b14d7ef077426ffbd292157889
2b1ce93e9bc2cf2c6a81e2e685aa20b7b1c6c129acb60d0a5792a6f03c0d58ab
GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
content-type: application/javascript
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Sat, 10 Sep 2022 04:05:52 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1662782752
server: CDN77-Turbo
x-77-nzt: AblMCRQCfWb/fjcBAA
x-77-nzt-ray: 3Y3As9Lvy70
x-cache: HIT
x-age: 79742
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0a1d9d97bc4fe6f2be5a172eb59108a0
96b8274c71a8de19563795a864ecd78f77fee928
9b5d1ff868612534d782a697ee1cc61bad40a0b8d0667ba96d735b5216bcf604
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6307
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:55 GMT
Last-Modified: Sat, 10 Sep 2022 00:29:48 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 10 Sep 2022 00:41:12 GMT
expires: Sat, 10 Sep 2022 02:41:12 GMT
cache-control: public, max-age=7200
age: 5623
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 97e5566c275b9fe27464690811145846
fa8973c8004db59d9a8fd46e9743fb6c9a8d3efd
e77cd1a4510c736e628aa10719f7694d7c7fef15adf1a449d800f90cde76fb88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 19abc4dff49acc47250608758f851fcf
ac1716c3e767cd77f3e228cc5414c8f4e6473d8c
ba3868df01a9e7ba2ee41b191a9cf800d1189b78bebc3c12dacf379294e1f712
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5717
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:55 GMT
Last-Modified: Sat, 10 Sep 2022 00:39:38 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.131200 OK 584 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.131:0
File type ASCII text, with very long lines (921), with no line terminators
Hash 07e9beb2b26c91b000671bb9a28c4010
d849c3f03345cf22dec1bdaf601aa0372be98eda
cf19284220294fba13b459cedcbd45382a2818617c5f8c6e00cb9dba2034f180
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 10 Sep 2022 02:14:55 GMT
date: Sat, 10 Sep 2022 02:14:55 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 584
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
p.cpx.to/p/12762/px.js
54.229.37.204200 OK 2.0 kB IP 54.229.37.204:0
File type ASCII text, with very long lines (1990), with no line terminators
Hash 96bff8608d7c1f626b59ae10df6ea453
ee770e9213dd8a56b7887b8d1451546aa05d8e64
ee9923b738244929a3c2209848466bccd86eae3672fdef053a0272b60a9e0dfe
GET /p/12762/px.js HTTP/1.1
Host: p.cpx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2419200, public
Content-Type: application/javascript; charset=UTF-8
Date: Sat, 10 Sep 2022 02:14:55 GMT
Content-Length: 1990
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4b4389d88b2e0e3bda332d28fe03d886
d0c5e1c4e2c59b97f9d9f42cf87844a4a1059557
b93fa03bc2345143b33f496096f894518122262e1c6b995fcb86bd32b954cfb6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B93FA03BC2345143B33F496096F894518122262E1C6B995FCB86BD32B954CFB6"
Last-Modified: Fri, 09 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10044
Expires: Sat, 10 Sep 2022 05:02:19 GMT
Date: Sat, 10 Sep 2022 02:14:55 GMT
Connection: keep-alive
ads.themoneytizer.com/moneybid7_10/build/dist/prebid.js
185.76.9.21200 OK 228 kB URL HTTP/2 ads.themoneytizer.com/moneybid7_10/build/dist/prebid.js
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (64106)
Size 228 kB (227807 bytes)
Hash 7c9f1e91fb9a1a10fbf75c1a36a068d7
41ebdb801e739a08392ff17a3fa768ca97f5bb13
dc5f95fa90cd8443d8aa8a3ddc03398c6744d54692fb7831f75962d490315ab3
GET /moneybid7_10/build/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
content-type: application/javascript
last-modified: Tue, 06 Sep 2022 14:47:42 GMT
etag: W/"63175d8e-9e930"
pragma: public
x-accel-expires: @1663733152
server: CDN77-Turbo
x-77-nzt: AblMCRSD2CX/fjcBAA
x-77-nzt-ray: 1fqf2mH3cIQ
x-cache: HIT
x-age: 79742
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a40efec9f0d1f8f34d7600a906924171
aa5002142bd560a19480bd98c9cd8950eae5a74d
02a7f5d38c5e5188f987106d1f26670fa16b1a7d7341228cbeb07e3582d4cddc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flink1s.com%2F&id=MTIZ
145.239.192.166200 OK 0 B URL HTTP/1.1 tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Flink1s.com%2F&id=MTIZ
IP 145.239.192.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wckr.php?ref=https%3A%2F%2Flink1s.com%2F&id=MTIZ HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Sat, 10 Sep 2022 02:14:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
X-IPLB-Request-ID: 5B5A2A9A:CFD3_91EFC0A6:01BB_631BF31E_7A88E445:232FB
X-IPLB-Instance: 30196
confiant-integrations.global.ssl.fastly.net/6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/config.js
151.101.85.194200 OK 18 kB URL HTTP/1.1 confiant-integrations.global.ssl.fastly.net/6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/config.js
IP 151.101.85.194:0
File type C source, ASCII text, with very long lines (63895)
Hash d21405803eb1aa9c6ed734f28edbdc7f
14b62f6f1db697f5a2b75b205ce1fcdba15cc97e
97adbfb34f6611850998e5bab5e5ae6963dbcca28d11888de0b42ef6fcf13860
GET /6JazTGIJh-hokZ3Hzq9-29PxCyY/gpt_and_prebid/config.js HTTP/1.1
Host: confiant-integrations.global.ssl.fastly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 18250
x-amz-id-2: KGn9i5Yd3MNGcwGkvJO5uFNlDBEhy068j456f6S/dhkjdL6oIbONtXGcwbHXwpWnyB3LlkNFzCg=
x-amz-request-id: QY8RCQSXZ3KGV2N6
Last-Modified: Sat, 10 Sep 2022 01:04:14 GMT
ETag: "d21405803eb1aa9c6ed734f28edbdc7f"
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Content-Encoding: gzip
Content-Type: text/javascript
Server: AmazonS3
Accept-Ranges: bytes
Date: Sat, 10 Sep 2022 02:14:55 GMT
Via: 1.1 varnish
Age: 791
X-Served-By: cache-bma1672-BMA
X-Cache: HIT
X-Cache-Hits: 17
X-Timer: S1662776095.175048,VS0,VE0
id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
162.19.138.118200 43 B URL HTTP/1.1 id5-sync.com/i/12/9.gif?gdpr=&gdpr_consent=
IP 162.19.138.118:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/12/9.gif?gdpr=&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sat, 10-Sep-2022 02:19:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sat, 10-Sep-2022 02:19:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sat, 10-Sep-2022 02:19:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sat, 10-Sep-2022 02:19:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sat, 10-Sep-2022 02:19:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sat, 10-Sep-2022 02:19:55 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sat, 10 Sep 2022 02:14:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 97e5566c275b9fe27464690811145846
fa8973c8004db59d9a8fd46e9743fb6c9a8d3efd
e77cd1a4510c736e628aa10719f7694d7c7fef15adf1a449d800f90cde76fb88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
id5-sync.com/g/v2/12.json
162.19.138.118200 215 B URL HTTP/1.1 id5-sync.com/g/v2/12.json
IP 162.19.138.118:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a04ae2819bcaffcc5405295208f61f48
c5e59943ffa1b7aa0febcdf744a0c7341b9f73ba
71e1a2f7198fffde65f6ee1d467c0db34b660532633deb6edc98052a6e31319a
POST /g/v2/12.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 119
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 10 Sep 2022 02:14:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
adlv.hit.gemius.pl/_1662776085296/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC/inner=;/extra=;
51.77.53.76301 Moved Permanently 0 B URL HTTP/2 adlv.hit.gemius.pl/_1662776085296/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC/inner=;/extra=;
IP 51.77.53.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /_1662776085296/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC/inner=;/extra=; HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 10 Sep 2022 02:14:55 GMT
expires: Fri, 09 Sep 2022 02:14:55 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlGP6RGGQMGGICHBa-slk2XissGMXP8cERbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sat, 17 Sep 2022 02:14:55 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1662776085296/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC/inner=;/extra=;
content-length: 0
X-Firefox-Spdy: h2
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
