r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17482
Expires: Thu, 09 Feb 2023 05:24:44 GMT
Date: Thu, 09 Feb 2023 00:33:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b7407cc102d62a5acd5e61f8a79bed36
c2f4890a62454e514962b55b7fc14228339c8e90
be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9148
Expires: Thu, 09 Feb 2023 03:05:50 GMT
Date: Thu, 09 Feb 2023 00:33:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 23:36:45 GMT
content-type: application/json
age: 3397
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4954
Expires: Thu, 09 Feb 2023 01:55:56 GMT
Date: Thu, 09 Feb 2023 00:33:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nEOBV688HThyV0qB6j+xZaKiy0O4CJrKBvKEPKWgbl556LNPyidt2zCYODexAymmCfCPiheipkI=
x-amz-request-id: FC7YHGDAZ54YZSAR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Feb 2023 23:46:09 GMT
age: 2833
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:33:22 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 23:51:21 GMT
age: 2521
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
s5.crazyfarm.de/
62.138.218.36200 OK 5.0 kB IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (443)
Hash c1b62a60c061c3c4f474619fdbee163a
da1fb5fa2555fd8a283a0ebc593af0a513b1f500
20bae50e14a57c096c00b988ef8a467ebe9e4c1ea4eae1e654bab9af67b78628
GET / HTTP/1.1
Host: s5.crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5039
Connection: keep-alive
Set-Cookie: PHPSESSID=rbdohvfmlqil3mmmobtp4l5o23; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin
crazyfarm.de/css/scripts/map.js
62.138.218.36200 OK 6.0 kB URL HTTP/1.1 crazyfarm.de/css/scripts/map.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type ASCII text, with very long lines (306), with CRLF line terminators
Hash 70b6cf228b8130ef0cf928b4db26f56b
6ade0b868f6a459ceac42df51d4d01347a3feb9d
2a4ef97540e5a6a52b24421e7468374c5b2b63292edff7ea87c222792a910e83
GET /css/scripts/map.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:22 GMT
Content-Type: application/javascript
Content-Length: 5992
Last-Modified: Sun, 04 Jan 2015 14:58:00 GMT
Connection: keep-alive
ETag: "54a954f8-1768"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/css/scripts/global.js
62.138.218.36200 OK 3.7 kB URL HTTP/1.1 crazyfarm.de/css/scripts/global.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
Hash 90047419d9b48891fd7059fb55984904
da97b92e5294ee8651b9d21765fe570032ac51c3
cd2a36f57b0308b7733eb1f37e17835a82cbb55272ffbbdd801e48162cbd1d9c
GET /css/scripts/global.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:22 GMT
Content-Type: application/javascript
Content-Length: 3663
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-e4f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/screenshot/js/scriptaculous.js?load=effects,builder
62.138.218.36200 OK 2.9 kB URL HTTP/1.1 crazyfarm.de/images/screenshot/js/scriptaculous.js?load=effects,builder
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type HTML document, ASCII text
Hash cbf6fe19f675dbe1242350b2f8240bf0
4af831176416155b4fd086732c249755e0865459
6845f707fc3579647bbe9b48f10a86c8edc7a7f564af9a7465832a2577ec1fdd
GET /images/screenshot/js/scriptaculous.js?load=effects,builder HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:22 GMT
Content-Type: application/javascript
Content-Length: 2932
Last-Modified: Sun, 27 Oct 2013 22:33:00 GMT
Connection: keep-alive
ETag: "526d949c-b74"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.town-tycoon.de/gamebox.js
62.138.218.36200 OK 4.1 kB URL HTTP/1.1 www.town-tycoon.de/gamebox.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash 9fa10d999b834eb0aa2cdd7836b9b8c8
37eaf4966f007077a4399daf39aae6909cd6323e
25b270c7ce7cf57d4231bd916efc3a24a901469943d8e83167fd6cd4ec825b3f
GET /gamebox.js HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:22 GMT
Content-Type: application/javascript
Content-Length: 4077
Connection: keep-alive
Last-Modified: Tue, 11 Jun 2013 21:09:00 GMT
ETag: "fed-4dee74e575300"
Accept-Ranges: bytes
