freesideplus.com/sidecast-ep-65-the-sidemen-are-going-on-strike/
200 OK 16 kB URL HTTP/1.1 freesideplus.com/sidecast-ep-65-the-sidemen-are-going-on-strike/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash a6e4cf1c9800735b3e19df08847dcc8d
55503f4e402cf64929eb20f50e7f3e98fe40c3db
dea5f5b56d64580dc48e953eebf6737d3eae30da7556dfcd0e6007b9020eb37a
GET /sidecast-ep-65-the-sidemen-are-going-on-strike/ HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 22:45:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Cache-Stat: nginx-memcached_
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsLTEvkzppv9ftKs3tF%2F7IcpIGcrHNkDB0roQFJq8WGerxmj%2ByFyHHw8RsxxWmYLJWbTDmJsQXnsl%2FqKNeyUdpVbuogoczWG%2FcQFw0Cw%2BTzZIliQmsbW49rtCQruOKBID4Zu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77e4a0436a29b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7e300ca7d2d586dd1ca0c185ef6b0da5
3914cfd3b7aa6e1d1117bf509319479e489ed2a4
91c8810ad137faf4393f7d15f9c619c06d124a7aaebfa21290dca614db2c7757
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91C8810AD137FAF4393F7D15F9C619C06D124A7AAEBFA21290DCA614DB2C7757"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11050
Expires: Sat, 24 Dec 2022 01:49:20 GMT
Date: Fri, 23 Dec 2022 22:45:10 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d6a971d765338f107fe9d2c67fa4bbdf
a72bdf191446a37fa0420cc9d7c087aaff757cd6
dc5291c136b0b81621a02679a31f6b7c852e2803429d54c2a9afcc8edf031328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC5291C136B0B81621A02679A31F6B7C852E2803429D54C2A9AFCC8EDF031328"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17501
Expires: Sat, 24 Dec 2022 03:36:51 GMT
Date: Fri, 23 Dec 2022 22:45:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 23 Dec 2022 21:46:11 GMT
content-type: application/json
age: 3539
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 32167242c3bbe7e45a2a865279df94a6
d03436f418ff77d50a553daa892c05e0725ba908
d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6325
Expires: Sat, 24 Dec 2022 00:30:35 GMT
Date: Fri, 23 Dec 2022 22:45:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WdIuwVNjkQZU5ioBrtWMVWvQTlQ4tks6EobBGtC+EuSwMrft1G29IjS1+ZG1Ep4qBJcm/AwNTxm53eCvTfrmcw==
x-amz-request-id: TBGTNK5N6CH618E7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Dec 2022 21:56:21 GMT
age: 2929
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:10 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/cB4Qn4BPY5M
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/cB4Qn4BPY5M
IP
Hash 3a2a21a55e7018e73264eaedffffd333
2d94cea49a8afc2e41d74292d528ce2c803213b5
b925d357b1d349bab1f2f5756507e2f2f95534193ed1d55772511774ef49853f
POST /s/gts1p5/cB4Qn4BPY5M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/cB4Qn4BPY5M
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/cB4Qn4BPY5M
IP
Hash 3a2a21a55e7018e73264eaedffffd333
2d94cea49a8afc2e41d74292d528ce2c803213b5
b925d357b1d349bab1f2f5756507e2f2f95534193ed1d55772511774ef49853f
POST /s/gts1p5/cB4Qn4BPY5M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/cB4Qn4BPY5M
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/cB4Qn4BPY5M
IP
Hash 3a2a21a55e7018e73264eaedffffd333
2d94cea49a8afc2e41d74292d528ce2c803213b5
b925d357b1d349bab1f2f5756507e2f2f95534193ed1d55772511774ef49853f
POST /s/gts1p5/cB4Qn4BPY5M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/cB4Qn4BPY5M
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/cB4Qn4BPY5M
IP
Hash 3a2a21a55e7018e73264eaedffffd333
2d94cea49a8afc2e41d74292d528ce2c803213b5
b925d357b1d349bab1f2f5756507e2f2f95534193ed1d55772511774ef49853f
POST /s/gts1p5/cB4Qn4BPY5M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d1p7gp5w97u7t7.cloudfront.net/?wpgpd=971861
200 OK 54 kB URL HTTP/1.1 d1p7gp5w97u7t7.cloudfront.net/?wpgpd=971861
IP
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash c86011274290b8725d9b64e9e029cc3b
d91f308ee578471fbb93af184c1c4774c4885fbb
4ce505adf913deadcabf803237ae60a7460e18b171d8c627b81ab90195c20daf
GET /?wpgpd=971861 HTTP/1.1
Host: d1p7gp5w97u7t7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freesideplus.com/
HTTP/1.1 200 OK
Content-Length: 54098
Connection: keep-alive
Date: Fri, 23 Dec 2022 22:45:10 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2BXmvN23Ln1fqbNgU9G_eEycN76uuq9cFNmtO7iKigtnL-dLo44RUg==
freesideplus.com/wp-content/uploads/2021/12/P__A__1-e1639936194765.png
200 OK 13 kB URL HTTP/2 freesideplus.com/wp-content/uploads/2021/12/P__A__1-e1639936194765.png
IP
File type PNG image data, 189 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash de94396ee9e06e46cd9b46b5dcaae14e
2fec0564e9de8a8e766077952f240612e49b1e31
fd80e08224ce9e7565dfd7ff6bca70f3880df75a644770f7957c9e58267d9744
GET /wp-content/uploads/2021/12/P__A__1-e1639936194765.png HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: image/png
content-length: 13297
last-modified: Fri, 22 Apr 2022 19:55:03 GMT
etag: "62630817-33f1"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 765
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJlgdLQ2Rc4tHP%2F7EZe3Gc%2B5wmlfVQUWJqXaPUz6vArvPyG1a1nyjOySirHjV3LM%2BWb90FOtq%2FHexvrPkIkA%2BndD6pFbGjBik%2BhIpJJ%2Bie1h4nypW%2Bk2xiCpxQeY0ZcbpcQC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047dfacb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 305e61785b6a439d62cc6d1eb782acf0
51c1e3e213b20326f9b0a6089a07d64559945d85
b04548c1d4e00ddc872aad4bd3b532cade0bf423138620e351a6d58a2e8f19fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/cB4Qn4BPY5M
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/cB4Qn4BPY5M
IP
Hash 3a2a21a55e7018e73264eaedffffd333
2d94cea49a8afc2e41d74292d528ce2c803213b5
b925d357b1d349bab1f2f5756507e2f2f95534193ed1d55772511774ef49853f
POST /s/gts1p5/cB4Qn4BPY5M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 810592c65d8c565282eba38fc1fdb080
e7014d0079558a136c376e29a01f4efc6f323282
fa1ae835056a3d9564de19ce142b5b48edb669848492319e91330e83d8977576
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4966
Cache-Control: max-age=139464
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:11 GMT
Etag: "63a599d9-117"
Expires: Sun, 25 Dec 2022 13:29:35 GMT
Last-Modified: Fri, 23 Dec 2022 12:06:49 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/s/gts1p5/cB4Qn4BPY5M
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/cB4Qn4BPY5M
IP
Hash 3a2a21a55e7018e73264eaedffffd333
2d94cea49a8afc2e41d74292d528ce2c803213b5
b925d357b1d349bab1f2f5756507e2f2f95534193ed1d55772511774ef49853f
POST /s/gts1p5/cB4Qn4BPY5M HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-215553280-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-215553280-1
IP
File type ASCII text, with very long lines (1921)
Hash 183852ba95bafe22f6091e9342615300
fd3808d107df4636f3f4f541f96da8e4d6a6f9c2
dbb223b2232a5aac7f78911f0a9cb8f69ca89a67c9c5d5a2c47f00eeb551aef3
GET /gtag/js?id=UA-215553280-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Dec 2022 22:45:11 GMT
expires: Fri, 23 Dec 2022 22:45:11 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 305e61785b6a439d62cc6d1eb782acf0
51c1e3e213b20326f9b0a6089a07d64559945d85
b04548c1d4e00ddc872aad4bd3b532cade0bf423138620e351a6d58a2e8f19fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 810592c65d8c565282eba38fc1fdb080
e7014d0079558a136c376e29a01f4efc6f323282
fa1ae835056a3d9564de19ce142b5b48edb669848492319e91330e83d8977576
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4966
Cache-Control: max-age=139464
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:11 GMT
Etag: "63a599d9-117"
Expires: Sun, 25 Dec 2022 13:29:35 GMT
Last-Modified: Fri, 23 Dec 2022 12:06:49 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 23 Dec 2022 22:08:02 GMT
age: 2229
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
dwaterverya.xyz/popunder.gif
301 Moved Permanently 0 B URL HTTP/1.1 dwaterverya.xyz/popunder.gif
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /popunder.gif HTTP/1.1
Host: dwaterverya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freesideplus.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 23 Dec 2022 22:45:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 23 Dec 2022 23:45:11 GMT
Location: https://dwaterverya.xyz/popunder.gif
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqSor2b%2BPFRwiAHNdeUCsjS2DPqZIghxUIXYbVLrBP5uPtd6hIGGnseLVwQ7j1BPzb712Xs7TVszdVPAXnXc0pdX3yMNSVmi9pwLudVU3MztpD4POGOaNZz1UA3o0e3jJI0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77e4a0494ea5b500-OSL
alt-svc: h2=":443"; ma=60
freesideplus.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
200 OK 59 kB URL HTTP/2 freesideplus.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
IP
File type ASCII text, with very long lines (15224)
Hash 48ecc8ee17460d280ab18bc3c5626553
bf9d48f6a32db8083c259c7a81ea17c1feeceb6a
36779668a77ecbc50f8b2471a0bfce3c85d42d75c62a274164317e66da164664
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.3 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 22 Apr 2022 19:55:04 GMT
etag: W/"62630818-4705"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8R30jaWPXW27FGN9fXLry9yFx0vHn4XjXyje6rbX5OvpAsoXKf21byyU50ujQ8u5tT3Qf2UkcISh0AuhaA2LPQgFYfbDcg8QTSfogEik0uCKdskAwkjJDYTe4OiATnVOLxM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047cfa2b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/dpmMhbCpXac
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/dpmMhbCpXac
IP
Hash acdf9c2e32c7f8742a253a1c8bb29270
25f4ee9374290e5e6cc9439e9ce10a05e45c5661
633e0ffb460c134df2354a09ad0c00f0f68d9ba2c84b463e7536e8f9d7ef61fd
POST /s/gts1p5/dpmMhbCpXac HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/dpmMhbCpXac
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/dpmMhbCpXac
IP
Hash acdf9c2e32c7f8742a253a1c8bb29270
25f4ee9374290e5e6cc9439e9ce10a05e45c5661
633e0ffb460c134df2354a09ad0c00f0f68d9ba2c84b463e7536e8f9d7ef61fd
POST /s/gts1p5/dpmMhbCpXac HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
freesideplus.com/wp-content/plugins/announcer/public/css/style.css?ver=5.6
200 OK 844 B URL HTTP/2 freesideplus.com/wp-content/plugins/announcer/public/css/style.css?ver=5.6
IP
File type ASCII text, with CRLF line terminators
Hash da6113d17c1d84f07b3c3143b295a98a
63509253b72c6c4fca4eff21ea79730c6cc8dd7c
796f4faf4dafa7a1791a2187bcad4f6a5501af05a24e3c5134e7934252f7779d
GET /wp-content/plugins/announcer/public/css/style.css?ver=5.6 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
last-modified: Fri, 02 Sep 2022 16:11:59 GMT
etag: W/"63122b4f-be2"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzo%2BewQvM8bdUdZgAGFRANKCDmx%2FHbOBae6LUkl4CdGjrOkvSNn%2B3g90T9RBvs%2FDyzNdJ4CBqJ3GdfYZgi5vmFT6O1BTowzpgFBKnWKXtdkVD9mSbADnj4Ou2Zv3nWozTvO0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a048581bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
200 OK 2.1 kB URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP
File type ASCII text, with very long lines (4186), with no line terminators
Hash c554e60220d7199f268d8b0ff0cafb2b
5eaa3f5b1b82fa5fa535d8bac4d3843b985f3816
e584f9db1b6dc694d00c444cd6f4ca5e37eca8c92af7eb639fd3c899f0d6de11
GET /c/5.9.3/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Sat, 23 Dec 2023 22:45:11 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash ec6f785c54030accb22cfa1de19f214d
1b2eb9a8e4a08be4a14474bd34f2a80a0beb521c
715a31305ec1f6c9d1554b0a11b118231234cccd06612b62861a7570df227990
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3541
Cache-Control: max-age=171880
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:11 GMT
Etag: "63a61e0a-117"
Expires: Sun, 25 Dec 2022 22:29:51 GMT
Last-Modified: Fri, 23 Dec 2022 21:30:50 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 471 B IP
Hash c615c937e6371bda0824b44af0c21c74
b097d69452bcc60085f563d094388185c26f0e7d
9f1194921b5d57dd52a217a47e69ad4cec7c08378c73c8dfccc3817119fcbb41
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 730
Cache-Control: max-age=124426
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:11 GMT
Etag: "63a56fa7-1d7"
Expires: Sun, 25 Dec 2022 09:18:57 GMT
Last-Modified: Fri, 23 Dec 2022 09:06:47 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
dwaterverya.xyz/ZmI5UFVJXVojaDdSAAI0IihBNmcsMHtjJVQ7VWgUAwxJOw0BDR8kPAJfAGdkXlQIdiUPBgRhcxUWWCQgFV8IdjwIBFZtcxBfCH5mUkwKYXtURExtZEAWSTEyW1MfICESDgRhY1FTAWNgU1IAZmxS
204 No Content 0 B URL HTTP/2 dwaterverya.xyz/ZmI5UFVJXVojaDdSAAI0IihBNmcsMHtjJVQ7VWgUAwxJOw0BDR8kPAJfAGdkXlQIdiUPBgRhcxUWWCQgFV8IdjwIBFZtcxBfCH5mUkwKYXtURExtZEAWSTEyW1MfICESDgRhY1FTAWNgU1IAZmxS
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ZmI5UFVJXVojaDdSAAI0IihBNmcsMHtjJVQ7VWgUAwxJOw0BDR8kPAJfAGdkXlQIdiUPBgRhcxUWWCQgFV8IdjwIBFZtcxBfCH5mUkwKYXtURExtZEAWSTEyW1MfICESDgRhY1FTAWNgU1IAZmxS HTTP/1.1
Host: dwaterverya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 23 Dec 2022 22:45:11 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKVaa%2FvWDxGK6OJ513EaMNWwiXIp9ikYdcUWwmwHxcQsYOS0ya8PaQCpOKQk2a%2B%2FcUVItjRuY6VAFKRRC61bczc%2BmkYUuh6RasSDwoj%2FZusVyTMpB1gnpEI49%2FDatdERNWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77e4a04a78ec1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
200 OK 2.9 kB URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP
File type ASCII text, with very long lines (11256), with no line terminators
Hash c4ec213dd05fa918b3ed7af4bdc979e1
801c6237677eb404e25a6a953717a8571564a64a
1bfadc7132da07e740336d4bbaee9b8a4bffee965fd7cf2e833d1499ccffcaf1
GET /c/5.9.3/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Sat, 23 Dec 2023 22:45:11 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/freesideplus.com/wp-content/uploads/2022/05/cs-logo-1.png?resize=300%2C138&ssl=1
200 OK 32 kB URL HTTP/2 i0.wp.com/freesideplus.com/wp-content/uploads/2022/05/cs-logo-1.png?resize=300%2C138&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4ac284090d7511ebfcd78e9921e7b885
05c610edefe76d66e6ee84a3d11f2e3986984c59
3b20c6a15c583fd632777bf97925be698048e8d3eab0a7456d7975b1f3d3de81
GET /freesideplus.com/wp-content/uploads/2022/05/cs-logo-1.png?resize=300%2C138&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: image/webp
content-length: 31710
last-modified: Tue, 15 Nov 2022 21:35:52 GMT
expires: Fri, 15 Nov 2024 09:35:52 GMT
cache-control: public, max-age=63115200
link: <https://freesideplus.com/wp-content/uploads/2022/05/cs-logo-1.png>; rel="canonical"
x-content-type-options: nosniff
etag: "5eedd55810a13143"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/freesideplus.com/wp-content/uploads/2022/12/image_2022-12-21_222534165.png?resize=390%2C220&ssl=1
200 OK 104 kB URL HTTP/2 i0.wp.com/freesideplus.com/wp-content/uploads/2022/12/image_2022-12-21_222534165.png?resize=390%2C220&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 104 kB (103982 bytes)
Hash 00c28a3f3459240406061a3da6fdf10d
4a92de55a08cff81fb8336257322d8b7c8c58ca8
a132fd1881b961ce09a6b52c4e4cd7f5ec4ca0ca8f130a0ee2029ef51d863bfc
GET /freesideplus.com/wp-content/uploads/2022/12/image_2022-12-21_222534165.png?resize=390%2C220&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: image/webp
content-length: 103982
last-modified: Thu, 22 Dec 2022 03:40:48 GMT
expires: Sat, 21 Dec 2024 15:40:48 GMT
cache-control: public, max-age=63115200
link: <https://freesideplus.com/wp-content/uploads/2022/12/image_2022-12-21_222534165.png>; rel="canonical"
x-content-type-options: nosniff
etag: "b9801196e83cb681"
vary: Accept
x-nc: HIT arn 3
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/freesideplus.com/wp-content/uploads/2022/12/image_2022-12-21_222350548.png?resize=390%2C220&ssl=1
200 OK 90 kB URL HTTP/2 i0.wp.com/freesideplus.com/wp-content/uploads/2022/12/image_2022-12-21_222350548.png?resize=390%2C220&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 05e29ca02e9e414916a74847749bce74
f9d48cb489bda7e58f89aaa0821d81c40671bfc2
4e20cb69e9ed5fba500e2f79150da9d53ee88d1927609fcf8ca65e8180202c04
GET /freesideplus.com/wp-content/uploads/2022/12/image_2022-12-21_222350548.png?resize=390%2C220&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: image/webp
content-length: 90160
last-modified: Thu, 22 Dec 2022 03:39:19 GMT
expires: Sat, 21 Dec 2024 15:39:19 GMT
cache-control: public, max-age=63115200
link: <https://freesideplus.com/wp-content/uploads/2022/12/image_2022-12-21_222350548.png>; rel="canonical"
x-content-type-options: nosniff
etag: "5d9e01161d48b143"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/freesideplus.com/wp-content/uploads/2022/07/image_2022-07-24_131422798.png?resize=390%2C220&ssl=1
200 OK 106 kB URL HTTP/2 i0.wp.com/freesideplus.com/wp-content/uploads/2022/07/image_2022-07-24_131422798.png?resize=390%2C220&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 106 kB (105522 bytes)
Hash 428904d8274055bc26f03f16d7bd9781
643dc6322904b54ac994da0be7fcd699b5b42532
2a5480d9c051b405fb64dc37a001444d36e8873f61b891073e0270ad1bea2574
GET /freesideplus.com/wp-content/uploads/2022/07/image_2022-07-24_131422798.png?resize=390%2C220&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: image/webp
content-length: 105522
last-modified: Tue, 18 Oct 2022 16:01:44 GMT
expires: Fri, 18 Oct 2024 04:01:44 GMT
cache-control: public, max-age=63115200
link: <https://freesideplus.com/wp-content/uploads/2022/07/image_2022-07-24_131422798.png>; rel="canonical"
x-content-type-options: nosniff
etag: "1f86aba96e29a81e"
vary: Accept
x-nc: HIT arn 8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/freesideplus.com/wp-content/uploads/2022/12/image_2022-12-13_164546874.png?resize=390%2C220&ssl=1
200 OK 100 kB URL HTTP/2 i0.wp.com/freesideplus.com/wp-content/uploads/2022/12/image_2022-12-13_164546874.png?resize=390%2C220&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 100 kB (100286 bytes)
Hash 1d15d31b1d8712e31ae85f2e6f09f01c
f7306f14c96f5efd4b07a3e0a0c9b8d79d5443e4
0b04a49c595e2733db6af5ca40da0292a04a312e44aa2111d6e421092c51efa2
GET /freesideplus.com/wp-content/uploads/2022/12/image_2022-12-13_164546874.png?resize=390%2C220&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: image/webp
content-length: 100286
last-modified: Tue, 13 Dec 2022 22:10:58 GMT
expires: Fri, 13 Dec 2024 10:10:58 GMT
cache-control: public, max-age=63115200
link: <https://freesideplus.com/wp-content/uploads/2022/12/image_2022-12-13_164546874.png>; rel="canonical"
x-content-type-options: nosniff
etag: "5175a8243e69fa05"
vary: Accept
x-nc: HIT arn 6
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/freesideplus.com/wp-content/uploads/2022/12/image_2022-12-08_182757173.png?resize=390%2C220&ssl=1
200 OK 114 kB URL HTTP/2 i0.wp.com/freesideplus.com/wp-content/uploads/2022/12/image_2022-12-08_182757173.png?resize=390%2C220&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Size 114 kB (113610 bytes)
Hash b1cfed1cda9131b86124939b7f719cfa
070989041d5f81c50a6870f7128fc2f46150cf0c
8b086aa4610e46f14222db8725aef30fabaa8bd59c27b8c42c1b685c77973a23
GET /freesideplus.com/wp-content/uploads/2022/12/image_2022-12-08_182757173.png?resize=390%2C220&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: image/webp
content-length: 113610
last-modified: Thu, 08 Dec 2022 23:37:41 GMT
expires: Sun, 08 Dec 2024 11:37:41 GMT
cache-control: public, max-age=63115200
link: <https://freesideplus.com/wp-content/uploads/2022/12/image_2022-12-08_182757173.png>; rel="canonical"
x-content-type-options: nosniff
etag: "2a0d229cf197fa1f"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash ec6f785c54030accb22cfa1de19f214d
1b2eb9a8e4a08be4a14474bd34f2a80a0beb521c
715a31305ec1f6c9d1554b0a11b118231234cccd06612b62861a7570df227990
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3541
Cache-Control: max-age=171880
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:11 GMT
Etag: "63a61e0a-117"
Expires: Sun, 25 Dec 2022 22:29:51 GMT
Last-Modified: Fri, 23 Dec 2022 21:30:50 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
discord.com/assets/index.693fb6cb383c52b4acb1.css
200 OK 59 kB URL HTTP/2 discord.com/assets/index.693fb6cb383c52b4acb1.css
IP
File type ASCII text, with very long lines (6565)
Hash 4c7c6837efcb8914f7c9becc4ee5530b
1f7eb54f402a6d975b2e35c60d3c489a5fd0099e
e2fc87348ee880ab83bb4306b47e027021baf422a9759ce36f949d0f30ba0ef0
GET /assets/index.693fb6cb383c52b4acb1.css HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/widget?id=941149153084465165&theme=dark
Cookie: __cfruid=13767561ea7969d729f18ee122e79a84e2521078-1671835511
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
cf-ray: 77e4a04b39e10af6-OSL
access-control-allow-origin: https://discord.com
cache-control: public, max-age=2592000
etag: W/"63996df123566cc2b4d4b5370f61ce8e"
last-modified: Mon, 06 Jun 2022 20:43:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
cf-cache-status: HIT
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yL3c8t3fd7cIpq0yzBTvL87I81m3pZ%2FDuhBXo%2BSGLHm1AHIXaM4tht6OekU%2BJxZ5gFe%2Fm8uymxu3Q7iBRGMfUvLbarQNK7aYk6n3bUOVBc2R5oV3RDLHNxSll8l8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 26e742ebd19f3c1296969791bff438b5
08ef0ad90fa7ef2e9c38b733f3d4b4eb33602c16
8de7f957f702c1dfeb262a2eb9d6bf20290a02362a929167a272c4174da956d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2924
Cache-Control: max-age=105738
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:11 GMT
Etag: "63a51e15-116"
Expires: Sun, 25 Dec 2022 04:07:29 GMT
Last-Modified: Fri, 23 Dec 2022 03:18:45 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
ocsp.sectigo.com/
200 OK 471 B IP
Hash 568b1b73e996a4a9c552d3c61707faf9
bc973b6e8b972134d41ab1fbaafdd7a901b45e03
3d6cfd6263b27176fad80c8760877613ace4897c7d564899dbdeaeee662ef826
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 22:45:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 08:17:28 GMT
Expires: Thu, 29 Dec 2022 08:17:27 GMT
Etag: "bc973b6e8b972134d41ab1fbaafdd7a901b45e03"
Cache-Control: max-age=465735,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e4a04cab72b529-OSL
streamhub.to/images/player_blank.jpg
404 Not Found 28 kB URL HTTP/2 streamhub.to/images/player_blank.jpg
IP
File type HTML document, ASCII text, with very long lines (65206)
Hash 00af915974956e06737e5f38f318603a
51fc2b1a8e9df2ad3d008835b509d49b20377e89
c002a7a33b8c04f4bdf53f21b821489afed481a49ba6adf5430d0ce859e8a3b1
GET /images/player_blank.jpg HTTP/1.1
Host: streamhub.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamhub.to/e/jcfxhqff2f7e
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: centminmod
cache-control: max-age=1800
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5FxfMAmHVp1iKvk572j8YDaIOY3B1o25ZZ4wdYeNQN3wYrzJP2ekb2FTsPZV3lF0sdTxdXy3RlrZJ3i7Ly6QlxNOwNvy%2B5%2B70Otc1huMm0v5usKIax3NvxYcAuI8BV4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77e4a04c2a200afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VuWgN+3MrZN5J0blCJEPnA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wkr2QmfRtSDRGiIBLR57MArrJJg=
ocsp.sectigo.com/
200 OK 471 B IP
Hash 5e9a066bd85f66328276d79d70b356e8
b0b7ce3a05a5467818be0b99a314fcf6cbf8db50
39a7268169beadc42102cdfe3104937523ac223e770801f68f506ba28f2439fb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 22:45:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Dec 2022 19:31:20 GMT
Expires: Fri, 30 Dec 2022 19:31:19 GMT
Etag: "b0b7ce3a05a5467818be0b99a314fcf6cbf8db50"
Cache-Control: max-age=592567,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e4a04c1ffa1c06-OSL
ocsp.sectigo.com/
200 OK 471 B IP
Hash 5e9a066bd85f66328276d79d70b356e8
b0b7ce3a05a5467818be0b99a314fcf6cbf8db50
39a7268169beadc42102cdfe3104937523ac223e770801f68f506ba28f2439fb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 22:45:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 23 Dec 2022 19:31:20 GMT
Expires: Fri, 30 Dec 2022 19:31:19 GMT
Etag: "b0b7ce3a05a5467818be0b99a314fcf6cbf8db50"
Cache-Control: max-age=592567,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e4a04c1baab524-OSL
i0.wp.com/freesideplus.com/wp-content/uploads/2022/12/image_2022-12-21_222759843.png?resize=390%2C220&ssl=1
200 OK 7.3 kB URL HTTP/2 i0.wp.com/freesideplus.com/wp-content/uploads/2022/12/image_2022-12-21_222759843.png?resize=390%2C220&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash f4e3c5b259e8c60f93985ff0bdec8dfd
1a28f3b6b287f8e172e40db4b90df3276de909ac
a4ca61e1eddd7910da9554f3c9e299c436cadf8e45109bf9263cfaec1d83b040
GET /freesideplus.com/wp-content/uploads/2022/12/image_2022-12-21_222759843.png?resize=390%2C220&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: image/webp
content-length: 98512
last-modified: Thu, 22 Dec 2022 03:40:48 GMT
expires: Sat, 21 Dec 2024 15:40:48 GMT
cache-control: public, max-age=63115200
link: <https://freesideplus.com/wp-content/uploads/2022/12/image_2022-12-21_222759843.png>; rel="canonical"
x-content-type-options: nosniff
etag: "0c70d6f219d75c58"
vary: Accept
x-nc: HIT arn 2
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/freesideplus.com/wp-content/uploads/2021/12/cropped-image2vector_1.png?fit=32%2C32&ssl=1
200 OK 770 B URL HTTP/2 i0.wp.com/freesideplus.com/wp-content/uploads/2021/12/cropped-image2vector_1.png?fit=32%2C32&ssl=1
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash ab57e98b8d73b7c2203c88202e392960
5f41aa18a959282f5abb9f2423f1c3564c866fa7
b56bc7948d791a5501ca757186edd4d70fed2968cd2970791a7a021aad3af3ee
GET /freesideplus.com/wp-content/uploads/2021/12/cropped-image2vector_1.png?fit=32%2C32&ssl=1 HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: image/webp
content-length: 770
last-modified: Tue, 15 Nov 2022 21:35:53 GMT
expires: Fri, 15 Nov 2024 09:35:53 GMT
cache-control: public, max-age=63115200
link: <https://freesideplus.com/wp-content/uploads/2021/12/cropped-image2vector_1.png>; rel="canonical"
x-content-type-options: nosniff
etag: "a73e9f177551f6a3"
vary: Accept
x-nc: HIT arn 5
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 741121729d6f68e58da96be0dc4df2bc
ccbb8bcc71accbb70760601057fd95b50cd2649f
5fc18a71ea64eeb4f353aa47c462ab29f06fd0cd86b739da84d49aca6fb21201
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3954
Cache-Control: max-age=86628
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:11 GMT
Etag: "63a4cf69-1d7"
Expires: Sat, 24 Dec 2022 22:48:59 GMT
Last-Modified: Thu, 22 Dec 2022 21:43:05 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
dwaterverya.xyz/popunder.gif
200 OK 1.2 kB URL HTTP/2 dwaterverya.xyz/popunder.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 39234438df58b22c73f65f94a05a6df9
e4ee490a9753f50cb6fcb38d15166a2ab509b378
546250f8afea54e9a0a5fd14fe65a7eb53275431ad60ec27ab78e45d35663992
GET /popunder.gif HTTP/1.1
Host: dwaterverya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://freesideplus.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 2763
last-modified: Fri, 23 Dec 2022 21:59:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ooale2ww1riruDHQx2nNjuucnQskGiYAJH1iSv24I%2F9n4faj2zgyZaOS4kP4HSq9L5CCuTUxXdUzYOCTFbrB9VkdxNUkqsR4xVZPHkXWN%2BLTps%2BlNucSUySBzukmu0fyhi4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a049f89c1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d192r5l88wrng7.cloudfront.net/?rwlrd=961705
200 OK 54 kB URL HTTP/2 d192r5l88wrng7.cloudfront.net/?rwlrd=961705
IP
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash c4d1ed154610212386d858f1c5346bd0
7c1247745a045337d9df1399ebf0b92f44591a10
8c38374a94161c7ffdc2aebe471f0f7180ce63504cb815b35b5db285b1438df5
GET /?rwlrd=961705 HTTP/1.1
Host: d192r5l88wrng7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamhub.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 54079
date: Fri, 23 Dec 2022 22:45:11 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5U9lpgbDinWpbIsp-ZWEE4M99xDyGZ6QY5UuBnoEZ7gTZsg4fuFc1A==
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 23 Dec 2022 22:41:11 GMT
expires: Sat, 24 Dec 2022 00:41:11 GMT
cache-control: public, max-age=7200
age: 240
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 034f06ffe21c09bc64e487db781efa0f
6b40ce36cb3ab0ff1244af32e6b4f61781c59289
32da0a27097271991f020b761224104e2de198ebb37beda659761e5a0afd40a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
acacdn.com/script/ippg.js
200 OK 38 kB URL HTTP/2 acacdn.com/script/ippg.js
IP
File type Unicode text, UTF-8 text, with very long lines (42932), with NEL line terminators
Hash c52fb80a8ea3d1da5d325b95953932bd
108cd17c0412d461f3122a74f3239c3d749958bd
1219d9893fd00f19b317e96efcb9e650226e10e0b52635d07800c3418b770c4b
GET /script/ippg.js HTTP/1.1
Host: acacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamhub.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdv5gkY9-TQ4CRquzWPC56PZSfHv9FGZEHk-yFWNFBc729BaIU0ix8pDbM2vsfKmbTKRqbLXA-_eyowtfAcbIliv8brQpvzy
x-goog-generation: 1670939622773403
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 113749
x-goog-hash: crc32c=lTM39g==, md5=Nytmy6xxkOFrzvUlBMQ78g==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 23 Dec 2022 21:50:17 GMT
cache-control: public, max-age=14400
last-modified: Tue, 13 Dec 2022 13:53:42 GMT
etag: W/"372b66cbac7190e16bcef52504c43bf2"
age: 3411
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkhcbZRuM%2BtZZcTTmTnvgX16flxqGfPpWqXdzJs7onoEVqd6H3p%2Fn8MLDSFG1nbDCqSGojhPY7hOkipGXg5pqrFLAO5rE9AgFjB73dMSVw02fGztq4vIZvhbYurT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a04c8af50b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 3fc0062635ed288cd9b0f2506a3857e2
d093920fa499404588553e2cfcceb008c10edea3
582e5d9235eb2ca856370a74b08e64b333fe7c26077e7fc0bcb38ac6a38787f3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "582E5D9235EB2CA856370A74B08E64B333FE7C26077E7FC0BCB38AC6A38787F3"
Last-Modified: Thu, 22 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4994
Expires: Sat, 24 Dec 2022 00:08:26 GMT
Date: Fri, 23 Dec 2022 22:45:12 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 3fc0062635ed288cd9b0f2506a3857e2
d093920fa499404588553e2cfcceb008c10edea3
582e5d9235eb2ca856370a74b08e64b333fe7c26077e7fc0bcb38ac6a38787f3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "582E5D9235EB2CA856370A74B08E64B333FE7C26077E7FC0BCB38AC6A38787F3"
Last-Modified: Thu, 22 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4994
Expires: Sat, 24 Dec 2022 00:08:26 GMT
Date: Fri, 23 Dec 2022 22:45:12 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 3fc0062635ed288cd9b0f2506a3857e2
d093920fa499404588553e2cfcceb008c10edea3
582e5d9235eb2ca856370a74b08e64b333fe7c26077e7fc0bcb38ac6a38787f3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "582E5D9235EB2CA856370A74B08E64B333FE7C26077E7FC0BCB38AC6A38787F3"
Last-Modified: Thu, 22 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4994
Expires: Sat, 24 Dec 2022 00:08:26 GMT
Date: Fri, 23 Dec 2022 22:45:12 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
302 Found 396 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382)
Hash ea8d4a5ebff156a02b46e2bc17b4ebed
96e05dedd0c9c50b50caeed003c2f2d264a0e6ce
5567afaa95d7930c2a9d4c4fc8509cc15f4a97b2d0d4d95bb7b6f043c4ea2855
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 23 Dec 2022 22:45:12 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S2131212834%3A1671835512051261&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh6TKuwz1H9cGe-s2wx148xgpAopPO8uY5EeS65mr4FVP3xjN31BtDjqDL_p6ePXXUb_BtnA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-O_CJUPZQsZ1l8EwcHHIicg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 396
server: GSE
set-cookie: __Host-GAPS=1:ACXdiKUv2XWuN7pnYomJR8pXkU8Glw:c9JI-ZX-SVXFstBW;Path=/;Expires=Sun, 22-Dec-2024 22:45:12 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 3fc0062635ed288cd9b0f2506a3857e2
d093920fa499404588553e2cfcceb008c10edea3
582e5d9235eb2ca856370a74b08e64b333fe7c26077e7fc0bcb38ac6a38787f3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "582E5D9235EB2CA856370A74B08E64B333FE7C26077E7FC0BCB38AC6A38787F3"
Last-Modified: Thu, 22 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4994
Expires: Sat, 24 Dec 2022 00:08:26 GMT
Date: Fri, 23 Dec 2022 22:45:12 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
302 Found 389 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash ad6e5fed8ea6f4e0bd6e96863b4ac540
105ffa9bb0ea0602e5aed18d211d107cb0640f3b
bd0cdb0b4c2971557c7aa8d25488c33af8f34abc0c8d6f274bd987fe510542cf
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 23 Dec 2022 22:45:12 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1006706321%3A1671835512060764&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7Q30zk2yhj_XYroe4b83p5MRgKmzrao2vAlqPftLS2SGJGLppal07D-UJPlDGX0yEcb21v
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-1Mc5LzPLNEjOnMhlyZ_bAg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 389
server: GSE
set-cookie: __Host-GAPS=1:ov4EwquuL5Arz9HSM6l8jwxqU1HrSQ:K_Y6MN1t4TEpVz3t;Path=/;Expires=Sun, 22-Dec-2024 22:45:12 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d1p7gp5w97u7t7.cloudfront.net/lZ3JZSG8EHTcuUBMbPXVWUENhfl5BGConARdPDSw9HiAIPCA9Qgt4GAFFHG4bHRZkeEkLEzcvUkEXNytSVlQ4LA1aQn88HwgZZDAJHQAzJhkVAjJuGgZPNCcVDh41KUpVNGxmX0JAaWAYDhw9JxgUV2t4ARNXa3heV1xpbVwlV2t4GA4cb3xKVDB8el8fRG-1tXCVXa3gdEVdqCV5XR3d4RkJAaS8KBBk2bV0hQGl5X1dDaXlKVUI/IR0CFDYwSlU0aHhaSUJ/PVJW
200 OK 502 B URL HTTP/1.1 d1p7gp5w97u7t7.cloudfront.net/lZ3JZSG8EHTcuUBMbPXVWUENhfl5BGConARdPDSw9HiAIPCA9Qgt4GAFFHG4bHRZkeEkLEzcvUkEXNytSVlQ4LA1aQn88HwgZZDAJHQAzJhkVAjJuGgZPNCcVDh41KUpVNGxmX0JAaWAYDhw9JxgUV2t4ARNXa3heV1xpbVwlV2t4GA4cb3xKVDB8el8fRG-1tXCVXa3gdEVdqCV5XR3d4RkJAaS8KBBk2bV0hQGl5X1dDaXlKVUI/IR0CFDYwSlU0aHhaSUJ/PVJW
IP
File type ASCII text, with very long lines (684), with no line terminators
Hash 54909ccf578d23d79db15189b9b35582
9ca1c295f3838ff5740c779305c4896fee901f0a
6dad0fe48cacc673c3842830d0daf5da9e7e544794f1209d97a56e2c9f40691f
GET /lZ3JZSG8EHTcuUBMbPXVWUENhfl5BGConARdPDSw9HiAIPCA9Qgt4GAFFHG4bHRZkeEkLEzcvUkEXNytSVlQ4LA1aQn88HwgZZDAJHQAzJhkVAjJuGgZPNCcVDh41KUpVNGxmX0JAaWAYDhw9JxgUV2t4ARNXa3heV1xpbVwlV2t4GA4cb3xKVDB8el8fRG-1tXCVXa3gdEVdqCV5XR3d4RkJAaS8KBBk2bV0hQGl5X1dDaXlKVUI/IR0CFDYwSlU0aHhaSUJ/PVJW HTTP/1.1
Host: d1p7gp5w97u7t7.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freesideplus.com/
HTTP/1.1 200 OK
Content-Length: 502
Connection: keep-alive
Date: Fri, 23 Dec 2022 22:45:12 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XpDUF2BQIyHyIY75OJmkMMIIESVtdwc0wwtLX60nDt4o87hCa6T6dA==
www.google-analytics.com/j/collect?v=1&_v=j98&a=1813339119&t=pageview&_s=1&dl=http%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&ul=en-us&de=UTF-8&dt=Watch%20EP%2065%20%E2%80%9CTHE%20SIDEMEN%20ARE%20GOING%20ON%20STRIKE%3F!%E2%80%9D%20Free%20in%20HD%20%C2%BB%20FreeSide%2B%20-%20Watch%20Free%20SidePlus%20content%20online%20in%20HD%20with%20direct%20download%20links%20for%20Side%2B%20Episodes&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1480541109&gjid=1981141070&cid=114325603.1671835511&tid=UA-215553280-1&_gid=399352233.1671835511&_r=1>m=2oubu0&z=176143681
200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1813339119&t=pageview&_s=1&dl=http%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&ul=en-us&de=UTF-8&dt=Watch%20EP%2065%20%E2%80%9CTHE%20SIDEMEN%20ARE%20GOING%20ON%20STRIKE%3F!%E2%80%9D%20Free%20in%20HD%20%C2%BB%20FreeSide%2B%20-%20Watch%20Free%20SidePlus%20content%20online%20in%20HD%20with%20direct%20download%20links%20for%20Side%2B%20Episodes&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1480541109&gjid=1981141070&cid=114325603.1671835511&tid=UA-215553280-1&_gid=399352233.1671835511&_r=1>m=2oubu0&z=176143681
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1813339119&t=pageview&_s=1&dl=http%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&ul=en-us&de=UTF-8&dt=Watch%20EP%2065%20%E2%80%9CTHE%20SIDEMEN%20ARE%20GOING%20ON%20STRIKE%3F!%E2%80%9D%20Free%20in%20HD%20%C2%BB%20FreeSide%2B%20-%20Watch%20Free%20SidePlus%20content%20online%20in%20HD%20with%20direct%20download%20links%20for%20Side%2B%20Episodes&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1480541109&gjid=1981141070&cid=114325603.1671835511&tid=UA-215553280-1&_gid=399352233.1671835511&_r=1>m=2oubu0&z=176143681 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://freesideplus.com
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://freesideplus.com
date: Fri, 23 Dec 2022 22:45:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash 568b1b73e996a4a9c552d3c61707faf9
bc973b6e8b972134d41ab1fbaafdd7a901b45e03
3d6cfd6263b27176fad80c8760877613ace4897c7d564899dbdeaeee662ef826
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 22:45:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 08:17:28 GMT
Expires: Thu, 29 Dec 2022 08:17:27 GMT
Etag: "bc973b6e8b972134d41ab1fbaafdd7a901b45e03"
Cache-Control: max-age=465734,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e4a04e7d18b529-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f37c9faffd8b6d93a4994c02ff1d3d21
b41b823e9b33d7fff8c1670cf510edda28f7082b
7494a95cab50f2a0409796d95e999fc5add96030fba70be912c1c80124169bc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pandakingdom.disqus.com/embed.js
200 OK 26 kB URL HTTP/1.1 pandakingdom.disqus.com/embed.js
IP
File type ASCII text, with very long lines (32006)
Hash 42620e93dc737126af4c529fc1f00bff
c86502d32b7242cecaced490a9a0aeaa8e1d563d
00c65d6305505edcc114648ad0c67dd9826506e666578589bfa34ac3578cfa67
GET /embed.js HTTP/1.1
Host: pandakingdom.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 25681
Server: openresty
Content-Type: application/javascript; charset=utf-8
X-Service: router
Content-Encoding: gzip
Date: Fri, 23 Dec 2022 22:45:12 GMT
Age: 0
Vary: Accept-Encoding
Cache-Control: private, max-age=60
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
didmakingby.xyz/utx?cb=9y5K2JCNKBgs&top=freesideplus.com&tid=971861
204 No Content 0 B URL HTTP/2 didmakingby.xyz/utx?cb=9y5K2JCNKBgs&top=freesideplus.com&tid=971861
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=9y5K2JCNKBgs&top=freesideplus.com&tid=971861 HTTP/1.1
Host: didmakingby.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://freesideplus.com
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 23 Dec 2022 22:45:12 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://freesideplus.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 23 Dec 2022 22:46:12 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 e2bc8da8a8d03748525187195f797d86.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: I9SVK2IEkozSnxUNOkec6q2flRp40i4psZF4LgBYW-OOMoyc4dHABQ==
X-Firefox-Spdy: h2
asacdn.com/script/suv4.js
200 OK 50 kB URL HTTP/2 asacdn.com/script/suv4.js
IP
File type ASCII text, with very long lines (37005), with no line terminators
Hash 90e0cc3f9b99566d51a6b0d133c25497
bf556e558a5365e2b069133da170e9bb4ef7acef
36a715829e2de289e9fbaded4b503fc3b91df8309f384afe4d6a672326703937
GET /script/suv4.js HTTP/1.1
Host: asacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamhub.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdtM8lZxrVfcMMOUyb58IqVLKbv1Kafw6Y6piVPGj-wCZzLz71HwPBaOUCIKfZlIccUBEc7dg7DVW_3l_t3QFE7uV9R1_umG
x-goog-generation: 1670939725427322
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100623
x-goog-hash: crc32c=AsVyBQ==, md5=QW9pKNjz2NZmVavAl7rKAw==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 23 Dec 2022 23:14:37 GMT
cache-control: public, max-age=14400
last-modified: Tue, 13 Dec 2022 13:55:25 GMT
etag: W/"416f6928d8f3d8d66655abc097baca03"
age: 402
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocH5%2FSSTgPeCo54c2by%2F0NPTHqzHdFKhAYmWYUYY2cXau1%2B3mVN%2F1QSNfBTo4Wlj8WqxjL%2FXreJA7KRdKKeTiciqoZ7D8DqShVWVHroMZhzkIyZizHAwH3rvOHNe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a04cbe3eb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 17 kB IP
ASN #20940 Akamai International B.V.