178.250.2.146200 OK 304 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
IP 178.250.2.146:0
Hash da030b9a152a0e18e9672b0601d1bd65
34f777c74e69366f8e12caecada51fee8e93a331
bd96b62cda866bf4c38905f99dbde50bbd5d533d8745c40f5b72f006bab74f5c
GET /sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 1039368
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
id5-sync.com/g/v2/102.json
162.19.138.118200 216 B URL HTTP/1.1 id5-sync.com/g/v2/102.json
IP 162.19.138.118:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 32809484a244960cc004973be6c84e84
ab7751a422b402d46cafeb03dfd482526ebb5861
b38a76f7768e8c8c43250a66e0dd1383c8accd57f0b4b7b0ffe1d4bca2082a4f
POST /g/v2/102.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 151
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 10 Sep 2022 02:14:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/wrap.js
151.101.85.194200 OK 66 kB URL HTTP/1.1 confiant-integrations.global.ssl.fastly.net/gptprebidnative/202209061116/wrap.js
IP 151.101.85.194:0
File type Unicode text, UTF-8 text, with very long lines (21695)
Hash ff03fa033abd214ac10b94ea9d102f86
161528db265b2f61ada61b8ff61c4d4e7bf84015
97ace8ef42604ad36e820df5ddf448d5a1df401a1cc8e13e24cbcccc7ced8ee2
GET /gptprebidnative/202209061116/wrap.js HTTP/1.1
Host: confiant-integrations.global.ssl.fastly.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 65932
x-amz-id-2: Rr7cYI6Fw8UpTY9jSYPxhdIxs1FhSLXRi9DJdHuZTL1Ruu5Cz/45dcbsog/gopf8jXg745RAEPk=
x-amz-request-id: Q1KB3Q0XWDZW660B
Last-Modified: Tue, 06 Sep 2022 17:14:03 GMT
ETag: "ff03fa033abd214ac10b94ea9d102f86"
Cache-Control: public, max-age=864000
Content-Encoding: gzip
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Accept-Ranges: bytes
Date: Sat, 10 Sep 2022 02:14:55 GMT
Via: 1.1 varnish
Age: 291463
X-Served-By: cache-bma1672-BMA
X-Cache: HIT
X-Cache-Hits: 66666
X-Timer: S1662776095.324002,VS0,VE0
googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
142.250.74.66200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220907/r20190131/zrt_lookup.html
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 09a8bd805dba1307ae0bd76a0c9ca73d
bdc16e7610abae944da47ff3a0e5fea818241fb0
e3978f36e9c5f0b909ed64015db629e2c64b46e75d165c6d1d146fcb792cdbde
GET /pagead/html/r20220907/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4412
x-xss-protection: 0
date: Fri, 09 Sep 2022 20:41:14 GMT
expires: Fri, 23 Sep 2022 20:41:14 GMT
cache-control: public, max-age=1209600
age: 20021
etag: 8616628553774171045
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9bb8aaabff1e898dd4d4aada38aae74a
756165ec90392c3bc0b814c8fcbbc1a29cc9814f
3d723f8a28ffd99150110328fa8a3d648c44db44be92fbbf71f1e9591d85b7f7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 02:14:55 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Sep 2022 18:01:45 GMT
Expires: Wed, 14 Sep 2022 18:01:44 GMT
Etag: "756165ec90392c3bc0b814c8fcbbc1a29cc9814f"
Cache-Control: max-age=401808,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7484a723aca6b4fa-OSL
adlv.hit.gemius.pl/__/_1662776085296/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC/inner=;/extra=;
51.77.53.76200 OK 2 B URL HTTP/2 adlv.hit.gemius.pl/__/_1662776085296/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC/inner=;/extra=;
IP 51.77.53.76:0
Hash e1c06d85ae7b8b032bef47e42e4c08f9
71853c6197a6a7f222db0f1978c7cb232b87c5ee
75a11da44c802486bc6f65640aa48a730f0f684c5c07a42ba3cd1735eb3fb070
GET /__/_1662776085296/redot.js/id=cns7AgdaXBYsyS5JpfAZmqdyrsxIb08P1XEXk6H1iiL.t7/stparam=ojgrfjfqwg/fastid=mvjrrzolrahpsxdvryssmdvxdjoo/sarg=NC/inner=;/extra=; HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
expires: Fri, 09 Sep 2022 02:14:55 GMT
server: GHC
accept-ranges: none
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
set-cookie: Gtest=KlSVcMXGQMQGKBzRIC9lk2XissGMXP8cERbG; Domain=hit.gemius.pl; Path=/; SameSite=None; Secure; Expires=Sat, 17 Sep 2022 02:14:55 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 2
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
54.230.111.47200 OK 704 B URL HTTP/2 rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
IP 54.230.111.47:0
Hash fbaa2119c61e78e9d75aa54de9bd3249
7e0082e545e179205798e51e8955e40a7de24297
bd4c9b7c8a7479afe537a70f5cedc3decff1e20d0c74ad48a9c8c7613e4acec4
GET /rules-p-6Fv0cGNfc_bw8.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Sat, 27 Aug 2022 14:06:59 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Sat, 10 Sep 2022 01:35:24 GMT
cache-control: max-age=3600
etag: W/"552289573698eb75389ce036af4dd98e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xa9YIAsKMJ2YRng7f2uSSjoKukHTxDNnmxgXAQ4TNV91iPmtSPZppA==
age: 2374
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 138292895fee5c7f45dea1c5f7484917
76945f4050075c0133eb4ab85dde00e8ef1eedec
37c79a65a166d53ae469d6ef7f30e2782486cc1e0018856c722f6f9dc5fe68b4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "37C79A65A166D53AE469D6EF7F30E2782486CC1E0018856C722F6F9DC5FE68B4"
Last-Modified: Fri, 09 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3757
Expires: Sat, 10 Sep 2022 03:17:32 GMT
Date: Sat, 10 Sep 2022 02:14:55 GMT
Connection: keep-alive
adlv.hit.gemius.pl/gdejs/xgde.html
51.77.53.76200 OK 215 B URL HTTP/2 adlv.hit.gemius.pl/gdejs/xgde.html
IP 51.77.53.76:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 55e60b35e679aae2decd8d7b37c2c310
cc934f43ee3d226c5f8f040e42343bfc26b26f01
72796c74c2c95fe9d62ecc1ea25b00b824c095fd955b5c67e82eb2dd0b50600f
GET /gdejs/xgde.html HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
expires: Sun, 11 Sep 2022 02:14:55 GMT
server: GHC
accept-ranges: none
cache-control: public, max-age=86400
last-modified: Fri, 18 Aug 2017 12:03:49 GMT
etag: "5996D7A50000012F9178E011"
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 215
content-encoding: gzip
X-Firefox-Spdy: h2
s.cpx.to/fire.js?pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2F&hn_ver=40&fid=6c516e63-1b91-42c3-abe5-04b9c756226d
52.50.15.242200 OK 838 B URL HTTP/1.1 s.cpx.to/fire.js?pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2F&hn_ver=40&fid=6c516e63-1b91-42c3-abe5-04b9c756226d
IP 52.50.15.242:0
File type ASCII text, with very long lines (838), with no line terminators
Hash 080a6c3357de3d7925714e7c854b1d82
f04d9c02296779e44138cbfb4d742589629102a9
cb97c5db68e22521fac5f80bc50c8c3d601c13dc1bce64f41f0a958544a4492a
GET /fire.js?pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2F&hn_ver=40&fid=6c516e63-1b91-42c3-abe5-04b9c756226d HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, private, max-age=0
Content-Security-Policy: default-src 'self'
Content-Type: application/javascript; charset=UTF-8
Date: Sat, 10 Sep 2022 02:14:55 GMT
Expires: Wed, 31 Aug 2022 13:51:03 UTC
P3P: CP="NOI DEV ADM"
Pragma: no-cache
Set-Cookie: cpSess=572c726bfd4e62e1; Expires=Sun, 10 Sep 2023 02:14:55 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
Content-Length: 838
Connection: keep-alive
pixel.quantserve.com/pixel;r=207266027;labels=Categories.personal-finance%2CMots%20Cl%C3%A9s.earn%20money%2CMots%20Cl%C3%A9s.short%20link%2CMots%20Cl%C3%A9s.get%20paid;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Flink1s.com%2F;uht=2;fpan=0;fpa=P0-2073003213-1662776086167;pbc=;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;cm=;gdpr=0;ref=;d=link1s.com;dst=0;et=1662776086168;tzo=0;ogl=;ses=a54bac59-d761-4137-99e6-32ae9b4723c3
91.228.74.244200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=207266027;labels=Categories.personal-finance%2CMots%20Cl%C3%A9s.earn%20money%2CMots%20Cl%C3%A9s.short%20link%2CMots%20Cl%C3%A9s.get%20paid;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Flink1s.com%2F;uht=2;fpan=0;fpa=P0-2073003213-1662776086167;pbc=;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;cm=;gdpr=0;ref=;d=link1s.com;dst=0;et=1662776086168;tzo=0;ogl=;ses=a54bac59-d761-4137-99e6-32ae9b4723c3
IP 91.228.74.244:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=207266027;labels=Categories.personal-finance%2CMots%20Cl%C3%A9s.earn%20money%2CMots%20Cl%C3%A9s.short%20link%2CMots%20Cl%C3%A9s.get%20paid;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Flink1s.com%2F;uht=2;fpan=0;fpa=P0-2073003213-1662776086167;pbc=;ns=0;ce=1;qjs=1;qv=087c24cc-20220902090643;cm=;gdpr=0;ref=;d=link1s.com;dst=0;et=1662776086168;tzo=0;ogl=;ses=a54bac59-d761-4137-99e6-32ae9b4723c3 HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=631bf31f-89e30-d5e21-c35aa; expires=Wed, 11-Oct-2023 02:14:55 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.244200 OK 10 kB URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.244:0
File type ASCII text, with very long lines (26638)
Hash b5b2eb0fa7d77eb3ed9eb7c605d07d99
1f3440d67e95e8af633824611a04fdc12bc81630
598958693b90f5112e9534541b961634b72e05baecf170005f1eca39e3389fe5
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "3K3nn1ChiYCKxJYFUmbsHw=="
expires: Sat, 17 Sep 2022 02:14:55 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
link1s.com/sbbi/?sbbpg=sbbShell&gprid=hv&sbbgs=h495585b81ed3fe7c91197e882473eece996&ddl=-7
151.139.128.10200 OK 20 kB URL HTTP/2 link1s.com/sbbi/?sbbpg=sbbShell&gprid=hv&sbbgs=h495585b81ed3fe7c91197e882473eece996&ddl=-7
IP 151.139.128.10:0
Hash 26d4f518f4090107cab514f9b1e6568a
8812ac81d1daf8b72c90444adf38b436f3c0853b
fb1fcb162af86a7aeba11c0e30a3e59e97fae1f612e52d88dbe397d0bfcd9b9a
GET /sbbi/?sbbpg=sbbShell&gprid=hv&sbbgs=h495585b81ed3fe7c91197e882473eece996&ddl=-7 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==; PRLST=hv
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
x-hw: 1662776094.cds222.sk1.hn,1662776094.cds229.sk1.sc,1662776094.cdn2-redis01-arn1.stackpath.systems.-.i,1662776094.cds229.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
id5-sync.com/g/v2/481.json
162.19.138.118200 216 B URL HTTP/1.1 id5-sync.com/g/v2/481.json
IP 162.19.138.118:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 94257596cc90be2eb010de6c537d99cf
e19ea34e8b7770ede21f8ad7bff2408e48060c0e
6fc3c400032ef5ee4b087b7df79ba80af282f56d624e744243dbfec6e4fad08e
POST /g/v2/481.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 119
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sat, 10 Sep 2022 02:14:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b5e19962d37ed730e9c2226ec94c4018
958df4894c105634162f684cdad4a7d0109cfdb6
9bdc173a79de8f70db265d5ced580e6e16331734769a3dea456fe83151fb1345
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6396
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:55 GMT
Last-Modified: Sat, 10 Sep 2022 00:28:19 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 8736946288fc572012bc6e5f5d5eef36
d3ae6757b98abd5b0468b04ad10da5d6449621e0
4d902e616b65648558591215fd30a0397620537309da65a8174dab16a397e5da
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 02:14:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 14 Sep 2022 01:13:01 GMT
ETag: "d3ae6757b98abd5b0468b04ad10da5d6449621e0"
Last-Modified: Sat, 10 Sep 2022 01:13:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 818
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7484a7265a390afe-OSL
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 8125239dadceea3aa2f9d0a1d470032a
2a68dae384c7371357085830092cad905c9a4b48
c9c44617be01dd1c31241b581dd219b2e5bf8b7ae0ba46bfe29a253e20494b32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2832
Cache-Control: max-age=134813
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:55 GMT
Etag: "631b53ac-13a"
Expires: Sun, 11 Sep 2022 15:41:48 GMT
Last-Modified: Fri, 09 Sep 2022 14:54:36 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 314
eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
104.88.9.101200 OK 233 B URL HTTP/1.1 eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
IP 104.88.9.101:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 6220919f0a2b24a12a281ea8b891ecf6
759111c360edc6df73ed10aaaa212cb22c47ce0d
030c6e199782fb1908f6f89d3cd41950fd3ae0830c5020ba9ed617111bacd180
GET /usync.html?p=pbs-setupad&endpoint=eu HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 10 Sep 2022 02:14:55 GMT
Connection: keep-alive
Vary: Accept-Encoding
adlv.hit.gemius.pl/gemius.js
51.77.53.76200 OK 16 kB URL HTTP/2 adlv.hit.gemius.pl/gemius.js
IP 51.77.53.76:0
File type ASCII text, with very long lines (417)
Hash 4d5ea203837e0ac492f39970cca1203d
03cde0e85f12d1cb561c71bd0b7184c93749003e
92c9e5f295f4217d9dfca11853d2e0d15c5e7f2e1dfdc08fd954ffcc7a9bf043
GET /gemius.js HTTP/1.1
Host: adlv.hit.gemius.pl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adlv.hit.gemius.pl/gdejs/xgde.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
expires: Sat, 10 Sep 2022 14:14:55 GMT
server: GHC
accept-ranges: none
cache-control: max-age=43200
last-modified: Wed, 07 Sep 2022 10:13:48 GMT
vary: Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
content-length: 15796
content-encoding: gzip
X-Firefox-Spdy: h2
sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D6c516e63-1b91-42c3-abe5-04b9c756226d&gdpr=0
185.86.137.110302 Found 0 B URL HTTP/1.1 sync.smartadserver.com/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D6c516e63-1b91-42c3-abe5-04b9c756226d&gdpr=0
IP 185.86.137.110:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dsmart_ad_server%26dsp_uid%3D%5Bsas_uid%5D%26fid%3D6c516e63-1b91-42c3-abe5-04b9c756226d&gdpr=0 HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
content-length: 0
date: Sat, 10 Sep 2022 02:14:55 GMT
cache-control: no-cache,no-store
location: https://sync.smartadserver.com:443/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6c516e63-1b91-42c3-abe5-04b9c756226d&gdpr=0&cklb=1
pragma: no-cache
set-cookie: TestIfCookie=ok; expires=Mon, 01 Jan 0001 00:00:00 GMT; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sun, 10 Sep 2023 02:14:55 GMT; domain=.smartadserver.com; path=/
pbw=%24b%3d12960%3b%24o%3d99999; expires=Sun, 10 Sep 2023 02:14:55 GMT; domain=.smartadserver.com; path=/
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
link1s.com/sbbi/?sbbpg=sbbShell&gprid=hv
151.139.128.10200 OK 2.8 kB URL HTTP/2 link1s.com/sbbi/?sbbpg=sbbShell&gprid=hv
IP 151.139.128.10:0
Hash bf8f926009d043809120b8d80316cb0b
8f8a8ccabae0f543485b2e7bbc9bbb717d3cc5e3
719ddb38673e37b00901f7d8f5debcb6bc625d938b786d0e564998808bd188e4
GET /sbbi/?sbbpg=sbbShell&gprid=hv HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/sbbi/?sbbpg=sbbShell&gprid=hv&sbbgs=h495585b81ed3fe7c91197e882473eece996&ddl=-7
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==; PRLST=hv; ab=2; adOtr=fdd6d0a1c3b; _pbjs_userid_consent_data=3524755945110770; sharedid=6b82b95e-53b8-43fb-8911-9d3638a87d38; _ga=GA1.2.481928402.1662776086; _gid=GA1.2.2128553896.1662776086; _gat_gtag_UA_129758818_7=1; qcSxc=1662776086170
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
server: fbs
x-accel-expires: 0
x-hw: 1662776095.cds222.sk1.hn,1662776095.cds259.sk1.sc,1662776095.cdn2-redis01-arn1.stackpath.systems.-.i,1662776095.cds259.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Flink1s.com%252F%26hn_ver%3D40%26fid%3D6c516e63-1b91-42c3-abe5-04b9c756226d
185.89.210.90307 Redirection 0 B URL HTTP/1.1 secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Flink1s.com%252F%26hn_ver%3D40%26fid%3D6c516e63-1b91-42c3-abe5-04b9c756226d
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12762%26ref%3D%26url%3Dhttps%253A%252F%252Flink1s.com%252F%26hn_ver%3D40%26fid%3D6c516e63-1b91-42c3-abe5-04b9c756226d HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 02:14:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12762%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Flink1s.com%25252F%2526hn_ver%253D40%2526fid%253D6c516e63-1b91-42c3-abe5-04b9c756226d
AN-X-Request-Uuid: d8587a31-bbed-4b8e-bb91-3b3e63e61429
Set-Cookie: uuid2=1290667841606819808; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 02:14:55 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
script.4dex.io/adagio.js
172.67.75.241200 OK 23 kB IP 172.67.75.241:0
File type ASCII text, with very long lines (65354)
Hash 93432915be81b39270e62323ae331c9c
5fcf49b2ae0517b2e2c85f33246d1c9f1148666b
83ae8a1f94fcb3549871882e15a17aa257ca4c7b0a2fbae70247948aaa1c67dd
GET /adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
content-type: application/javascript
access-control-allow-headers: Authorization