Hash eb937e44d08a28c0260d43fa56846f6d
91768fcfbfb4c56496d7e4d6fc12c992624968ad
abe462db490cd95208fa34eefad73c4c2375a8cd995b57b35a67c9fce002f6b0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "582E5D9235EB2CA856370A74B08E64B333FE7C26077E7FC0BCB38AC6A38787F3"
Last-Modified: Thu, 22 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4994
Expires: Sat, 24 Dec 2022 00:08:26 GMT
Date: Fri, 23 Dec 2022 22:45:12 GMT
Connection: keep-alive
didmakingby.xyz/utx?cb=uw0nUANxqnk2&top=freesideplus.com&tid=971861
204 No Content 0 B URL HTTP/2 didmakingby.xyz/utx?cb=uw0nUANxqnk2&top=freesideplus.com&tid=971861
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=uw0nUANxqnk2&top=freesideplus.com&tid=971861 HTTP/1.1
Host: didmakingby.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://freesideplus.com
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 23 Dec 2022 22:45:12 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://freesideplus.com
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 23 Dec 2022 22:46:12 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 e2bc8da8a8d03748525187195f797d86.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: r2vbGk7pw8qnlyaIOK_RWKz5VlyLNL64-Vo9tb9ekrJ7OOUTU7lnyQ==
X-Firefox-Spdy: h2
didmakingby.xyz/U3p6UDIyGBk9DTJHGHZHIRZHdQAVX0gWVmJDSCIHP0JCJ0A9HU1+UT8VDzRUIRUUJBw9Hw51ABUsK2BGOyk/N1UZO0IlVikZExJqBQIeCEIEHzJhXhooMz54OTRIG0gaTTwTAiM+KDxFGygZJHU9LA4WZhoJHD5GGzA5O0YfPAIlfgBKFQh6Pw8zOQoXHiIoXgMCPz57YE4DFFsaTzMURRk1LhlFMSgrIFYAThEXSxYRNilCFh8dZQAJLDwkVz00EBZbFhcwKWMENUhhSjYNQmhQCzxNBXo7FxliBwA5F2FKNgIjOHg9LF9idAEyCRtoPRYoHXpmSRg8HxoxGAh0ZD8AZUYwOwoBVxtLDjUCOw4fPn8gODkjWB89TwR2PQoANV4VTh8IfGUoMiAGGSkzBH4ATgkdAgFMPj54ZCw9CgYJLk8zVwJcECNdPQpHGkggLRwYdwJJLCZXAUw
200 OK 1.2 kB URL HTTP/2 didmakingby.xyz/U3p6UDIyGBk9DTJHGHZHIRZHdQAVX0gWVmJDSCIHP0JCJ0A9HU1+UT8VDzRUIRUUJBw9Hw51ABUsK2BGOyk/N1UZO0IlVikZExJqBQIeCEIEHzJhXhooMz54OTRIG0gaTTwTAiM+KDxFGygZJHU9LA4WZhoJHD5GGzA5O0YfPAIlfgBKFQh6Pw8zOQoXHiIoXgMCPz57YE4DFFsaTzMURRk1LhlFMSgrIFYAThEXSxYRNilCFh8dZQAJLDwkVz00EBZbFhcwKWMENUhhSjYNQmhQCzxNBXo7FxliBwA5F2FKNgIjOHg9LF9idAEyCRtoPRYoHXpmSRg8HxoxGAh0ZD8AZUYwOwoBVxtLDjUCOw4fPn8gODkjWB89TwR2PQoANV4VTh8IfGUoMiAGGSkzBH4ATgkdAgFMPj54ZCw9CgYJLk8zVwJcECNdPQpHGkggLRwYdwJJLCZXAUw
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3047), with no line terminators
Hash 1e0bd431c3356840c343695c0021cafe
f9f9b3452f5ae32e635ec63f64499bd278eefd3b
031678c4328bb9789a0db085b3e80d1a9bd2b52acd58a7a3fe86e5f22514e121
GET /U3p6UDIyGBk9DTJHGHZHIRZHdQAVX0gWVmJDSCIHP0JCJ0A9HU1+UT8VDzRUIRUUJBw9Hw51ABUsK2BGOyk/N1UZO0IlVikZExJqBQIeCEIEHzJhXhooMz54OTRIG0gaTTwTAiM+KDxFGygZJHU9LA4WZhoJHD5GGzA5O0YfPAIlfgBKFQh6Pw8zOQoXHiIoXgMCPz57YE4DFFsaTzMURRk1LhlFMSgrIFYAThEXSxYRNilCFh8dZQAJLDwkVz00EBZbFhcwKWMENUhhSjYNQmhQCzxNBXo7FxliBwA5F2FKNgIjOHg9LF9idAEyCRtoPRYoHXpmSRg8HxoxGAh0ZD8AZUYwOwoBVxtLDjUCOw4fPn8gODkjWB89TwR2PQoANV4VTh8IfGUoMiAGGSkzBH4ATgkdAgFMPj54ZCw9CgYJLk8zVwJcECNdPQpHGkggLRwYdwJJLCZXAUw HTTP/1.1
Host: didmakingby.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamhub.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 1195
date: Fri, 23 Dec 2022 22:45:12 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 e2bc8da8a8d03748525187195f797d86.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: fEiqv3sZDAGUnfXv46urLygfQR6IVlMlvwBO1aWArgi5WeurhRMd5A==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f5218510142cb45d90492fbf773fb93c
8eb671874102686e536bf0ef724dcb6c319bf13b
98d2b99337e1f96f910b663266d4817d917ce8b5f270eb18b0e90b58026e7fb6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "98D2B99337E1F96F910B663266D4817D917CE8B5F270EB18B0E90B58026E7FB6"
Last-Modified: Fri, 23 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1285
Expires: Fri, 23 Dec 2022 23:06:37 GMT
Date: Fri, 23 Dec 2022 22:45:12 GMT
Connection: keep-alive
accounts.google.com/v3/signin/identifier?dsh=S1006706321%3A1671835512060764&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7Q30zk2yhj_XYroe4b83p5MRgKmzrao2vAlqPftLS2SGJGLppal07D-UJPlDGX0yEcb21v
403 Forbidden 3.7 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1006706321%3A1671835512060764&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7Q30zk2yhj_XYroe4b83p5MRgKmzrao2vAlqPftLS2SGJGLppal07D-UJPlDGX0yEcb21v
IP
Hash 2b6fa282c68b4f89936a0f1eb0f79a80
1bafadd016308dab96a3c6acb90297c7f9368c95
c8caea3776f6e22d2138661d3d1c353fe3179b1c9dd8420f6c1237fec04b27ec
GET /v3/signin/identifier?dsh=S1006706321%3A1671835512060764&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7Q30zk2yhj_XYroe4b83p5MRgKmzrao2vAlqPftLS2SGJGLppal07D-UJPlDGX0yEcb21v HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://freesideplus.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 23 Dec 2022 22:45:12 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-43TSk2hza5w-4kP6KhDwmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
referrer.disqus.com/juggler/event.gif?imp=1lp17v22tgb2j2&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=pandakingdom&zone=thread&version=82a72a26efe6cf449a682219560463fd&page_url=http%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough§ion=default&verb=call&adjective=1&forum_id=7329461
200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/event.gif?imp=1lp17v22tgb2j2&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=pandakingdom&zone=thread&version=82a72a26efe6cf449a682219560463fd&page_url=http%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough§ion=default&verb=call&adjective=1&forum_id=7329461
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/event.gif?imp=1lp17v22tgb2j2&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=pandakingdom&zone=thread&version=82a72a26efe6cf449a682219560463fd&page_url=http%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough§ion=default&verb=call&adjective=1&forum_id=7329461 HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Fri, 23 Dec 2022 22:45:12 GMT
Cross-Origin-Resource-Policy: cross-origin
accounts.google.com/v3/signin/identifier?dsh=S2131212834%3A1671835512051261&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh6TKuwz1H9cGe-s2wx148xgpAopPO8uY5EeS65mr4FVP3xjN31BtDjqDL_p6ePXXUb_BtnA
403 Forbidden 1.3 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S2131212834%3A1671835512051261&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh6TKuwz1H9cGe-s2wx148xgpAopPO8uY5EeS65mr4FVP3xjN31BtDjqDL_p6ePXXUb_BtnA
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (2306), with no line terminators
Hash 28e76f34b0c1ae90c5133593806f5c8e
ad2dac56e6cc2086b279313a00b43fbde1032f8f
8f481115ee630d96155c6ed4f9d9f270f44a20df951780bf9d8ff75374a4e484
GET /v3/signin/identifier?dsh=S2131212834%3A1671835512051261&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh6TKuwz1H9cGe-s2wx148xgpAopPO8uY5EeS65mr4FVP3xjN31BtDjqDL_p6ePXXUb_BtnA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://freesideplus.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 23 Dec 2022 22:45:12 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-CLAFsvqcvORE_gZP2sDP-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/lounge.load.82a72a26efe6cf449a682219560463fd.js
200 OK 495 B URL HTTP/2 c.disquscdn.com/next/embed/lounge.load.82a72a26efe6cf449a682219560463fd.js
IP
File type ASCII text, with very long lines (958), with no line terminators
Hash 995d93fd616b8f87049eae842800c655
1888b68a704e74fcc2b1ab942425789ab11d3221
9f9192f35ce9bb59b9529b233ace4d1bcb916ae2d8fb7d37616bb50b1b0c645f
GET /next/embed/lounge.load.82a72a26efe6cf449a682219560463fd.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://disqus.com
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 495
date: Thu, 22 Dec 2022 23:34:24 GMT
server: nginx
last-modified: Thu, 22 Dec 2022 23:22:39 GMT
etag: "63a4e6bf-1ef"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 22 Dec 2023 23:34:24 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mWad3LR9_JAzsGHl80UHa8dTN3EioHKF_6rCpQhNsV6c26kuCHvyRw==
age: 83448
X-Firefox-Spdy: h2
tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=pandakingdom&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23ffffff&colorScheme=dark&sourceUrl=https%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&disqus_version=current
200 OK 9.1 kB URL HTTP/1.1 tempest.services.disqus.com/ads-iframe/taboola/?position=top&shortname=pandakingdom&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23ffffff&colorScheme=dark&sourceUrl=https%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&disqus_version=current
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (747)
Hash e2dacf468914590f54487723e0d310e4
edf216a21178dc585adc7db1d76b1ae06721d831
8d69c48599627e2eb132c8e0eaf33b9838d6f51348233d3152e91ddfe7abbef5
GET /ads-iframe/taboola/?position=top&shortname=pandakingdom&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%23ffffff&colorScheme=dark&sourceUrl=https%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&typeface=sans-serif&canonicalUrl=https%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&disqus_version=current HTTP/1.1
Host: tempest.services.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://freesideplus.com
Connection: keep-alive
Referer: http://freesideplus.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 9119
Server: openresty
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=300
X-Service: router
Content-Encoding: gzip
Date: Fri, 23 Dec 2022 22:45:12 GMT
Age: 0
Vary: Accept-Encoding,
Cross-Origin-Resource-Policy: cross-origin
c.disquscdn.com/next/embed/common.bundle.78f08d08ee97a04dc049cbcf3a5ec827.js
200 OK 95 kB URL HTTP/2 c.disquscdn.com/next/embed/common.bundle.78f08d08ee97a04dc049cbcf3a5ec827.js
IP
File type ASCII text, with very long lines (32023)
Hash a4a81dd6f804400073d934078a03c4f7
2746aeef92e4a7419935bf5613b94266f7149d51
be8240cb54d0c29f572bcd51dc8584c34067cbd813f5504bfe9524d190e274a5
GET /next/embed/common.bundle.78f08d08ee97a04dc049cbcf3a5ec827.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 94881
date: Tue, 20 Dec 2022 22:44:28 GMT
server: nginx
last-modified: Tue, 20 Dec 2022 22:36:25 GMT
etag: "63a238e9-172a1"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Wed, 20 Dec 2023 22:44:28 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: q8bwchKLgmRXXmmwgRE_P8UWMgnxovpQUj02hcEybSTC5Us_60R3iw==
age: 259244
X-Firefox-Spdy: h2
lackgoodwillmagnet.com/fd/86/a0/fd86a0fa7a6ae6c516f2ca5a63c78786.js
200 OK 21 kB URL HTTP/1.1 lackgoodwillmagnet.com/fd/86/a0/fd86a0fa7a6ae6c516f2ca5a63c78786.js
IP
File type HTML document, ASCII text, with very long lines (60147), with no line terminators
Hash cdf69383ecd94589e5d4a36d9c807df2
cbb569fa499ad0d4649fb61fc17905febcfe9823
1b2768ed7121f52fd5e247e72ba7ecbacd9408254707c6bcc2d9848eae8fc2f6
Analyzer Verdict Alert quad9 Sinkholed
GET /fd/86/a0/fd86a0fa7a6ae6c516f2ca5a63c78786.js HTTP/1.1
Host: lackgoodwillmagnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamhub.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 23 Dec 2022 22:45:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3ae228217186ecedf8e85b8d5d1727b6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
c.disquscdn.com/next/embed/styles/lounge.1bdd56d22493b91804cbc7f49fe6c365.css
200 OK 31 kB URL HTTP/2 c.disquscdn.com/next/embed/styles/lounge.1bdd56d22493b91804cbc7f49fe6c365.css
IP
File type ASCII text, with very long lines (65469)
Hash a7d74a18e8796bec42b71b8633feae68
77f7d86432c6f8c7d4ced74500d0e19c148c2197
9b0a8ce0b1349b4d5c40ac672b4d8bc3b4f90c3bfa607183e5453f973bfa7ee5
GET /next/embed/styles/lounge.1bdd56d22493b91804cbc7f49fe6c365.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 30867
date: Thu, 22 Dec 2022 23:34:23 GMT
server: nginx
last-modified: Thu, 22 Dec 2022 23:22:39 GMT
etag: "63a4e6bf-7893"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 22 Dec 2023 23:34:23 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sAeku3KT3H7t622FNHPu2yYXLuTg5JYUa1Oh_17PWjMKBvsHGq-ZrA==
age: 83449
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/lounge.bundle.abd95c70c0bf2833afad839d2ac60096.js
200 OK 129 kB URL HTTP/2 c.disquscdn.com/next/embed/lounge.bundle.abd95c70c0bf2833afad839d2ac60096.js
IP
File type ASCII text, with very long lines (32018)
Size 129 kB (129104 bytes)
Hash 16d1616489838823d808b1635cfbb654
d805b6350b5770cd7856ed335f9efb7137f11828
fea1e200ccc86296f57db7c4f96807d008e4a4f52931fde2b8776a0cb7acba48
GET /next/embed/lounge.bundle.abd95c70c0bf2833afad839d2ac60096.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://disqus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 129104
date: Thu, 22 Dec 2022 23:34:23 GMT
server: nginx
last-modified: Thu, 22 Dec 2022 23:22:39 GMT
etag: "63a4e6bf-1f850"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Fri, 22 Dec 2023 23:34:23 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: aP4erBnnizrkpvXiQBtRTdq6eQBvx4tE4yKQfXAv0K1aQNDBp396yA==
age: 83449
X-Firefox-Spdy: h2
disqus.com/next/config.js
200 OK 17 kB URL HTTP/1.1 disqus.com/next/config.js
IP
File type ASCII text, with very long lines (16919), with no line terminators
Hash 89d6b18eee3b10caa2e8e9ecf5d0646a
5a709b4ac8d4b315cf2e5ac1e788e534a77621e7
046e7815be644e42bfefc7897cac9f306edb2861dfb27d8a155ab8b244792784
GET /next/config.js HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=pandakingdom&t_i=2766%20https%3A%2F%2Ffreesideplus.com%2F%3Fp%3D2766&t_u=https%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&t_e=EP%2065%20%E2%80%9CTHE%20SIDEMEN%20ARE%20GOING%20ON%20STRIKE%3F!%E2%80%9D&t_d=Watch%20EP%2065%20%E2%80%9CTHE%20SIDEMEN%20ARE%20GOING%20ON%20STRIKE%3F!%E2%80%9D%20Free%20in%20HD%20%C2%BB%20FreeSide%2B%20-%20Watch%20Free%20SidePlus%20content%20online%20in%20HD%20with%20direct%20download%20links%20for%20Side%2B%20Episodes&t_t=EP%2065%20%E2%80%9CTHE%20SIDEMEN%20ARE%20GOING%20ON%20STRIKE%3F!%E2%80%9D&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 16919
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Fri, 23 Dec 2022 22:45:12 GMT
Age: 11
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash ecf9c53462f414d9dd6a28eabfbe770a
0eaf9695c29d70da420d2618d996f27f6df2cf6c
9efece3d133705b3f9407c2bef5659d877244a227a18f41a8d964bc99df3ce14
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143023
Date: Fri, 23 Dec 2022 22:45:12 GMT
Etag: "63a5ad95-1d7"
Expires: Sun, 25 Dec 2022 14:28:55 GMT
Last-Modified: Fri, 23 Dec 2022 13:31:01 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pGsOEkoeTMTlxkDt7F3RMLDqANIgFZ3WEAt-D7WXghFYUGBlYPLZ3g==
Age: 3474
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e463d1e5f63d18906784a217557453fb
7d5c2e8f6c9bac58beebdbf2e7aae8ddc49485e8
b031368f6b7041415e1e63dafa48857622d94c2d185706fc1cb121b855bd729c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B031368F6B7041415E1E63DAFA48857622D94C2D185706FC1CB121B855BD729C"
Last-Modified: Fri, 23 Dec 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3069
Expires: Fri, 23 Dec 2022 23:36:21 GMT
Date: Fri, 23 Dec 2022 22:45:12 GMT
Connection: keep-alive
simplewebanalysis.com/stats
200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP
File type ASCII text, with no line terminators
Hash 9370c64a212783e06f78f79c0513c329
6d91136128c7e15f8918e2882784478c214fceb4
74ad7bba293d47837802faabc56c319cef1151f95c8be2b206181d43336d0be1
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamhub.to
Connection: keep-alive
Referer: https://streamhub.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://streamhub.to
access-control-allow-credentials: true
set-cookie: uid_id2=f1390bf2-0211-4a4e-aa41-51330bd91bff:1:1; expires=Mon, 20 Dec 2032 22:45:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash aa2bd485c84cc2d2724d60e4e60ce132
e80953377bbc366d5c359fe99a0253239fbc0cdb
06655ce9ca1ca9c2943ec77239995d4affefb5a98a711d12c9378e58bff2e4e2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 22:45:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 05:22:29 GMT
Expires: Wed, 28 Dec 2022 05:22:28 GMT
Etag: "e80953377bbc366d5c359fe99a0253239fbc0cdb"
Cache-Control: max-age=368835,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e4a0520cc31c06-OSL
disqus.com/api/3.0/forums/details?forum=pandakingdom&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
200 OK 3.2 kB URL HTTP/1.1 disqus.com/api/3.0/forums/details?forum=pandakingdom&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F
IP
File type JSON data\012- , ASCII text, with very long lines (3167), with no line terminators
Hash fdd4e12911745c3c44aa0845e593487c
173e9e57e772d5f47df97399b9f1e5c10061d391
06079f2e5cca08d89fef92056d5483cd5852716d2caec683af8d25c91d0c4469
GET /api/3.0/forums/details?forum=pandakingdom&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F HTTP/1.1
Host: disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=pandakingdom&t_i=2766%20https%3A%2F%2Ffreesideplus.com%2F%3Fp%3D2766&t_u=https%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&t_e=EP%2065%20%E2%80%9CTHE%20SIDEMEN%20ARE%20GOING%20ON%20STRIKE%3F!%E2%80%9D&t_d=Watch%20EP%2065%20%E2%80%9CTHE%20SIDEMEN%20ARE%20GOING%20ON%20STRIKE%3F!%E2%80%9D%20Free%20in%20HD%20%C2%BB%20FreeSide%2B%20-%20Watch%20Free%20SidePlus%20content%20online%20in%20HD%20with%20direct%20download%20links%20for%20Side%2B%20Episodes&t_t=EP%2065%20%E2%80%9CTHE%20SIDEMEN%20ARE%20GOING%20ON%20STRIKE%3F!%E2%80%9D&s_o=default
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3167
Server: nginx
Content-Type: application/json
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Fri, 23 Dec 2022 22:45:12 GMT
Age: 0
Vary: Origin, Cookie
Cross-Origin-Resource-Policy: cross-origin
Strict-Transport-Security: max-age=300; includeSubdomains
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a699db7cd374cc3c21d8d68c57c600b2
1882ba23ebdaf3f4d50270f54f76d1abbb2015a0
6b5edb667ad3352bfbf15b576565b92ec2f4d309c36fd25d3ce5693a9f6d1cc5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B5EDB667AD3352BFBF15B576565B92EC2F4D309C36FD25D3CE5693A9F6D1CC5"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17329
Expires: Sat, 24 Dec 2022 03:34:02 GMT
Date: Fri, 23 Dec 2022 22:45:13 GMT
Connection: keep-alive
c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
200 OK 13 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (13079), with no line terminators
Hash 4da5413f5086c5755b46094b813dbfcd
87669f231ce245cdd9b7d80ebf8194e2ae62e7b1
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
GET /next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.1bdd56d22493b91804cbc7f49fe6c365.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 13079
date: Fri, 04 Nov 2022 03:33:20 GMT
server: nginx
last-modified: Wed, 02 Nov 2022 16:07:12 GMT
etag: "636295b0-3317"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sat, 04 Nov 2023 03:33:20 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OWLX5gjKygYnhGPw_F_zf4kYoNRjwjYQhJLC_uJkVv9h-c_2uuo6xg==
age: 4302713
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 26 kB IP
Hash 8539e3bdd70e85e576b957e8bf69f493
71e0bddc7158a1add380129630a6dd137456703d
ae5205f574913de6be3efac5831239d6135af3d4e279bfee1abadfa6ad470cdc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.disquscdn.com/next/embed/assets/img/vote.db918335ef853b5fb09a9c6bb933ac5b.svg
200 OK 279 B URL HTTP/2 c.disquscdn.com/next/embed/assets/img/vote.db918335ef853b5fb09a9c6bb933ac5b.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash db918335ef853b5fb09a9c6bb933ac5b
18f65ddc4dcfa6e45c927a7e7f7bcdad04b5cbb1
3ef55a2dfb1f5a96fc821ab726854564a8106c4e503b71b1744aea108d31b54e
GET /next/embed/assets/img/vote.db918335ef853b5fb09a9c6bb933ac5b.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.1bdd56d22493b91804cbc7f49fe6c365.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 279
date: Wed, 16 Nov 2022 00:51:23 GMT
server: nginx
last-modified: Tue, 15 Nov 2022 17:21:48 GMT
etag: "6373caac-117"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Thu, 16 Nov 2023 00:51:23 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HkE4AZyENZeFYoGfswthjYNtAKir8CtqHXgNtd_zJN4PFiheyIObbQ==
age: 3275630
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
200 OK 3.0 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif
IP
File type GIF image data, version 87a, 62 x 20\012- data
Hash ba7c86e8b4b6135bb668d05223f8f127
ae07a576af9eab682281921075436798438e902e
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
GET /next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.1bdd56d22493b91804cbc7f49fe6c365.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 2971
date: Mon, 31 Oct 2022 00:55:21 GMT
server: nginx
last-modified: Thu, 27 Oct 2022 21:17:31 GMT
etag: "635af56b-b9b"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 31 Oct 2023 00:55:21 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gS5k8TULGBASlyR5n6IIs86WcySI8BUHfleip5xTegkt-iqCbBP3Mw==
age: 4657792
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
200 OK 840 B URL HTTP/2 c.disquscdn.com/next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (736)
Hash 727e30eb9b6c1e85cb010b9c8eb04c7e
5b7ed3f88c4d25d1d9e15bbd15af68daf5c573b4
0589c5845288117448d7aa710af60618b151d78efd1a2653f89a0b57f7eb3de8
GET /next/embed/assets/img/email.727e30eb9b6c1e85cb010b9c8eb04c7e.svg HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.1bdd56d22493b91804cbc7f49fe6c365.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml; charset=utf-8
content-length: 840
date: Mon, 14 Nov 2022 05:36:22 GMT
server: nginx
last-modified: Fri, 11 Nov 2022 07:03:00 GMT
etag: "636df3a4-348"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Tue, 14 Nov 2023 05:36:22 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hARyoyn6V7acENQJ-PnhTKY6_eq81ceh-tdbSxY0OCSexTFKj6iE7Q==
age: 3431331
X-Firefox-Spdy: h2
discord.com/widget?id=941149153084465165&theme=dark
200 OK 1.9 kB URL HTTP/2 discord.com/widget?id=941149153084465165&theme=dark
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1559)
Hash 13461b7e4598269b76c3cca1260d96d4
a9c865d47acaba13814b48bd4d264babf3d1870e
5384dbe5c0c194a2d32e94a8a02e88e4419a22f4529dae1fe6e1654137027544
GET /widget?id=941149153084465165&theme=dark HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/html
cf-ray: 77e4a04ab9980af6-OSL
cache-control: public, max-age=14400
last-modified: Mon, 06 Jun 2022 20:56:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
permissions-policy: interest-cohort=()
x-build-id: 658afa3e9b2fd84f7825b019e925af528bcb2f76
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbXOMECOK5gYw6N2MOxqroPQ6i7W56FDHU5lim%2BJ5T6L0yTmBPF%2BUVNCKxuO0tlI9y23GVUqtbhazoxgKVii%2Fr%2Bsjd4rXTiA4u7GwR1IOUuCAYw6mSoS9FSINXV0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __dcfduid=755ba130831311edacb321a018d09c3d; Expires=Wed, 22 Dec 2027 22:45:11 GMT; Max-Age=157680000; Path=/; Secure; HttpOnly; SameSite=Lax
__sdcfduid=755ba131831311edacb321a018d09c3d4e44a92e4bca65e2fef3aa5d83d2d82dae156117a5d731f0c70b0c6f75e35ee7; Expires=Wed, 22 Dec 2027 22:45:11 GMT; Max-Age=157680000; Path=/; Secure; HttpOnly; SameSite=Lax
__cfruid=13767561ea7969d729f18ee122e79a84e2521078-1671835511; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freesideplus.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
200 OK 13 kB URL HTTP/2 freesideplus.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
IP
File type ASCII text, with very long lines (58661)
Hash 48dff16b2dd19dabe264f0fec3368121
92d74652af786603432d02ebea182ce094700cf5
371f1157cddba5299bb3bb25a95a124e72242c73b344ae8bf5a75391dae905be
GET /wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 19:55:03 GMT
etag: W/"62630817-e526"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 764
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNYCGZU5ksXPFT%2FwT3M7QgUtwzS%2BESGYg9QsdBqsQD%2B98dgtBo7gh6SxEnE7mHNg0w%2FZDO32sKyOINBNnXAUN%2Fkw0VHROmlTPiN07JCGa%2BjgjPy6l8GvKIKlTrmVIWqd21vl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047bf8cb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