access-control-max-age: 3000
x-amz-id-2: txcb84b020bfef4b0488444-00631b6358
access-control-allow-credentials: true
x-amz-request-id: txcb84b020bfef4b0488444-00631b6358
last-modified: Fri, 09 Sep 2022 16:00:45 GMT
etag: W/"831813ee9b2fc0d248741417a0e3b488"
cache-control: public, max-age=1800
x-amz-version-id: 1662739245061580
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: HIT
age: 36784
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YA3WbAyLJ7N75ujDBqdNPtvYiGlg%2F7phyYjH6j1jZOuddLWvZ%2FR8sIff685LTB6sWYaE9doAHj1SamSvk87BDnYMU0p77V1uZ%2BGgGdGlGkhrJE%2Bpl44StUWhm6Bo4Acp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7484a72679a0b4ee-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 46ecbf552399818da651b7cc15dc1b91
2561a8129eb4c0359611ca82adc18b28dd68a9ed
834045a22eba5bd42acbf5185b3dd20994b107d3e5947c3df6a06e799d301e25
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 10 Sep 2022 02:14:55 GMT
Last-Modified: Sat, 10 Sep 2022 01:03:58 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pOONMbuxlKKqURiBh7Hn6BLb2yUxRvPI8LJPsFW7a0PbHCS4bvuXWQ==
Age: 4257
eus.rubiconproject.com/usync.js
104.88.9.101200 OK 9.4 kB URL HTTP/1.1 eus.rubiconproject.com/usync.js
IP 104.88.9.101:0
File type ASCII text, with very long lines (17571)
Hash d7f4920c92271a0201ab111efe8a3b01
fffa95478e9715da307880fc91ce9b96eea5883a
3a00bdfd2f4cf862b611f0a9cfdf1da2aaa288cab21e4abba114656f0478bccb
GET /usync.js HTTP/1.1
Host: eus.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Wed, 24 Aug 2022 20:46:19 GMT
Content-Encoding: gzip
Content-Length: 9380
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=33389
Expires: Sat, 10 Sep 2022 11:31:24 GMT
Date: Sat, 10 Sep 2022 02:14:55 GMT
Connection: keep-alive
Vary: Accept-Encoding
secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12762%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Flink1s.com%25252F%2526hn_ver%253D40%2526fid%253D6c516e63-1b91-42c3-abe5-04b9c756226d
185.89.210.90302 Found 0 B URL HTTP/1.1 secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12762%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Flink1s.com%25252F%2526hn_ver%253D40%2526fid%253D6c516e63-1b91-42c3-abe5-04b9c756226d
IP 185.89.210.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12762%2526ref%253D%2526url%253Dhttps%25253A%25252F%25252Flink1s.com%25252F%2526hn_ver%253D40%2526fid%253D6c516e63-1b91-42c3-abe5-04b9c756226d HTTP/1.1
Host: secure.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 02:14:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Location: https://s.cpx.to/an_fire?app_nexus_uid=0&pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2F&hn_ver=40&fid=6c516e63-1b91-42c3-abe5-04b9c756226d
AN-X-Request-Uuid: 12e5225b-8c84-4bad-a01f-6fb11bc94313
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6c516e63-1b91-42c3-abe5-04b9c756226d&gdpr=0&cklb=1
185.86.137.110200 OK 0 B URL HTTP/1.1 sync.smartadserver.com/getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6c516e63-1b91-42c3-abe5-04b9c756226d&gdpr=0&cklb=1
IP 185.86.137.110:0
ASN #201081 SmartAdServer SAS
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?url=https://s.cpx.to/sync?dsp=smart_ad_server&dsp_uid=[sas_uid]&fid=6c516e63-1b91-42c3-abe5-04b9c756226d&gdpr=0&cklb=1 HTTP/1.1
Host: sync.smartadserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 0
date: Sat, 10 Sep 2022 02:14:55 GMT
s.cpx.to/ca.png?dsp=dbm&fid=6c516e63-1b91-42c3-abe5-04b9c756226d&google_error=3
52.50.15.242200 OK 95 B URL HTTP/1.1 s.cpx.to/ca.png?dsp=dbm&fid=6c516e63-1b91-42c3-abe5-04b9c756226d&google_error=3
IP 52.50.15.242:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /ca.png?dsp=dbm&fid=6c516e63-1b91-42c3-abe5-04b9c756226d&google_error=3 HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Cookie: cpSess=572c726bfd4e62e1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, private, max-age=0
Content-Security-Policy: default-src 'self'
Content-Type: image/png
Date: Sat, 10 Sep 2022 02:14:55 GMT
Pragma: no-cache
Set-Cookie: cpSess=572c726bfd4e62e1; Expires=Sun, 10 Sep 2023 02:14:55 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
Content-Length: 95
Connection: keep-alive
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
178.250.2.146200 OK 42 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ff6c4b16e1af9d8ec3f92c1afbdf2055
71a14b79873e404d4815725477b9b1d1f52dd272
64e9f3a5f2eceedf1bf04058a3782bb168aa8972e1b9ad2069523a518cb39527
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 685772
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
onetag-sys.com/prebid-request
51.89.9.253200 OK 41 B URL HTTP/2 onetag-sys.com/prebid-request
IP 51.89.9.253:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1c15203d1319c02fe2a06d78bc45eccf
40386992654bdda331c8f6eb21ac79de396119ee
cc81a9c5e7147dba347b0ffd34f64e9a7c40f25782569fec5c3fc68b4017badb
POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1162
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://link1s.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
mp.4dex.io/prebid
104.18.3.114204 No Content 0 B IP 104.18.3.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2198
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 02:14:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Parsing the Prebid Request. site disabled
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7484a7275cc40afa-OSL
X-Firefox-Spdy: h2
s.cpx.to/an_fire?app_nexus_uid=0&pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2F&hn_ver=40&fid=6c516e63-1b91-42c3-abe5-04b9c756226d
52.50.15.242200 OK 95 B URL HTTP/1.1 s.cpx.to/an_fire?app_nexus_uid=0&pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2F&hn_ver=40&fid=6c516e63-1b91-42c3-abe5-04b9c756226d
IP 52.50.15.242:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 9606fa62df0ffe87253f3baf418f0e42
fe8520ab0bf1622350513d685ece5faf70b4e8c1
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
GET /an_fire?app_nexus_uid=0&pid=12762&ref=&url=https%3A%2F%2Flink1s.com%2F&hn_ver=40&fid=6c516e63-1b91-42c3-abe5-04b9c756226d HTTP/1.1
Host: s.cpx.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Cookie: cpSess=572c726bfd4e62e1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-store, must-revalidate, private, max-age=0
Content-Security-Policy: default-src 'self'
Content-Type: image/png
Date: Sat, 10 Sep 2022 02:14:55 GMT
Expires: Sat, 10 Sep 2022 02:14:55 UTC
P3P: CP="NOI DEV ADM"
Pragma: no-cache
Set-Cookie: cpSess=572c726bfd4e62e1; Expires=Sun, 10 Sep 2023 02:14:55 GMT; Domain=.cpx.to; Path=/; Secure; HttpOnly; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-Permitted-Cross-Domain-Policies: none
Content-Length: 95
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 160b4970e4269490d9e9f86823320d58
76c7c899d192a21d056f5bb07f6b274ad8988e0f
9f8b30cb105cc7a3db92d84c692b42b0fd10dfd3037664ee8ad62414d8851881
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9F8B30CB105CC7A3DB92D84C692B42B0FD10DFD3037664EE8AD62414D8851881"
Last-Modified: Thu, 08 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3079
Expires: Sat, 10 Sep 2022 03:06:14 GMT
Date: Sat, 10 Sep 2022 02:14:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5afd68dba955f01c7f57f7736fe09d98
68f0748246918e3356bc59fc149049928c436a7b
cee996191afd8c9bfcfdb675b0ba76f8dc4bc86682b0992961ec461919159cd5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2087
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:55 GMT
Last-Modified: Sat, 10 Sep 2022 01:40:09 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 863f9f9778e13dd2f0c5a0ba852e540b
c13ea25e5880f470779277906d32caec83ad146e
727713f0f68b972669ca2cea3b6d26b0c26ec56a778d4aebd29ec4fc84983fc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4120
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:55 GMT
Last-Modified: Sat, 10 Sep 2022 01:06:15 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5afd68dba955f01c7f57f7736fe09d98
68f0748246918e3356bc59fc149049928c436a7b
cee996191afd8c9bfcfdb675b0ba76f8dc4bc86682b0992961ec461919159cd5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2087
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:55 GMT