200 OK 1.8 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png
IP
File type PNG image data, 172 x 81, 8-bit colormap, non-interlaced\012- data
Hash ad630a07080a45451f139a7487853ff8
c2673d7404fc947fab20eed21416f9656149018d
9714221c828961b20f45a782c3281c0596f6652cfe1299bee18097f98e8fb7b3
GET /next/embed/assets/img/sprite.ad630a07080a45451f139a7487853ff8.png HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c.disquscdn.com/next/embed/styles/lounge.1bdd56d22493b91804cbc7f49fe6c365.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1763
date: Sat, 05 Nov 2022 01:16:36 GMT
server: nginx
last-modified: Wed, 02 Nov 2022 16:07:12 GMT
etag: "636295b0-6e3"
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sun, 05 Nov 2023 01:16:36 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WS72LCZPG_KP42QzxSWUlVYUqqy0aFx60_EXBhSXQE7c-fWWDOzp6w==
age: 4224517
X-Firefox-Spdy: h2
c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
200 OK 7.9 kB URL HTTP/2 c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 4cc7a703d2fdfe684151ff8ac24d45f1
046adee74e5ce76db11491906a21c09399391571
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
GET /next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2 HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://c.disquscdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 7900
date: Sat, 05 Nov 2022 01:01:02 GMT
server: nginx
last-modified: Wed, 02 Nov 2022 16:07:12 GMT
etag: "636295b0-1edc"
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sun, 05 Nov 2023 01:01:02 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hgWqB0Fgn3CEVkz01gaOmfM9B0XlLnUrUvgI3l7RgCCzCqps5WfuZA==
age: 4225451
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 104 kB IP
Size 104 kB (103751 bytes)
Hash c27a4c6feb905d5c8db51370f3a83d9c
7114f3edc4903ba4595d1b9a233f370eae01b2b5
9c5fda3305b9458b9cf30f1aa335c6f68da34e979b7fa1f5fb6085e2fb0d236d
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://freesideplus.com/
Origin: http://freesideplus.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:12 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://freesideplus.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6620
last-modified: Fri, 23 Dec 2022 20:54:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rTTwBMeuVKE99bDhbBn81F2JKTh3ppb4zS0BBaL2W6gi1LAQOzZbEWdT4%2BUb%2BZRlP2Bo3QnB8GOW325fyhxnqCGplnzWzGmFzRf72pLmDA08dzJxhZ4aKoP1LPA%2F4Xu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a04e7af323a8-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash aa2bd485c84cc2d2724d60e4e60ce132
e80953377bbc366d5c359fe99a0253239fbc0cdb
06655ce9ca1ca9c2943ec77239995d4affefb5a98a711d12c9378e58bff2e4e2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 22:45:13 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 21 Dec 2022 05:22:29 GMT
Expires: Wed, 28 Dec 2022 05:22:28 GMT
Etag: "e80953377bbc366d5c359fe99a0253239fbc0cdb"
Cache-Control: max-age=368834,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e4a0548a69b529-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dc2725df0fb812e32298bb7faaf0c231
4ce4ac649b05b8eedab5bda51f4baf5f98417689
1a60eb1f9b71718c2061dfeb9de8241bef6fecab5d48adbc8ce3a89d1dddb8f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
200 OK 27 kB URL HTTP/2 c.disquscdn.com/next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js
IP
File type ASCII text, with very long lines (32024)
Hash 0c2785ae737e4a3a6baf270c42954aaa
ba03fa7243d6e4f184c3f2f05f733f5f40b96cc3
75310b8dcb511e824684c40202fb6edb67136e7b747e2d42c71a628bce42c2f2
GET /next/embed/alfie_v4.63f1ab6d6b9d5807dc0c94ef3fe0b851.js HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 26578
date: Fri, 28 Oct 2022 16:37:58 GMT
server: nginx
last-modified: Thu, 27 Oct 2022 21:17:31 GMT
etag: "635af56b-67d2"
content-encoding: gzip
x-served-by: static-web-2
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sat, 28 Oct 2023 16:37:58 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pSjaERIxhrEMAs-ZdZQDod1myq2utAjyc7Vq1mSuguBxHdoOcaNewg==
age: 4860435
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:13 GMT
expires: Sat, 23 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
age: 33120
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:33:56 GMT
expires: Thu, 21 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 184277
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17032, version 1.0\012- data
Hash 05a47f9e469d408c629f931cd33ff8b2
823f21f7b1d456db889c3afea393f0d2b9581c38
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
GET /s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17032
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Dec 2022 08:12:28 GMT
expires: Fri, 22 Dec 2023 08:12:28 GMT
cache-control: public, max-age=31536000
age: 138765
last-modified: Wed, 11 May 2022 19:24:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Dec 2022 07:01:24 GMT
expires: Wed, 20 Dec 2023 07:01:24 GMT
cache-control: public, max-age=31536000
age: 315829
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://disqus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 19:33:54 GMT
expires: Thu, 21 Dec 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 184279
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.viglink.com/images/pixel.gif?ch=2&rn=8.209922086854187
200 OK 43 B URL HTTP/1.1 cdn.viglink.com/images/pixel.gif?ch=2&rn=8.209922086854187
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /images/pixel.gif?ch=2&rn=8.209922086854187 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freesideplus.com/
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 23 Dec 2022 22:45:01 GMT
Cache-Control: max-age=15, must-revalidate
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: THR9eMULAMMYtlEBDlnhEL532WCr1KTmvs5SsKOLSkiKixP_1Kwb2A==
Age: 13
cdn.viglink.com/images/pixel.gif?ch=1&rn=8.209922086854187
200 OK 43 B URL HTTP/1.1 cdn.viglink.com/images/pixel.gif?ch=1&rn=8.209922086854187
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /images/pixel.gif?ch=1&rn=8.209922086854187 HTTP/1.1
Host: cdn.viglink.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freesideplus.com/
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Tue, 10 Feb 2015 03:29:39 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Fri, 23 Dec 2022 22:45:04 GMT
Cache-Control: max-age=15, must-revalidate
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Y_1ataXlQZC3oDdrEqN3WPTmtmGkt9T02rs37fD_B5JpoT2ggFaJiQ==
Age: 13
ocsp.sectigo.com/
200 OK 472 B IP
Hash ae90dbf2853994d70b32a828b70b9b15
01507010c3bb3659d39ea86d5f593a781538475c
20be489f41c4251c4c13b274b7acc1f97491681963328d021f94ed407859aa84
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 22:45:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Dec 2022 08:00:48 GMT
Expires: Fri, 30 Dec 2022 08:00:47 GMT
Etag: "01507010c3bb3659d39ea86d5f593a781538475c"
Cache-Control: max-age=551133,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e4a0545b9eb524-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
temperrunnersdale.com/pixel/purst?dl=0&th=0&sc=0&rs=1205&rd=1205&fd=905&bv=22.10.v.9&tmpl=70
200 OK 0 B URL HTTP/1.1 temperrunnersdale.com/pixel/purst?dl=0&th=0&sc=0&rs=1205&rd=1205&fd=905&bv=22.10.v.9&tmpl=70
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1205&rd=1205&fd=905&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: temperrunnersdale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamhub.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 23 Dec 2022 22:45:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4744
Expires: Sat, 24 Dec 2022 00:04:17 GMT
Date: Fri, 23 Dec 2022 22:45:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4744
Expires: Sat, 24 Dec 2022 00:04:17 GMT
Date: Fri, 23 Dec 2022 22:45:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4744
Expires: Sat, 24 Dec 2022 00:04:17 GMT
Date: Fri, 23 Dec 2022 22:45:13 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4744
Expires: Sat, 24 Dec 2022 00:04:17 GMT
Date: Fri, 23 Dec 2022 22:45:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8746c6e1-6dc2-495d-aa70-597a3c6c0aba.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8746c6e1-6dc2-495d-aa70-597a3c6c0aba.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fdb50810c090467311eeb20738abbf87
3ac60521ff7187e36eccd673bff93d7830282e77
370b30a0b04a103c3ae2a1b804278c2da8ecf0951703e228fe29bffe759d1cd2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8746c6e1-6dc2-495d-aa70-597a3c6c0aba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12383
x-amzn-requestid: 18c01b2e-37e7-4df7-a102-ec851bfde50e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnpAHfpoAMFVeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61fd3-10fd647a43e13dfa42f4d637;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:38:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xXjjliVDBmz3VMdfELHVi7juqoXI-DyuNxUkgM3zXuN1aX6l6r4aLg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 22:14:01 GMT
age: 1872
etag: "3ac60521ff7187e36eccd673bff93d7830282e77"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b7298a2-2f41-4b7e-a1c6-2819da4067a7.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b7298a2-2f41-4b7e-a1c6-2819da4067a7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50705ab69dfed4f096be357417729ea6
86b6a457d2eefd5104561d15a9557441f10804f2
30cc593e7bf3cf1af8977f7c7a22c12f5c4e859c55a4efffcd504b7e56c74dbf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b7298a2-2f41-4b7e-a1c6-2819da4067a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12686
x-amzn-requestid: 5ff517eb-a8ea-4051-9277-7730c04003d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhyVlH_toAMF-QA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a3ca89-197af9f660f57fd11e178cd6;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 03:10:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: niapAUk39VyD6tjbfb91o8MoKBAEVV97AVmVIbC9qKRR_S8HbraMCQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 04:07:37 GMT
age: 67056
etag: "86b6a457d2eefd5104561d15a9557441f10804f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a3141db-c19d-4305-bc5b-a3a8f7e9bdd7.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a3141db-c19d-4305-bc5b-a3a8f7e9bdd7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 207ccd76f1cb9ad0bde74cc9441c518b
bcacbdc5dc63a1f016714de2a83c9c78e7913ac7
8a7934b7f0d20934e910f5ae50f76d23dc1c1e2ef298fa10884a2e3ddeea54aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a3141db-c19d-4305-bc5b-a3a8f7e9bdd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9401
x-amzn-requestid: 6c3b78d2-034c-4579-b0f1-a3beaf911d76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnqjFAeoAMFskg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61fdc-023251092fc027c120416809;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:38:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: f6REEIwmL3eWV9SGfFIuQu8VpV2ylFASGZXCmFNJWAhKJMGMuAGdKw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 22:33:04 GMT
etag: "bcacbdc5dc63a1f016714de2a83c9c78e7913ac7"
content-type: image/jpeg
age: 729
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2370a8-14bd-40e5-9d9f-63e8b4b4e9f3.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2370a8-14bd-40e5-9d9f-63e8b4b4e9f3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fae75097a9e461f59779e2725dd153d9
95b1e2797d9d047ca71f60851976937e83c804be
63981e99d995c1c79028f5e2205883a13ef9b1b96f3aa47cde2f4aa08ae6badb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2370a8-14bd-40e5-9d9f-63e8b4b4e9f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10613
x-amzn-requestid: da298549-e2ce-47b1-9efa-ed817c6c416c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnniXE12oAMF-Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61fa8-2b396ad16595c0b349fdb450;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:37:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _C8_4MMvadzwCZt0X_zX1Ors5vXDfS3NUMZAYFYwMXwZZOhpwsBdhA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 22:24:24 GMT
age: 1249
etag: "95b1e2797d9d047ca71f60851976937e83c804be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41c787f1-413b-442f-ad33-df2b7b4c8066.jpeg
200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41c787f1-413b-442f-ad33-df2b7b4c8066.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69507e22bc222e2ca8e8b6461c6b7994
ae0a775c60159442daa15c1975770ee251083de9
022f17ef3a20ad0eef1fb68c52a0160481d4be305e2d8b466c5f578da5435191
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F41c787f1-413b-442f-ad33-df2b7b4c8066.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7377
x-amzn-requestid: 2dd53b1b-6670-489b-bf6d-47aafed2d93a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnPzHDoIAMFhdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f31-4296afb759b198f4729c2c76;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hDCBYhiLDdwRiJW4WZMMaf30m5pCvq-vEwfSxRi6AW_fOKhwrP9m1g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:42:36 GMT
etag: "ae0a775c60159442daa15c1975770ee251083de9"
content-type: image/jpeg
age: 3757
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b8b6b6f-05a3-4eb5-804c-574c03992933.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b8b6b6f-05a3-4eb5-804c-574c03992933.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a63236113546a7bfb369d741c2b76e2
737f6730f63deff51a39ef094fa1a263b91db89b
b811838126a7d3e814415c3b869f9f224361ef468c08c4c7d5e385371149263a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b8b6b6f-05a3-4eb5-804c-574c03992933.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8078
x-amzn-requestid: 0fa11c0d-584a-4790-83fe-d10780dd6df9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnncXGjDIAMFvfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f82-452f8acd148122756a8f0230;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZsYREhlLzv_oHiB1qgGuelsC8t99SUMILEGgU42tKWeugQUU5iFgBA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:47:42 GMT
age: 3451
etag: "737f6730f63deff51a39ef094fa1a263b91db89b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.22&load_time=410&event=init_embed&thread=9501322605&forum=pandakingdom&forum_id=7329461&imp=1lp17v22tgb2j2&thread_slug=ep_65_the_sidemen_are_going_on_strike&user_type=anon&referrer=http%3A%2F%2Ffreesideplus.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.22&load_time=410&event=init_embed&thread=9501322605&forum=pandakingdom&forum_id=7329461&imp=1lp17v22tgb2j2&thread_slug=ep_65_the_sidemen_are_going_on_strike&user_type=anon&referrer=http%3A%2F%2Ffreesideplus.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/event.gif?abe=0&embed_hidden=0&integration=wordpress%203.0.22&load_time=410&event=init_embed&thread=9501322605&forum=pandakingdom&forum_id=7329461&imp=1lp17v22tgb2j2&thread_slug=ep_65_the_sidemen_are_going_on_strike&user_type=anon&referrer=http%3A%2F%2Ffreesideplus.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default&variant=fallthrough&service=dynamic&promoted_enabled=true&max_enabled=true HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://disqus.com/embed/comments/?base=default&f=pandakingdom&t_i=2766%20https%3A%2F%2Ffreesideplus.com%2F%3Fp%3D2766&t_u=https%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&t_e=EP%2065%20%E2%80%9CTHE%20SIDEMEN%20ARE%20GOING%20ON%20STRIKE%3F!%E2%80%9D&t_d=Watch%20EP%2065%20%E2%80%9CTHE%20SIDEMEN%20ARE%20GOING%20ON%20STRIKE%3F!%E2%80%9D%20Free%20in%20HD%20%C2%BB%20FreeSide%2B%20-%20Watch%20Free%20SidePlus%20content%20online%20in%20HD%20with%20direct%20download%20links%20for%20Side%2B%20Episodes&t_t=EP%2065%20%E2%80%9CTHE%20SIDEMEN%20ARE%20GOING%20ON%20STRIKE%3F!%E2%80%9D&s_o=default
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Fri, 23 Dec 2022 22:45:13 GMT
Cross-Origin-Resource-Policy: cross-origin
c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
200 OK 244 B URL HTTP/2 c.disquscdn.com/next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css
IP
File type ASCII text, with very long lines (337), with no line terminators
Hash f74fc76abba12fe71950760c586845c2
0e2456bb947e89d92afdde9a0f1f7043e0e0e12a
f6a934d83fa1c7116ec650c15cdd07d227fa43423024920345ac5ebf0b10532a
GET /next/embed/styles/realtime.b23ff3c36dd0169627f8e54ca1621eca.css HTTP/1.1
Host: c.disquscdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 244
date: Fri, 28 Oct 2022 14:13:46 GMT
server: nginx
last-modified: Thu, 27 Oct 2022 21:17:31 GMT
etag: "635af56b-f4"
content-encoding: gzip
x-served-by: static-web-1
x-cache-hits: 0
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expires: Sat, 28 Oct 2023 14:13:46 GMT
cache-control: max-age=31536000, public, immutable, no-transform
access-control-allow-origin: *
timing-allow-origin: *
surrogate-key: next
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cTdvAJh8GHK8gT2VrwwOUyFr6UgT1cEkxDD0-0TQAQrd9Xp_w1xVBQ==
age: 4869087
X-Firefox-Spdy: h2
didmakingby.xyz/utx?cb=ZavSpP4LmSIf&top=streamhub.to&tid=961705
204 No Content 0 B URL HTTP/2 didmakingby.xyz/utx?cb=ZavSpP4LmSIf&top=streamhub.to&tid=961705
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=ZavSpP4LmSIf&top=streamhub.to&tid=961705 HTTP/1.1
Host: didmakingby.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamhub.to
Connection: keep-alive
Referer: https://streamhub.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 23 Dec 2022 22:45:13 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://streamhub.to
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 23 Dec 2022 22:46:13 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 e2bc8da8a8d03748525187195f797d86.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: AjDxabjCh1_dk4w5ZVpUzfW4R1bgR8uQdzjtihkEqQSykVNJ9GxHpQ==
X-Firefox-Spdy: h2
realtime.services.disqus.com/ws/2/thread/9501322605?
101 Switching Protocols 0 B URL HTTP/1.1 realtime.services.disqus.com/ws/2/thread/9501322605?
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ws/2/thread/9501322605? HTTP/1.1
Host: realtime.services.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://disqus.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ao/Lt/IcCByLl1GH4iFUlA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx
Date: Fri, 23 Dec 2022 22:45:13 GMT
Content-Length: 0
Connection: upgrade
Sec-WebSocket-Extensions: permessage-deflate
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://disqus.com
Sec-WebSocket-Accept: gGpB5jOd3GIb/vclxmxJPmhLllA=
Upgrade: websocket
X-Served-By: realtime-8
X-Cache: MISS
X-Cache-Hits: 0
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
cdn.discordapp.com/widget-avatars/HXvad4vko8zleRaUN_AWlla6omDQyZBclg1lv-kFqu8/8nRJnRKNk4aIywaFUOYgaggsP_qm_kNEektq5zLefvK55sq2itrAkSAzBpPkyYI5mIzvQrlICa7Uc9BXrY-WJN7tPjrLRBebL6w0YRuxWefkJ6j1L7KhTbYnGqRi6UcypqmA0pJmwUR4Aw
200 OK 107 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/HXvad4vko8zleRaUN_AWlla6omDQyZBclg1lv-kFqu8/8nRJnRKNk4aIywaFUOYgaggsP_qm_kNEektq5zLefvK55sq2itrAkSAzBpPkyYI5mIzvQrlICa7Uc9BXrY-WJN7tPjrLRBebL6w0YRuxWefkJ6j1L7KhTbYnGqRi6UcypqmA0pJmwUR4Aw
IP
Size 107 kB (107242 bytes)
Hash abbf96789b18bf5ab3b693a2f0985040
7f59cd253e5b88891a96cc0c759e5f60a867cf7e
780f8de35fa983b2094ea375706c5a06e52b4e3d32bb6c61451490ce069b1d7d
GET /widget-avatars/HXvad4vko8zleRaUN_AWlla6omDQyZBclg1lv-kFqu8/8nRJnRKNk4aIywaFUOYgaggsP_qm_kNEektq5zLefvK55sq2itrAkSAzBpPkyYI5mIzvQrlICa7Uc9BXrY-WJN7tPjrLRBebL6w0YRuxWefkJ6j1L7KhTbYnGqRi6UcypqmA0pJmwUR4Aw HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 4842
cf-ray: 77e4a0573ea60b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 711716
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Thu, 17 Nov 2022 15:49:53 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 39
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=wCteFuM.dhbbFJYZ7ErcQOvdpJ1G94Y9i7n2YOR_qTg-1671835513-0-AYobijUQcLND86BVkVEhi20wVI4jTUxE6gHrLff5d84DifoG0XClqtUDZb62ZXDgZmRQn7uBtQGS6KYor86ID/A=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6vDr3FhoPkWWKtZ6slBZqUULITyZjixUuNsKT5wTck2nUxEaqgvwmrkYTUykt8u4aIKjPEa2qL%2BxgYnBcnJ4fsu8S5glYe%2BCet6MPWg%2FnOU5AtGmB7Un32ZqnyXZMqKJCyW2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/xz9chjNEG5AXp304IpkHzyqlILgJvGnKqbTqPA2oJ6I/jCT6Fe4G1DYj2kzFGO3MbX_VepHf3I68p0zZtQ6uyOeTJrhUw96GyvOIsom9eVRx6ublHDWxZb2UAPtgkj_5Yugjt0EexrBmwwVrGUYThpji_kr72jH7C6XcP5AykCTVxTas_kSBkQnVuw
200 OK 5.3 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/xz9chjNEG5AXp304IpkHzyqlILgJvGnKqbTqPA2oJ6I/jCT6Fe4G1DYj2kzFGO3MbX_VepHf3I68p0zZtQ6uyOeTJrhUw96GyvOIsom9eVRx6ublHDWxZb2UAPtgkj_5Yugjt0EexrBmwwVrGUYThpji_kr72jH7C6XcP5AykCTVxTas_kSBkQnVuw
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash b1bba83b308e9c389c8d7c5a9d02257c
7e3ebd08324e93f46069e562f7ec7e23689f01ef
8d63d9dca036f3945b9c6aa3e3e71c6231933122fdd5775dc355d00df8257856
GET /widget-avatars/xz9chjNEG5AXp304IpkHzyqlILgJvGnKqbTqPA2oJ6I/jCT6Fe4G1DYj2kzFGO3MbX_VepHf3I68p0zZtQ6uyOeTJrhUw96GyvOIsom9eVRx6ublHDWxZb2UAPtgkj_5Yugjt0EexrBmwwVrGUYThpji_kr72jH7C6XcP5AykCTVxTas_kSBkQnVuw HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 5314
cf-ray: 77e4a0573ea50b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 727979
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Sun, 11 Sep 2022 14:28:45 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 47
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=xX.vINvZTS.rAOSVpjl0l6An_SjC5q56QxaR.kiqmJI-1671835513-0-AbNA8BK7h2Uz0L3m6bGhmGNzdUYHZlXx19+jjGy5X1vfgX3hh/pZPcDEbo8hbKxQ5/ldsOTIIOjPuxWDlj38JMI=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwGzx1LA7pc7GBinFJN5afEc7jGlyMq9VQNYsRIpAgsnpsx0FPuvC9bDoSxZM%2FyUcUxaARAUOpHee6IShZDUlD5PZa7B%2BEkxCz5lSQu1b1QXbwBuIwauCe%2FTg5sBlRtxxJwsNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/9xPa2BSRa6wt7uwpW0OB5ax58qbkKnW7at6pLaw9m6k/wlpmaoNE7lpT-eEfc0EZ-8MoNpsikD-Xi7RyXRQOtSZ0BdAmxeO4Osqy91lbqJuJ0DahwAORHMDL_K6626dQQ72YcO6zy4VpYpQB-z3pToDy9-ly1_9Iw5rPkcPPDCFFhv1QS1o4_4BlHQ
200 OK 6.3 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/9xPa2BSRa6wt7uwpW0OB5ax58qbkKnW7at6pLaw9m6k/wlpmaoNE7lpT-eEfc0EZ-8MoNpsikD-Xi7RyXRQOtSZ0BdAmxeO4Osqy91lbqJuJ0DahwAORHMDL_K6626dQQ72YcO6zy4VpYpQB-z3pToDy9-ly1_9Iw5rPkcPPDCFFhv1QS1o4_4BlHQ
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 760802f09f9c6cddfe144210d0affc35
141e687a8b2f98f41214df1dd5457d495fb85460
d86702fe1dae5b2572b6d3429b3f4b1dbacf80250f22b8c959b68ad6b3747108
GET /widget-avatars/9xPa2BSRa6wt7uwpW0OB5ax58qbkKnW7at6pLaw9m6k/wlpmaoNE7lpT-eEfc0EZ-8MoNpsikD-Xi7RyXRQOtSZ0BdAmxeO4Osqy91lbqJuJ0DahwAORHMDL_K6626dQQ72YcO6zy4VpYpQB-z3pToDy9-ly1_9Iw5rPkcPPDCFFhv1QS1o4_4BlHQ HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 6272
cf-ray: 77e4a0573ea20b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 276392
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Tue, 20 Dec 2022 17:39:12 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=pflSkiTkiLJ0aEdxkznRlI9XObJDf4kQExSl19Ruo98-1671835513-0-Ad2PSY7RUQp3b9MWl5jdwbyoRHK9ziTUwHzLi0LrNjr+YTvBzFrNh9Qd4yySsOGRAdruTt0X566qlYX85Juh8zc=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zf84uN7dRiO5TvKY%2Bz0gwR6b8mNRt7uxBkz67LV7LCC6GHPZEcOvYktjTeCo7hMqg0T1dOU1TzOdGB90D6tfBbIzll8zgHYcB4Z0ZeMGLisj9fBo8awtBo54LJHrIAQzm2IxAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
youradexchange.com/script/suurl4.php?r=6543690&cbur=0.5709829590129366&cbiframe=1&cbWidth=796&cbHeight=498&cbtitle=&cbpage=http%3A%2F%2Ffreesideplus.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com&aggr=0
200 OK 4.1 kB URL HTTP/2 youradexchange.com/script/suurl4.php?r=6543690&cbur=0.5709829590129366&cbiframe=1&cbWidth=796&cbHeight=498&cbtitle=&cbpage=http%3A%2F%2Ffreesideplus.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com&aggr=0
IP
Hash 96c68cb3add852e63c9ecf99d7bb709e
364591483859b82b1b786baa9a47e45529983ac1
478c2954b5ff7d1131935a9d9f84cac4bee6197381e45cf44b1f365baa0f805e
GET /script/suurl4.php?r=6543690&cbur=0.5709829590129366&cbiframe=1&cbWidth=796&cbHeight=498&cbtitle=&cbpage=http%3A%2F%2Ffreesideplus.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=asacdn.com&aggr=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streamhub.to/
Origin: https://streamhub.to
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 23 Dec 2022 22:45:12 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/cXX84EIfG_Ubs-iEaTo5_EQc9gaQ3vD14l01fJC5iAc/LW5jgRkdTG5E2QjsLSC9tFK3R1lLte1g9ZRZ7tf9tqJwGc1JFSjG3ss0hRdhoR5Y_jh7k6uH0Iv2hSZXWW8ti8Ds0LsDoUjwbtp3JasU-_3w9OFArM7lzj4aAtKF9iV3t7PfUTJVndmHug
200 OK 4.5 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/cXX84EIfG_Ubs-iEaTo5_EQc9gaQ3vD14l01fJC5iAc/LW5jgRkdTG5E2QjsLSC9tFK3R1lLte1g9ZRZ7tf9tqJwGc1JFSjG3ss0hRdhoR5Y_jh7k6uH0Iv2hSZXWW8ti8Ds0LsDoUjwbtp3JasU-_3w9OFArM7lzj4aAtKF9iV3t7PfUTJVndmHug
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash d0df5487b51f40b0e65c6db29895999a
8292d8f4c20dd6a347e07d21f7f755187f99aa4b
8cb81002d708b49ed5000ec4a03bade596d7d85f4e85b10f3a71fcb6d17bada1
GET /widget-avatars/cXX84EIfG_Ubs-iEaTo5_EQc9gaQ3vD14l01fJC5iAc/LW5jgRkdTG5E2QjsLSC9tFK3R1lLte1g9ZRZ7tf9tqJwGc1JFSjG3ss0hRdhoR5Y_jh7k6uH0Iv2hSZXWW8ti8Ds0LsDoUjwbtp3JasU-_3w9OFArM7lzj4aAtKF9iV3t7PfUTJVndmHug HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 4469
cf-ray: 77e4a0573eaa0b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 885662
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Tue, 13 Dec 2022 16:09:03 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=Ps3.QRrQYAPXkN4VY.YDUgtCYt0MW66MF74jbMdHrPc-1671835513-0-AYxP5xqIT5qijH/rDPzckxv4jwL+im7ZQqVjD7r+PyaEidQdtkrLa03/q1XWltE4SYSoP7i9D9YNuFq/1VU9yiU=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xEhYjc%2F4ttaf8XtSGWFTcm7AaxzXKmYQtAzUGt6mHAE6%2B1%2Fx9z3L2LgDeRWa5w3crfjE5GD3hJXAlZsQ3gcdnNMOMq5XbaYzAYbQUSK2gj6bMinmwSvwCTcC94kOyOS2qNr2sw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.predictivdisplay.com/jump/next.php?r=3018531&sub1=6549882
200 OK 7.8 kB URL HTTP/2 www.predictivdisplay.com/jump/next.php?r=3018531&sub1=6549882
IP
Hash d54c42032298e5af9b03ffde71e4eb3f
291dc1f29ecdcbbf6679c8a88d9e15deb766b4af
937d1190ae10a33dcfbda94f9ee0e6ebcc5e8519532ed3ba192e5c5d61374edb
GET /jump/next.php?r=3018531&sub1=6549882 HTTP/1.1
Host: www.predictivdisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamhub.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
load.sumo.com/72.0a035390359aab65eb82.js
200 OK 48 kB URL HTTP/2 load.sumo.com/72.0a035390359aab65eb82.js
IP
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (31962)
Hash 32b4d9933b038fc6d56182f2002403fa
4997f9c4abc69c4a4ee89cdda5f97f83de25b8a5
d22a0f725be5cb192924a31b63c62bdd838a9865397d3614df3739b714df0bad
GET /72.0a035390359aab65eb82.js HTTP/1.1
Host: load.sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 53731
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
etag: W/"a1c4ecc2ca5bc12d61068cd427f9729f"
last-modified: Wed, 05 Oct 2022 16:49:50 GMT
x-amz-id-2: o7cCwxuU9RoHM64wXB7k7DKJ3NjsqWQ4BubHTAPv092EuSUhIHqqQsH7zW1oubNkLnSP13KSLRk=
x-amz-request-id: QPVA6PX17A3WG2GN
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/26/2022 15:15:51
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 22daface9d0108b7ed4d83face3fbff8
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/xQX_Xf59kPSkcCruh71WlA4Vj63y_ZDtNgekhEcEnPg/Me5hAp6zzSs79C1yASAnkuFHGL5Ik_7BNqMDDtxOok6tH78-ex879UgMRyNU0vNB7VNKQ2hLS75BaouAmKPPRoGrZnITj0H-rh_l1eRgtsUciCRIjfO02PUJqxKDlqss-OHei6RYbJC0Tg
200 OK 4.0 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/xQX_Xf59kPSkcCruh71WlA4Vj63y_ZDtNgekhEcEnPg/Me5hAp6zzSs79C1yASAnkuFHGL5Ik_7BNqMDDtxOok6tH78-ex879UgMRyNU0vNB7VNKQ2hLS75BaouAmKPPRoGrZnITj0H-rh_l1eRgtsUciCRIjfO02PUJqxKDlqss-OHei6RYbJC0Tg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash d6c1e04f0309fa1a37f74c48fd3dc2d7
00d5c4d19b21fff8907cf2478c2a2b076b64ce82
97ef8e3cb0d0cd7323f7bcd5075603379f63d096bae4ac1a0697d1ce47631b1b
GET /widget-avatars/xQX_Xf59kPSkcCruh71WlA4Vj63y_ZDtNgekhEcEnPg/Me5hAp6zzSs79C1yASAnkuFHGL5Ik_7BNqMDDtxOok6tH78-ex879UgMRyNU0vNB7VNKQ2hLS75BaouAmKPPRoGrZnITj0H-rh_l1eRgtsUciCRIjfO02PUJqxKDlqss-OHei6RYbJC0Tg HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 3959
cf-ray: 77e4a0574eb20b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 278003
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Sun, 10 Apr 2022 14:41:04 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=E51Lgw_0COePJ6gl_90u0Pab0RcuKhnB_rZ1GNyxP70-1671835513-0-ARL4jXHvtWOwIOMOEGW3i6K3BTi9eOf1KbT87bTPhWv37OlfsNH/pH0abERrcldukAq+ovMNwXKXSUPp0dB2rGQ=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8x5jCTHzWXs%2BjLGFopSDm1ziJzOyArOpWwvsZd6m63Esbh6f%2F7HzEAYhDHMoaGg%2BUgVTZYfCxQXVDUS1UhyNEIRK3ZIdbQOnouU%2BJvn07ylmi5z4CrNtjth3xlsU%2FP1kuh9vFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/aHYZlaignH6QnWcb7aTcKlzi_pcg5zOQMQRLHk2NCT4/-vmlhCZ-YeRXJt8DW4VJy1U23Iw9CgYaGSn9QESEWRKY3LJqV2e7bCwrG4B4FLNFxp5_2BB2h4wUYJugYT7k03oWPpf4Z78ohNF-TZ37t7OwhosWGjdoQjRwR_A-YRh-1aWylVSZXV7Y7g
200 OK 4.8 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/aHYZlaignH6QnWcb7aTcKlzi_pcg5zOQMQRLHk2NCT4/-vmlhCZ-YeRXJt8DW4VJy1U23Iw9CgYaGSn9QESEWRKY3LJqV2e7bCwrG4B4FLNFxp5_2BB2h4wUYJugYT7k03oWPpf4Z78ohNF-TZ37t7OwhosWGjdoQjRwR_A-YRh-1aWylVSZXV7Y7g
IP
Hash ff03e6f560429337d07640ac16f02106
2c37fb6aa855a74f351aaa33d60ab4562c209786
c186e87646ea24bbe34bd7ceb905cfe088b6b8c0d7a7c6ba4dfddada7da11ecc
GET /widget-avatars/aHYZlaignH6QnWcb7aTcKlzi_pcg5zOQMQRLHk2NCT4/-vmlhCZ-YeRXJt8DW4VJy1U23Iw9CgYaGSn9QESEWRKY3LJqV2e7bCwrG4B4FLNFxp5_2BB2h4wUYJugYT7k03oWPpf4Z78ohNF-TZ37t7OwhosWGjdoQjRwR_A-YRh-1aWylVSZXV7Y7g HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 4764
cf-ray: 77e4a0574eb30b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 521894
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Sat, 26 Nov 2022 20:23:33 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=k2mIsJ6uPpGL6aacv2i_97gU8rTnD8oAstUxndK092Y-1671835513-0-AWQCZlc+vjD0/ZUKTdgfD6gLT48P93Xhv8bTg2+kWr03pQdW4SzmvN76kXRPYSTfLJjBhcmFxEH9vJI2YTLYS5w=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sc6Jcba7UPI4PIlDFBmmpASpAF9FU8oUZL%2Bkn45Z4r3YH8V15luYn7p8cisKp4q%2FMFDNYABKSNjYTICFT99%2FLyDXSwhv5Vp7lr4Vq7b35Mkt%2BbLRG4nuX0uHP99LmrkWpW3Mmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/C4y9uTOkGgGOv35S3QUjZiSpjw67ZqDbsYOqf4_EegQ/e14DfuP0gAMUMf2P437QNk9UWThTPt36ndV0kSOeZF_Dt6fGa-oeA6BCMijz_roEXbdBjO2LeF-rOxs-b3vMdwd-kZNJLDa9kczGJnQTUqp9X7D1guweZuydAdvU_0jSqIzyUCT5yybkWu-X
200 OK 3.5 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/C4y9uTOkGgGOv35S3QUjZiSpjw67ZqDbsYOqf4_EegQ/e14DfuP0gAMUMf2P437QNk9UWThTPt36ndV0kSOeZF_Dt6fGa-oeA6BCMijz_roEXbdBjO2LeF-rOxs-b3vMdwd-kZNJLDa9kczGJnQTUqp9X7D1guweZuydAdvU_0jSqIzyUCT5yybkWu-X
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 6630eb9e7bfe109c22de1230d5cec3e9
7ecdd413c749f04cda56912376b7f4098a0b8dba
8f8ca6bc2dd47c229b983c9a17ae9c637248c65459f23eac7ab1d90ec2ce3cea
GET /widget-avatars/C4y9uTOkGgGOv35S3QUjZiSpjw67ZqDbsYOqf4_EegQ/e14DfuP0gAMUMf2P437QNk9UWThTPt36ndV0kSOeZF_Dt6fGa-oeA6BCMijz_roEXbdBjO2LeF-rOxs-b3vMdwd-kZNJLDa9kczGJnQTUqp9X7D1guweZuydAdvU_0jSqIzyUCT5yybkWu-X HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 3478
cf-ray: 77e4a0574eaf0b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 10749
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Fri, 23 Dec 2022 19:12:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=g6ltdd11d.5Sg9UK.nN0zy2aBMFnlSYU4ZLqwYe4Es8-1671835513-0-Abq8wAWOxAgFW3OIGlOkULOftuV8SGfcRmrNH69Xkb/FiDVl4WeDZnYwpTUAd5UR+40c1JWJLX+34HnmkEVB3tc=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCymLOYnSTd1gthlb8MpoocZEUFfqh85RJb5aG%2FneAluEeVAOUL5lB8hGpK9lnh5iJo6SaUBBxMeJOrEb1YSgtj3tVvmOL4CmCKBFDywQsR6BhULo5JtzbsootUAAWUs0Nzgyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/5Am7fSYQk03-K2CT8WUqWMjumsLl9wF_Pu_VGJrZ-n0/6s53YEoX-7SKBIbJ6drdC7K6vHEIcH-et3nUH_iDeWwf2y5bkmMlOD5IpuTaCAYP7OZUL_d_BDu34IT60WbwpiWIiH1C4UYVwmw-GZYhUrviiduoBddLbevj4nHk0whlleNPywsaYj8Llw
200 OK 4.2 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/5Am7fSYQk03-K2CT8WUqWMjumsLl9wF_Pu_VGJrZ-n0/6s53YEoX-7SKBIbJ6drdC7K6vHEIcH-et3nUH_iDeWwf2y5bkmMlOD5IpuTaCAYP7OZUL_d_BDu34IT60WbwpiWIiH1C4UYVwmw-GZYhUrviiduoBddLbevj4nHk0whlleNPywsaYj8Llw
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash c260c50be2d54cea5a508ec51463ee1c
5b4c894ee059130eaeb744f434896f3c65890143
45199158f1f1acfa41209343eb7d80c89c9e73eb60ef57a50c653b944a65e577
GET /widget-avatars/5Am7fSYQk03-K2CT8WUqWMjumsLl9wF_Pu_VGJrZ-n0/6s53YEoX-7SKBIbJ6drdC7K6vHEIcH-et3nUH_iDeWwf2y5bkmMlOD5IpuTaCAYP7OZUL_d_BDu34IT60WbwpiWIiH1C4UYVwmw-GZYhUrviiduoBddLbevj4nHk0whlleNPywsaYj8Llw HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 4171
cf-ray: 77e4a0575ec20b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 701767
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Fri, 07 Oct 2022 21:51:14 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 22
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=4aN4QyvJCqy.xs5plRuSHoEY3nfC.ZCuhupcd1Nc7vM-1671835513-0-AawpJ3sW80RfyFB0kSXwXyNfsASxf3wVjGgdsLR54CydS2qL1d+KyBVE8lrxIg4OxrXCLvXZ0OI90g25W41rSRE=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=687BdY3rPhpkUvFQH42T0PHNHG4x5Iiq7eoDMBN2fkpx%2BB3%2B6Ex2iAmx5XGmwvxLVIMuolYHLHgK9uic4oM%2B7OVpEoKLs2YYgtPm3Bb3PQ13sPDDT17lXB78IqTNbZWOnG4xuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/2OmiHtpwwYo77biEfTDj5E3vfbxfxZ24QpzufloA0WQ/jyR9BGQWAtob-yo56v9ISlXtFZ6R8Kf2WMnkJkAO2SeRvS0WLnwEXP_BMZAt0yTyNUQ6mmxiP10xv1Ft2PWBDM5IN51TNq13ng4bfXOyQoKwVC7kjyGOwfjZRXmIA9acp4oJDhnjjFef0Q
200 OK 2.8 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/2OmiHtpwwYo77biEfTDj5E3vfbxfxZ24QpzufloA0WQ/jyR9BGQWAtob-yo56v9ISlXtFZ6R8Kf2WMnkJkAO2SeRvS0WLnwEXP_BMZAt0yTyNUQ6mmxiP10xv1Ft2PWBDM5IN51TNq13ng4bfXOyQoKwVC7kjyGOwfjZRXmIA9acp4oJDhnjjFef0Q
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash ff6ea1edc29acc209dec6ccb588483ca
e0719f92509807d87a941168a25fd5c1dfbbf39f
2496f10aca313473a8cb4d5f2cc9c7ff478f205e0a0ac23cf402e6e1a89d6378
GET /widget-avatars/2OmiHtpwwYo77biEfTDj5E3vfbxfxZ24QpzufloA0WQ/jyR9BGQWAtob-yo56v9ISlXtFZ6R8Kf2WMnkJkAO2SeRvS0WLnwEXP_BMZAt0yTyNUQ6mmxiP10xv1Ft2PWBDM5IN51TNq13ng4bfXOyQoKwVC7kjyGOwfjZRXmIA9acp4oJDhnjjFef0Q HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 2808
cf-ray: 77e4a0574eb40b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 30387
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Sun, 11 Dec 2022 18:59:17 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=c4BlNoA_cVLBmItTzZhWMLdE49JJE4l9Gwzp..KLjoM-1671835513-0-AYIY90k2Yek6Y1ItLJgeIyGy8slKdQrWxEg8uaC6KSu/bezLkYUGRDhVVfy7SbhK6235GhBy3oVY4w6pgrAeqYU=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHkBxgLBnvSBgeECkGWVDAOTaiJZCMJVFkkYQlGyl2tVc2B4wLvZ81EKD1xhStIbgDd1%2FvcT%2FPx0JeSR3B1TYRuqR%2B0jyD2rcb5vH4fpBnAmJYng8hjNO7M4FqjWq5zuLA7fVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/B1PqmomdxSr_Of8HaX27MpnT3X7yYr6m2LHsq5rF9sY/Rfjcsgk8agzS52MYVAIbZ1qm1tKI9SDAiVJvRj08ePqKK9l0bsmOflzr31nj_VJVZgBHujLTQ0qIYQh2WdoVrHn6o4gGxExGt5EItiGEMsSSVzqfyCavQmuCY1KQzEIgTu9f54YdZJxMNA
200 OK 4.7 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/B1PqmomdxSr_Of8HaX27MpnT3X7yYr6m2LHsq5rF9sY/Rfjcsgk8agzS52MYVAIbZ1qm1tKI9SDAiVJvRj08ePqKK9l0bsmOflzr31nj_VJVZgBHujLTQ0qIYQh2WdoVrHn6o4gGxExGt5EItiGEMsSSVzqfyCavQmuCY1KQzEIgTu9f54YdZJxMNA
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 9d0815d6818ac34b828d0fce5f691f6f
23e64db5582a2ea0739d00785e84274999e10767
9b0572558650c79d1700ebe097754275196568763d0c77130295be19237eba1c
GET /widget-avatars/B1PqmomdxSr_Of8HaX27MpnT3X7yYr6m2LHsq5rF9sY/Rfjcsgk8agzS52MYVAIbZ1qm1tKI9SDAiVJvRj08ePqKK9l0bsmOflzr31nj_VJVZgBHujLTQ0qIYQh2WdoVrHn6o4gGxExGt5EItiGEMsSSVzqfyCavQmuCY1KQzEIgTu9f54YdZJxMNA HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 4697
cf-ray: 77e4a0575ec50b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 10749
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Tue, 01 Nov 2022 16:51:52 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=MNRJnKUt8TpIpTFK0c._5yRXSCK6qCt7Pmm3JGITzQA-1671835513-0-AW7JnzzE8pZcHIRMlGtcCmr4qMuwL/Su/1frKadRCjvl2Hjc6/7owRBBN3fHNkkRfBYci6de0aMNwY6bod0YyOg=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YtkXM8jONvnuOR2SQVbCZ1xjJru%2BeaIJ5D6P0WAURTorUxu8ZyMTY3MwORDk4wtOZ%2FvITuu9GcnZicYwFjNvNr1Q6br4ZcasCDgZiwy3weAS%2F2HI57k5NBMN3bYYImW9CdsUDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/tDUbioCBSDJZQgfsaTu_-H5ezE3Qhon93GXphYmCU3w/zQeWEwkbzMkrp8oa-41fb5IQpTYUsJWjz_P6lFrFojgzbKKorwPNHVVkGTC5FLwEnuQO_3zFWL4pZ7L45MyCiH4frV-oxaapSdIJqE-CW2iVPdKLRilopZjU_grsRmLVejfnVzxy1RurVQ
200 OK 2.5 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/tDUbioCBSDJZQgfsaTu_-H5ezE3Qhon93GXphYmCU3w/zQeWEwkbzMkrp8oa-41fb5IQpTYUsJWjz_P6lFrFojgzbKKorwPNHVVkGTC5FLwEnuQO_3zFWL4pZ7L45MyCiH4frV-oxaapSdIJqE-CW2iVPdKLRilopZjU_grsRmLVejfnVzxy1RurVQ
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash d42292d566570bc39a06878c4ac0b0ad
5d27e952a841b3e461e1ecb029ba4b20b6a865ef
512548ba80d5e5898d7f3acd0f802878b298438bf9d86b417676a5a252b3a0bd
GET /widget-avatars/tDUbioCBSDJZQgfsaTu_-H5ezE3Qhon93GXphYmCU3w/zQeWEwkbzMkrp8oa-41fb5IQpTYUsJWjz_P6lFrFojgzbKKorwPNHVVkGTC5FLwEnuQO_3zFWL4pZ7L45MyCiH4frV-oxaapSdIJqE-CW2iVPdKLRilopZjU_grsRmLVejfnVzxy1RurVQ HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 2535
cf-ray: 77e4a0574eb50b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 619668
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Wed, 05 Oct 2022 16:25:10 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=MBxTgHJHk9FDN_FoM9ZGOGh8cri8E_pSDz3nNXMjBe0-1671835513-0-AYAdF3RskkGSKI8vw9p/+KorGZGdf+EgZPNKS5FBp4PSqZduAzHC9aHJVBds+Iyc/piXpDFS4S3d8iOjipkARv0=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FSlUmog12Tt0V7fimkEXP7ERUliFZ9TsDy0guvZecuhJ7%2BeFMN26ROxvHeTWBbiUuCQMRZIQz7a%2B0t1u1AfxXK34n%2BHP9nzsmgEG%2FhWkzJUCnK%2Bry9HMcQVzMMZ1hl6mesN4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/DtO6OUAAdET1OjzoDp4xz8MMBsoDUJbPCuAtLS6lLQ8/OxyfLUWcqCH27X2RAioMtNy1iwmD9Z1ReHYgksM_ZOxO3vAVbjBDQWN40JjBSZG7BVF3_oxp9SSX3PUXGLFzcR6CA9xUq9eq70fBRtlMOR4spBZr5eFcFoqQEq-HWFbuWrk8BBGI9mMvqA
200 OK 3.4 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/DtO6OUAAdET1OjzoDp4xz8MMBsoDUJbPCuAtLS6lLQ8/OxyfLUWcqCH27X2RAioMtNy1iwmD9Z1ReHYgksM_ZOxO3vAVbjBDQWN40JjBSZG7BVF3_oxp9SSX3PUXGLFzcR6CA9xUq9eq70fBRtlMOR4spBZr5eFcFoqQEq-HWFbuWrk8BBGI9mMvqA
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 672361666d3d10bd52c9da91c38f5f40
e92b2f711040bf49fb3a5833d48e137d5942913a
c21e83903dba0bfd374a8f34c7242f85f2bf7a3abb843eda9a933b678d53c95a
GET /widget-avatars/DtO6OUAAdET1OjzoDp4xz8MMBsoDUJbPCuAtLS6lLQ8/OxyfLUWcqCH27X2RAioMtNy1iwmD9Z1ReHYgksM_ZOxO3vAVbjBDQWN40JjBSZG7BVF3_oxp9SSX3PUXGLFzcR6CA9xUq9eq70fBRtlMOR4spBZr5eFcFoqQEq-HWFbuWrk8BBGI9mMvqA HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 3358
cf-ray: 77e4a0576ece0b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 634382
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Thu, 08 Dec 2022 17:10:36 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=NndpLQeMgXBZsrIwaWpeV3vvMVkOAV.gLqaAe6WxnKk-1671835513-0-AXeTnLhQyaYRnb+dhF7aaAUCgycfvICpuNZdK0r6e0WsXvm8Z3Nq6CBRPJ/hrYROnYFa/Njd+JcV+oMTcwfLu2o=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2F04UFrzuxTQ9M%2FchJu2ksFiT%2BXLuEDtG7N1QRWSK7mhHNigSdtStcergzHxhVf5SBxODHoi3FODn0lLGsdjd86AHL8iOT%2FsJ6APlgWCObvAJjQnLlCLohiAAIL5EZxQijeA1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/t91J03C9pN4visW7CT3w5YtFErpy_YkRcQSiP6swls4/iCyad2WpJTSmAlJ5BO_UUf0BBRiLyKzEYnBeGLFQzgfSMSKZ7Zx9gvdnjpZ93wcvfVklLIQsZwdfB80TuA5XHclsNqQ1DeH1rzxLp4ZdecnRgxTNddzg9o_j7R3Farzp75DCcY9Owe51hg
200 OK 1.5 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/t91J03C9pN4visW7CT3w5YtFErpy_YkRcQSiP6swls4/iCyad2WpJTSmAlJ5BO_UUf0BBRiLyKzEYnBeGLFQzgfSMSKZ7Zx9gvdnjpZ93wcvfVklLIQsZwdfB80TuA5XHclsNqQ1DeH1rzxLp4ZdecnRgxTNddzg9o_j7R3Farzp75DCcY9Owe51hg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash b54db8586894cabd4f53c007f1b31427
91d47a22c2bd36adfced05e33af295e01b2d49f4
d317a96adcee5d30f32166095c966f0eeb72c88d6c2dd43501a3c9de4b894062
GET /widget-avatars/t91J03C9pN4visW7CT3w5YtFErpy_YkRcQSiP6swls4/iCyad2WpJTSmAlJ5BO_UUf0BBRiLyKzEYnBeGLFQzgfSMSKZ7Zx9gvdnjpZ93wcvfVklLIQsZwdfB80TuA5XHclsNqQ1DeH1rzxLp4ZdecnRgxTNddzg9o_j7R3Farzp75DCcY9Owe51hg HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 1538
cf-ray: 77e4a0576ed20b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 4429
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Fri, 23 Dec 2022 21:00:15 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=VbIv_cPNCCgKJSZZbn.R65DgGwekwZ6kgce8lo5h4I4-1671835513-0-ARdJp3Hyg64iWt/I3hCyRZgcDtwcu6i7p4KptZL+TnWxecd+AaRD91YKXZX4Jmo+U3N9k6SIsPwVKsglVp6PLdo=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03oWwTuiH3sp%2F2baMigrh8%2FuHiGMSKHrBlj7t7uqXc7avBjnmkiEF5v39ffAFTAS0sO%2FBdeSYmC2iJ%2BCcMt4haB8%2BUDyq%2FBCyuHLChpE%2B8KQrJUJ7wIqdQmRJ1PfcmJCvUsqIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/L_gBsrZ-g6aaCpexVWu7WB095qf5EbY2mokuYqES7V8/jgHc5Z0JnHumuSu-i0avG6hmB08R6dj3rdD5YU4qC2MMynxkmkpH6c9QxSWy_OE3jA-St3qSwp2Dn5i2J_agEaIDEUppLsg9VXsg_6oQjITOxqwwv0HsS1IWFFeA6qzvIHfL2Gwe6EBGzw
200 OK 3.2 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/L_gBsrZ-g6aaCpexVWu7WB095qf5EbY2mokuYqES7V8/jgHc5Z0JnHumuSu-i0avG6hmB08R6dj3rdD5YU4qC2MMynxkmkpH6c9QxSWy_OE3jA-St3qSwp2Dn5i2J_agEaIDEUppLsg9VXsg_6oQjITOxqwwv0HsS1IWFFeA6qzvIHfL2Gwe6EBGzw
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 965d88534de8b69ac0ffdeff1cf05229
fbd75a479fb3336147e1858b5c9710be3cb9ab38
de4b7fd6703eb364794da5a4d80412e75fa4b1dda557c46d797cb5905cdcf639
GET /widget-avatars/L_gBsrZ-g6aaCpexVWu7WB095qf5EbY2mokuYqES7V8/jgHc5Z0JnHumuSu-i0avG6hmB08R6dj3rdD5YU4qC2MMynxkmkpH6c9QxSWy_OE3jA-St3qSwp2Dn5i2J_agEaIDEUppLsg9VXsg_6oQjITOxqwwv0HsS1IWFFeA6qzvIHfL2Gwe6EBGzw HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 3232
cf-ray: 77e4a0576ed30b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 709307
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Fri, 30 Sep 2022 11:46:48 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=IU6uT0nbkCUKbLaWhQDSlM32khnRKDU3Ww.qQj4bEZc-1671835513-0-AYerDLeDunTUFnNGEjFgD1qq+RXzwt6XvGyOVrHVlWbQygUzi+L1qThKy+fXhg5+MksYUphZf74RITxx/iZy6Fo=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLDyxRgmIL3geuWo4eAZivJFeeayoBCmdStTikGwMTXrb4oiQmLORjP%2F2BUBVI8Wf%2FYpmX5ikLgcwIF5HK478iWYnim6lRMEA5LzgPKv0eQYaoHhT0cVvYZ7KhDx2w2pPB7KfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/iIJXv200U4BOuQbGITa0gCLPk8rQU8oUphT8VPTaLjI/Ke5mFd5tUgtzCBL3o2TudAOYL5ZJ0Tz0gpGbq0Pi2JV6WUvOzfvPXnS_5A2bTfjtIeYzaYx2r2KdywgxJfq0lJIePXDJZ2ogMi76g398nkl28TpX1BDsP4wNdoXugRCjYKxUpxFcwPhLrw
200 OK 4.7 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/iIJXv200U4BOuQbGITa0gCLPk8rQU8oUphT8VPTaLjI/Ke5mFd5tUgtzCBL3o2TudAOYL5ZJ0Tz0gpGbq0Pi2JV6WUvOzfvPXnS_5A2bTfjtIeYzaYx2r2KdywgxJfq0lJIePXDJZ2ogMi76g398nkl28TpX1BDsP4wNdoXugRCjYKxUpxFcwPhLrw
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 57b9c04d17f2a7d18041727b21690d17
cbd2d349eee756341d75051e984c6764da74c1a9
3b68f67f395f0155626a9bfa0b58b86a9edfe7d16713f0d48a1271aa54afc860
GET /widget-avatars/iIJXv200U4BOuQbGITa0gCLPk8rQU8oUphT8VPTaLjI/Ke5mFd5tUgtzCBL3o2TudAOYL5ZJ0Tz0gpGbq0Pi2JV6WUvOzfvPXnS_5A2bTfjtIeYzaYx2r2KdywgxJfq0lJIePXDJZ2ogMi76g398nkl28TpX1BDsP4wNdoXugRCjYKxUpxFcwPhLrw HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 4660
cf-ray: 77e4a0577eda0b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 533411
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Sat, 17 Dec 2022 13:12:57 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=WHryWeaVjfNcrqD6C3Gl8TUkFF.XDKtiPr0b3VYGqj0-1671835513-0-AQewdRtXneu9VT+lFyUZrNa1wjbOPRNqjj6JsXiCTrsHs9/QyZgEUaFLTOJWJGf1vEmViittJs7FMSHjSkoXkWw=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1rpuN7Nk1kAv7vmbNRFlVMiT%2FW0IS5zXYwxYiDLx3xsQLkIT50k0262quHkIxk5ElrqhNaPTHYdPvpG9BZCi8m4xo1mKqLcvgGZ73fj1aDm8MAN%2F3CW2qK8gc8lNKWi8x0I6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freesideplus.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
200 OK 110 kB URL HTTP/2 freesideplus.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
IP
File type ASCII text, with very long lines (15223)
Size 110 kB (109602 bytes)
Hash d97b789d22c4052692096c413e8dd4dc
2703c7d4b8aa06afd7e2144212338e2954428c5d
b1f8dd72f81df031eba9a27862fdf24e37d6f55a0a1842f0e35e0637e8dc95af
GET /wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 19:55:03 GMT
etag: W/"62630817-3b78"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3owt%2BabY%2B%2FD8PKbm4sdsgNhSnOuLBjvNaVVMbmoqEBIlokRkMu0CypUHi%2BrTN5ZbnhrlrqVKFMyPWI2mNjkr3E2YYoyUSV2S2W3Livc9iVSi3xqNPdkpMs7j1YaZPG8RWME"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047ffc9b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/1d-RvS_ISWk2fgM1nxJ9i7wTnORFgt5pdqMjuNHg9iE/9o3Xg_YXmwZm54P1xUMdnbyRnilsdf9VktTh-5zcrbXZjc7zLRpk7-SXXDK0t5DPYtxrw5G8bsCK08MFMXxIOQNv_eTUM83Mt8a6E79WgVD5O7ydWaI71J2JQNzdZWjugsfCUichM22IJg
200 OK 4.5 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/1d-RvS_ISWk2fgM1nxJ9i7wTnORFgt5pdqMjuNHg9iE/9o3Xg_YXmwZm54P1xUMdnbyRnilsdf9VktTh-5zcrbXZjc7zLRpk7-SXXDK0t5DPYtxrw5G8bsCK08MFMXxIOQNv_eTUM83Mt8a6E79WgVD5O7ydWaI71J2JQNzdZWjugsfCUichM22IJg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 286a389f2bd6c24f3e80ad0dc2193d9b
665bb35f3a3f2e75390863b6317fcc8b8115ba8c
55256c512fc9336d08ee434e558f8b0ccb1aa9cab91b93141fa15b29c278e649
GET /widget-avatars/1d-RvS_ISWk2fgM1nxJ9i7wTnORFgt5pdqMjuNHg9iE/9o3Xg_YXmwZm54P1xUMdnbyRnilsdf9VktTh-5zcrbXZjc7zLRpk7-SXXDK0t5DPYtxrw5G8bsCK08MFMXxIOQNv_eTUM83Mt8a6E79WgVD5O7ydWaI71J2JQNzdZWjugsfCUichM22IJg HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 4538
cf-ray: 77e4a0578ef90b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1992641
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Sat, 21 Nov 2020 13:53:37 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=pExSQHy.ifBToKMV_5HrbWyIFySX99z5WxYkfM6.xfE-1671835513-0-AbvrRQZ9L7Sr+KKXthsh1JgU8mkUUTIpplHNPsdXi8SrZQJM2QUQQAFlZ56RnzP4uEZGGa5Ca1FMtEGKaHOJDqw=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BL7oNhd93ysxilo3Jb8w1mVrbUJXHn2%2BA42kw%2B1WlGEkcK1ykZLl0tzvkKYX8KVyS1mccP2ag3NyqVo3DpYRkz5OsNeJNGa05NUDvzSp5QHFQ9jCfyaaOP3XlZ8i5QiyGN25tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/cu8YZnQx_d3D5z53cgskwYILlHnbyJdU2VUYDv6NAcQ/T90oP7mPmoacS7nJRUguWoT1ZtVjVOxSSv6ct8Lk-KUSshAr0IX_lvoQkwAcaEuG3b8FeGd69HHViNhqiaDi3FiNDBrb7UzDlWNw5tHvhdSVB8E20P7LeNPZGydR0FbtZZIAV4Uc5IcEtg
200 OK 2.4 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/cu8YZnQx_d3D5z53cgskwYILlHnbyJdU2VUYDv6NAcQ/T90oP7mPmoacS7nJRUguWoT1ZtVjVOxSSv6ct8Lk-KUSshAr0IX_lvoQkwAcaEuG3b8FeGd69HHViNhqiaDi3FiNDBrb7UzDlWNw5tHvhdSVB8E20P7LeNPZGydR0FbtZZIAV4Uc5IcEtg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 5cd73216dbf0c0c0a118227db90bca7c
e88f215c406f2c3f2cf972ad703cf84979fabb67
0f20380f045b81d075724621736850d6e36c7e119d38eb136caeda9bd0eae7df
GET /widget-avatars/cu8YZnQx_d3D5z53cgskwYILlHnbyJdU2VUYDv6NAcQ/T90oP7mPmoacS7nJRUguWoT1ZtVjVOxSSv6ct8Lk-KUSshAr0IX_lvoQkwAcaEuG3b8FeGd69HHViNhqiaDi3FiNDBrb7UzDlWNw5tHvhdSVB8E20P7LeNPZGydR0FbtZZIAV4Uc5IcEtg HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 2402
cf-ray: 77e4a0578efa0b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 10749
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Sat, 30 Apr 2022 14:58:03 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=sBSGa2zuQfY5zbNpBsb.YanTUrPYsFanH1nGe0eO.r8-1671835513-0-AbMI1PEjRgramlMkeWyHlMSepa9sFk9W9UESGfh/OOy3g00oAiATli48ms/SwckZtLVbwLEtA0X3hd4d8t3ybsM=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30kwI06%2BhlzWx%2BJiP0X6sJy5dXTdj8KzUIEP6H0PpS4UQx7Qq5ez5%2FjUIKmDKEeB%2FvC1lVXBrgvBqDgSdKrGDf5QB7BIjRiNYBGSimgcz%2BhRHiEOi3T1M3eCX%2BsuP99x1L2Mhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/9_wKBEiUfk6gwbXRAcP78hzMPY3EzsdfyeQVajyv_eM/bJvqCmZH5dD-iMp08P60iebjo-u9sG9wLT2dUqmNmlfkci1p9FTTI8n7uOGqfyipfnZgOThk0BnbKE_Ifi1ZDaUGSpyiNbp2MOdro5An8BE7r_5ugY1HPcnLbHLeaiNaPsBi0Ag2sgEScg