Last-Modified: Sat, 10 Sep 2022 01:40:09 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
prebid.a-mo.net/a/c
147.75.85.234204 No Content 0 B IP 147.75.85.234:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 888
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: max-age=0, private, must-revalidate
date: Sat, 10 Sep 2022 02:14:55 GMT
server: envoy
vary: origin, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
prebid-eu.creativecdn.com/bidder/prebid/bids
185.184.8.90204 No Content 0 B URL HTTP/2 prebid-eu.creativecdn.com/bidder/prebid/bids
IP 185.184.8.90:0
ASN #204995 Rtb House S.A.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bidder/prebid/bids HTTP/1.1
Host: prebid-eu.creativecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 740
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 02:14:55 GMT
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-max-age: 3600
vary: Origin
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6c516e63-1b91-42c3-abe5-04b9c756226d
185.64.189.110200 OK 20 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6c516e63-1b91-42c3-abe5-04b9c756226d
IP 185.64.189.110:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6c516e63-1b91-42c3-abe5-04b9c756226d HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 02:14:54 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 35fb28d08b688949cb3f6ba325a48c62
f3a3c2bdde6895bfff21590f8d12af99803572a3
bc193983baec075901fd5bbe127df5bf247515692b2be45daa1f3896f5462852
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2857
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:56 GMT
Last-Modified: Sat, 10 Sep 2022 01:27:19 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ib.adnxs.com/ut/v3/prebid
185.89.210.101200 OK 143 B URL HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.101:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d7ac6dbdffe5f5b20162f6eed0f4a135
c0de127f73af5468e5b4e7ef86fa664ced9dbbd0
25b61fbf3ae53a4ef8bccf3b20b69742279c732f57da0cd6de1508b087b6fafb
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 821
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 02:14:56 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 143
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://link1s.com
AN-X-Request-Uuid: 32c14092-e8d4-4306-bf63-bc177e831a0e
Set-Cookie: icu=ChgI6fZ8EAoYASABKAEwn-bvmAY4AUABSAEQn-bvmAYYAA..; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 02:14:55 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=2894537893458039565; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 02:14:55 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 99015c181579430ede629eb2a080cfe7
d81409597977f07e11ea3ff0096623462209148b
915bcc83605d9ed3f198633b4a94597c0662c3f801d62a6d5fc361fdc9842aa9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 10 Sep 2022 02:14:55 GMT
Last-Modified: Sat, 10 Sep 2022 00:51:07 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Tg0CPlOGdvzOkYgFl7CIOF3xuF0b4MqzVvtRCq9rBCniaPWk2UGQWw==
Age: 5028
adx.adform.net/adx/openrtb
37.157.6.241204 No Content 0 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.241:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 743
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 10 Sep 2022 02:14:56 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://link1s.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
213.19.162.90204 No Content 0 B URL HTTP/1.1 pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
IP 213.19.162.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-setupad HTTP/1.1
Host: pixel-eu.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eus.rubiconproject.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: deb9f124eecce7a554c70ca983265c95
Content-Type: image/gif
gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&bundle=O8d-P19pdmxxMnpQc1luaUowRXRlNlAlMkJ0bFV2NUY0MFg3ZHJtTmVjUkNmWUpVRFBBb0FDQ3RlUzRqMFJLQTFsM1o0MWdJNTlGM3owWTAyZ0VldXY4eiUyRmRWbFFnb1c0WFRmeHVtUlJrODJ5NHk3MDg4WjFsWXBiaEtEVDdPVGVWRDNPNVI&cw=1&lsw=1
178.250.2.146200 OK 22 B URL HTTP/2 gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&bundle=O8d-P19pdmxxMnpQc1luaUowRXRlNlAlMkJ0bFV2NUY0MFg3ZHJtTmVjUkNmWUpVRFBBb0FDQ3RlUzRqMFJLQTFsM1o0MWdJNTlGM3owWTAyZ0VldXY4eiUyRmRWbFFnb1c0WFRmeHVtUlJrODJ5NHk3MDg4WjFsWXBiaEtEVDdPVGVWRDNPNVI&cw=1&lsw=1
IP 178.250.2.146:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 91d4898f938e4920ac88f87453b33933
1bd4a04303c2501101656075ad8304e1a84eb91e
93ecc6762eafd376cbe2fd18250fa9f12c90f9a86b481430ef29ec40716d8f35
OPTIONS /sid/json?origin=prebid&topUrl=https%3A%2F%2Flink1s.com%2F&domain=link1s.com&bundle=O8d-P19pdmxxMnpQc1luaUowRXRlNlAlMkJ0bFV2NUY0MFg3ZHJtTmVjUkNmWUpVRFBBb0FDQ3RlUzRqMFJLQTFsM1o0MWdJNTlGM3owWTAyZ0VldXY4eiUyRmRWbFFnb1c0WFRmeHVtUlJrODJ5NHk3MDg4WjFsWXBiaEtEVDdPVGVWRDNPNVI&cw=1&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 329787
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 9e590928a553eff33914f18f2406efa1
2b14e5cb4572f322147050ed40f7573deddefa72
0c41809b35a1cccdd57658032ed3989c9e1b0aa5035d4f9f25a5ce30706785a7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 10 Sep 2022 02:14:56 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 16:09:19 GMT
Expires: Fri, 16 Sep 2022 16:09:18 GMT
Etag: "2b14e5cb4572f322147050ed40f7573deddefa72"
Cache-Control: max-age=567861,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7484a7284eb1b4fa-OSL
ads.betweendigital.com/adjson?t=prebid
188.42.196.115200 OK 499 B URL HTTP/2 ads.betweendigital.com/adjson?t=prebid
IP 188.42.196.115:0
Hash 36352514fd410ce57b8ae7e67a14b02d
425d1e5421ea24aa7009820f45111e1ddcbd52ee
19f1ebcb9ac866c399cac509d0c343b0f55a8544184b294db0e1ef50528c133e
POST /adjson?t=prebid HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 617
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-origin: https://link1s.com
access-control-allow-credentials: true
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 10 Sep 2023 02:14:56 GMT; Path=/; Domain=.betweendigital.com
tuuid=01df9d48-3610-52fd-b207-1dd4d11ceef4; Max-Age=31536000; Expires=Sun, 10 Sep 2023 02:14:56 GMT; Path=/; Domain=.betweendigital.com
ut=YxvzIAABmiiCH2OTuzjPZBwJe1FOwQM4rFSeyg==; Max-Age=31536000; Expires=Sun, 10 Sep 2023 02:14:56 GMT; Path=/; Domain=.betweendigital.com
unm=1; Max-Age=31536000; Expires=Sun, 10 Sep 2023 02:14:56 GMT; Path=/; Domain=.betweendigital.com
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=2375728930
178.250.0.165204 No Content 0 B URL HTTP/2 bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=2375728930
IP 178.250.0.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdb?profileId=207&av=34&wv=6.6.0&cb=2375728930 HTTP/1.1
Host: bidder.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 285
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 02:14:56 GMT
vary: Origin
server: Finatra
timing-allow-origin: *
access-control-allow-origin: https://link1s.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=link1s.com
178.250.2.146200 OK 5.0 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=link1s.com
IP 178.250.2.146:0
Hash 50d9b7383519f5429ebff666d9fa5f39
8983738e79e5717deeadd9655ae3cad99bad59c9
53fb5bf1b07a23820aa06f2aea7db01831ed186f147e01d9ae7b0dd8566b9f2e
GET /syncframe?origin=rtus&topUrl=link1s.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=55272409-b8ac-4060-ab69-c1a3f8779ce5; expires=Thu, 05 Oct 2023 02:14:56 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 538583
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 92f8aba7c01c0c6bdd0d19a1ed19f727
d87562dfbe5169143d59037918acff1178959439
aa7248a08aee7cc8945589619c61178cd97b035ffb58524b90e24d5801379d26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6173
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:56 GMT
Last-Modified: Sat, 10 Sep 2022 00:32:03 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 314
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:56 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=43NHjF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dITyUyRkliVE1QJTJCMFZaYUk1eCUyRlVBRXZ1bkpEV2tqcWhXSVZKc2lscDY1JTJCcA; expires=Thu, 05 Oct 2023 02:14:56 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 251863