200 OK 3.7 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/9_wKBEiUfk6gwbXRAcP78hzMPY3EzsdfyeQVajyv_eM/bJvqCmZH5dD-iMp08P60iebjo-u9sG9wLT2dUqmNmlfkci1p9FTTI8n7uOGqfyipfnZgOThk0BnbKE_Ifi1ZDaUGSpyiNbp2MOdro5An8BE7r_5ugY1HPcnLbHLeaiNaPsBi0Ag2sgEScg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 313361bb075233112c47ffa8339d5503
dbb0e7ec79df6a615a89dc7f6e343044389db8f7
e9fc82f3430fd5efd65a2305b0b15f620673c820d397caa7a1749afa8af376ac
GET /widget-avatars/9_wKBEiUfk6gwbXRAcP78hzMPY3EzsdfyeQVajyv_eM/bJvqCmZH5dD-iMp08P60iebjo-u9sG9wLT2dUqmNmlfkci1p9FTTI8n7uOGqfyipfnZgOThk0BnbKE_Ifi1ZDaUGSpyiNbp2MOdro5An8BE7r_5ugY1HPcnLbHLeaiNaPsBi0Ag2sgEScg HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 3742
cf-ray: 77e4a0579f010b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 956568
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Sun, 06 Feb 2022 20:14:43 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=J9WNKHoRg8P8PBWiS3tf5kuMjPeNNftQhgYINnwPSQ0-1671835513-0-AXvSbgpx98puaMcqR1Gg6I2bRXc0IcP6odfx7qlS4rMvpHWS6WQiwo0APN0/9YP5SyoFK5BIx5If8tUNcYmzKv8=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PGhluRNMwbtmZ5swgstZDw2VUbGpud%2FeRWv4msLzCGISZlbIuik%2BBf9ocIMIqMqDEid3zdYgb92VtaS69GnwCAJv3nNpZXmc9DQ9IhfNZJAxXp%2FhWzbH4AdaIVFqjSnXm5W2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/MC_LH-0pEGpsHMcsuec6dA9aAvxAEOJPlt0Lw53_Njg/JltB7uc33nmmNa0fjCVa8qTffzN44RJqUC7rcpRFHfKo5tla3P_9lW3Pg6eA0pY9zBP3Pi8iBGmeo1O-byP1PJ1d5LaCkwZfLUIltyooAIYloV5unzTUoUDXE1D2I1hF8_VlGSH2YDTzrA
200 OK 2.6 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/MC_LH-0pEGpsHMcsuec6dA9aAvxAEOJPlt0Lw53_Njg/JltB7uc33nmmNa0fjCVa8qTffzN44RJqUC7rcpRFHfKo5tla3P_9lW3Pg6eA0pY9zBP3Pi8iBGmeo1O-byP1PJ1d5LaCkwZfLUIltyooAIYloV5unzTUoUDXE1D2I1hF8_VlGSH2YDTzrA
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 4188871e86c8f50c5d38c1b8c9e8385f
cf83d729d35b46de01d82554ed105d7583d2f5b2
9bb3592720608c0012df8adbdf7bef45016b3648112ebe3f0a2776c852d02b77
GET /widget-avatars/MC_LH-0pEGpsHMcsuec6dA9aAvxAEOJPlt0Lw53_Njg/JltB7uc33nmmNa0fjCVa8qTffzN44RJqUC7rcpRFHfKo5tla3P_9lW3Pg6eA0pY9zBP3Pi8iBGmeo1O-byP1PJ1d5LaCkwZfLUIltyooAIYloV5unzTUoUDXE1D2I1hF8_VlGSH2YDTzrA HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 2583
cf-ray: 77e4a0579f000b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 713583
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Tue, 09 Aug 2022 16:20:25 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=j_JUsirfMWkl8CTU1XMtX2QAiOXLqx81dOFqQBWd_Rg-1671835513-0-ARFrjr7ZwHfXPE18TUz4k8M/vaAoeT7fsP2aYs7kt8brwpfCidQdcoou2DmMHGUQX2x9HHIfPXt42ESMYxfF2xI=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Zt2x3faxQAt7%2FuR3laNBx1nrWCozkYXNdcn0O67aQZqdPhaK1%2FDqF9gflU7RpKmEWSi4K1yfc1XJZhJ%2BGqihQWfKW04egCf2jhfzLHj26W%2BZ%2BMXMkVNoqqf%2BM%2BljaWFzAIYVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/_rQP4X1X5VNXdYVd6CQQDb6lmlyTyvCSWuJ7TQIlv0U/e4Q6CeU1mZ-kzLxLX2ml0Lf0lFlEyC7VCRD1EadRhZdl57RRpCSoKI0gFDh2xjX8JCl7ADsWuJTyT22fAcUE7AYDloaR8jbrMzTMJtQP9Imh2mL-9HXDVs4TIARlqgi-oxpT869OGruvYw
200 OK 2.0 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/_rQP4X1X5VNXdYVd6CQQDb6lmlyTyvCSWuJ7TQIlv0U/e4Q6CeU1mZ-kzLxLX2ml0Lf0lFlEyC7VCRD1EadRhZdl57RRpCSoKI0gFDh2xjX8JCl7ADsWuJTyT22fAcUE7AYDloaR8jbrMzTMJtQP9Imh2mL-9HXDVs4TIARlqgi-oxpT869OGruvYw
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 9743eec2ff273ad421ea46b5e8cdfde9
b50fe48f9626c13a929cc33e3391a6b0b521e32c
1cd0fbae516f53df76e4dfbd2168dee547915f5802b177e989a8912078fdf7e0
GET /widget-avatars/_rQP4X1X5VNXdYVd6CQQDb6lmlyTyvCSWuJ7TQIlv0U/e4Q6CeU1mZ-kzLxLX2ml0Lf0lFlEyC7VCRD1EadRhZdl57RRpCSoKI0gFDh2xjX8JCl7ADsWuJTyT22fAcUE7AYDloaR8jbrMzTMJtQP9Imh2mL-9HXDVs4TIARlqgi-oxpT869OGruvYw HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 1953
cf-ray: 77e4a0579eff0b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 335612
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Tue, 24 Nov 2020 17:33:18 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 11
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=ivFBxTOtnwzEgS1i_eweUZBlzzD6cLEWSZrsxsyFeeI-1671835513-0-ATBioytvw9grb3YXoGmfqOcaH/xKlLceN29o2CkwwrkzpF4Wa01CBCjpd7m+Bj6Nvzv2vyyk4eTb+EFY0QOhbmk=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2uojzeGR875YkXm57fXS2fuuQ5bjxvkBGcGBgz%2B3ELaBRXExYCtE9Yw2C3%2F1rGG6B8GS6p2OaVxZnNZykpq4jRCd6wcxV0ovWFOQ7Wbb7bESeb4%2F2RzXBdH7FZk3Byja3n51w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/gLRPAFr8uGGQkyu5CmwOvnzq-Yu7HI4nZkSKmUDMbgU/8X9UGzZwJuY7O_XD1eUgYOUMBEx6VIbhCD06qHCer26vjQM2tuU10b0bTVriENEkHlGpOFEASfMQ2hk7yrI
200 OK 1.3 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/gLRPAFr8uGGQkyu5CmwOvnzq-Yu7HI4nZkSKmUDMbgU/8X9UGzZwJuY7O_XD1eUgYOUMBEx6VIbhCD06qHCer26vjQM2tuU10b0bTVriENEkHlGpOFEASfMQ2hk7yrI
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 1f0bfc0865d324c2587920a7d80c609b
e9524e647d689ce255f2175593a89684e784762c
2b4a9c8f3fc1e08227a34e42518a289c6b1229bec46b32bd44e32a1038447d3b
GET /widget-avatars/gLRPAFr8uGGQkyu5CmwOvnzq-Yu7HI4nZkSKmUDMbgU/8X9UGzZwJuY7O_XD1eUgYOUMBEx6VIbhCD06qHCer26vjQM2tuU10b0bTVriENEkHlGpOFEASfMQ2hk7yrI HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/png
content-length: 1268
cf-ray: 77e4a0579f020b06-OSL
accept-ranges: bytes
age: 1165
cache-control: public, max-age=14400
etag: "1f0bfc0865d324c2587920a7d80c609b"
expires: Sat, 24 Dec 2022 02:45:13 GMT
last-modified: Fri, 14 May 2021 01:14:12 GMT
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1620954852447678
x-goog-hash: crc32c=ILT29Q==, md5=Hwv8CGXTJMJYeSCn2Axgmw==
x-goog-metageneration: 2
x-goog-storage-class: NEARLINE
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1268
x-guploader-uploadid: ADPycdsqnersV0o9dX-zYdUBby3PZR91Eq8uxco2pZZBuhdm8jAoYJWdw9gXLOI06UiNDSrBjEBU1AtzBN9NECZwZuQg-g
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
set-cookie: __cf_bm=JdWd5R6RctRbDQ1EkxFMovgmnjzgbEdw.zaVpp4kbAE-1671835513-0-AYoQGQQ0mZ38ENxeT6FueDh7EJS8vJ75fzV3ZdfgICUKC0j7xFqHrwUr1PIkCf5j6QZPoHsUzcDJo37n29DkLt0=; path=/; expires=Fri, 23-Dec-22 23:15:13 GMT; domain=.discordapp.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IMNZOPnF8XJucU57tX1x48XGtNkJ%2BdfFniz%2Bxqt2GTRhzFuHXEo005%2Bo1cK%2FAjirwVXjo9ehZdep0rJF5SfNZcow5t9JEZC%2Fma95%2BGyeS7TPuGMcEhl7QvAXbQEmj5OpAw2e7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/f2fDtxhoXXfglu34UGTaXHHcgD-_rBTwMxla5W9gcGs/4EGrOyiInSo6IMyjWv2gC7BrDP41I-uJze7sV5qg2XgM_KblVd-QgtUY8lkTcx23pym3BwS_r2hTwsv2GpgyjkXb7xO39PjgNkfHlrDxDC5n8aY2gzypUnKCKs7Eu3DrLHJbFiWZcc9BNw
200 OK 5.2 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/f2fDtxhoXXfglu34UGTaXHHcgD-_rBTwMxla5W9gcGs/4EGrOyiInSo6IMyjWv2gC7BrDP41I-uJze7sV5qg2XgM_KblVd-QgtUY8lkTcx23pym3BwS_r2hTwsv2GpgyjkXb7xO39PjgNkfHlrDxDC5n8aY2gzypUnKCKs7Eu3DrLHJbFiWZcc9BNw
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 39c1227114212e0351a25cb2131bb723
125bac9bc2373d218b1cb6657b3c6e8deca3b7d7
3a5027ea9176320a6d214e26b58289f53a3e8dcd7ec2add4c04de0bc3d79e27f
GET /widget-avatars/f2fDtxhoXXfglu34UGTaXHHcgD-_rBTwMxla5W9gcGs/4EGrOyiInSo6IMyjWv2gC7BrDP41I-uJze7sV5qg2XgM_KblVd-QgtUY8lkTcx23pym3BwS_r2hTwsv2GpgyjkXb7xO39PjgNkfHlrDxDC5n8aY2gzypUnKCKs7Eu3DrLHJbFiWZcc9BNw HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Cookie: __cf_bm=wCteFuM.dhbbFJYZ7ErcQOvdpJ1G94Y9i7n2YOR_qTg-1671835513-0-AYobijUQcLND86BVkVEhi20wVI4jTUxE6gHrLff5d84DifoG0XClqtUDZb62ZXDgZmRQn7uBtQGS6KYor86ID/A=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 5197
cf-ray: 77e4a057af080b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 10749
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Fri, 09 Dec 2022 22:01:46 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O8ILwi%2FLkK6PCS%2F5yDW86tj7qeciSbn5mYoyOT7Fg5j2JIdcc39OE3njR6F606z%2BIAL3ffrBX1p1zt9hIJmcSUZ08%2BFXod8ZX0UOpMFfvk58RxBLjaPARRaITrs2vlvHhDnBrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/XefU9Xs3iLYLRU9KWVYU1Pgb3K9aTiyh6mXYxnEQJOw/7xCK0uQkA2vIwte7LgcU2pE5MthckHIlRMmp8HQJCBmLHP4bA9iDpLVyOmzA4Lsy5KPc7YinwtNro5Xv5nz29VDNOmHqJyJyqREu39UVPE9SXBAEwLsD6-wTiJqQr3D4tRoGqYP8ZrhseA
200 OK 3.3 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/XefU9Xs3iLYLRU9KWVYU1Pgb3K9aTiyh6mXYxnEQJOw/7xCK0uQkA2vIwte7LgcU2pE5MthckHIlRMmp8HQJCBmLHP4bA9iDpLVyOmzA4Lsy5KPc7YinwtNro5Xv5nz29VDNOmHqJyJyqREu39UVPE9SXBAEwLsD6-wTiJqQr3D4tRoGqYP8ZrhseA
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 0f88e2324ff75818b831b29b44cb3749
b19330099b67d1a5dd29c1a6e685f752f42bb843
1563d307a9a51d2d79566890dfb07c64240c7e604a647412ca75f99810f09da9
GET /widget-avatars/XefU9Xs3iLYLRU9KWVYU1Pgb3K9aTiyh6mXYxnEQJOw/7xCK0uQkA2vIwte7LgcU2pE5MthckHIlRMmp8HQJCBmLHP4bA9iDpLVyOmzA4Lsy5KPc7YinwtNro5Xv5nz29VDNOmHqJyJyqREu39UVPE9SXBAEwLsD6-wTiJqQr3D4tRoGqYP8ZrhseA HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Cookie: __cf_bm=pflSkiTkiLJ0aEdxkznRlI9XObJDf4kQExSl19Ruo98-1671835513-0-Ad2PSY7RUQp3b9MWl5jdwbyoRHK9ziTUwHzLi0LrNjr+YTvBzFrNh9Qd4yySsOGRAdruTt0X566qlYX85Juh8zc=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 3281
cf-ray: 77e4a057af0a0b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 83100
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Sat, 12 Jun 2021 15:01:39 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEc0SknohvH9ZgpbAihtD2ehZpyCXisvPYJ%2FyqdxOk5y%2F6GNiLhd%2BKfwoeuE%2BxHQa18sOLu7PmWARDFd7DprfZzkmogbdpDeSoi4ZudQgj%2Fx%2BTmVJREZwahJQpIgaEsTUxHNvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/J6hA0PUtPirEPR9Un06phbXyThLzQZa8yqwTS-2SawI/ttuLiNwq5XQ0OlTzk1j4ZaL3_CO6HaGkZG4A-6SH0MwFfKbUUgBTjGO5azrS2Ia_j9T9hMjz8XXe6fzycBk
200 OK 1.3 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/J6hA0PUtPirEPR9Un06phbXyThLzQZa8yqwTS-2SawI/ttuLiNwq5XQ0OlTzk1j4ZaL3_CO6HaGkZG4A-6SH0MwFfKbUUgBTjGO5azrS2Ia_j9T9hMjz8XXe6fzycBk
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 7c8f476123d28d103efe381543274c25
00aedaa4f0a2e7ba85b3863f4fa0ca3b0d067ff3
9a013cd568e05ca7eabd6169ca0fbbfaec75ce60e434a9e0e6e5060e54061ec1
GET /widget-avatars/J6hA0PUtPirEPR9Un06phbXyThLzQZa8yqwTS-2SawI/ttuLiNwq5XQ0OlTzk1j4ZaL3_CO6HaGkZG4A-6SH0MwFfKbUUgBTjGO5azrS2Ia_j9T9hMjz8XXe6fzycBk HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Cookie: __cf_bm=np0QAHnAi4KbRwDTCntuPhSaYkgN04SBge6q14KPAQk-1671835513-0-AaNnfrlygwGnUuwDa+2KV9Gr1tkPzIlfar1fdqUbuPIcJRiKsfCM9wkPZhhPQPOd4oxMKH7qOa7xcidn1um28FI=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/png
content-length: 1325
cf-ray: 77e4a057bf190b06-OSL
accept-ranges: bytes
age: 1628
cache-control: public, max-age=14400
etag: "7c8f476123d28d103efe381543274c25"
expires: Sat, 24 Dec 2022 02:45:13 GMT
last-modified: Fri, 14 May 2021 01:14:15 GMT
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1620954855711859
x-goog-hash: crc32c=1a1NXQ==, md5=fI9HYSPSjRA+/jgVQydMJQ==
x-goog-metageneration: 2
x-goog-storage-class: NEARLINE
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1325
x-guploader-uploadid: ADPycdukTwdJirR99crjxHDvikqdFc14OOPs6unLnbNYuXRqrthXbE0J-994G6LLS7OVzz8QfjAsy2tlNGP1CZ05FNyllw
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK3KiKwbJhUkiqxdiBhe9AL6CEkAb%2Bb0Yetxi%2BfS64H0iELWsz6SYhkynbZ8WCPQTg0Vb0jN9oZwMlVKKpLloEcBFgtlJBFN3J5vNkyEsuzgGPBYBROFe9gJi6XjukL1h%2BJBVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/srGiUKrLPDaemsTMMWEQmqpMBAVS1G1s4cuWbG0mpd4/fQV3_yDweErqnSaQaS1gsiCUtLNWmnCi3sWISM_XeAgjISIzr1T7jFf6kUbNLiMcBMHovxoDuDrbXjWgO1pM4O-689q9iioT90Gr7o1t_VTqUKD1uVLOyGtQIiQsBbXAW8Qlqw_zIRyvjQ
200 OK 5.1 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/srGiUKrLPDaemsTMMWEQmqpMBAVS1G1s4cuWbG0mpd4/fQV3_yDweErqnSaQaS1gsiCUtLNWmnCi3sWISM_XeAgjISIzr1T7jFf6kUbNLiMcBMHovxoDuDrbXjWgO1pM4O-689q9iioT90Gr7o1t_VTqUKD1uVLOyGtQIiQsBbXAW8Qlqw_zIRyvjQ
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 23b11faa5f48eb767784f28d59d42dc0
6f829e347911f2c587a961354e817e369f9822f0
49fcb61cf406efe3f6f882222e59475329083675b53fcbf19ba4734dab590e20
GET /widget-avatars/srGiUKrLPDaemsTMMWEQmqpMBAVS1G1s4cuWbG0mpd4/fQV3_yDweErqnSaQaS1gsiCUtLNWmnCi3sWISM_XeAgjISIzr1T7jFf6kUbNLiMcBMHovxoDuDrbXjWgO1pM4O-689q9iioT90Gr7o1t_VTqUKD1uVLOyGtQIiQsBbXAW8Qlqw_zIRyvjQ HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Cookie: __cf_bm=Ps3.QRrQYAPXkN4VY.YDUgtCYt0MW66MF74jbMdHrPc-1671835513-0-AYxP5xqIT5qijH/rDPzckxv4jwL+im7ZQqVjD7r+PyaEidQdtkrLa03/q1XWltE4SYSoP7i9D9YNuFq/1VU9yiU=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 5109
cf-ray: 77e4a057bf130b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 22917
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Mon, 09 May 2022 21:48:14 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YmLenAIg5RF9sLyck110iW%2BF%2Bi5nDYswJi11RpkKhRaEiyHyNp7V%2B0KfyVTGtNGR9De5l%2Fi5mMDeZbltYTNEGNqzPU7%2B2NBd5qJO0GfPqMTHfgL8wcviqXHme61N%2BGzNFCI1XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/MsxS7LXO8n2lC_h8B4U404jDDp0urI6Nw0gGqE6etAs/B5iMvvRQjoo0lip28vXz3EE-n82JpviplkntCnuiE2XfZBJ2F1_uDurC9UoB7rlT3ud3Jm2BQ7Yn7EAwz16w1kD_i6YQjhqV62WRShB3OQ-mvOapuNYE7P4ojD5h6Nqq35EPUFPzdBF2WQ
200 OK 2.6 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/MsxS7LXO8n2lC_h8B4U404jDDp0urI6Nw0gGqE6etAs/B5iMvvRQjoo0lip28vXz3EE-n82JpviplkntCnuiE2XfZBJ2F1_uDurC9UoB7rlT3ud3Jm2BQ7Yn7EAwz16w1kD_i6YQjhqV62WRShB3OQ-mvOapuNYE7P4ojD5h6Nqq35EPUFPzdBF2WQ
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 75be474fae5cd3fdfa10fb7073b0a25c
5c4baffe6e37246b02f7a95f0ec3c8e0138d4a00
5df16bd8abad6dbe2e196399d2cdcfd17e7946800431e20ed32b45fcb196c647
GET /widget-avatars/MsxS7LXO8n2lC_h8B4U404jDDp0urI6Nw0gGqE6etAs/B5iMvvRQjoo0lip28vXz3EE-n82JpviplkntCnuiE2XfZBJ2F1_uDurC9UoB7rlT3ud3Jm2BQ7Yn7EAwz16w1kD_i6YQjhqV62WRShB3OQ-mvOapuNYE7P4ojD5h6Nqq35EPUFPzdBF2WQ HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Cookie: __cf_bm=np0QAHnAi4KbRwDTCntuPhSaYkgN04SBge6q14KPAQk-1671835513-0-AaNnfrlygwGnUuwDa+2KV9Gr1tkPzIlfar1fdqUbuPIcJRiKsfCM9wkPZhhPQPOd4oxMKH7qOa7xcidn1um28FI=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 2581
cf-ray: 77e4a057bf1c0b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1366720
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Sun, 27 Nov 2022 15:39:44 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=le%2BASQtLAxO3Pxzi9HHT8bzZzwJIC%2Fz2H%2ByJ5%2FDD0t12x85OzuVS9Kl69dLeAdNGSxSmVf2PwE214jhHD1s1GRapOLAHB0LOQoLPB2KHR%2F88XllNcyCcs%2Fe3jNA6SoTus4xoPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/pZ56wOVj3RxTvjwkdKBimtFkJ-MuJrwQE2tw8LKFyh8/kVsjFy-n9FR5Du-JVQ9mfB6Msz8wYOWV_g0QNC_bfAY-Z9pZIYeH0Ez0J-uri0QcyxcAvA9nguM93oSYE36g7DbxF4_jWCjvuOJSI2OPIwsMK8PuprETZGGrtM0l3WfLeu5JyFVtQJxK-w
200 OK 3.1 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/pZ56wOVj3RxTvjwkdKBimtFkJ-MuJrwQE2tw8LKFyh8/kVsjFy-n9FR5Du-JVQ9mfB6Msz8wYOWV_g0QNC_bfAY-Z9pZIYeH0Ez0J-uri0QcyxcAvA9nguM93oSYE36g7DbxF4_jWCjvuOJSI2OPIwsMK8PuprETZGGrtM0l3WfLeu5JyFVtQJxK-w
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 0256fb8a2385d9e46505760a37350a50
7a5735d8643936d955802f9f44a31e8dcb502580
121ecc56bc8435ae4cc536dde765d55e9de2c3027f51e14cd2e0d9872d6ad9f0
GET /widget-avatars/pZ56wOVj3RxTvjwkdKBimtFkJ-MuJrwQE2tw8LKFyh8/kVsjFy-n9FR5Du-JVQ9mfB6Msz8wYOWV_g0QNC_bfAY-Z9pZIYeH0Ez0J-uri0QcyxcAvA9nguM93oSYE36g7DbxF4_jWCjvuOJSI2OPIwsMK8PuprETZGGrtM0l3WfLeu5JyFVtQJxK-w HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Cookie: __cf_bm=np0QAHnAi4KbRwDTCntuPhSaYkgN04SBge6q14KPAQk-1671835513-0-AaNnfrlygwGnUuwDa+2KV9Gr1tkPzIlfar1fdqUbuPIcJRiKsfCM9wkPZhhPQPOd4oxMKH7qOa7xcidn1um28FI=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 3072
cf-ray: 77e4a057cf1e0b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1064392
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Thu, 22 Jul 2021 23:58:27 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ZhmROjjpoiAN8MRQGMuJmHPuMJfmuFJ5%2FKDbHa%2FnkBAEJ1OPxhqp%2BiEwsgSzJWkJ5f%2BdRjnzYcy3c5Ct1uRPav4iFg4S8EJUeZvM6JFz%2F%2B4%2BLlnrubcq5xZfuAMkdZsVQHFWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.discordapp.com/widget-avatars/B1gdBRHLFcV0dh1sYyrLhwqiX5ypJa0zIRQMTONjPLg/6IS2ji4weDcX0S8ybFhdWwDjOWpGFKZby94uMdLIN79Q3CV5iTzKWOfucphXlgxgc6BHfrDgVqXKrZgdtvQ3x87RNXGdTV0MWdP26Osn1EP-4MiLtJtF8kOBN4hombSSIEmW8jqgGWS__Q
200 OK 3.5 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/B1gdBRHLFcV0dh1sYyrLhwqiX5ypJa0zIRQMTONjPLg/6IS2ji4weDcX0S8ybFhdWwDjOWpGFKZby94uMdLIN79Q3CV5iTzKWOfucphXlgxgc6BHfrDgVqXKrZgdtvQ3x87RNXGdTV0MWdP26Osn1EP-4MiLtJtF8kOBN4hombSSIEmW8jqgGWS__Q
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 74686c0cb668500fd7016e6bd704d01f
30a18baa7c68502b201a8d8e7c98f941a5353f13
54256f6566183907421f5c3178c59e532a56a8d546b1db344829ae8759d45d28
GET /widget-avatars/B1gdBRHLFcV0dh1sYyrLhwqiX5ypJa0zIRQMTONjPLg/6IS2ji4weDcX0S8ybFhdWwDjOWpGFKZby94uMdLIN79Q3CV5iTzKWOfucphXlgxgc6BHfrDgVqXKrZgdtvQ3x87RNXGdTV0MWdP26Osn1EP-4MiLtJtF8kOBN4hombSSIEmW8jqgGWS__Q HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Cookie: __cf_bm=E51Lgw_0COePJ6gl_90u0Pab0RcuKhnB_rZ1GNyxP70-1671835513-0-ARL4jXHvtWOwIOMOEGW3i6K3BTi9eOf1KbT87bTPhWv37OlfsNH/pH0abERrcldukAq+ovMNwXKXSUPp0dB2rGQ=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 3523
cf-ray: 77e4a057cf250b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 2354537
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Tue, 22 Nov 2022 04:40:29 GMT
cf-cache-status: HIT
cf-bgj: h2pri
x-envoy-upstream-service-time: 2
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AluuGaqgTjJ6AIfJRG3%2FzZ3IADJzFkT%2BysxiOSYTAucvdgHl92skZ%2FFDhSXmKHJUigGMeoqaYcSAxh5sYcZgJ6KI%2B8eKhLSNnsVhNeUiGXt9Utuc%2FJBbDj4nMxPc4kK%2BUnJ41g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash ae90dbf2853994d70b32a828b70b9b15
01507010c3bb3659d39ea86d5f593a781538475c
20be489f41c4251c4c13b274b7acc1f97491681963328d021f94ed407859aa84
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 22:45:13 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 23 Dec 2022 08:00:48 GMT
Expires: Fri, 30 Dec 2022 08:00:47 GMT
Etag: "01507010c3bb3659d39ea86d5f593a781538475c"
Cache-Control: max-age=551133,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e4a056bdbdb524-OSL
sumo.com/api/load/
200 OK 843 B IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (842), with no line terminators
Hash 3501e6bc473a6cfa60fee420093c8ff2
3a5c862383936e1b563d0ed39d67055d06cadf8a
5e0bbcc14360de2c061715fbd2cb0d9a1ac169ec6501d54573d30627dbfef00d
POST /api/load/ HTTP/1.1
Host: sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 259
Origin: http://freesideplus.com
Connection: keep-alive
Referer: http://freesideplus.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Dec 2022 22:45:13 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 843
Connection: keep-alive
X-FRAME-OPTIONS: SAMEORIGIN
Access-Control-Allow-Origin: http://freesideplus.com
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Set-Cookie: __smSessionId=s%3AvuHlwtT6YgnDDFiGi3LOvnFP.iQZhMcRLplZWlxOzagGPtoBsxuhRZ%2F1Mv2V2V4OUzg8; Path=/; Expires=Sat, 24 Dec 2022 07:30:49 GMT; HttpOnly
X-Robots-Tag: noindex, nofollow
cdn.discordapp.com/widget-avatars/AyEf5ZsnFPr12_SAKQ_ACHUTAzNJ6cGZ8rg6SIQlA4Q/g6gl7gSnt1AFcFvFS2pMigboFHPdUPF09ZA7A0JIFCz2flLgblswAGqLs05sy48llJNCCCrSyeFpbYgBWJwrqm91wuV2qUe0FOKWzimWcC6yD2rHLFnURls6gSdmBH87f3Txj0b2UfS0tQ
200 OK 7.6 kB URL HTTP/2 cdn.discordapp.com/widget-avatars/AyEf5ZsnFPr12_SAKQ_ACHUTAzNJ6cGZ8rg6SIQlA4Q/g6gl7gSnt1AFcFvFS2pMigboFHPdUPF09ZA7A0JIFCz2flLgblswAGqLs05sy48llJNCCCrSyeFpbYgBWJwrqm91wuV2qUe0FOKWzimWcC6yD2rHLFnURls6gSdmBH87f3Txj0b2UfS0tQ
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 4c30997a69c48842bb32238811259d6d
939456b6b3c52eca3b36b47665d4159c50291046
93304c6f4af1a290b9d089efb40d53b05978548ec448d91e533b5effa02ff80b
GET /widget-avatars/AyEf5ZsnFPr12_SAKQ_ACHUTAzNJ6cGZ8rg6SIQlA4Q/g6gl7gSnt1AFcFvFS2pMigboFHPdUPF09ZA7A0JIFCz2flLgblswAGqLs05sy48llJNCCCrSyeFpbYgBWJwrqm91wuV2qUe0FOKWzimWcC6yD2rHLFnURls6gSdmBH87f3Txj0b2UfS0tQ HTTP/1.1
Host: cdn.discordapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/
Cookie: __cf_bm=pflSkiTkiLJ0aEdxkznRlI9XObJDf4kQExSl19Ruo98-1671835513-0-Ad2PSY7RUQp3b9MWl5jdwbyoRHK9ziTUwHzLi0LrNjr+YTvBzFrNh9Qd4yySsOGRAdruTt0X566qlYX85Juh8zc=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
content-length: 7635
cf-ray: 77e4a057af090b06-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=31536000
expires: Sat, 23 Dec 2023 22:45:13 GMT
last-modified: Fri, 23 Dec 2022 22:44:00 GMT
cf-cache-status: MISS
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdGy2h9iEllBJooc1x4GFeuvOTMuwUZvMaqXJDqzhWZ%2B8VV3VMV8O6%2F9HYkSB91zUh%2F6WicUTZRVeeWTjwwKhyDN5aNIgxoV5ajJcxI%2BTBefxmqhS2hrqu7YwOUOnwSbdWa%2B1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
200 OK 45 kB URL HTTP/2 cdn.taboola.com/libtrc/disqus-widget-safetylevel20longtail09/loader.js
IP
File type ASCII text, with very long lines (60704)
Hash d636e35bbaab3f88650d7c034d0ef018
016ef73c3658830e0c1f1d7753ecff219dbaf0f5
bb8f7eb069a667e00d1423059c639132afcc95104b266719c623010492b65317
GET /libtrc/disqus-widget-safetylevel20longtail09/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
etag: "3b73d13cc513228aa2d7384dd61ecd6ad780bd95"
last-modified: Thu, 22 Dec 2022 19:36:50 UTC
x-amz-id-2: 8LIvZKCfbq/60iDsXcYKue2WSdlydL2ZleuBipHlYUDLYO8QnqvuKakqe9rvKwN438DYe4a3gWk=
x-amz-request-id: HZ9B223HM4W1VJRC
x-amz-version-id: MObG7I_vvxhBna91i.9UVWVwlqWLAkg7
x-from-cache: 1
x-envoy-upstream-service-time: 7
accept-ranges: bytes
date: Fri, 23 Dec 2022 22:45:13 GMT
via: 1.1 varnish
age: 9804
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 3
x-timer: S1671835514.870230,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding, Accept-Encoding
abp: 27
content-length: 45014
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 58ad5c6e3caf13013c7ec3a32fe8e033
d53bb5f6c3618a359bc4cf9ead378176a703c94a
71901bd1fc0c8175e1ca424c04d6b92745a962dbe4e4e5b5767d6a7166cff8f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71901BD1FC0C8175E1CA424C04D6B92745A962DBE4E4E5B5767D6A7166CFF8F0"
Last-Modified: Thu, 22 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15869
Expires: Sat, 24 Dec 2022 03:09:42 GMT
Date: Fri, 23 Dec 2022 22:45:13 GMT
Connection: keep-alive
links.services.disqus.com/api/ping
403 Forbidden 979 B URL HTTP/1.1 links.services.disqus.com/api/ping
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (979), with no line terminators
Hash 1edc3fac1e0eb87ed6b19d4ecd08f8ef
bc58af52fa6a97e7506db76cb9e5a1895c92dcfd
613acec36f8b4ee7869a9907bc4b81eb6c24bcdd373520d6ee3a9b040d78ed98
POST /api/ping HTTP/1.1
Host: links.services.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 180
Origin: http://freesideplus.com
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Connection: keep-alive
Content-Length: 979
Content-Language: en
Content-Type: text/html;charset=utf-8
P3P: CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Server: Apache-Coyote/1.1
Date: Fri, 23 Dec 2022 22:45:13 GMT
Set-Cookie: vglnk.Agent.p=890948af12dcec27297a03f7980655c1; Expires=Sat, 23 Dec 2023 22:45:13 GMT; path=/
vglnk.PartnerRfsh.p=; Expires=Sat, 23 Dec 2023 22:45:13 GMT; path=/
cdn.taboola.com/libtrc/impl.20221222-8-RELEASE.js
200 OK 148 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221222-8-RELEASE.js
IP
File type ASCII text, with very long lines (65509)
Size 148 kB (148539 bytes)
Hash fd353293fc672a35b1079ac75f6fc865
79b685c3a2044163c69495548d0433f860426d20
7c0b9bb8f68703ad07831cb9e2d9eaa8f4f9e8ac1f6c78f90a395c9ec26e345d
GET /libtrc/impl.20221222-8-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: beX5CNjKU4Ir8lXCDW+VM5vu/DGkImicMYt3hUwr7bjDdGrdhyI7o3U+kmK8bjv2S5HibScZ2g8=
x-amz-request-id: 93S0XMESXET4G4SV
last-modified: Thu, 22 Dec 2022 11:00:34 GMT
etag: "fd353293fc672a35b1079ac75f6fc865"
content-encoding: br
x-amz-version-id: vPE.200COI04YQ2KRIDL7pS2WHR7GEN.