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.23200 OK 1.8 kB IP 192.124.249.23:0
Hash 0882e195d95251a3901c83f47e0a0ea3
1b0d4786abf8ef258d56a7eb8e6d72c32edd489d
633d2d3af28d4172993140072dbe9bcbbcadd9230ef9905ad5ba75527f5a40a0
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sat, 10 Sep 2022 02:14:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 09 Sep 2022 21:53:23 GMT
Expires: Sat, 10 Sep 2022 21:53:23 GMT
ETag: "1b0d4786abf8ef258d56a7eb8e6d72c32edd489d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 382606967641545c0349e541df9cd319
95b1c18bc73f9c26cca9148c69019f1c5d276819
361a7f6748fe12356ad99921370e4ccb1ceb682ec76971a1444d69c3e9c7274c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4478
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:56 GMT
Last-Modified: Sat, 10 Sep 2022 01:00:19 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 382606967641545c0349e541df9cd319
95b1c18bc73f9c26cca9148c69019f1c5d276819
361a7f6748fe12356ad99921370e4ccb1ceb682ec76971a1444d69c3e9c7274c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4486
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:56 GMT
Last-Modified: Sat, 10 Sep 2022 01:00:10 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
3.75.3.113204 No Content 0 B URL HTTP/2 cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
IP 3.75.3.113:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID HTTP/1.1
Host: cs.emxdgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Sat, 10 Sep 2022 02:14:56 GMT
content-length: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b6f45c392e5f4b51eaf04b10d6a23be
e3edb73deae3858b3adc95fe23e7408491ebc5c6
5bcdd8e0da799c5da2fe670ed8ccdfee3ae2162aa024da566dba5f770e556c08
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5BCDD8E0DA799C5DA2FE670ED8CCDFEE3AE2162AA024DA566DBA5F770E556C08"
Last-Modified: Fri, 09 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3720
Expires: Sat, 10 Sep 2022 03:16:56 GMT
Date: Sat, 10 Sep 2022 02:14:56 GMT
Connection: keep-alive
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:56 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 516568
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.65200 OK 510 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.65:0
Hash a8e6630e6cba0ca2269475b66c7b0282
e220b95149226d2f46df736cd4faf56cb6d698a0
637f09344d54e01bf60201ab0315775339a62327132e5705880c53916e2742fa
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:56 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 126463
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
rtb.adxpremium.services/openrtb2/auction
54.36.238.155200 OK 1.4 kB URL HTTP/1.1 rtb.adxpremium.services/openrtb2/auction
IP 54.36.238.155:0
File type JSON data\012- , ASCII text, with very long lines (1391)
Hash 7da6147478775d1983491250d4288c12
bb0dc34716aad8ff52d9081bcf91f5ff9c08ecc1
93ab2162bc2ef69116bb872f596243db0df69224e613ca1b821270634d413fac
POST /openrtb2/auction HTTP/1.1
Host: rtb.adxpremium.services
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 652
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
content-type: application/json
expires: 0
pragma: no-cache
vary: Origin
x-prebid: pbs-go/unknown
date: Sat, 10 Sep 2022 02:14:57 GMT
content-length: 1392
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash b5a67710bec1edab304af4fe0d451254
ef0ff3774b3ff3f9731632476c6c6522c0c44663
66c9ac71fbb3fcf6987dc274a8d67942df58e9ba2f617494002c2e7d1be4c22b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3216
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:57 GMT
Last-Modified: Sat, 10 Sep 2022 01:21:21 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 312
gem.gbc.criteo.com/newidsd
185.235.84.134200 OK 396 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.134:0
Hash 2dfd68679cfde776a0c27b56c5881383
fc0bd44e3c2144fd35cdd5582d9d2a36dd28a42b
e89fbd583a6608a3ba48abba82cec72d0e347c543629ec80a05314492a4923ba
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 97191
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
intake.pbstck.com/v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=NO
104.22.1.93204 No Content 0 B URL HTTP/2 intake.pbstck.com/v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=NO
IP 104.22.1.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/intake/auction?sId=37b999cf&tId=f1c074e3-bb32-45fc-8bc8-19d7e33c39a9&c=1&ctr=NO HTTP/1.1
Host: intake.pbstck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1624
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 02:14:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7484a7325e9f1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
intake.pbstck.com/v1/intake/auction?sId=8e3f84a8&tId=f0e1efd3-353f-4ff1-b037-202b7bb3383d&c=1&ctr=NO
104.22.1.93204 No Content 0 B URL HTTP/2 intake.pbstck.com/v1/intake/auction?sId=8e3f84a8&tId=f0e1efd3-353f-4ff1-b037-202b7bb3383d&c=1&ctr=NO
IP 104.22.1.93:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/intake/auction?sId=8e3f84a8&tId=f0e1efd3-353f-4ff1-b037-202b7bb3383d&c=1&ctr=NO HTTP/1.1
Host: intake.pbstck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1624
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sat, 10 Sep 2022 02:14:57 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7484a7325ea01bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0faeb18f7edb7a2fa164ca0415ac89df
bba948c82b3bb09caaaa8a5358765f62c5bad8fe
386a6d61a5efc14b40c7aed957316947a272d1c52ec83bbeab7c1082d72e35d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3637
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 10 Sep 2022 02:14:59 GMT
Last-Modified: Sat, 10 Sep 2022 01:14:22 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 313
dnacdn.net/dna
178.250.2.146200 OK 6.0 kB IP 178.250.2.146:0
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (16366), with no line terminators
Hash 31ccbf3b1f75353618a1b8bd26ebd893
576a9600d633a14ca903e932ab87c6d9eb212290
f7d3abaa0e55baa83914f1e5ba4d51e0510546010f1834930f4f6033989a81f7
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=3qS1M180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dITyUyRkliVE1QJTJCMFZaYUk1eCUyRlVBRXUzZXUyYU83Q2ptV0ZlTlNqeGJkbzg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:58 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=SpgDeV80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dITyUyRkliVE1QJTJCMFZaYUk1eCUyRlVBRXRIdnh1eHY5cWJKN1VRMzgwcWZTZHY; expires=Thu, 05 Oct 2023 02:14:59 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 333216
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
37.157.6.241200 OK 43 B URL HTTP/2 cm.adform.net/cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID
IP 37.157.6.241:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /cookie?redirect_url=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26uid%3D%24UID HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 02:15:00 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
adx.adform.net/adx/openrtb
37.157.6.241200 OK 536 B URL HTTP/2 adx.adform.net/adx/openrtb
IP 37.157.6.241:0
File type gzip compressed data, from Unix\012- data
Hash 0033ea2ac7bf71369f3ca914869bd7f4
02cb500ceeafb2659c849f0233a01b1ad54849dc
e15c3b7839bfc0e44b766cc6e09520867e821936580e3cab19c0046a9815ac0e
OPTIONS /adx/openrtb HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://link1s.com/
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 02:14:55 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://link1s.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ads.betweendigital.com/sspmatch-iframe
188.42.196.115302 Found 0 B URL HTTP/2 ads.betweendigital.com/sspmatch-iframe
IP 188.42.196.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sspmatch-iframe HTTP/1.1
Host: ads.betweendigital.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=lux1; Max-Age=31536000; Expires=Sun, 10 Sep 2023 02:15:00 GMT; Path=/; Domain=.betweendigital.com
tuuid=c88182e5-1f33-52fd-a7ee-6842c4f59b66; Max-Age=31536000; Expires=Sun, 10 Sep 2023 02:15:00 GMT; Path=/; Domain=.betweendigital.com