content-type: application/javascript
accept-ranges: bytes
date: Fri, 23 Dec 2022 22:45:13 GMT
via: 1.1 varnish
age: 13479
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 7181
x-timer: S1671835514.978022,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 12
server: AmazonS3-br
content-length: 148539
X-Firefox-Spdy: h2
sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671835512505&ns_c=UTF-8&ns_if=1&c7=http%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&c8=&c9=
204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671835512505&ns_c=UTF-8&ns_if=1&c7=http%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&c8=&c9=
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1671835512505&ns_c=UTF-8&ns_if=1&c7=http%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&c8=&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Fri, 23 Dec 2022 22:45:14 GMT
set-cookie: UID=1808ac7ced5124cc239e54b1671835514; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kQo7CUDxH2gSoY3lqxgnDfSctMNERvuQaUdN3OZgrLtIUJJjeJDvvg==
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 05458bed16fd4ca948430ff3e3f63a32
1c4a22c937808a5b1e21d62d5ed06d63fdb472a3
233a29f0c8c664c6e71f7eee35e475aca1412d9f4304777c2c83a735d03bb418
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "233A29F0C8C664C6E71F7EEE35E475ACA1412D9F4304777C2C83A735D03BB418"
Last-Modified: Fri, 23 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3286
Expires: Fri, 23 Dec 2022 23:40:00 GMT
Date: Fri, 23 Dec 2022 22:45:14 GMT
Connection: keep-alive
sumo.com/services
204 No Content 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /services HTTP/1.1
Host: sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sumo-auth
Referer: http://freesideplus.com/
Origin: http://freesideplus.com
Connection: keep-alive
HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 23 Dec 2022 22:45:14 GMT
Connection: keep-alive
Access-Control-Allow-Origin: http://freesideplus.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,PUT,POST,DELETE
Access-Control-Allow-Headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
Access-Control-Max-Age: 2592000
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
302 Found 0 B URL HTTP/1.1 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freesideplus.com/
HTTP/1.1 302 Found
content-length: 0
location: https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
cache-control: no-cache
ak.roudoduor.com/afu.php?zoneid=5460782&ymid=167183551310000TNOTV415326358024Vd3&var=315519420
200 OK 2.3 kB URL HTTP/2 ak.roudoduor.com/afu.php?zoneid=5460782&ymid=167183551310000TNOTV415326358024Vd3&var=315519420
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3061)
Hash 6e3ed6fc9a0d4d06683aea6b92f2f838
edd46dbbc2053ec11c38979cacf0ea583f8fbe36
badb63d57da92f2c92ea337eb2c38cae88f0fb915d7f0e1e6c079bf223a36e02
Analyzer Verdict Alert quad9 Sinkholed
GET /afu.php?zoneid=5460782&ymid=167183551310000TNOTV415326358024Vd3&var=315519420 HTTP/1.1
Host: ak.roudoduor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf8
x-trace-id: 3d62520434f3137a907e7785f196156e
link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch", <https://webdesigntutorials.org>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
vary: Accept-Encoding
x-akamai-transformed: 9 628 0 pmb=mRUM,1
content-encoding: gzip
expires: Fri, 23 Dec 2022 22:45:14 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 23 Dec 2022 22:45:14 GMT
content-length: 2268
set-cookie: OAID=22f55848e107424bbe659fa38afe19fc; expires=Sat, 23 Dec 2023 22:45:14 GMT; path=/; secure; SameSite=None
oaidts=1671835514; expires=Sat, 23 Dec 2023 22:45:14 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=29, origin; dur=10
X-Firefox-Spdy: h2
trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/debug?tim=22%3A45%3A12.715&type=usage&msg=rtus&llvl=2&id=7549&cv=20221222-8-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
204 No Content 0 B URL HTTP/2 trc-events.taboola.com/disqus-widget-safetylevel20longtail09/log/2/debug?tim=22%3A45%3A12.715&type=usage&msg=rtus&llvl=2&id=7549&cv=20221222-8-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /disqus-widget-safetylevel20longtail09/log/2/debug?tim=22%3A45%3A12.715&type=usage&msg=rtus&llvl=2&id=7549&cv=20221222-8-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 23 Dec 2022 22:45:14 GMT
x-fastly-to-nlb-rtt: 22170
access-control-allow-credentials: true
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=JMtKqMG7iSrVoKb9k_iMOZCpHqcSBf_mqw8_fSfYWUlnVQR9VmTHCW_Jw_8Rnf9hyOnDZx6gyN931Yvq6cTlXOXT_2I128DCFAZCQo_72fPoI8wd5WsCnklDWqf1F-jjAG0OiVZRUliUSXRs5Rc663ffR_dCEhywdlZLvZ-ZwlTWDL2ymPx1LgswC318TUnKoCiuD-msW-Hlf76HIUkmf5TWqNjlo4MHquXLSefLZFxjvqvC&request_ab2=96003&zoneid=4623603&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=784&wih=498&wiw=796&wfc=8&pl=https%3A%2F%2Fstreamhub.to%2Fe%2Fjcfxhqff2f7e&drf=http%3A%2F%2Ffreesideplus.com%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.464.1&bs=49887c9f-c490-4a6c-9d51-60dc0ef5b3c2&userId=49b87fc45e7942869d9704fc4f5d4900&m=link
200 OK 1.4 kB URL HTTP/2 onmarshtompor.com/?rb=JMtKqMG7iSrVoKb9k_iMOZCpHqcSBf_mqw8_fSfYWUlnVQR9VmTHCW_Jw_8Rnf9hyOnDZx6gyN931Yvq6cTlXOXT_2I128DCFAZCQo_72fPoI8wd5WsCnklDWqf1F-jjAG0OiVZRUliUSXRs5Rc663ffR_dCEhywdlZLvZ-ZwlTWDL2ymPx1LgswC318TUnKoCiuD-msW-Hlf76HIUkmf5TWqNjlo4MHquXLSefLZFxjvqvC&request_ab2=96003&zoneid=4623603&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=784&wih=498&wiw=796&wfc=8&pl=https%3A%2F%2Fstreamhub.to%2Fe%2Fjcfxhqff2f7e&drf=http%3A%2F%2Ffreesideplus.com%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.464.1&bs=49887c9f-c490-4a6c-9d51-60dc0ef5b3c2&userId=49b87fc45e7942869d9704fc4f5d4900&m=link
IP
Hash be0ac19ba4ad2835b8c72281b5ad4652
42ff19e741cdfb1510bec54d29f95a81c5839846
7ee76296b38bbc13d6941fa102bffcfbe30606c68b75ee5bf3eb51b8775a0aaa
GET /?rb=JMtKqMG7iSrVoKb9k_iMOZCpHqcSBf_mqw8_fSfYWUlnVQR9VmTHCW_Jw_8Rnf9hyOnDZx6gyN931Yvq6cTlXOXT_2I128DCFAZCQo_72fPoI8wd5WsCnklDWqf1F-jjAG0OiVZRUliUSXRs5Rc663ffR_dCEhywdlZLvZ-ZwlTWDL2ymPx1LgswC318TUnKoCiuD-msW-Hlf76HIUkmf5TWqNjlo4MHquXLSefLZFxjvqvC&request_ab2=96003&zoneid=4623603&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=784&wih=498&wiw=796&wfc=8&pl=https%3A%2F%2Fstreamhub.to%2Fe%2Fjcfxhqff2f7e&drf=http%3A%2F%2Ffreesideplus.com%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.464.1&bs=49887c9f-c490-4a6c-9d51-60dc0ef5b3c2&userId=49b87fc45e7942869d9704fc4f5d4900&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streamhub.to/
Origin: https://streamhub.to
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:14 GMT
content-type: application/json
x-trace-id: d12b5b7553d5ca66693a34a9c89e4309
access-control-allow-origin: https://streamhub.to
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=49b87fc45e7942869d9704fc4f5d4900; expires=Sat, 23 Dec 2023 22:45:14 GMT; path=/; secure; SameSite=None
oaidts=1671835514; expires=Sat, 23 Dec 2023 22:45:14 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 30 Dec 2022 22:45:14 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 313 B IP
Hash c2a63a79acf2c25a59ce34191333e9d1
7173cbd0777045ec7ce5339b020775e186775966
5515007e7ab8644f659d685561e540cffafa92451a5486a2246f4b48b3003177
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 182
Cache-Control: max-age=131080
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:14 GMT
Etag: "63a58bcc-139"
Expires: Sun, 25 Dec 2022 11:09:54 GMT
Last-Modified: Fri, 23 Dec 2022 11:06:52 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
sumo.com/services
200 OK 205 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 30defaa33fe486b3d3aadd3402b00bf6
fad5434f34ac4bb6c7a11018481673335be77c81
c5265b2a343e05fcaf0cd05b0dd03975c4d83e4168eafea7236a99ee46caf79e
POST /services HTTP/1.1
Host: sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Sumo-Auth: vuHlwtT6YgnDDFiGi3LOvnFP
Content-Length: 679
Origin: http://freesideplus.com
Connection: keep-alive
Referer: http://freesideplus.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Dec 2022 22:45:14 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 205
Connection: keep-alive
X-FRAME-OPTIONS: SAMEORIGIN
Access-Control-Allow-Origin: http://freesideplus.com
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
Set-Cookie: __smSessionId=s%3AcUp3f1QSmtjWIOsEAYQXcB3C.LMYdMJ5%2F1X0NHDDfsnwdTDvfBi7GxVghqafvmEv5%2F6E; Path=/; Expires=Sat, 24 Dec 2022 07:30:50 GMT; HttpOnly
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
ocsp.digicert.com/
200 OK 313 B IP
Hash f52632732ab9c5f711d5db5caa303d6b
b033bdb89168f0a944cd3497b8ac3c9233781e9a
d509babceb03519a70d621d6fb057b4f8c60e0fa8d81f69dbdeea2718a83a06e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6067
Cache-Control: max-age=160748
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:14 GMT
Etag: "63a5e8b3-139"
Expires: Sun, 25 Dec 2022 19:24:22 GMT
Last-Modified: Fri, 23 Dec 2022 17:43:15 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/syncframe?origin=rtus&topUrl=freesideplus.com
200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=freesideplus.com
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 2cf12a61c5f3f23abe6f26d2181f908c
7cc44e27a14d87f3a8180a7b3a99f6fbc52f99c8
f0b7a85374c53a3a5e3dc9074aa1587df2e43cbd4835cb777f23ae7492cf2041
GET /syncframe?origin=rtus&topUrl=freesideplus.com HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=367f6ed8-30c5-4e52-952f-e448686df6a1; expires=Wed, 17 Jan 2024 22:45:14 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 602035
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dnacdn.net/dna
200 OK 438 B IP
Hash 0941f75714621b40d4bb770dfb4acae5
ff59206f5ad364cadae1234ec6323c7b719fa11f
0f4e8a0dff92709fdf28292a104125107e0184e6052d1403336dd8f33f887152
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=14KTp180M0RITmhlJTJCZkMwOUJGQlhaMUN2czJoWU80QWloblBLdmhxSGRLc2R1dVVQSmR3c2xId1k2ZTZ4dXliSThwVVk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=5uwJsV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czJoWU80QWloblBLdmhxSGRLc2R1dVdCSzFWMFFJOTRkVlViUlRMam5UcmE; expires=Wed, 17 Jan 2024 22:45:14 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 179748
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
load.sumo.com/2.0a035390359aab65eb82.js
200 OK 1.5 kB URL HTTP/2 load.sumo.com/2.0a035390359aab65eb82.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (1643)
Hash bdd87c634935ad8735ad4cca3d18f214
14f53c88d6647847908c92da82b29cbc35ac5f20
364d0425e9aed80d27eaaa7ebb835856e361886965433bf484d95fefa078d965
GET /2.0a035390359aab65eb82.js HTTP/1.1
Host: load.sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:14 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 53731
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
etag: W/"6bfdf1ae8492f107706ac037915be663"
last-modified: Wed, 25 May 2022 21:04:43 GMT
x-amz-id-2: 6PNzoY2bwq8TRd6kG87xsdwwZVMkvJf0/efDm8ajElAv34gPJUvYgkBjwDQSvVR2KKmGNxwg/Gk=
x-amz-request-id: 4NT63S72ZR8KN5DF
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/16/2022 07:42:52
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d636c217582eedf476fc5c5d9f0f6c85
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
load.sumo.com/23.0a035390359aab65eb82.js
200 OK 99 kB URL HTTP/2 load.sumo.com/23.0a035390359aab65eb82.js
IP
ASN #34989 ServeTheWorld AS
File type Unicode text, UTF-8 text, with very long lines (64899), with no line terminators
Hash f2d31381fb9718154000db4cae9af848
e417b44e80bfdd9e4c34528fa3196b196db4b0b5
26cc01aa7474efddfd726a2b1e271969f48ac8e7474b616e6d579a08b3aeaf32
GET /23.0a035390359aab65eb82.js HTTP/1.1
Host: load.sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:14 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 53731
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
etag: W/"be0b945be6cafa91f6fd4efdfc8268f8"
last-modified: Wed, 05 Oct 2022 16:49:12 GMT
x-amz-id-2: 7sxa1T5rK8zHRwqIuc9SQTuUY7zCJT2U6USB3xa+kFLsFMBiTkX+nnJQlGfvrQn7lTVPpKSdbQ0=
x-amz-request-id: RWX54BQ4BQ53NC3B
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/28/2022 12:07:49
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 36cde2d55f6fe1b0ca9908684a561fbf
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/cta-component.20221222-8-RELEASE.es6.js
200 OK 5.1 kB URL HTTP/2 cdn.taboola.com/libtrc/cta-component.20221222-8-RELEASE.es6.js
IP
File type ASCII text, with very long lines (18924)
Hash 6f6bc69693281b1d6604842710b5e3e8
5d49066035364d78f65b1c8479e54069b374e690
4162e4bac05042c56edc0691de2f6508e2b1adb97e1bc7ec65f9e6ce55c08fc9
GET /libtrc/cta-component.20221222-8-RELEASE.es6.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: FgEM1bh2jXULk2SFBrdZQDcO7EVR7rXjfXNqm33ew/T03Q3kdoZYcBkJUvPvsMzV4WzD/1TgcUQ=
x-amz-request-id: P5ZW2N4EP1YRWKRN
x-amz-replication-status: COMPLETED
last-modified: Thu, 22 Dec 2022 18:18:28 GMT
etag: "ee9ca5bbbc109761b4ef9a03a01e52cf"
x-amz-version-id: JGgdesoATzUhm1NudEfd2hRBZSyuVXPE
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Dec 2022 22:45:14 GMT
via: 1.1 varnish
age: 21
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 7
x-timer: S1671835515.975397,VS0,VE0
cache-control: private,max-age=14400
vary: Accept-Encoding
abp: 12
content-length: 5107
X-Firefox-Spdy: h2
load.sumo.com/96.0a035390359aab65eb82.js
200 OK 85 kB URL HTTP/2 load.sumo.com/96.0a035390359aab65eb82.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5772eed2ad1a7df70c1b838b1cb60b35
fd3b97b740f5ad2511a192630d04ae09fa40cda3
973ee09c76bd9a0065d2ea6f295b0cf26f544a8eb7eada0512a40fbaf941506c
GET /96.0a035390359aab65eb82.js HTTP/1.1
Host: load.sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:14 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 53731
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
etag: W/"f33273f5c8e8dd3d010a11b209891b91"
last-modified: Wed, 25 May 2022 21:05:41 GMT
x-amz-id-2: oWZwV68z0ZCzv6p9ikD/9Zqf8HgilPFx7iKeWmSkvbvM6LwG5TReXNryXRxtFupGJWUv+hbZ0Ek=
x-amz-request-id: 4NT2N7V1ZP2X9DMS
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/16/2022 07:42:52
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: fd2d32b81083eb2d1c43163482d5942f
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
200 OK 30 kB URL HTTP/1.1 vidstat.taboola.com/lite-unit/3.9.8/UnitWidgetItemDesktop.min.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash aac1042207afd54e1cf1befcaf3420cd
00f0597866330a850a1d6222861591f24dd18380
ea77ece8880eb28ffe83e94ef787b4204f8b1b3d09f443011b898b13ed4bb706
GET /lite-unit/3.9.8/UnitWidgetItemDesktop.min.js HTTP/1.1
Host: vidstat.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freesideplus.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 29909
Content-Type: application/javascript
Last-Modified: Tue, 22 Nov 2022 07:02:09 GMT
ETag: "1842444d4bb92087143326a4d508875d"
Server: AmazonS3
Via: 1.1 b34d5d8e5954d0b7b46d5f0eb534c166.cloudfront.net (CloudFront), 1.1 varnish
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: iVxUQ_yUDgKIDSZaR21P2jFvv94ZUaTAMQdnd9xsEMFJTpsmb2NMlg==
Cache-Control: public, max-age=2592000
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 23 Dec 2022 22:45:15 GMT
Age: 224600
X-Served-By: cache-bma1648-BMA
X-Cache: Hit from cloudfront, HIT
X-Cache-Hits: 5312
X-Timer: S1671835515.006684,VS0,VE0
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, OPTIONS, HEAD
Access-Control-Allow-Headers: *
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
200 OK 45 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7b65f888cf6d8fdb79792aeee53937fe
9e2166e31278afe5f391100a36d98633176c6c38
58f997822e79cfc3f5abf86bd422079477884d0d3c8adad561ac3e4444cf8aa2
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 450265650731705506805175281380931797211,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 450265650731705506805175281380931797211,440009874943970692176080915478359259825,29ecf9b93bbf306179626feeda1fab70
etag: "c3204fadf795d5ebb0360ad632c484b5"
expiration: expiry-date="Mon, 03 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Fri, 02 Sep 2022 11:55:40 GMT
req-referer: https://mediatakeout.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 121
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 23 Dec 2022 22:45:15 GMT
age: 8672814
x-served-by: cache-iad-kjyo7100096-IAD, cache-iad-kcgs7200095-IAD, cache-bur-kbur8200056-BUR, cache-iad-kiad7000151-IAD, cache-bma1673-BMA
x-cache: HIT, HIT, HIT, HIT, HIT
x-cache-hits: 1, 1, 1, 35572, 1
x-timer: S1671835515.013446,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
x-vcl-time-ms: 1
content-length: 44940
X-Firefox-Spdy: h2
load.sumo.com/97.0a035390359aab65eb82.js
200 OK 195 B URL HTTP/2 load.sumo.com/97.0a035390359aab65eb82.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with no line terminators
Hash e78c2204d5ae23b7f05e93d2379f66a3
c7afe977462cc3208208d40d89bfcac61430675e
08df0d540560114ad20eb871555dfd2b58a04a4442caab94ca60861892fe94a1
GET /97.0a035390359aab65eb82.js HTTP/1.1
Host: load.sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:14 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 53731
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
etag: W/"857476cf6e94c14c223d4481353b4c19"
last-modified: Wed, 05 Oct 2022 16:50:09 GMT
x-amz-id-2: 5XFtXKaZQB/d4oqRkQXSbbqlPzv/uoGys/7ySD4BzoWFFjfvJEakslo2+zRXCrE6YvCOyjliXNU=
x-amz-request-id: RWXFWM9GFEBX5NX0
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/28/2022 12:07:49
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: be95e1d01fb6f2fe64b402ec2ba2e528
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://freesideplus.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 19 Dec 2022 19:26:09 GMT
Expires: Tue, 19 Dec 2023 19:26:09 GMT
Cache-Control: public, max-age=31536000
Age: 357546
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1d2011906e7ec6bbdffb5d477ef4a30c.jpg
200 OK 17 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1d2011906e7ec6bbdffb5d477ef4a30c.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash ed5476f8991453ac19c66659cf6db87d
9016e8c476f629b28d4288f2fce6b79f891a30a0
5893c373f61bde7c2f1a514aa132285034227975785b3353efa087e7179ac237
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1d2011906e7ec6bbdffb5d477ef4a30c.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 301480247170062863636428443559935743682,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 301480247170062863636428443559935743682,389360917527735119118571714620039350550,29ecf9b93bbf306179626feeda1fab70
etag: "3157b0d9ab1e17dfb054b5423b3e6c5d"
expiration: expiry-date="Tue, 15 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Sat, 15 Oct 2022 10:17:26 GMT
req-referer: https://news.gooya.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 104
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 23 Dec 2022 22:45:15 GMT
age: 3766766
x-served-by: cache-iad-kcgs7200102-IAD, cache-iad-kcgs7200112-IAD, cache-bur-kbur8200047-BUR, cache-iad-kcgs7200127-IAD, cache-bma1673-BMA
x-cache: MISS, MISS, HIT, HIT, HIT
x-cache-hits: 0, 0, 1, 76, 3
x-timer: S1671835515.088950,VS0,VE0
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_350%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1d2011906e7ec6bbdffb5d477ef4a30c.jpg
x-vcl-time-ms: 0
content-length: 17396
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_1/v1671107953/sgyh0fw3t30klzmbhfwh.mp4
206 Partial Content 1.1 MB URL HTTP/2 cdn.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_1/v1671107953/sgyh0fw3t30klzmbhfwh.mp4
IP
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 1.1 MB (1118471 bytes)
Hash 13d98569c84e06189a38834dbb884821
1e49046885932c5fd5a0cb9d5dee5e7a09405d2b
bec5efa5462789e9ae19bb545359e0bfc29b5eeb9d03a6a29d871bb3ce0421e0
GET /libtrc/static/video/t_PERFORMANCE_VIDEO_OPTIMIZATION_1/v1671107953/sgyh0fw3t30klzmbhfwh.mp4 HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
x-amz-id-2: y2zx7ENAp6hQZWxMfJLr2AcO5huoKSgs9VAFu8TEGDylCCKV4LTpAUZPwER8xuqRYbFIhb+AHwM=
x-amz-request-id: DZTVSCWM9NNZYK7K
x-amz-replication-status: COMPLETED
last-modified: Thu, 15 Dec 2022 12:39:26 GMT
etag: "13d98569c84e06189a38834dbb884821"
x-amz-version-id: FtH02V8RlobotHVegKtWzi1bWbkB18Ry
content-type: video/mp4;codecs=avc1
server: AmazonS3
accept-ranges: bytes
age: 38
content-range: bytes 0-1118470/1118471
date: Fri, 23 Dec 2022 22:45:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1671835515.109193,VS0,VE1
cache-control: private,max-age=31536000
abp: 12
content-length: 1118471
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/video/v1665821811/l7x1knljwc58ktfvs5t0.mp4
206 Partial Content 464 kB URL HTTP/2 cdn.taboola.com/libtrc/static/video/v1665821811/l7x1knljwc58ktfvs5t0.mp4
IP
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 464 kB (463591 bytes)
Hash 9ecd8e2c4b57545538e95e43c0bf8ad8
5d56ad9c2b7693cf5624c7cdbaa7e1079df0d861
a47f43d1bae931f90329e4d01285ba69d948f348e804d788d38ab4397a2d0b9a
GET /libtrc/static/video/v1665821811/l7x1knljwc58ktfvs5t0.mp4 HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
x-amz-id-2: E/IcUcnBKPZ4Cm4AHlXpyheNOlX/Qcq86kGDDBlBejs/wpr2fJtHTIgyGhgZ/QQoAOFccn4CcU8=
x-amz-request-id: PSWBE5RWTQ8NYJAT
x-amz-replication-status: COMPLETED
last-modified: Sat, 15 Oct 2022 08:16:58 GMT
etag: "9ecd8e2c4b57545538e95e43c0bf8ad8"
x-amz-version-id: DQey7k03WAaIhhUJuuRgxMSkHqJNoi6u
content-type: video/mp4;codecs=avc1
server: AmazonS3
accept-ranges: bytes
age: 67
content-range: bytes 0-463590/463591
date: Fri, 23 Dec 2022 22:45:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1671835515.125110,VS0,VE1
cache-control: private,max-age=31536000
abp: 12
content-length: 463591
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f6027e68686da8b8b38bbc1663317f74.jpg
200 OK 16 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f6027e68686da8b8b38bbc1663317f74.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7b53786c41ab811fdb6824e708d7d753
d36b2268f3d38c9e7d2076e90a19a6154d0ba486
3293496b14b16ad70aef6bc203b01d2002515dd9613cbe5d09468d5d0b35def2
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f6027e68686da8b8b38bbc1663317f74.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 568637439345873541405364995078570955131,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 568637439345873541405364995078570955131,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
etag: "73e0c2344eb39b6da975404d97370292"
last-modified: Fri, 18 Nov 2022 13:13:21 GMT
req-referer: https://shiznat.football.cbssports.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 5e1a0b3096bfd03139a0a221cc31eea5
x-envoy-upstream-service-time: 387
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 23 Dec 2022 22:45:15 GMT
age: 2533541
x-served-by: cache-iad-kcgs7200046-IAD, cache-iad-kjyo7100051-IAD, cache-bur-kbur8200177-BUR, cache-iad-kiad7000133-IAD, cache-bma1673-BMA
x-cache: MISS, MISS, MISS, HIT, HIT
x-cache-hits: 0, 0, 0, 19, 1
x-timer: S1671835515.229795,VS0,VE3
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f6027e68686da8b8b38bbc1663317f74.jpg
x-vcl-time-ms: 3
content-length: 16214
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cfa2a57e2136df85b11ed8afdbfb11ef.png
200 OK 8.8 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cfa2a57e2136df85b11ed8afdbfb11ef.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8b2877f90cb18145be2decaa70aff0dd
4f5f8dfb7a033041c2e0afea85af186fd39cc885
d9b6284f3dfd10c87af4eeb0365d4528c9059003913342203d9acdd08a5dda8e
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cfa2a57e2136df85b11ed8afdbfb11ef.png HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 438206606676214532544374850377595755351,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 438206606676214532544374850377595755351,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
etag: "d12aa67a13f05e03b403e37a995ac6aa"
expiration: expiry-date="Tue, 06 Dec 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
last-modified: Sat, 05 Nov 2022 05:39:46 GMT
req-referer: https://indeedfinance.com/
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 52
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 23 Dec 2022 22:45:15 GMT
age: 2809162
x-served-by: cache-iad-kcgs7200144-IAD, cache-iad-kiad7000169-IAD, cache-chi-kigq8000087-CHI, cache-iad-kcgs7200056-IAD, cache-bma1673-BMA
x-cache: HIT, HIT, HIT, HIT, HIT
x-cache-hits: 1, 1, 1, 66, 2
x-timer: S1671835515.241471,VS0,VE0
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cfa2a57e2136df85b11ed8afdbfb11ef.png
x-vcl-time-ms: 0
content-length: 8804
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5188b71c01c6e96f87b36b1282b6aa3.jpg
200 OK 17 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5188b71c01c6e96f87b36b1282b6aa3.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 392070da34c26b151833f808cb720cf4
12980791562892296728f4ae45c3627fb2a30265
3a2b69e480c82b45791c4ae64329a7f5d87fa3083224a0dfe88f212bc6afcbbd
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5188b71c01c6e96f87b36b1282b6aa3.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 425481553482210613476636665782714446727,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 425481553482210613476636665782714446727,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
etag: "0187999d67fdf2945f39373407727df1"
last-modified: Sun, 06 Nov 2022 21:15:34 GMT
req-referer: https://www.simplilearn.com/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: f7b21f36eb093b4b6671358ebab84179
x-envoy-upstream-service-time: 222
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 23 Dec 2022 22:45:15 GMT
age: 3940928
x-served-by: cache-iad-kcgs7200056-IAD, cache-iad-kcgs7200041-IAD, cache-bur-kbur8200105-BUR, cache-iad-kjyo7100105-IAD, cache-bma1673-BMA
x-cache: MISS, HIT, MISS, HIT, HIT
x-cache-hits: 0, 1, 0, 98, 1
x-timer: S1671835515.260616,VS0,VE1
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d5188b71c01c6e96f87b36b1282b6aa3.jpg
x-vcl-time-ms: 1
content-length: 17098
X-Firefox-Spdy: h2
for-j.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
200 OK 18 kB URL HTTP/2 for-j.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (50706)
Hash 4c77a41fd5993a5c71b86b8200b00980
6aba70a6bce8213e8cae5bdba5ca8020df1f65f8
ad60137ae03369f8fac6c2c68f84d99069b5659e667735707dc0d7e1247800b7
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: for-j.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:14 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:36:20 GMT
etag: W/"63a1e484-302c"
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a05b2af6b509-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 25 Dec 2022 22:45:14 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d521105845c173fb953e64d199e33154.jpg
200 OK 6.5 kB URL HTTP/2 images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d521105845c173fb953e64d199e33154.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 38d84b8fb7467c8e62d52ced15faa943
61d627638c6df16cb025bb7c57cee367f1d468ac
17c95221c0f7cabc1d2feec22f2a8e1094d58ec5f6ffbc54ff8117ae8de89699
GET /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d521105845c173fb953e64d199e33154.jpg HTTP/1.1
Host: images.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/webp
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
cache-tag: 492138907706621124196904210773979421999,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
edge-cache-tag: 492138907706621124196904210773979421999,459052303457394366171479749282851127576,29ecf9b93bbf306179626feeda1fab70
etag: "5c71572a04600442fba5eb1bfbe18a80"
last-modified: Sat, 10 Sep 2022 16:29:31 GMT
req-referer: http://iz.com.ua/
status: 200 OK
timing-allow-origin: *
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-request-id: 48d5c98e16927157710db9fa559e8631
x-envoy-upstream-service-time: 86
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 23 Dec 2022 22:45:15 GMT
age: 7557722
x-served-by: cache-iad-kiad7000094-IAD, cache-iad-kiad7000116-IAD, cache-bur-kbur8200031-BUR, cache-iad-kjyo7100054-IAD, cache-bma1673-BMA
x-cache: HIT, HIT, MISS, HIT, HIT
x-cache-hits: 1, 4, 0, 312, 2
x-timer: S1671835515.290369,VS0,VE0
vary: ImageFormat
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_280%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d521105845c173fb953e64d199e33154.jpg
x-vcl-time-ms: 0
content-length: 6496
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash 141d22d9a7caee68a081ad2bc6546c6c
eaae9f673f6ef586a80a25c90f8b270406af71a9
9599e7b5d6465aeba25e28945a68af7e3bc2122fcc5a3581704384ecd6bea071
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5393
Cache-Control: max-age=155398
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:15 GMT
Etag: "63a5d670-13a"
Expires: Sun, 25 Dec 2022 17:55:13 GMT
Last-Modified: Fri, 23 Dec 2022 16:25:20 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
referrer.disqus.com/juggler/event.gif?imp=1lp17v22tgb2j2&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=pandakingdom&zone=thread&version=82a72a26efe6cf449a682219560463fd&page_url=http%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D§ion=default&verb=load&advertisement_id=184193&forum_id=7329461
200 OK 43 B URL HTTP/1.1 referrer.disqus.com/juggler/event.gif?imp=1lp17v22tgb2j2&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=pandakingdom&zone=thread&version=82a72a26efe6cf449a682219560463fd&page_url=http%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D§ion=default&verb=load&advertisement_id=184193&forum_id=7329461
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /juggler/event.gif?imp=1lp17v22tgb2j2&experiment=network_default&variant=fallthrough&service=dynamic&area=top&product=embed&forum=pandakingdom&zone=thread&version=82a72a26efe6cf449a682219560463fd&page_url=http%3A%2F%2Ffreesideplus.com%2Fsidecast-ep-65-the-sidemen-are-going-on-strike%2F&page_referrer=&object_type=advertisement&provider=taboola&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&object_id=%5B184193%5D§ion=default&verb=load&advertisement_id=184193&forum_id=7329461 HTTP/1.1
Host: referrer.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 43
Server: nginx
Content-Type: image/gif
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Date: Fri, 23 Dec 2022 22:45:15 GMT
Cross-Origin-Resource-Policy: cross-origin
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.FetchError~1
200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.FetchError~1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.72.Events.StartInit~1&entry=c~Idfs.Rtus.72.Events.SyncframeDropped~1&entry=c~Idfs.Rtus.72.Origin.FromSyncframeBundle~1&entry=c~Idfs.Rtus.72.Headers.Bundle~1&entry=c~Idfs.Rtus.72.Events.InitiateFetch~1&entry=c~Idfs.Rtus.72.Events.FetchError~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:15 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d84d2f0b1332b290d9e24869cd5ad6c2
76adbff92571a3048101debed266e4a91cf90eab
1791c323c368613d28691a95b838b8a0c7825218dc7bc4b1fb2a5ee7ac1d5502
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1791C323C368613D28691A95B838B8A0C7825218DC7BC4B1FB2A5EE7AC1D5502"