ut=YxvzJAACKrC_pLMXF9SydtUJkWCEgIpsnwgAkQ==; Max-Age=31536000; Expires=Sun, 10 Sep 2023 02:15:00 GMT; Path=/; Domain=.betweendigital.com
content-length: 0
X-Firefox-Spdy: h2
onetag-sys.com/usync/?cb=1662776086936
51.89.9.253204 No Content 0 B URL HTTP/2 onetag-sys.com/usync/?cb=1662776086936
IP 51.89.9.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usync/?cb=1662776086936 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
X-Firefox-Spdy: h2
prebid-stag.setupad.net/openrtb2/auction
104.26.9.178200 OK 110 B URL HTTP/2 prebid-stag.setupad.net/openrtb2/auction
IP 104.26.9.178:0
File type JSON data\012- , ASCII text
Hash 66e8b565b583eaee00f33b1a2bcd5743
954c62789b22c40055562edfc7ddc8e4dc35101a
48024a6fab71395966dd7ca4f814f051629324c299b6602d54b55dcf4a1117f5
POST /openrtb2/auction HTTP/1.1
Host: prebid-stag.setupad.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 1196
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvFD60hrHM6Wriioequu76%2FcMvij43srfmHKXxozI9hNZV%2FroN0z3mfLTKa9BViJ4yFO36R%2BwppUg8BygPdoIqKm6Wrwwpu5aH%2FqV71OOBRzIu2i1ONIhuS4eaEf6HKwpnB7%2BWM2jDrO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7484a7274b4ab50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/async_usersync.html
151.101.85.108200 OK 17 kB URL HTTP/1.1 acdn.adnxs.com/dmp/async_usersync.html
IP 151.101.85.108:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52990)
Hash 9c6b5ce6b3452e98573e6409c34dd73c
de607fadef62e36945a409a838eb8fc36d819b42
cd729039a1b314b25ea94b5c45c8d575d3387f7df83f98c233614bf09484a1fc
GET /dmp/async_usersync.html HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 31 Aug 2022 04:48:29 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 10 Sep 2022 02:15:00 GMT
Age: 77814
X-Served-By: cache-lga21975-LGA, cache-bma1641-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 163611
X-Timer: S1662776100.215712,VS0,VE0
Vary: Accept-Encoding
pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&gdpr=0&gdpr_consent=&us_privacy=
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&gdpr=0&gdpr_consent=&us_privacy=
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /exchange/sync.php?p=pbs-lupon&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 693f17ec94b6fd0c82d03268b1ba23d6
Content-Type: image/gif
e1.emxdgt.com/hb_sync/
3.75.3.113204 No Content 0 B IP 3.75.3.113:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hb_sync/ HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biddr.brealtime.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
content-type: text/html
date: Sat, 10 Sep 2022 02:14:59 GMT
content-length: 0
X-Firefox-Spdy: h2
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
185.64.190.78200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 185.64.190.78:0
File type ASCII text, with no line terminators
Hash 3d920bf98b75a6ad13405908769f5bd8
1ce832f810726a88dc3548e9ed98d978287b560a
9370192381003ad5834f8b94ed5b4971bf5ff2fbd03b4dd168eb6d5fbb1d6e2a
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Thu, 8 Dec 2022 17:46:05 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 10 Sep 2022 02:14:59 GMT
content-length: 60
X-Firefox-Spdy: h2
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.101307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 02:15:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 9d64ddfe-213a-43b4-82f7-537ac0068709
Set-Cookie: uuid2=8300851661397528755; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 02:15:00 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
185.89.210.101200 OK 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://acdn.adnxs.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 02:15:00 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 82bd2230-aa47-4c6f-9e00-10ac94ead38f
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ib.adnxs.com/async_usersync?cbfn=queuePixels
185.89.210.101307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/async_usersync?cbfn=queuePixels
IP 185.89.210.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /async_usersync?cbfn=queuePixels HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://acdn.adnxs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sat, 10 Sep 2022 02:15:01 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
AN-X-Request-Uuid: 31619674-9302-4280-a116-29d0f631f163
Set-Cookie: uuid2=8121764686403798665; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 09-Dec-2022 02:15:01 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
cdn.pbstck.com/index-monitoring-643eac5.js
104.22.1.93200 OK 0 B URL HTTP/2 cdn.pbstck.com/index-monitoring-643eac5.js
IP 104.22.1.93:0
GET /index-monitoring-643eac5.js HTTP/1.1
Host: cdn.pbstck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycduHCCsilqKa6w4AOCDO0Lc9S5qvjHf9F9w1oTueG4OPl3VF0W-NXrf9wv7B7Xv4DIN89mG4yYwhMNHx218bUeOPkpC-aNIo
x-goog-generation: 1661868423669503
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 51301
x-goog-hash: crc32c=lSsCTw==, md5=QrFnm/sCQiyeeMvXRjXH1w==
x-goog-storage-class: STANDARD
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Tue, 13 Sep 2022 16:10:01 GMT
cache-control: public, max-age=604800, immutable
last-modified: Tue, 30 Aug 2022 14:07:03 GMT
etag: W/"42b1679bfb02422c9e78cbd74635c7d7"
age: 295235
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 7484a7273bb61bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.pbstck.com/index-monitoring-643eac5.js
104.22.1.93200 OK 0 B URL HTTP/2 cdn.pbstck.com/index-monitoring-643eac5.js
IP 104.22.1.93:0
GET /index-monitoring-643eac5.js HTTP/1.1
Host: cdn.pbstck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycduHCCsilqKa6w4AOCDO0Lc9S5qvjHf9F9w1oTueG4OPl3VF0W-NXrf9wv7B7Xv4DIN89mG4yYwhMNHx218bUeOPkpC-aNIo
x-goog-generation: 1661868423669503
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 51301
x-goog-hash: crc32c=lSsCTw==, md5=QrFnm/sCQiyeeMvXRjXH1w==
x-goog-storage-class: STANDARD
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Tue, 13 Sep 2022 16:10:01 GMT
cache-control: public, max-age=604800, immutable
last-modified: Tue, 30 Aug 2022 14:07:03 GMT
etag: W/"42b1679bfb02422c9e78cbd74635c7d7"
age: 295235
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
server: cloudflare
cf-ray: 7484a725ab481bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.2.146200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.2.146:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://link1s.com/
x-crto-bundle: p87vfl9HMEFMOVM2UTVFeSUyRjRuSkVKcnA1ZCUyQm0lMkJWeGNYcFg0TFhGTVRZNTNIdTZITExoOGYxUU5makY5OWg2WVk3Y2d2bGpzdEVTMlFVWFYyRWVxTjI2cHI1Y2hGVmRxaU1WeTZtR0VmQ3dWRjF1N3JlRDdRZkh5RDZTOTBiTzdUd2hKRkVpeUFORlZYc2Q0RFZhcUpxWFN1WnclM0QlM0Q
Origin: https://link1s.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:56 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://link1s.com
server-processing-duration-in-ticks: 1058858
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5
185.76.9.21200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=79438&formatId=5
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=79438&formatId=5 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1662783670
server: CDN77-Turbo
x-77-nzt: AblMCRTwYk3/5jMBAA
x-77-nzt-ray: rffqy6HTOUw
x-cache: HIT
x-age: 78822
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.134200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.134:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:59 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 116657
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 0 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 422
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 10 Sep 2022 02:14:56 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6c516e63-1b91-42c3-abe5-04b9c756226d
185.64.189.110302 Found 0 B URL HTTP/2 image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6c516e63-1b91-42c3-abe5-04b9c756226d
IP 185.64.189.110:0
GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6c516e63-1b91-42c3-abe5-04b9c756226d HTTP/1.1
Host: image2.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 10 Sep 2022 02:14:55 GMT