Last-Modified: Thu, 22 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10034
Expires: Sat, 24 Dec 2022 01:32:29 GMT
Date: Fri, 23 Dec 2022 22:45:15 GMT
Connection: keep-alive
youradexchange.com/script/push.php?r=6543702&ipp=1&mads=2&position=top&cbpage=http%3A%2F%2Ffreesideplus.com%2F&cbref=
200 OK 136 kB URL HTTP/2 youradexchange.com/script/push.php?r=6543702&ipp=1&mads=2&position=top&cbpage=http%3A%2F%2Ffreesideplus.com%2F&cbref=
IP
Size 136 kB (135935 bytes)
Hash da5e6fac25c06d5b37150eaa3cba9a40
8d3b64cd0c8102ba2e950027de6e68529cb9b75d
657b504710b56886389ab91a75fa3a372e6a83e2311d9841fd976a07e2790ac9
GET /script/push.php?r=6543702&ipp=1&mads=2&position=top&cbpage=http%3A%2F%2Ffreesideplus.com%2F&cbref= HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://streamhub.to/
Origin: https://streamhub.to
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
42nna.bemobtrk.com/go/3d3e71a7-75a8-4cdf-bc4b-dc9f9313fc34?cost=cost&visitor_id=$SUBID&zoneid=zoneid&campaignid=campaignid&bannerid=bannerid
302 Found 172 B URL HTTP/2 42nna.bemobtrk.com/go/3d3e71a7-75a8-4cdf-bc4b-dc9f9313fc34?cost=cost&visitor_id=$SUBID&zoneid=zoneid&campaignid=campaignid&bannerid=bannerid
IP
File type HTML document, ASCII text, with no line terminators
Hash aa8d90e143e1e8e7a90fb4aee37435ef
d92ddcc3b62208291d87070b2c0ddab941176459
ad146c492d18c73e177d64fc994ac3bbc297cc422e28fede99be7c3743d3d6a9
GET /go/3d3e71a7-75a8-4cdf-bc4b-dc9f9313fc34?cost=cost&visitor_id=$SUBID&zoneid=zoneid&campaignid=campaignid&bannerid=bannerid HTTP/1.1
Host: 42nna.bemobtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty
date: Fri, 23 Dec 2022 22:45:15 GMT
content-type: text/html; charset=utf-8
content-length: 172
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
location: https://ir3.xyz/62d6a6545bd73?p2=%7Bclick_id%7D?cid=$%7BSUBID%7D
set-cookie: bemob-uniq-visit:3d3e71a7-75a8-4cdf-bc4b-dc9f9313fc34=1; Domain=42nna.bemobtrk.com; Path=/; Expires=Sat, 24 Dec 2022 22:45:15 GMT; HttpOnly; Secure; SameSite=None
bemob-rotation:3d3e71a7-75a8-4cdf-bc4b-dc9f9313fc34:random:9d20f32f5dc13c767374b7331b3fea3c=0-0-0; Domain=42nna.bemobtrk.com; Path=/; Expires=Sat, 24 Dec 2022 22:45:15 GMT; HttpOnly; Secure; SameSite=None
bemob-click-id=FnKAYmdWaPfAdkhzRh6Pd8; Domain=42nna.bemobtrk.com; Path=/; Expires=Sat, 24 Dec 2022 22:45:15 GMT; HttpOnly; Secure; SameSite=None
vary: Accept
x-response-time: 6.175ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
X-Firefox-Spdy: h2
imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7KKoCFgN3FriGk9EKugR3FriGk9EKugUAAAAGBuIHJORcTUwrj2Wt3K0WbtFgNXMLBxvPWmYxjSyzxcww2SyGQELO1cS08ljWyt1q4RYNVjO3cLDxrGUW08gyW8wMk81iDUhoOh0-171eZnm5PE-Ty3B2fe4av9uveZpcHofn9FYZ3rLVWnR0uTVPk8vtsrsVlpdb53fafW693a05XZ5el18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAnxwE7zn7_QEAAAAAAgAAAEACMEBaXQJA4XJy8v________8fM0CfeSPz____f2PQA_DgA_AgBAAAcDFUJYpw-psDFEBUcFzECAAAAGBLS0XzaFInVBZV_____VYAVwAAAYVBKXXSWbqDEm9hAAAAAWKLbNKA5-tAx2ML9LD4_WaHXeN3u-z_________3-z_7B9N6G30Oi2IZfRa7RcQAGDtFxAAgE3dAADeAuBCDgNNp8N1r5dZXi7P0-QynF2fu8bv9ouOoBWDweoMaDdcjSazAwAAALj7____x1tkkwY8Xwc61gMZz27ksVhsy8FkYZlYVoPJxGIyzAy7iXM389ic28OeqiK9b1Ws9qNoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ13AwMi5nbtFg5lmLNobdWuFc-NaimWvici4Gi9Fgsxa9PqaHc2YxzRxeFAy42ovkaZFOZCPHYLIYjjym0XLmsiyWM8NouRhOHMbBxjbzDSZiieZkkU5kl33Hsxt5LBbbcjBZWCaW1WAysZgMM8Nu4tzNPDbnvuEaDkbG5cwtGsw8a9HGsFsrnAvfWjRzTVzOxWAxGmzWotfH9HDOLKaZw9-Y7RbDzWq1GO0bs91iuFmtFqN9h8n0TH3ORtf06PeYnJnhWXe1OQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6ETk9j9fnrXuafC7TW_OwuUzPs8v2MlsGY7_dZ3o4zYblRCxRmi7SiV7zNLk8Ds_prTK8Zau16Ohya54ml9tldyssL7fO77T73Hq7W3O6PL0ui1giOF2kE9HLeLqo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQzXA4WK3zIDaTyWqzWi7Ag7qELjAIAAAAAADA7o7lNDTFLNt2cePHJeT0PF6ft-5p8rlMb83D5jI9zy7by2wZjP12n-nhNBuWUwZ4cFpk3vyZINZqtawBAAAEsAEAAAK4dfMWgM3E_____8cBAADIyNEDAACI7wOlhB25UuiF8xPccLkY!&cmcv=&pix=undefined&cb=1671835513905&uv=3246&tms=1671835513905&abt=amplean_vF!eidc_vA!Noappq22_vB!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=d95b4ec2-975a-405f-80c3-fb4d261f0231&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
200 OK 395 B URL HTTP/1.1 imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7KKoCFgN3FriGk9EKugR3FriGk9EKugUAAAAGBuIHJORcTUwrj2Wt3K0WbtFgNXMLBxvPWmYxjSyzxcww2SyGQELO1cS08ljWyt1q4RYNVjO3cLDxrGUW08gyW8wMk81iDUhoOh0-171eZnm5PE-Ty3B2fe4av9uveZpcHofn9FYZ3rLVWnR0uTVPk8vtsrsVlpdb53fafW693a05XZ5el18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAnxwE7zn7_QEAAAAAAgAAAEACMEBaXQJA4XJy8v________8fM0CfeSPz____f2PQA_DgA_AgBAAAcDFUJYpw-psDFEBUcFzECAAAAGBLS0XzaFInVBZV_____VYAVwAAAYVBKXXSWbqDEm9hAAAAAWKLbNKA5-tAx2ML9LD4_WaHXeN3u-z_________3-z_7B9N6G30Oi2IZfRa7RcQAGDtFxAAgE3dAADeAuBCDgNNp8N1r5dZXi7P0-QynF2fu8bv9ouOoBWDweoMaDdcjSazAwAAALj7____x1tkkwY8Xwc61gMZz27ksVhsy8FkYZlYVoPJxGIyzAy7iXM389ic28OeqiK9b1Ws9qNoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ13AwMi5nbtFg5lmLNobdWuFc-NaimWvici4Gi9Fgsxa9PqaHc2YxzRxeFAy42ovkaZFOZCPHYLIYjjym0XLmsiyWM8NouRhOHMbBxjbzDSZiieZkkU5kl33Hsxt5LBbbcjBZWCaW1WAysZgMM8Nu4tzNPDbnvuEaDkbG5cwtGsw8a9HGsFsrnAvfWjRzTVzOxWAxGmzWotfH9HDOLKaZw9-Y7RbDzWq1GO0bs91iuFmtFqN9h8n0TH3ORtf06PeYnJnhWXe1OQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6ETk9j9fnrXuafC7TW_OwuUzPs8v2MlsGY7_dZ3o4zYblRCxRmi7SiV7zNLk8Ds_prTK8Zau16Ohya54ml9tldyssL7fO77T73Hq7W3O6PL0ui1giOF2kE9HLeLqo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQzXA4WK3zIDaTyWqzWi7Ag7qELjAIAAAAAADA7o7lNDTFLNt2cePHJeT0PF6ft-5p8rlMb83D5jI9zy7by2wZjP12n-nhNBuWUwZ4cFpk3vyZINZqtawBAAAEsAEAAAK4dfMWgM3E_____8cBAADIyNEDAACI7wOlhB25UuiF8xPccLkY!&cmcv=&pix=undefined&cb=1671835513905&uv=3246&tms=1671835513905&abt=amplean_vF!eidc_vA!Noappq22_vB!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=d95b4ec2-975a-405f-80c3-fb4d261f0231&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (742), with no line terminators
Hash 39da82976567401a7629ab307831318a
80f6271faa2f7984a80bbc1a9454bf4fc59fc026
472f739499d43be3081e7c9104126ec9eb42286120ed68a4373f240b20255834
GET /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7KKoCFgN3FriGk9EKugR3FriGk9EKugUAAAAGBuIHJORcTUwrj2Wt3K0WbtFgNXMLBxvPWmYxjSyzxcww2SyGQELO1cS08ljWyt1q4RYNVjO3cLDxrGUW08gyW8wMk81iDUhoOh0-171eZnm5PE-Ty3B2fe4av9uveZpcHofn9FYZ3rLVWnR0uTVPk8vtsrsVlpdb53fafW693a05XZ5el18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAnxwE7zn7_QEAAAAAAgAAAEACMEBaXQJA4XJy8v________8fM0CfeSPz____f2PQA_DgA_AgBAAAcDFUJYpw-psDFEBUcFzECAAAAGBLS0XzaFInVBZV_____VYAVwAAAYVBKXXSWbqDEm9hAAAAAWKLbNKA5-tAx2ML9LD4_WaHXeN3u-z_________3-z_7B9N6G30Oi2IZfRa7RcQAGDtFxAAgE3dAADeAuBCDgNNp8N1r5dZXi7P0-QynF2fu8bv9ouOoBWDweoMaDdcjSazAwAAALj7____x1tkkwY8Xwc61gMZz27ksVhsy8FkYZlYVoPJxGIyzAy7iXM389ic28OeqiK9b1Ws9qNoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ13AwMi5nbtFg5lmLNobdWuFc-NaimWvici4Gi9Fgsxa9PqaHc2YxzRxeFAy42ovkaZFOZCPHYLIYjjym0XLmsiyWM8NouRhOHMbBxjbzDSZiieZkkU5kl33Hsxt5LBbbcjBZWCaW1WAysZgMM8Nu4tzNPDbnvuEaDkbG5cwtGsw8a9HGsFsrnAvfWjRzTVzOxWAxGmzWotfH9HDOLKaZw9-Y7RbDzWq1GO0bs91iuFmtFqN9h8n0TH3ORtf06PeYnJnhWXe1OQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6ETk9j9fnrXuafC7TW_OwuUzPs8v2MlsGY7_dZ3o4zYblRCxRmi7SiV7zNLk8Ds_prTK8Zau16Ohya54ml9tldyssL7fO77T73Hq7W3O6PL0ui1giOF2kE9HLeLqo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQzXA4WK3zIDaTyWqzWi7Ag7qELjAIAAAAAADA7o7lNDTFLNt2cePHJeT0PF6ft-5p8rlMb83D5jI9zy7by2wZjP12n-nhNBuWUwZ4cFpk3vyZINZqtawBAAAEsAEAAAK4dfMWgM3E_____8cBAADIyNEDAACI7wOlhB25UuiF8xPccLkY!&cmcv=&pix=undefined&cb=1671835513905&uv=3246&tms=1671835513905&abt=amplean_vF!eidc_vA!Noappq22_vB!ufm&ft=1&unm=WIDGET_ITEM&aure=false&agl=1&cirid=d95b4ec2-975a-405f-80c3-fb4d261f0231&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1 HTTP/1.1
Host: imprammp.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freesideplus.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: keep-alive
Server: nginx
Content-Type: text/html;charset=ISO-8859-1
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 23 Dec 2022 22:45:15 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1641-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1671835515.433858,VS0,VE25
Vary: Accept-Encoding
transfer-encoding: chunked
am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7KKoCFgN3FriGk9EKugR3FriGk9EKugUAAAAGBuIHJORcTUwrj2Wt3K0WbtFgNXMLBxvPWmYxjSyzxcww2SyGQELO1cS08ljWyt1q4RYNVjO3cLDxrGUW08gyW8wMk81iDUhoOh0-171eZnm5PE-Ty3B2fe4av9uveZpcHofn9FYZ3rLVWnR0uTVPk8vtsrsVlpdb53fafW693a05XZ5el18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAnxwE7zn7_QEAAAAAAgAAAEACMEBaXQJA4XJy8v________8fM0CfeSPz____f2PQA_DgA_AgBAAAcDFUJYpw-psDFEBUcFzECAAAAGBLS0XzaFInVBZV_____VYAVwAAAYVBKXXSWbqDEm9hAAAAAWKLbNKA5-tAx2ML9LD4_WaHXeN3u-z_________3-z_7B9N6G30Oi2IZfRa7RcQAGDtFxAAgE3dAADeAuBCDgNNp8N1r5dZXi7P0-QynF2fu8bv9ouOoBWDweoMaDdcjSazAwAAALj7____x1tkkwY8Xwc61gMZz27ksVhsy8FkYZlYVoPJxGIyzAy7iXM389ic28OeqiK9b1Ws9qNoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ13AwMi5nbtFg5lmLNobdWuFc-NaimWvici4Gi9Fgsxa9PqaHc2YxzRxeFAy42ovkaZFOZCPHYLIYjjym0XLmsiyWM8NouRhOHMbBxjbzDSZiieZkkU5kl33Hsxt5LBbbcjBZWCaW1WAysZgMM8Nu4tzNPDbnvuEaDkbG5cwtGsw8a9HGsFsrnAvfWjRzTVzOxWAxGmzWotfH9HDOLKaZw9-Y7RbDzWq1GO0bs91iuFmtFqN9h8n0TH3ORtf06PeYnJnhWXe1OQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6ETk9j9fnrXuafC7TW_OwuUzPs8v2MlsGY7_dZ3o4zYblRCxRmi7SiV7zNLk8Ds_prTK8Zau16Ohya54ml9tldyssL7fO77T73Hq7W3O6PL0ui1giOF2kE9HLeLqo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQzXA4WK3zIDaTyWqzWi7Ag7qELjAIAAAAAADA7o7lNDTFLNt2cePHJeT0PF6ft-5p8rlMb83D5jI9zy7by2wZjP12n-nhNBuWUwZ4cFpk3vyZINZqtawBAAAEsAEAAAK4dfMWgM3E_____8cBAADIyNEDAACI7wOlhB25UuiF8xPccLkY!&cmcv=&pix=31589837&cb=1671835513905&uv=3246&tms=1671835513905&abt=amplean_vF!eidc_vA!Noappq22_vB!ufm&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1671835510825!ts:1671835513905&mntl=1
200 0 B URL HTTP/1.1 am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7KKoCFgN3FriGk9EKugR3FriGk9EKugUAAAAGBuIHJORcTUwrj2Wt3K0WbtFgNXMLBxvPWmYxjSyzxcww2SyGQELO1cS08ljWyt1q4RYNVjO3cLDxrGUW08gyW8wMk81iDUhoOh0-171eZnm5PE-Ty3B2fe4av9uveZpcHofn9FYZ3rLVWnR0uTVPk8vtsrsVlpdb53fafW693a05XZ5el18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAnxwE7zn7_QEAAAAAAgAAAEACMEBaXQJA4XJy8v________8fM0CfeSPz____f2PQA_DgA_AgBAAAcDFUJYpw-psDFEBUcFzECAAAAGBLS0XzaFInVBZV_____VYAVwAAAYVBKXXSWbqDEm9hAAAAAWKLbNKA5-tAx2ML9LD4_WaHXeN3u-z_________3-z_7B9N6G30Oi2IZfRa7RcQAGDtFxAAgE3dAADeAuBCDgNNp8N1r5dZXi7P0-QynF2fu8bv9ouOoBWDweoMaDdcjSazAwAAALj7____x1tkkwY8Xwc61gMZz27ksVhsy8FkYZlYVoPJxGIyzAy7iXM389ic28OeqiK9b1Ws9qNoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ13AwMi5nbtFg5lmLNobdWuFc-NaimWvici4Gi9Fgsxa9PqaHc2YxzRxeFAy42ovkaZFOZCPHYLIYjjym0XLmsiyWM8NouRhOHMbBxjbzDSZiieZkkU5kl33Hsxt5LBbbcjBZWCaW1WAysZgMM8Nu4tzNPDbnvuEaDkbG5cwtGsw8a9HGsFsrnAvfWjRzTVzOxWAxGmzWotfH9HDOLKaZw9-Y7RbDzWq1GO0bs91iuFmtFqN9h8n0TH3ORtf06PeYnJnhWXe1OQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6ETk9j9fnrXuafC7TW_OwuUzPs8v2MlsGY7_dZ3o4zYblRCxRmi7SiV7zNLk8Ds_prTK8Zau16Ohya54ml9tldyssL7fO77T73Hq7W3O6PL0ui1giOF2kE9HLeLqo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQzXA4WK3zIDaTyWqzWi7Ag7qELjAIAAAAAADA7o7lNDTFLNt2cePHJeT0PF6ft-5p8rlMb83D5jI9zy7by2wZjP12n-nhNBuWUwZ4cFpk3vyZINZqtawBAAAEsAEAAAK4dfMWgM3E_____8cBAADIyNEDAACI7wOlhB25UuiF8xPccLkY!&cmcv=&pix=31589837&cb=1671835513905&uv=3246&tms=1671835513905&abt=amplean_vF!eidc_vA!Noappq22_vB!ufm&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1671835510825!ts:1671835513905&mntl=1
IP
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7KKoCFgN3FriGk9EKugR3FriGk9EKugUAAAAGBuIHJORcTUwrj2Wt3K0WbtFgNXMLBxvPWmYxjSyzxcww2SyGQELO1cS08ljWyt1q4RYNVjO3cLDxrGUW08gyW8wMk81iDUhoOh0-171eZnm5PE-Ty3B2fe4av9uveZpcHofn9FYZ3rLVWnR0uTVPk8vtsrsVlpdb53fafW693a05XZ5el18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAnxwE7zn7_QEAAAAAAgAAAEACMEBaXQJA4XJy8v________8fM0CfeSPz____f2PQA_DgA_AgBAAAcDFUJYpw-psDFEBUcFzECAAAAGBLS0XzaFInVBZV_____VYAVwAAAYVBKXXSWbqDEm9hAAAAAWKLbNKA5-tAx2ML9LD4_WaHXeN3u-z_________3-z_7B9N6G30Oi2IZfRa7RcQAGDtFxAAgE3dAADeAuBCDgNNp8N1r5dZXi7P0-QynF2fu8bv9ouOoBWDweoMaDdcjSazAwAAALj7____x1tkkwY8Xwc61gMZz27ksVhsy8FkYZlYVoPJxGIyzAy7iXM389ic28OeqiK9b1Ws9qNoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ13AwMi5nbtFg5lmLNobdWuFc-NaimWvici4Gi9Fgsxa9PqaHc2YxzRxeFAy42ovkaZFOZCPHYLIYjjym0XLmsiyWM8NouRhOHMbBxjbzDSZiieZkkU5kl33Hsxt5LBbbcjBZWCaW1WAysZgMM8Nu4tzNPDbnvuEaDkbG5cwtGsw8a9HGsFsrnAvfWjRzTVzOxWAxGmzWotfH9HDOLKaZw9-Y7RbDzWq1GO0bs91iuFmtFqN9h8n0TH3ORtf06PeYnJnhWXe1OQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6ETk9j9fnrXuafC7TW_OwuUzPs8v2MlsGY7_dZ3o4zYblRCxRmi7SiV7zNLk8Ds_prTK8Zau16Ohya54ml9tldyssL7fO77T73Hq7W3O6PL0ui1giOF2kE9HLeLqo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQzXA4WK3zIDaTyWqzWi7Ag7qELjAIAAAAAADA7o7lNDTFLNt2cePHJeT0PF6ft-5p8rlMb83D5jI9zy7by2wZjP12n-nhNBuWUwZ4cFpk3vyZINZqtawBAAAEsAEAAAK4dfMWgM3E_____8cBAADIyNEDAACI7wOlhB25UuiF8xPccLkY!&cmcv=&pix=31589837&cb=1671835513905&uv=3246&tms=1671835513905&abt=amplean_vF!eidc_vA!Noappq22_vB!ufm&ft=1&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1671835510825!ts:1671835513905&mntl=1 HTTP/1.1
Host: am-vid-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freesideplus.com/
HTTP/1.1 200
Server: nginx
Date: Fri, 23 Dec 2022 22:45:15 GMT
Content-Length: 0
Connection: keep-alive
sumo.com/api/site/8a458000baec02005540ca0062216f00316bd900ca2871005b13b00097ddae00/features?site_id=8a458000baec02005540ca0062216f00316bd900ca2871005b13b00097ddae00
200 OK 1.0 kB URL HTTP/1.1 sumo.com/api/site/8a458000baec02005540ca0062216f00316bd900ca2871005b13b00097ddae00/features?site_id=8a458000baec02005540ca0062216f00316bd900ca2871005b13b00097ddae00
IP
File type JSON data\012- , ASCII text, with very long lines (2726), with no line terminators
Hash 1a51d0475ba3c496ebbdc332b32b0f89
fb50bf1224b345983d6727e1979549dc813f12ab
9c926d27d689bcfc52cd3ba6c9f75b5862bfd543d5b129492ac4731bdc726672
GET /api/site/8a458000baec02005540ca0062216f00316bd900ca2871005b13b00097ddae00/features?site_id=8a458000baec02005540ca0062216f00316bd900ca2871005b13b00097ddae00 HTTP/1.1
Host: sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Sumo-Auth: vuHlwtT6YgnDDFiGi3LOvnFP
Origin: http://freesideplus.com
Connection: keep-alive
Referer: http://freesideplus.com/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Dec 2022 22:45:15 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-FRAME-OPTIONS: SAMEORIGIN
Access-Control-Allow-Origin: http://freesideplus.com
Vary: Origin, Accept-Encoding
Access-Control-Allow-Credentials: true
ETag: "-362431178"
Content-Encoding: gzip
Set-Cookie: __smSessionId=s%3AWYidvIcz5HAhEXR4tkDIS7jv.8NM9h0yiwGs6frZoP5XHbbh%2BJcDjTquruVF9l22PB%2BA; Path=/; Expires=Sat, 24 Dec 2022 07:30:51 GMT; HttpOnly
X-Robots-Tag: noindex, nofollow
status.geotrust.com/
200 OK 471 B IP
Hash 8ff952bb402176c90e06e8199b59671b
986ffd71d2a0c3eaea9713435138be4222f7f7e4
f5c167cae90c46dd099f005235ff6d2b7925ca175615a99fcd9060f068cb752b
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5768
Cache-Control: max-age=97438
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:15 GMT
Etag: "63a4f291-1d7"
Expires: Sun, 25 Dec 2022 01:49:13 GMT
Last-Modified: Fri, 23 Dec 2022 00:13:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash 8ff952bb402176c90e06e8199b59671b
986ffd71d2a0c3eaea9713435138be4222f7f7e4
f5c167cae90c46dd099f005235ff6d2b7925ca175615a99fcd9060f068cb752b
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 162
Cache-Control: max-age=91832
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 22:45:15 GMT
Etag: "63a4f291-1d7"
Expires: Sun, 25 Dec 2022 00:15:47 GMT
Last-Modified: Fri, 23 Dec 2022 00:13:05 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 23 Dec 2022 22:45:15 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=77d53cd8-8313-11ed-a89a-1644f9a80406; expires=Fri, 20-Jan-2023 22:45:15 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=77d53d6f-8313-11ed-a89a-1644f9a80406
X-fe: 96
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://imprammp.taboola.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 23 Dec 2022 22:45:15 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=77dac090-8313-11ed-b77e-15758c630306; expires=Fri, 20-Jan-2023 22:45:15 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=77dac0f6-8313-11ed-b77e-15758c630306
X-fe: 82
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=77d53d6f-8313-11ed-a89a-1644f9a80406
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=77d53d6f-8313-11ed-a89a-1644f9a80406
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=77d53d6f-8313-11ed-a89a-1644f9a80406 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://am-match.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 23 Dec 2022 22:45:15 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=77daf1a0-8313-11ed-ad5f-175bad840206; expires=Fri, 20-Jan-2023 22:45:15 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 46
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=77dac0f6-8313-11ed-b77e-15758c630306
204 No Content 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=77dac0f6-8313-11ed-b77e-15758c630306
IP
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=77dac0f6-8313-11ed-b77e-15758c630306 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://imprammp.taboola.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Fri, 23 Dec 2022 22:45:15 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=77e10881-8313-11ed-a984-1ac061c70106; expires=Fri, 20-Jan-2023 22:45:15 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 15
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
am-match.taboola.com/sync?dast=V7KKoCFgN3FriGk9EKugR3FriGk9EKugUAAAAGBuIHJORcTUwrj2Wt3K0WbtFgNXMLBxvPWmYxjSyzxcww2SyGQELO1cS08ljWyt1q4RYNVjO3cLDxrGUW08gyW8wMk81iDUhoOh0-171eZnm5PE-Ty3B2fe4av9uveZpcHofn9FYZ3rLVWnR0uTVPk8vtsrsVlpdb53fafW693a05XZ5el18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAnxwE7zn7_QEAAAAAAgAAAEACMEBaXQJA4XJy8v________8fM0CfeSPz____f2PQA_DgA_AgBAAAcDFUJYpw-psDFEBUcFzECAAAAGBLS0XzaFInVBZV_____VYAVwAAAYVBKXXSWbqDEm9hAAAAAWKLbNKA5-tAx2ML9LD4_WaHXeN3u-z_________3-z_7B9N6G30Oi2IZfRa7RcQAGDtFxAAgE3dAADeAuBCDgNNp8N1r5dZXi7P0-QynF2fu8bv9ouOoBWDweoMaDdcjSazAwAAALj7____x1tkkwY8Xwc61gMZz27ksVhsy8FkYZlYVoPJxGIyzAy7iXM389ic28OeqiK9b1Ws9qNoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ13AwMi5nbtFg5lmLNobdWuFc-NaimWvici4Gi9Fgsxa9PqaHc2YxzRxeFAy42ovkaZFOZCPHYLIYjjym0XLmsiyWM8NouRhOHMbBxjbzDSZiieZkkU5kl33Hsxt5LBbbcjBZWCaW1WAysZgMM8Nu4tzNPDbnvuEaDkbG5cwtGsw8a9HGsFsrnAvfWjRzTVzOxWAxGmzWotfH9HDOLKaZw9-Y7RbDzWq1GO0bs91iuFmtFqN9h8n0TH3ORtf06PeYnJnhWXe1OQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6ETk9j9fnrXuafC7TW_OwuUzPs8v2MlsGY7_dZ3o4zYblRCxRmi7SiV7zNLk8Ds_prTK8Zau16Ohya54ml9tldyssL7fO77T73Hq7W3O6PL0ui1giOF2kE9HLeLqo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQzXA4WK3zIDaTyWqzWi7Ag7qELjAIAAAAAADA7o7lNDTFLNt2cePHJeT0PF6ft-5p8rlMb83D5jI9zy7by2wZjP12n-nhNBuWUwZ4cFpk3vyZINZqtawBAAAEsAEAAAK4dfMWgM3E_____8cBAADIyNEDAACI7wOlhB25UuiF8xPccLkY!&excid=22&docw=0&cijs=1&nlb=false
200 OK 2.2 kB URL HTTP/2 am-match.taboola.com/sync?dast=V7KKoCFgN3FriGk9EKugR3FriGk9EKugUAAAAGBuIHJORcTUwrj2Wt3K0WbtFgNXMLBxvPWmYxjSyzxcww2SyGQELO1cS08ljWyt1q4RYNVjO3cLDxrGUW08gyW8wMk81iDUhoOh0-171eZnm5PE-Ty3B2fe4av9uveZpcHofn9FYZ3rLVWnR0uTVPk8vtsrsVlpdb53fafW693a05XZ5el18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAnxwE7zn7_QEAAAAAAgAAAEACMEBaXQJA4XJy8v________8fM0CfeSPz____f2PQA_DgA_AgBAAAcDFUJYpw-psDFEBUcFzECAAAAGBLS0XzaFInVBZV_____VYAVwAAAYVBKXXSWbqDEm9hAAAAAWKLbNKA5-tAx2ML9LD4_WaHXeN3u-z_________3-z_7B9N6G30Oi2IZfRa7RcQAGDtFxAAgE3dAADeAuBCDgNNp8N1r5dZXi7P0-QynF2fu8bv9ouOoBWDweoMaDdcjSazAwAAALj7____x1tkkwY8Xwc61gMZz27ksVhsy8FkYZlYVoPJxGIyzAy7iXM389ic28OeqiK9b1Ws9qNoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ13AwMi5nbtFg5lmLNobdWuFc-NaimWvici4Gi9Fgsxa9PqaHc2YxzRxeFAy42ovkaZFOZCPHYLIYjjym0XLmsiyWM8NouRhOHMbBxjbzDSZiieZkkU5kl33Hsxt5LBbbcjBZWCaW1WAysZgMM8Nu4tzNPDbnvuEaDkbG5cwtGsw8a9HGsFsrnAvfWjRzTVzOxWAxGmzWotfH9HDOLKaZw9-Y7RbDzWq1GO0bs91iuFmtFqN9h8n0TH3ORtf06PeYnJnhWXe1OQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6ETk9j9fnrXuafC7TW_OwuUzPs8v2MlsGY7_dZ3o4zYblRCxRmi7SiV7zNLk8Ds_prTK8Zau16Ohya54ml9tldyssL7fO77T73Hq7W3O6PL0ui1giOF2kE9HLeLqo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQzXA4WK3zIDaTyWqzWi7Ag7qELjAIAAAAAADA7o7lNDTFLNt2cePHJeT0PF6ft-5p8rlMb83D5jI9zy7by2wZjP12n-nhNBuWUwZ4cFpk3vyZINZqtawBAAAEsAEAAAK4dfMWgM3E_____8cBAADIyNEDAACI7wOlhB25UuiF8xPccLkY!&excid=22&docw=0&cijs=1&nlb=false
IP
ASN #200478 Taboola.com ltd
Hash 953980fc0e37a7da666594f9eb615a5d
00c5fef1fec34a694821ef4404bca4e01aef9509
2d5c78d3f73d851e479ec6237b45f61007167ba042d8737d12f3436c65c3b866
GET /sync?dast=V7KKoCFgN3FriGk9EKugR3FriGk9EKugUAAAAGBuIHJORcTUwrj2Wt3K0WbtFgNXMLBxvPWmYxjSyzxcww2SyGQELO1cS08ljWyt1q4RYNVjO3cLDxrGUW08gyW8wMk81iDUhoOh0-171eZnm5PE-Ty3B2fe4av9uveZpcHofn9FYZ3rLVWnR0uTVPk8vtsrsVlpdb53fafW693a05XZ5el18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAnxwE7zn7_QEAAAAAAgAAAEACMEBaXQJA4XJy8v________8fM0CfeSPz____f2PQA_DgA_AgBAAAcDFUJYpw-psDFEBUcFzECAAAAGBLS0XzaFInVBZV_____VYAVwAAAYVBKXXSWbqDEm9hAAAAAWKLbNKA5-tAx2ML9LD4_WaHXeN3u-z_________3-z_7B9N6G30Oi2IZfRa7RcQAGDtFxAAgE3dAADeAuBCDgNNp8N1r5dZXi7P0-QynF2fu8bv9ouOoBWDweoMaDdcjSazAwAAALj7____x1tkkwY8Xwc61gMZz27ksVhsy8FkYZlYVoPJxGIyzAy7iXM389ic28OeqiK9b1Ws9qNoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ13AwMi5nbtFg5lmLNobdWuFc-NaimWvici4Gi9Fgsxa9PqaHc2YxzRxeFAy42ovkaZFOZCPHYLIYjjym0XLmsiyWM8NouRhOHMbBxjbzDSZiieZkkU5kl33Hsxt5LBbbcjBZWCaW1WAysZgMM8Nu4tzNPDbnvuEaDkbG5cwtGsw8a9HGsFsrnAvfWjRzTVzOxWAxGmzWotfH9HDOLKaZw9-Y7RbDzWq1GO0bs91iuFmtFqN9h8n0TH3ORtf06PeYnJnhWXe1OQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6ETk9j9fnrXuafC7TW_OwuUzPs8v2MlsGY7_dZ3o4zYblRCxRmi7SiV7zNLk8Ds_prTK8Zau16Ohya54ml9tldyssL7fO77T73Hq7W3O6PL0ui1giOF2kE9HLeLqo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQzXA4WK3zIDaTyWqzWi7Ag7qELjAIAAAAAADA7o7lNDTFLNt2cePHJeT0PF6ft-5p8rlMb83D5jI9zy7by2wZjP12n-nhNBuWUwZ4cFpk3vyZINZqtawBAAAEsAEAAAK4dfMWgM3E_____8cBAADIyNEDAACI7wOlhB25UuiF8xPccLkY!&excid=22&docw=0&cijs=1&nlb=false HTTP/1.1
Host: am-match.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:15 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402
X-Firefox-Spdy: h2
wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1671835513911&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1490&pt=-580124349&tz=0&viewable=true&ddast=V7KKoCFgN3FriGk9EKugR3FriGk9EKugUAAAAGBuIHJORcTUwrj2Wt3K0WbtFgNXMLBxvPWmYxjSyzxcww2SyGQELO1cS08ljWyt1q4RYNVjO3cLDxrGUW08gyW8wMk81iDUhoOh0-171eZnm5PE-Ty3B2fe4av9uveZpcHofn9FYZ3rLVWnR0uTVPk8vtsrsVlpdb53fafW693a05XZ5el18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAnxwE7zn7_QEAAAAAAgAAAEACMEBaXQJA4XJy8v________8fM0CfeSPz____f2PQA_DgA_AgBAAAcDFUJYpw-psDFEBUcFzECAAAAGBLS0XzaFInVBZV_____VYAVwAAAYVBKXXSWbqDEm9hAAAAAWKLbNKA5-tAx2ML9LD4_WaHXeN3u-z_________3-z_7B9N6G30Oi2IZfRa7RcQAGDtFxAAgE3dAADeAuBCDgNNp8N1r5dZXi7P0-QynF2fu8bv9ouOoBWDweoMaDdcjSazAwAAALj7____x1tkkwY8Xwc61gMZz27ksVhsy8FkYZlYVoPJxGIyzAy7iXM389ic28OeqiK9b1Ws9qNoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ13AwMi5nbtFg5lmLNobdWuFc-NaimWvici4Gi9Fgsxa9PqaHc2YxzRxeFAy42ovkaZFOZCPHYLIYjjym0XLmsiyWM8NouRhOHMbBxjbzDSZiieZkkU5kl33Hsxt5LBbbcjBZWCaW1WAysZgMM8Nu4tzNPDbnvuEaDkbG5cwtGsw8a9HGsFsrnAvfWjRzTVzOxWAxGmzWotfH9HDOLKaZw9-Y7RbDzWq1GO0bs91iuFmtFqN9h8n0TH3ORtf06PeYnJnhWXe1OQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6ETk9j9fnrXuafC7TW_OwuUzPs8v2MlsGY7_dZ3o4zYblRCxRmi7SiV7zNLk8Ds_prTK8Zau16Ohya54ml9tldyssL7fO77T73Hq7W3O6PL0ui1giOF2kE9HLeLqo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQzXA4WK3zIDaTyWqzWi7Ag7qELjAIAAAAAADA7o7lNDTFLNt2cePHJeT0PF6ft-5p8rlMb83D5jI9zy7by2wZjP12n-nhNBuWUwZ4cFpk3vyZINZqtawBAAAEsAEAAAK4dfMWgM3E_____8cBAADIyNEDAACI7wOlhB25UuiF8xPccLkY!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=10&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1322535&dpubid=238805&abtst=amplean_vF!eidc_vA!Noappq22_vB!ufm&mPre=0.033&cirf=https%3A%2F%2Ffreesideplus.com&en=1
200 OK 615 B URL HTTP/1.1 wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1671835513911&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1490&pt=-580124349&tz=0&viewable=true&ddast=V7KKoCFgN3FriGk9EKugR3FriGk9EKugUAAAAGBuIHJORcTUwrj2Wt3K0WbtFgNXMLBxvPWmYxjSyzxcww2SyGQELO1cS08ljWyt1q4RYNVjO3cLDxrGUW08gyW8wMk81iDUhoOh0-171eZnm5PE-Ty3B2fe4av9uveZpcHofn9FYZ3rLVWnR0uTVPk8vtsrsVlpdb53fafW693a05XZ5el18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAnxwE7zn7_QEAAAAAAgAAAEACMEBaXQJA4XJy8v________8fM0CfeSPz____f2PQA_DgA_AgBAAAcDFUJYpw-psDFEBUcFzECAAAAGBLS0XzaFInVBZV_____VYAVwAAAYVBKXXSWbqDEm9hAAAAAWKLbNKA5-tAx2ML9LD4_WaHXeN3u-z_________3-z_7B9N6G30Oi2IZfRa7RcQAGDtFxAAgE3dAADeAuBCDgNNp8N1r5dZXi7P0-QynF2fu8bv9ouOoBWDweoMaDdcjSazAwAAALj7____x1tkkwY8Xwc61gMZz27ksVhsy8FkYZlYVoPJxGIyzAy7iXM389ic28OeqiK9b1Ws9qNoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ13AwMi5nbtFg5lmLNobdWuFc-NaimWvici4Gi9Fgsxa9PqaHc2YxzRxeFAy42ovkaZFOZCPHYLIYjjym0XLmsiyWM8NouRhOHMbBxjbzDSZiieZkkU5kl33Hsxt5LBbbcjBZWCaW1WAysZgMM8Nu4tzNPDbnvuEaDkbG5cwtGsw8a9HGsFsrnAvfWjRzTVzOxWAxGmzWotfH9HDOLKaZw9-Y7RbDzWq1GO0bs91iuFmtFqN9h8n0TH3ORtf06PeYnJnhWXe1OQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6ETk9j9fnrXuafC7TW_OwuUzPs8v2MlsGY7_dZ3o4zYblRCxRmi7SiV7zNLk8Ds_prTK8Zau16Ohya54ml9tldyssL7fO77T73Hq7W3O6PL0ui1giOF2kE9HLeLqo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQzXA4WK3zIDaTyWqzWi7Ag7qELjAIAAAAAADA7o7lNDTFLNt2cePHJeT0PF6ft-5p8rlMb83D5jI9zy7by2wZjP12n-nhNBuWUwZ4cFpk3vyZINZqtawBAAAEsAEAAAK4dfMWgM3E_____8cBAADIyNEDAACI7wOlhB25UuiF8xPccLkY!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=10&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1322535&dpubid=238805&abtst=amplean_vF!eidc_vA!Noappq22_vB!ufm&mPre=0.033&cirf=https%3A%2F%2Ffreesideplus.com&en=1
IP
File type ASCII text, with very long lines (1572), with no line terminators
Hash 6fa8e79522609ad95bf5da28c90e4bfe
bb78c006acd61f707d3f94e1798b5b840c3a8103
71113b67c081df78aed939b2e64fcae3b844db45cfd27d7b9aa59f08ecc17cfd
POST /VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=5&sortOrderType=0&cb=1671835513911&mimes=5,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1490&pt=-580124349&tz=0&viewable=true&ddast=V7KKoCFgN3FriGk9EKugR3FriGk9EKugUAAAAGBuIHJORcTUwrj2Wt3K0WbtFgNXMLBxvPWmYxjSyzxcww2SyGQELO1cS08ljWyt1q4RYNVjO3cLDxrGUW08gyW8wMk81iDUhoOh0-171eZnm5PE-Ty3B2fe4av9uveZpcHofn9FYZ3rLVWnR0uTVPk8vtsrsVlpdb53fafW693a05XZ5el18OAAAAAA______EAAAAAARAAAAABIAAAAAFAEV_xYCFwAAAAAY_____xoAnxwE7zn7_QEAAAAAAgAAAEACMEBaXQJA4XJy8v________8fM0CfeSPz____f2PQA_DgA_AgBAAAcDFUJYpw-psDFEBUcFzECAAAAGBLS0XzaFInVBZV_____VYAVwAAAYVBKXXSWbqDEm9hAAAAAWKLbNKA5-tAx2ML9LD4_WaHXeN3u-z_________3-z_7B9N6G30Oi2IZfRa7RcQAGDtFxAAgE3dAADeAuBCDgNNp8N1r5dZXi7P0-QynF2fu8bv9ouOoBWDweoMaDdcjSazAwAAALj7____x1tkkwY8Xwc61gMZz27ksVhsy8FkYZlYVoPJxGIyzAy7iXM389ic28OeqiK9b1Ws9qNoyXK33K1Gk8VotFxudsPNaLC_gRisBjgRg-VyMllMdqvRarQZ7kazwQIFYjBBipaslsvlarNZrXajxWywWQ43G6Ro1Wo22gyGq9lkttuthoPhcjRCipYsd8vdajRZjEbL5WY33IwGQ4QJ13AwMi5nbtFg5lmLNobdWuFc-NaimWvici4Gi9Fgsxa9PqaHc2YxzRxeFAy42ovkaZFOZCPHYLIYjjym0XLmsiyWM8NouRhOHMbBxjbzDSZiieZkkU5kl33Hsxt5LBbbcjBZWCaW1WAysZgMM8Nu4tzNPDbnvuEaDkbG5cwtGsw8a9HGsFsrnAvfWjRzTVzOxWAxGmzWotfH9HDOLKaZw9-Y7RbDzWq1GO0bs91iuFmtFqN9h8n0TH3ORtf06PeYnJnhWXe1OQwKl8Hi_X0u0ma0cTOqtGGLRXUt7lwTq04bOxk7B7NB4RteE8PfT_28drO3g9hgUMQSwUU6ETk9j9fnrXuafC7TW_OwuUzPs8v2MlsGY7_dZ3o4zYblRCxRmi7SiV7zNLk8Ds_prTK8Zau16Ohya54ml9tldyssL7fO77T73Hq7W3O6PL0ui1giOF2kE9HLeLqo_8iQi7lyMBdN5orVaJUAAAAAAAAAAJYwZ94EAAAA4DSQzXA4WK3zIDaTyWqzWi7Ag7qELjAIAAAAAADA7o7lNDTFLNt2cePHJeT0PF6ft-5p8rlMb83D5jI9zy7by2wZjP12n-nhNBuWUwZ4cFpk3vyZINZqtawBAAAEsAEAAAK4dfMWgM3E_____8cBAADIyNEDAACI7wOlhB25UuiF8xPccLkY!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&=0&qsz=10&ft=1&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=1322535&dpubid=238805&abtst=amplean_vF!eidc_vA!Noappq22_vB!ufm&mPre=0.033&cirf=https%3A%2F%2Ffreesideplus.com&en=1 HTTP/1.1
Host: wf.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: text/plain
Content-Length: 117
Origin: http://freesideplus.com
Connection: keep-alive
Referer: http://freesideplus.com/
HTTP/1.1 200 OK
Connection: keep-alive
Server: nginx
Content-Type: application/json;charset=utf-8
MachineId: 1452
Pragma: no-cache
Cache-Control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: http://freesideplus.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
Accept-Ranges: bytes
Date: Fri, 23 Dec 2022 22:45:15 GMT
Via: 1.1 varnish
X-Served-By: cache-bma1682-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1671835515.436767,VS0,VE403
Vary: Accept-Encoding
transfer-encoding: chunked
match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:15 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0471bc9a8d3d36257b24451f0be5ac81
b88d5a22de9933c2378259e439bdb6fb82225b97
ddc6e44357d2d3d24773dbdc2fdf4098514a9648f442ca2ad22ac831c00c73a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDC6E44357D2D3D24773DBDC2FDF4098514A9648F442CA2AD22AC831C00C73A5"
Last-Modified: Thu, 22 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13044
Expires: Sat, 24 Dec 2022 02:22:40 GMT
Date: Fri, 23 Dec 2022 22:45:16 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 403648d12ca26be1a03759db80b9cc71
439149593db519934b53e201b71d4ccd1d4eec64
fd6596001d2eb17acc313f44595a052d04f9f598be6374144fed52d5dfab3e8d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153543
Date: Fri, 23 Dec 2022 22:45:15 GMT
Etag: "63a5e1b3-1d7"
Expires: Sun, 25 Dec 2022 17:24:18 GMT
Last-Modified: Fri, 23 Dec 2022 17:13:23 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2ROaqH8PHl1px9oh6LSXL6Tu3Zga57H394GiDiqKsCdCkj2Pg-vanw==
Age: 655
trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1
204 No Content 0 B URL HTTP/2 trc.taboola.com/disqus-widget-safetylevel20longtail09/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /disqus-widget-safetylevel20longtail09/log/3/bulk?route=AM%3AIL%3AV<i=deflated&bulkSize=1 HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 4350
Origin: http://freesideplus.com
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
content-type: image/gif
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: http://freesideplus.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
accept-ranges: bytes
date: Fri, 23 Dec 2022 22:45:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1671835516.013272,VS0,VE97
x-vcl-time-ms: 97
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
200 OK 254 B URL HTTP/1.1 cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
IP
File type PNG image data, 12 x 12, 8-bit gray+alpha, non-interlaced\012- data
Hash dfa7b52c86e56bd67fa4002f6ed19854
7df722645482433c2b5c8d8ab4272a9874592f27
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
GET /libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://freesideplus.com/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 254
x-amz-id-2: c3AK0F63Rmz1U+ZkwDZRH6hJiJRTGpZB8kTBPWz0vwbg9siBxtMOH8aEqr1NtVeNHtLhLAVUR9E=
x-amz-request-id: 4JKSR0YA3KVH073N
x-amz-replication-status: COMPLETED
Last-Modified: Wed, 24 Jun 2015 07:14:11 GMT
ETag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
Content-Type: image/png
Server: AmazonS3
Accept-Ranges: bytes
Date: Fri, 23 Dec 2022 22:45:16 GMT
Via: 1.1 varnish
Age: 25918
X-Served-By: cache-bma1640-BMA
X-Cache: HIT
X-Cache-Hits: 1537
X-Timer: S1671835516.141018,VS0,VE0
Cache-Control: private,max-age=31536000
abp: 12
ir3.xyz/62d6a6545bd73?p2=%7Bclick_id%7D?cid=$%7BSUBID%7D
302 Found 0 B URL HTTP/1.1 ir3.xyz/62d6a6545bd73?p2=%7Bclick_id%7D?cid=$%7BSUBID%7D
IP
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /62d6a6545bd73?p2=%7Bclick_id%7D?cid=$%7BSUBID%7D HTTP/1.1
Host: ir3.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 23 Dec 2022 22:45:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: 12825=480b158e-2605-4911-bfd6-fd594d6d025f; expires=Sun, 22-Jan-2023 22:45:16 GMT; Max-Age=2592000; path=/; SameSite=none;; domain=ir3.xyz; secure
12825=480b158e-2605-4911-bfd6-fd594d6d025f; expires=Sun, 22-Jan-2023 22:45:16 GMT; Max-Age=2592000; path=/; SameSite=none;; domain=1klix.xyz; secure
12825-legacy=480b158e-2605-4911-bfd6-fd594d6d025f; expires=Sun, 22-Jan-2023 22:45:16 GMT; Max-Age=2592000; path=/; domain=1klix.xyz; secure
X-DATA-COUPONUTS: MTI4MjU6NDgwYjE1OGUtMjYwNS00OTExLWJmZDYtZmQ1OTRkNmQwMjVm
Location: https://adobe.prf.hn/click/camref:1011lreeY/pubref:480b158e-2605-4911-bfd6-fd594d6d025f/ar:5c2e2f4a7c4b9640ee233987
ocsp.sectigo.com/
200 OK 471 B IP
Hash 8de63befa921ffef52c4985bb0374e36
e03e4a428a12fe9bde7fbde3ce1bd1705cd6b5b7
c1ea6b7860ee29734f007b8865a0759022a2fbc3b0ed0ec0756f5c159bb1389d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 22:45:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Dec 2022 04:02:03 GMT
Expires: Thu, 29 Dec 2022 04:02:02 GMT
Etag: "e03e4a428a12fe9bde7fbde3ce1bd1705cd6b5b7"
Cache-Control: max-age=450405,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e4a06b2922b524-OSL
adobe.prf.hn/click/camref:1011lreeY/pubref:480b158e-2605-4911-bfd6-fd594d6d025f/ar:5c2e2f4a7c4b9640ee233987
302 Moved Temporarily 0 B URL HTTP/1.1 adobe.prf.hn/click/camref:1011lreeY/pubref:480b158e-2605-4911-bfd6-fd594d6d025f/ar:5c2e2f4a7c4b9640ee233987
IP
ASN #31151 Performance Horizon Group Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click/camref:1011lreeY/pubref:480b158e-2605-4911-bfd6-fd594d6d025f/ar:5c2e2f4a7c4b9640ee233987 HTTP/1.1
Host: adobe.prf.hn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 23 Dec 2022 22:45:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR PSAa PSDa OUR IND UNI"
Set-Cookie: tPHG-PS=1011l8263319800; expires=Saturday, 23-Dec-2023 22:45:16 UTC; path=/; domain=.prf.hn; SameSite=None; Secure
Location: https://www.adobe.com/?sdid=49F59KY6&clickref=1011lwsU8ASy&mv=affiliate&mv2=pz&as_camptype=5c2e2f4a7c4b9640ee233987&as_channel=affiliate&as_source=partnerize&as_campaign=indoleads
www.adobe.com/?sdid=49F59KY6&clickref=1011lwsU8ASy&mv=affiliate&mv2=pz&as_camptype=5c2e2f4a7c4b9640ee233987&as_channel=affiliate&as_source=partnerize&as_campaign=indoleads
200 OK 17 kB URL HTTP/2 www.adobe.com/?sdid=49F59KY6&clickref=1011lwsU8ASy&mv=affiliate&mv2=pz&as_camptype=5c2e2f4a7c4b9640ee233987&as_channel=affiliate&as_source=partnerize&as_campaign=indoleads
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (11223), with CRLF, LF line terminators
Hash 0653849a1b8b7ac6cc6f993f6d0a5ba3
a3489e852956b18b2eb1016d99b75702f541500a
2e3ba7d01a1c23b43f5f2f73cfb95fcdf077f06651feab1a32f09acf8c5a3c76
GET /?sdid=49F59KY6&clickref=1011lwsU8ASy&mv=affiliate&mv2=pz&as_camptype=5c2e2f4a7c4b9640ee233987&as_channel=affiliate&as_source=partnerize&as_campaign=indoleads HTTP/1.1
Host: www.adobe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: Apache
strict-transport-security: max-age=86400
x-adobe-content: AEM-Offers
x-frame-options: SAMEORIGIN
link: <https://s7d1.scene7.com/is/image/TitanProd/homepage-CC-lg-pod-tablet?$pjpeg$&jpegSize=100&wid=599>;rel=preload;as=image,<https://use.typekit.net/pps7abe.css>;rel=preload;as=style,<https://adobeid-na1.services.adobe.com>;rel=preconnect,<https://auth.services.adobe.com/imslib/imslib.min.js>;rel=preload;as=script,<https://ims-na1.adobelogin.com/>;rel=preconnect,<https://sstats.adobe.com>;rel=preconnect,<https://assets.adobedtm.com>;rel=preconnect
accept-ranges: bytes
x-adobe-loc: ew1
x-adobe-source: 128.103
x-content-type-options: nosniff
x-akamai-transformed: 9 - 0 pmb=mTOE,2mRUM,2
vary: Accept-Encoding
content-encoding: gzip
expires: Fri, 23 Dec 2022 22:45:16 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 23 Dec 2022 22:45:16 GMT
content-length: 17080
server-timing: cdn-cache; desc=HIT, edge; dur=1
set-cookie: AKA_A2=A; expires=Fri, 23-Dec-2022 23:45:16 GMT; path=/; domain=adobe.com; secure; HttpOnly
ak_bmsc=A991B14D3305366E9AA94138D78D2A30~000000000000000000000000000000~YAAQJAplX/PtdgSFAQAAoH8pQRLBvCQroKez1vfuSj1bsIP4Qq7Ky8cga4J89lo2fRkP0nSgGQIV5uwdfyJoZ01uFAWFbfvX4229G6Hdg0HoO1uDgDwQ92L1pJNm2te6seuvpTdjWnGkR3rh2Lx+//5YIBvpXvnR92+uRFJK4A1nj4RU3fS8M4FEdGMK6yJTQwjj30xfiTGyjmLcVFa3JV25AQ5CfQG2joZoCfyoSHj6g41TpCbwXmCj5SWlbG8kkwCMi8cESO7j4blrFSzxGvoki5mH5GjUaYVd6M747Peq1WZunEGMOiCnxTIEQAIT4/fnu9Pgs6/ccX/jKu+m97XBh85xX3BqU3ZKeMwGTKQCHmoY7tqlH5QIhkqImTjA4Kutx1DXRUc=; Domain=.adobe.com; Path=/; Expires=Sat, 24 Dec 2022 00:45:16 GMT; Max-Age=7200; HttpOnly
bm_mi=C8057CBCAB84A1D52B3BCD9FE350A02D~YAAQJAplX/TtdgSFAQAAoH8pQRIz96fvKimMzpfvCCb32+b/JhKyh7gCdnVDOHBsQH+PHfmf9652i2rb2Pr2hubpKa1msjV0+jIs8dC8am/Ug8a5d3YDWANDTUIUX3jbfkTpwKUawaqtyqwmTWtp1fVeeYtRJwLoA59+psTYSQbDyjkaAJFnGmCI07+DzlxjCOe5zdRIksm+I0wnp3xdAeZ2Isllp750Sn8lYfy1E3O43P9uFMaZJAFjirOLx1Loa9RH/3XdyNaVCoNRFyNPcoAtVAd3+RhDhvHLwACjuW03b2EbNwGSxVqzFbtL~1; Domain=.adobe.com; Path=/; Expires=Fri, 23 Dec 2022 22:45:16 GMT; Max-Age=0; Secure
X-Firefox-Spdy: h2
cdn.taboola.com/scripts/cds-pips.js
200 OK 1.3 kB URL HTTP/2 cdn.taboola.com/scripts/cds-pips.js
IP
File type ASCII text, with very long lines (3545), with no line terminators
Hash 780c5c514014519ce276709f515905a0
04fe86d00b9c9077effe05171d066d243ecab221
015db06150b62ad2ad533883652174ebb6f07e24a7147fdac01a0ccd266e3f30
GET /scripts/cds-pips.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: 2KBeU0d7OyPXtZDYUoIqlTBmhGhsve90tjYoemCxISjKQrNgcxT28sPXVt5KfJt+6r7dFoJgA8g=
x-amz-request-id: NFWGDQGY1WQ95XHE
x-amz-replication-status: COMPLETED
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 23 Dec 2022 22:45:17 GMT
via: 1.1 varnish
age: 2342
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 1592
x-timer: S1671835517.008191,VS0,VE0
vary: Accept-Encoding
abp: 12
cache-control: private, max-age=3600
content-length: 1340
X-Firefox-Spdy: h2
pips.taboola.com/
200 OK 4 B IP
File type ASCII text, with no line terminators
Hash 6c3e226b4d4795d518ab341b0824ec29
eef19c54306daa69eda49c0272623bdb5e2b341f
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
GET / HTTP/1.1
Host: pips.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://freesideplus.com
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Varnish
retry-after: 0
access-control-allow-methods: GET
access-control-allow-origin: http://freesideplus.com
accept-ranges: bytes
date: Fri, 23 Dec 2022 22:45:17 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: HIT
x-cache-hits: 0
cache-control: no-store
content-length: 4
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/css/dist/block-library/style.min.css
200 OK 0 B URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/css/dist/block-library/style.min.css
IP
GET /c/5.9.3/wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 30 Mar 2022 11:30:25 GMT
content-encoding: br
expires: Sat, 23 Dec 2023 22:45:11 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
for-j.com/tds3.html?ymid=167183551310000TNOTV415326358024Vd3&zoneid=5460782&subid=3018531-786049334-0&sourceid=315519420&tt=2
200 OK 0 B URL HTTP/2 for-j.com/tds3.html?ymid=167183551310000TNOTV415326358024Vd3&zoneid=5460782&subid=3018531-786049334-0&sourceid=315519420&tt=2
IP
GET /tds3.html?ymid=167183551310000TNOTV415326358024Vd3&zoneid=5460782&subid=3018531-786049334-0&sourceid=315519420&tt=2 HTTP/1.1
Host: for-j.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:14 GMT
content-type: text/html
last-modified: Wed, 02 Nov 2022 11:31:57 GMT
cf-cache-status: HIT
age: 1703352
expires: Mon, 23 Jan 2023 22:45:14 GMT
cache-control: public, max-age=2678400
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a05afad0b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
load.sumo.com/4.0a035390359aab65eb82.js
200 OK 0 B URL HTTP/2 load.sumo.com/4.0a035390359aab65eb82.js
IP
ASN #34989 ServeTheWorld AS
GET /4.0a035390359aab65eb82.js HTTP/1.1
Host: load.sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:14 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 53731
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
etag: W/"a39d043b7c7bba70750cf288ee5ef71a"
last-modified: Wed, 05 Oct 2022 16:49:25 GMT
x-amz-id-2: ySXTTMuh4p684fDr0cMmB/kjOirLZZMft/DAc/SFECRKPqgtIp3ZuNpLA00OhRk3IvZM0Wcprhk=
x-amz-request-id: V16WXMWF8BWNA1FF
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/28/2022 12:07:43
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 6897ac0f6cab849c41729cce2ad72398
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
freesideplus.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
200 OK 0 B URL HTTP/2 freesideplus.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
IP
GET /wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 22 Apr 2022 19:55:04 GMT
etag: W/"62630818-379"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bzr5s%2B0JP8EqiWuRKgZFe4JRE%2FkKwbFL9RSTQm%2BscvBm%2BygngaNPccWa%2BSZM2BkejqwP3dpIjUYtssgPbcMYJVvYXQHM%2BkBXhleqiPs%2BuH2w4G7NUUH4T0Y93p034nKnjJkg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047bf90b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freesideplus.com/wp-content/plugins/announcer/public/js/script.js?ver=5.6
200 OK 0 B URL HTTP/2 freesideplus.com/wp-content/plugins/announcer/public/js/script.js?ver=5.6
IP
GET /wp-content/plugins/announcer/public/js/script.js?ver=5.6 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 02 Sep 2022 16:11:59 GMT
etag: W/"63122b4f-24ec"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KU01kws7KGCo3q8K%2Bh5pPxbXnFZIH6D7215NZRDZvpFtivaN4px%2Bhai6ODdFdQrmFWP2BoT3WVgc0O2QgEqAFTa8oWNhoExpPGSf7Wp5wFuqKhOr9rnlGqxPaP8ABUxf8vz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047bf8fb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freesideplus.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
200 OK 0 B URL HTTP/2 freesideplus.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
IP
GET /wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 22 Apr 2022 19:55:03 GMT
etag: W/"62630817-57c9"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQusLpDHKTDHUvqCD6NpOPCm8A5Xmp7GqjDAUNG%2FvDx%2FmHGIpTM9RmvXoxjpD7sgNFH%2FJF7U2oDQBL%2FeVXua4S0WvTZK9WF1mLvTgDv5D9QrbtP8pUqhWoSlgunC%2BKcbrC1g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047bf92b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freesideplus.com/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10
200 OK 0 B URL HTTP/2 freesideplus.com/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10
IP
GET /wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 22 Apr 2022 19:55:03 GMT
etag: W/"62630817-3909"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7TtyvaVLP%2B9d7BJazpaFtJ8MI3y0rgrnRgx5Su%2FmdeAmw1ui5y4Yf8g53pLjh8O0Y778KA6%2B5kPorRDw5sHpQw36ep5DPRgDffe9ods9yyQL4k0fM27P%2BE9xSxdG2DJeXmd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047bf98b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery.min.js
IP
GET /c/5.9.3/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
content-encoding: br
expires: Sat, 23 Dec 2023 22:45:11 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.4/css/jetpack.css
200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.4/css/jetpack.css
IP
GET /p/jetpack/11.4/css/jetpack.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 22 Sep 2022 17:43:06 GMT
content-encoding: br
expires: Sat, 23 Dec 2023 22:45:11 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
crrepo.com/extban/300564420/creatives/23489022/8a291f7dafd1762bb41935021b879616_5568.jpeg
200 OK 0 B URL HTTP/2 crrepo.com/extban/300564420/creatives/23489022/8a291f7dafd1762bb41935021b879616_5568.jpeg
IP
GET /extban/300564420/creatives/23489022/8a291f7dafd1762bb41935021b879616_5568.jpeg HTTP/1.1
Host: crrepo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamhub.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: image/jpeg
last-modified: Tue, 19 Jul 2022 12:41:14 GMT
etag: W/"62d6a66a-10633"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 1197
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21hX%2B2UFMd4VwgBvTrzVIJDOBBmLbxgWhzgxvE5WW0EUF8V80M9Gngkrq1R1zhKFfVBT72hlhShUNreXLi6aCmciWT1QmDfzC6JtQFX%2FDRRpe8CGFSPx0v%2BKhmZN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a05a2bc572ba-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freesideplus.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
200 OK 0 B URL HTTP/2 freesideplus.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
IP
GET /wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 19:55:03 GMT
etag: W/"62630817-a3b0"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 764
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzZ4jUC9zLwRyxMcmtxHnaUSDa4jZyydAxuh6OE0T8RdgK%2BLVMGI1qb%2BYEkDDL08suT17%2FC%2FnJc4JFf9NqBOEMTpromD5xmGNqBOvdzT0wHSgPxIqTkMB4GFQ1mCKMYFaKju"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047bf8bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onclickalgo.com/a/display.php?r=6549882
200 OK 0 B URL HTTP/2 onclickalgo.com/a/display.php?r=6549882
IP
GET /a/display.php?r=6549882 HTTP/1.1
Host: onclickalgo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamhub.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
link: <www.predictivdisplay.com>; rel=dns-prefetch,<www.predictivdisplay.com>; rel=preconnect,<onclickalgo.com>; rel=dns-prefetch,<onclickalgo.com>; rel=preconnect
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.wp.com/e-202251.js
200 OK 0 B IP
GET /e-202251.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 10 Dec 2023 23:28:49 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
pogothere.xyz/
200 OK 0 B IP
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://freesideplus.com/
Origin: http://freesideplus.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:12 GMT
content-type: text/plain
set-cookie: csu=67265094828618@1@1671835512; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://freesideplus.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y82QiAbovKG5Nsws4sKoTqLSyJdJJ%2FxJCC7e1ulf0KjibpB5tHs%2B0MfkTBYIDwo%2FSYJ1KsV0Lc7Ci0qGHlSId7vBa%2BLZKqdIMx6p8peEyGWBA1huuoAKweE3b1g3tfq0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77e4a04e8afb23a8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freesideplus.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
200 OK 0 B URL HTTP/2 freesideplus.com/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
IP
GET /wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 22 Apr 2022 19:55:04 GMT
etag: W/"62630818-4d0"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wX4KwVqTHE4liqzyZFglLypgj38WxdfnXWLq9ESlnwFWeOcl%2FfQdxKdCQTJCfwcA93vLFf5C3abDc9AbAKiRgJ3CKkoMvwpqZgQX40HycD%2BXgxnhmgXnswUDYbMv27t04vUI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047bf91b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freesideplus.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
200 OK 0 B URL HTTP/2 freesideplus.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
IP
GET /wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 22 Apr 2022 19:55:03 GMT
etag: W/"62630817-4198"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lY0f6NrhmBjmLFavghGL9vEp%2BhGZXgcJyBqCN9I6nVXEpPztbtcPxOBXVn8b%2BRsXsl53ucLNGbZ2GeUFC2h8LUomoSwwYRfD08XFWS6ZDs22Q1piP1%2FvPinjBKNAiT2B%2FN9t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047bf93b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery-migrate.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/js/jquery/jquery-migrate.min.js
IP
GET /c/5.9.3/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Sat, 23 Dec 2023 22:45:11 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
discord.com/assets/e33e6e9d9de3d3040d8b.js
200 OK 0 B URL HTTP/2 discord.com/assets/e33e6e9d9de3d3040d8b.js
IP
GET /assets/e33e6e9d9de3d3040d8b.js HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/widget?id=941149153084465165&theme=dark
Cookie: __cfruid=13767561ea7969d729f18ee122e79a84e2521078-1671835511
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript
cf-ray: 77e4a04b49e60af6-OSL
access-control-allow-origin: https://discord.com
cache-control: public, max-age=2592000
etag: W/"1d8b2b7b16bc5c35f14e2f4f7b321626"
last-modified: Mon, 06 Jun 2022 20:43:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
cf-cache-status: HIT
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHpqmMaEIexuB4S%2FdDgNAhhadH4KcdMfBVb9M7GshZrS%2Bv50ar6LmQUz1%2FTdh6ULgfJaZ9nAMLKxbbRYtsbv8DetwEeLiazXIXiFkqUzyiXbExA3p7Zc5aNfdVFP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: DByGH9/h5ebecFO91OAaQ8Q6MS2Vr626fFHOF3ubM8uP5Ph4RtkHN73Sg7T1RY9K99dhR3uyntEWm5NcYnX1Kw==
date: Fri, 23 Dec 2022 22:45:12 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://freesideplus.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 627525
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
freesideplus.com/wp-content/themes/jannah/assets/custom-css/style-custom.css?ver=72637
200 OK 0 B URL HTTP/2 freesideplus.com/wp-content/themes/jannah/assets/custom-css/style-custom.css?ver=72637
IP
GET /wp-content/themes/jannah/assets/custom-css/style-custom.css?ver=72637 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
last-modified: Tue, 06 Dec 2022 00:18:20 GMT
etag: W/"638e8a4c-5aea"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 764
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYC%2BCU4TApxWqhGGqkPYJjd4GpFFVdnBgmapQ1b4DifgfbDqAdMEAYKzG9UVrmtChHRtbb2iskAef%2BCtFtY2mwE%2BxBV8%2B2yosuXIzOcQ%2FX%2FMD69G0r4RZARtNEYUsRCc%2Fm8D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047bf8eb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freesideplus.com/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10
200 OK 0 B URL HTTP/2 freesideplus.com/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10
IP
GET /wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 22 Apr 2022 19:55:03 GMT
etag: W/"62630817-15ad"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYUt%2BZddZ36YKegW3hp1hdfIQmZO7y0fQCFf3mbVbXlkYv2L8ZbQpmQCvh7jZOPi%2BXKFX8b6tMkGr638dVQYR%2Bm0ZuGzGGfoOFVHTOZIkc8qadec4XEX3HFzEfhcIrK7JEK8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047cfa1b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freesideplus.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
200 OK 0 B URL HTTP/2 freesideplus.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
IP
GET /wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 19:55:03 GMT
etag: W/"62630817-d37e"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMbyZ9%2FLjnuHqaPbBkBGOPxWzs0tjrnfIdHnoxmRmUe3KjGCJUoco73WTgBQSr2MBHAmxuJpTnXTbnJP1ncNYJnWZREiGedpEr%2FtKr0ZBJHy3BZqOTewJHUpcSoFrRlzCX14"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a0481fe4b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
200 OK 0 B IP
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://freesideplus.com/
Origin: http://freesideplus.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:12 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://freesideplus.com
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6620
last-modified: Fri, 23 Dec 2022 20:54:52 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tz70yjy1t561pydI5Q75aJUKY3EAcn2csrPM%2F4Fyf%2BRR3p80BDS7K7nhWAxyiKIlTDUdBAWk2hn0R%2F10gvnyOKujVfZz0hlG40kxywXVHdUj6nHvNVOpjiw2ejweQ0kp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a04e8b0323a8-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
freesideplus.com/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.10
200 OK 0 B URL HTTP/2 freesideplus.com/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.10
IP
GET /wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.10 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 19:55:03 GMT
etag: W/"62630817-9e25"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25LiBsdouZu2n7z%2BU77e%2FGpw9COP1SXsypFx3B68hnLRUYDGpuVsrUe0qEaBFWHFYl6hnJYw208IrwLV%2Ffjoeu%2F9p1%2BVW2hNvhSbStDTkk%2Bp8h0eWSz%2BdVK4tccD45O6TVpC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047bf8db521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
200 OK 0 B URL HTTP/2 taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
IP
GET /sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo HTTP/1.1
Host: taboola-supply-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://am-match.taboola.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:16 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 60694
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/static/video/v1665133163/zrz8kdsj5iqlrko1r3zv.mp4
206 Partial Content 0 B URL HTTP/2 cdn.taboola.com/libtrc/static/video/v1665133163/zrz8kdsj5iqlrko1r3zv.mp4
IP
GET /libtrc/static/video/v1665133163/zrz8kdsj5iqlrko1r3zv.mp4 HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
x-amz-id-2: gr4GJQwupvt+7Xk7I6FnK2+KjEO+gCWtshBJ3mnjQkuMKkx0W8n3tqHoj/rDcmiBvcMX83kjL2w=
x-amz-request-id: 1NQ5HRD1CND2JP5E
x-amz-replication-status: COMPLETED
last-modified: Fri, 07 Oct 2022 08:59:31 GMT
etag: "50d994b3362226a396020644c40fea9a"
x-amz-version-id: INHHnnG4QRNKLpUbwFcXY1dDvfXDsyEn
content-type: video/mp4;codecs=avc1
server: AmazonS3
accept-ranges: bytes
age: 68
content-range: bytes 0-384770/384771
date: Fri, 23 Dec 2022 22:45:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1673-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1671835515.282580,VS0,VE1
cache-control: private,max-age=31536000
abp: 12
content-length: 384771
X-Firefox-Spdy: h2
load.sumo.com/7.0a035390359aab65eb82.js
200 OK 0 B URL HTTP/2 load.sumo.com/7.0a035390359aab65eb82.js
IP
ASN #34989 ServeTheWorld AS
GET /7.0a035390359aab65eb82.js HTTP/1.1
Host: load.sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:14 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 53731
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
etag: W/"3fa9c18f727d4b42fb894fda90a374e1"
last-modified: Wed, 05 Oct 2022 16:49:48 GMT
x-amz-id-2: GWOiooInf74RFfKLS6/aHRNOBzvwNhALumChahsvwTSC1nnNLYVu2DAXpHl2mtUo10H/vFtinhU=
x-amz-request-id: SS5D7XVSSWFGRX6W
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/28/2022 12:07:50
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ccef8838d9bed6acb6bd030db6fe9e2e
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
c0.wp.com/c/5.9.3/wp-includes/js/comment-reply.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/c/5.9.3/wp-includes/js/comment-reply.min.js
IP
GET /c/5.9.3/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 01 Nov 2021 21:47:13 GMT
content-encoding: br
expires: Sat, 23 Dec 2023 22:45:11 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
freesideplus.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
200 OK 0 B URL HTTP/2 freesideplus.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
IP
GET /wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10 HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
last-modified: Fri, 22 Apr 2022 19:55:03 GMT
etag: W/"62630817-2aca3"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfA9tOkBWPF6TAXJX6JlWIAOp9cgT8vmCVfC3xuABNA0YZzyheQ3Zo7VtSTA0Ch0%2Bi6%2FXVxMABAEokgEKEMAcWq1T1ukNsJzXRDvWDv2FgPn0uFO%2BJyqqM2riEmjSJV815kj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047ffcfb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
load.sumo.com/64.0a035390359aab65eb82.js
200 OK 0 B URL HTTP/2 load.sumo.com/64.0a035390359aab65eb82.js
IP
ASN #34989 ServeTheWorld AS
GET /64.0a035390359aab65eb82.js HTTP/1.1
Host: load.sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:14 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 53731
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
etag: W/"d200986501135078d1fbd7f480e7bb08"
last-modified: Wed, 05 Oct 2022 16:49:45 GMT
x-amz-id-2: T9vaIECdWatbHVvfJuEq60J9QAznu21IvcOURIZmcRoLqeQR6zCsc27wgc7H89dnaB4LWmIpSvQ=
x-amz-request-id: CVBJASR2DAB52YD5
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/26/2022 15:15:58
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 7889556726ce6d283d3ba96f11bdd9ca
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
www.predictivdisplay.com/jump/next.php?stamat=m%257C%252CgNhLi93JqB1dQO0dEdHP3xP.078%252CS0kXXHXf2ck-DOZ9HRvwuPFga5_z1aZqOiFI4LHLfRhsMSLILX89vQdTnHV74_PVCVWaEWxE0AK1c9I9X3Uo1Q%252C%252C&cbpage=https://www.predictivdisplay.com/jump/next.php?r=3018531&sub1=6549882&cbur=0.14898515473433205&cbtitle=&cbiframe=1&cbWidth=784&cbHeight=447&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fstreamhub.to%2F
302 Found 0 B URL HTTP/2 www.predictivdisplay.com/jump/next.php?stamat=m%257C%252CgNhLi93JqB1dQO0dEdHP3xP.078%252CS0kXXHXf2ck-DOZ9HRvwuPFga5_z1aZqOiFI4LHLfRhsMSLILX89vQdTnHV74_PVCVWaEWxE0AK1c9I9X3Uo1Q%252C%252C&cbpage=https://www.predictivdisplay.com/jump/next.php?r=3018531&sub1=6549882&cbur=0.14898515473433205&cbtitle=&cbiframe=1&cbWidth=784&cbHeight=447&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fstreamhub.to%2F
IP
GET /jump/next.php?stamat=m%257C%252CgNhLi93JqB1dQO0dEdHP3xP.078%252CS0kXXHXf2ck-DOZ9HRvwuPFga5_z1aZqOiFI4LHLfRhsMSLILX89vQdTnHV74_PVCVWaEWxE0AK1c9I9X3Uo1Q%252C%252C&cbpage=https://www.predictivdisplay.com/jump/next.php?r=3018531&sub1=6549882&cbur=0.14898515473433205&cbtitle=&cbiframe=1&cbWidth=784&cbHeight=447&cbdescription=&cbkeywords=&cbref=https%3A%2F%2Fstreamhub.to%2F HTTP/1.1
Host: www.predictivdisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 302 Found
server: openresty
date: Fri, 23 Dec 2022 22:45:13 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
location: https://www.predictivdisplay.com/script/i.php?stamat=m%257C%252C%252CAhJio3a3oGU3B_-GH0dEdHP3xP.479%252Cp8-WMEFqZxeVJDT9IT_4HPvnESsJNL24pz05pe-QeWvhI4vK6GSzn76UM25DT3QMJNrM0tPq1ASmEljUjhV7Sd3uq5jCSx79EKlwxlG4wLHv7e-7Y7Sge4f7X4kriDaIbRdtaXNpMzhWYylYlQN9zV771Yi7jRdxquw8Gdq6SOMsaW_f6iTVZUczORGi26F_6ci5ooKg5vis-rETcX5MLT9rHWOQXNe7vyoNNd9yRVezX15MJRG8ZRsDIlgKxIviOZgtUzFf7ep4t57ko1MGFdvxo-dZd__NUSh6zMknr5o-V0a4eWlm4LhqsGxOCviSazZGWdxKQX3Z_TxSldncB4fbV-ngJs1zn8LV1x9i1FxeUefya9k2A9_ENajRBcRL_lncuw8sDQnBdCZOP4AKQJ5deBlq2FeF0YbFtK_eRtuJOLinFmQ7qxzrH-HFRKL9e6Y1wxtArs6Jjiw1RDJvIYxD-SrCPpvxVbDlolulyC7efO6PJuUhwA8d3i84DAUzQPGc-nZLFMA5TjDnigL0MKKNeTou9MlDS7wUJZPj0iAa9uFTjZMUoL5DPaNMZLLA
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.4/_inc/build/photon/photon.min.js
200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.4/_inc/build/photon/photon.min.js
IP
GET /p/jetpack/11.4/_inc/build/photon/photon.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 07 Dec 2021 16:56:47 GMT
content-encoding: br
expires: Sat, 23 Dec 2023 22:45:11 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 1
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
freesideplus.com/wp-content/plugins/widget-options/assets/css/widget-options.css
200 OK 0 B URL HTTP/2 freesideplus.com/wp-content/plugins/widget-options/assets/css/widget-options.css
IP
GET /wp-content/plugins/widget-options/assets/css/widget-options.css HTTP/1.1
Host: freesideplus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
last-modified: Sun, 25 Sep 2022 16:12:02 GMT
etag: W/"63307dd2-416"
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 765
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VDcm8mIYWlxR22VPTuSNPs1%2FB6iOEkV1Nmp4v8m%2FvJtOYLkngFfsUq545PFGX0iFUklMW7iKwBnB1%2FlRAdlvJIrhxfIiiftCFROW93OSPYN7hnooCL8alEtmNWv13kGN6f20"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a047dfaeb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.2
200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.2
IP
GET /releases/v5.15.4/css/all.css?ver=2.0.2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:11 GMT
content-type: text/css
x-amz-id-2: p95yHHFAYnLiTIWtCK0NTuT2XRC2H22bvPdXc4HoHoCypZyABRu014sHNhbfyhWvcaShvcxFIYY=
x-amz-request-id: 54TZMW4XGS17XF5G
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 662712
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHdDL5rCuNpqUNxS2PJgADavA3dttoK8LlHGTWYfgDxZC6M8x6am01VCIUOOW%2FmKsh%2FqfQzQJthffDr6Q%2BTirJW8fUEo1o4sArqRQXeh%2BsvX5NY51YyrTCzwkJQ3hDKaoUwFC2Ud"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4a048692cbc87-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
load.sumo.com/22.0a035390359aab65eb82.js
200 OK 0 B URL HTTP/2 load.sumo.com/22.0a035390359aab65eb82.js
IP
ASN #34989 ServeTheWorld AS
GET /22.0a035390359aab65eb82.js HTTP/1.1
Host: load.sumo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 22:45:14 GMT
content-type: text/javascript
server: BunnyCDN-NO1-830
cdn-pullzone: 53731
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=31536000
etag: W/"8af82c4c30a069f66de02526c2f332af"
last-modified: Wed, 05 Oct 2022 16:49:12 GMT
x-amz-id-2: yQHF4371uGc+anuQENShpddWJSYZTfhOJ5CqmYqe+LjY5PhpVs1kzbLnhY9vu+O+Cl+IDz94Dv0=
x-amz-request-id: CKSFWDR6D06VT04S
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/28/2022 12:07:48
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 55e4c55766c1494e2a5bfd5ad98f0607
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
200 OK 0 B URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://freesideplus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Fri, 23 Dec 2022 10:05:26 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wxYeLUE1PCFLGZ_41W7tv2F6zsfseAqd7Rldg2J5x5npgqyEsuZvYw==
age: 45587
X-Firefox-Spdy: h2
webdesigntutorials.org/-flash?visitor_id=630286427422471029&zoneid=5460782&rdk=rk1
200 OK 0 B URL HTTP/2 webdesigntutorials.org/-flash?visitor_id=630286427422471029&zoneid=5460782&rdk=rk1
IP
GET /-flash?visitor_id=630286427422471029&zoneid=5460782&rdk=rk1 HTTP/1.1
Host: webdesigntutorials.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 22:45:14 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
x-robots-tag: noindex, nofollow
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 07 Jul 1777 07:07:07 GMT
x-redirect-powered-by: Pretty Link Executive 3.2.7 http://prettylink.com
set-cookie: prli_click_14=-flash; expires=Sun, 22-Jan-2023 22:45:14 GMT; Max-Age=2592000; path=/
prli_visitor=63a62f7ae65dc; expires=Sat, 23-Dec-2023 22:45:14 GMT; Max-Age=31536000; path=/
x-httpd: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:SKIP_CACHE_SET_COOKIE
content-encoding: br
X-Firefox-Spdy: h2
104.21.78.157
54.230.245.16
104.18.8.13
93.184.220.29
31.13.72.36
141.226.228.48
95.101.10.40
178.250.0.157
18.195.193.92
188.114.97.1
104.248.96.70