set-cookie: KTPCACOOKIE=true; domain=pubmatic.com; secure; expires=Fri, 09-Dec-2022 02:14:55 GMT; path=/
location: https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D6c516e63-1b91-42c3-abe5-04b9c756226d
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=156191&sc=1&u=B6C42911-8A18-4F6F-8E1C-B8B668B2CDB4&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=156191&sc=1&u=B6C42911-8A18-4F6F-8E1C-B8B668B2CDB4&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
GET /AdServer/SPug?o=1&p=156191&sc=1&u=B6C42911-8A18-4F6F-8E1C-B8B668B2CDB4&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 02:14:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
104.22.25.87200 OK 0 B URL HTTP/2 spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
IP 104.22.25.87:0
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://link1s.com
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7484a72018ec0b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
104.22.0.93200 OK 0 B URL HTTP/2 boot.pbstck.com/v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d
IP 104.22.0.93:0
GET /v1/tag/f0e1efd3-353f-4ff1-b037-202b7bb3383d HTTP/1.1
Host: boot.pbstck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7484a724cd20b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
node.setupad.com/node/node.php
159.89.25.223200 OK 0 B URL HTTP/2 node.setupad.com/node/node.php
IP 159.89.25.223:0
ASN #14061 DIGITALOCEAN-ASN
POST /node/node.php HTTP/1.1
Host: node.setupad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 422
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Sat, 10 Sep 2022 02:14:56 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With
content-encoding: gzip
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://link1s.com
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 02:14:59 GMT
content-type: text/javascript
last-modified: Wed, 31 Aug 2022 21:48:59 GMT
etag: W/"630fd74b-16068"
expires: Sun, 11 Sep 2022 02:14:59 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.2.146200 OK 0 B IP 178.250.2.146:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=43NHjF80M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dITyUyRkliVE1QJTJCMFZaYUk1eCUyRlVBRXZ1bkpEV2tqcWhXSVZKc2lscDY1JTJCcA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:56 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=3qS1M180M0RITmhlJTJCZkMwOUJGQlhaMUN2c3dITyUyRkliVE1QJTJCMFZaYUk1eCUyRlVBRXUzZXUyYU83Q2ptV0ZlTlNqeGJkbzg; expires=Thu, 05 Oct 2023 02:14:56 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 285503
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
stpd.cloud/assets/postbid/stpd220112.js
104.18.30.49200 OK 0 B URL HTTP/2 stpd.cloud/assets/postbid/stpd220112.js
IP 104.18.30.49:0
GET /assets/postbid/stpd220112.js HTTP/1.1
Host: stpd.cloud
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
content-type: application/javascript
content-md5: HjfY42wqSWw306GoqTYOLw==
last-modified: Thu, 08 Sep 2022 11:04:55 GMT
vary: Origin, Accept-Encoding
x-ms-request-id: 9810d985-501e-0001-2f72-c3a04b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
cf-cache-status: HIT
age: 3968
expires: Sat, 10 Sep 2022 06:14:55 GMT
cache-control: public, max-age=14400
access-control-allow-origin: *
server: cloudflare
cf-ray: 7484a72508f4b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
104.22.0.93200 OK 0 B URL HTTP/2 boot.pbstck.com/v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9
IP 104.22.0.93:0
GET /v1/tag/f1c074e3-bb32-45fc-8bc8-19d7e33c39a9 HTTP/1.1
Host: boot.pbstck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7484a724ed2ab4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
script.4dex.io/localstore.js
172.67.75.241200 OK 0 B URL HTTP/2 script.4dex.io/localstore.js
IP 172.67.75.241:0
GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:55 GMT
content-type: application/javascript
x-amz-id-2: txaf6e2c1c2f9f41df87375-00631b6357
last-modified: Fri, 09 Sep 2022 16:00:45 GMT
etag: W/"922cffdd75f7192f75231d92684885aa"
cache-control: public, max-age=1800
x-amz-version-id: 1662739245697142
x-amz-request-id: txaf6e2c1c2f9f41df87375-00631b6357
cf-cache-status: HIT
age: 36808
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkBiWuMjCsJaDE%2Fl2tfHdB8ujRRtqVUjdM3%2BHgIF5G%2F3SdvGsojsTJDhukOapRFAvq730171aLzpz1m5fW2pfg3TwFH5AnGBvhHSJHJbiLchMDBjSGYmhqe3BPp8kUbQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7484a726398bb506-OSL
content-encoding: br
X-Firefox-Spdy: h2
link1s.com/
151.139.128.10200 OK 0 B IP 151.139.128.10:0
GET / HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
set-cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; path=/; HttpOnly; SameSite=Lax;
SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; path=/; HttpOnly; SameSite=Lax;
spcsrf=a9efc81b92ca41ec708b0978fae2161d; path=/; SameSite=Strict; HttpOnly; expires=Sat, 10-Sep-22 04:14:52 GMT
adOtr=obsvl; path=/; SameSite=Lax; expires=Thu, 2 Aug 2001 20:47:11 UTC
UTGv2=D-h495585b81ed3fe7c91197e882473eece996; path=/; SameSite=Lax; expires=Thu, 09-Mar-23 02:14:52 GMT
lang=en_US; expires=Tue, 05-Sep-2023 02:14:52 GMT; Max-Age=31104000; path=/
AppSession=12vvm3s424gmbj2qpit5k3ilfm; path=/; HttpOnly
csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; path=/; HttpOnly
sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==; path=/; SameSite=Strict; HttpOnly; expires=Sat, 10-Sep-22 02:19:52 GMT
x-hw: 1662776092.cds222.sk1.hn,1662776092.cds222.sk1.sc,1662776092.cdn2-wafbe02-arn1.stackpath.systems.-.wx,1662776092.cds222.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=5
185.76.9.21200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=5
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /s/gen.js?type=5 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:52 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=86400
x-accel-expires: @1662782806
server: CDN77-Turbo
x-77-nzt: AblMCRQEz3T/RjcBAA
x-77-nzt-ray: 3kuWa54hrow
x-cache: HIT
x-age: 79686
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:300,400,700,900
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:300,400,700,900
IP 216.58.211.10:0
GET /css?family=Lato:300,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Sep 2022 02:14:52 GMT
date: Sat, 10 Sep 2022 02:14:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
link1s.com/sbbi/?sbbpg=utMedia&vii=dhd4a9d5f568c50b18b13e3d831ffef72c895161b9370eb83882d437a35ece8cjei9k9r6
151.139.128.10200 OK 0 B URL HTTP/2 link1s.com/sbbi/?sbbpg=utMedia&vii=dhd4a9d5f568c50b18b13e3d831ffef72c895161b9370eb83882d437a35ece8cjei9k9r6
IP 151.139.128.10:0
GET /sbbi/?sbbpg=utMedia&vii=dhd4a9d5f568c50b18b13e3d831ffef72c895161b9370eb83882d437a35ece8cjei9k9r6 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Cookie: SPSI=ddadf6c01b3381ff2856b30b38d3a5c8; SPSE=DZSuUEh4icS4Rt/xtc7zZ5QSS82JonjZXBPcZ6Py951OflV1RgNctVMQCvZTYiiSBx3ABNYEN3bc8dJHhYdGxw==; spcsrf=a9efc81b92ca41ec708b0978fae2161d; UTGv2=h495585b81ed3fe7c91197e882473eece996; lang=en_US; AppSession=12vvm3s424gmbj2qpit5k3ilfm; csrfToken=9f6b770ad4ac34bdd04593c48279587fc9ca8c3c960ae61af7d671f5815acd9b62f00eddc4740efd160f0286b09e72c968be805b313a84914e697a11cc154932; sp_lit=DkkjvJhf4RrsDVOOvcx+Cw==; PRLST=hv
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 10 Sep 2022 02:14:54 GMT
cache-control: no-store, no-cache, max-age=0, must-revalidate, private, max-stale=0, post-check=0, pre-check=0
content-type: image/gif
server: fbs
x-accel-expires: 0
x-hw: 1662776094.cds222.sk1.hn,1662776094.cds245.sk1.sc,1662776094.cdn2-redis02-arn1.stackpath.systems.-.i,1662776094.cds245.sk1.p
access-control-allow-origin: *
X-Firefox-Spdy: h2
static.criteo.net/js/ld/publishertag.prebid.117.js
178.250.0.130200 OK 0 B URL HTTP/2 static.criteo.net/js/ld/publishertag.prebid.117.js
IP 178.250.0.130:0
GET /js/ld/publishertag.prebid.117.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://link1s.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 10 Sep 2022 02:14:59 GMT
content-type: text/javascript
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
etag: W/"61cc54f6-15c19"
expires: Sun, 11 Sep 2022 02:14:59 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2