X-Powered-By: PleskLin
crazyfarm.de/templates/anmeldung/css/style.css
62.138.218.36200 OK 8.3 kB URL HTTP/1.1 crazyfarm.de/templates/anmeldung/css/style.css
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type ASCII text, with very long lines (1106)
Hash ca7cdf5185c1435d4440ab310da39290
21f2bbab7d40e7ffb7f5deb0970b748843a85fce
be3b83b31516dce28b4dd457795b8dfefddc64de9f46ce875f3a09e025799416
GET /templates/anmeldung/css/style.css HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:22 GMT
Content-Type: text/css
Content-Length: 8313
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-2079"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/screenshot/js/lightbox.js
62.138.218.36200 OK 18 kB URL HTTP/1.1 crazyfarm.de/images/screenshot/js/lightbox.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type HTML document, ASCII text
Hash 150e8a17b7f7a15043eae64b5b8c2777
a4af8ffc7497e0f029076911a0d60098d87e7955
38968a09e6ed6eab31531e3421e202f220a8e7d44dfc8d45e4769a3403422ceb
GET /images/screenshot/js/lightbox.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:22 GMT
Content-Type: application/javascript
Content-Length: 18513
Last-Modified: Sun, 27 Oct 2013 22:33:00 GMT
Connection: keep-alive
ETag: "526d949c-4851"
X-Powered-By: PleskLin
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 248ce16379b12f11927ecc3142aec450
fa5b189f2d9182479170cb61cc1723571e437bd2
a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8410
Expires: Thu, 09 Feb 2023 02:53:32 GMT
Date: Thu, 09 Feb 2023 00:33:22 GMT
Connection: keep-alive
crazyfarm.de/templates/anmeldung/js/jnice.js
62.138.218.36200 OK 8.3 kB URL HTTP/1.1 crazyfarm.de/templates/anmeldung/js/jnice.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash 742d324d6ed048b6ba8798c0ef1e66ed
589754845601d3eb5b4e8186e5f3a3e736e785b7
672bc29fe3758739ac4989d408ea2319fa9e753cd526cb78804d40828cc77964
GET /templates/anmeldung/js/jnice.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:22 GMT
Content-Type: application/javascript
Content-Length: 8260
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-2044"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/css/scripts/wz_tooltip.js
62.138.218.36200 OK 33 kB URL HTTP/1.1 crazyfarm.de/css/scripts/wz_tooltip.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
Hash 4a740b5f94688a6b6152dd4bd54df3d3
00a8caf2aaa174008ec33a041481b88b19636537
4cbbd810c510c0d17f79f8150b2c9a53ac0d3fd8fc8a40b1263cfcf52e5e3d54
GET /css/scripts/wz_tooltip.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:22 GMT
Content-Type: application/javascript
Content-Length: 32899
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-8083"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/templates/anmeldung/js/script.js
62.138.218.36200 OK 622 B URL HTTP/1.1 crazyfarm.de/templates/anmeldung/js/script.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
Hash 8132bdfbf52c6884ef1c620bcebed3de
c364843c10de4e8ade36d506d630c7d5d63c774f
d8bb9222ed872214025e0c86977d2d9912b1597e79ab14831430a34b437ce716
GET /templates/anmeldung/js/script.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:22 GMT
Content-Type: application/javascript
Content-Length: 622
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
ETag: "26e-4e9c05ec7fd00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
crazyfarm.de/images/screenshot/js/prototype.js
62.138.218.36200 OK 163 kB URL HTTP/1.1 crazyfarm.de/images/screenshot/js/prototype.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
Size 163 kB (163312 bytes)
Hash 007ae2fe795811f80cedf92fdb591c1b
1d81bf892a42afc1d03c96862aa5aeac87a0b29a
8af6866c41f7bf18358a7044659f09b3031474c5d27040f37ccf2de4337b2b17
GET /images/screenshot/js/prototype.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:22 GMT
Content-Type: application/javascript
Content-Length: 163312
Last-Modified: Sun, 27 Oct 2013 22:33:00 GMT
Connection: keep-alive
ETag: "526d949c-27df0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/templates/anmeldung/js/jquery.js
62.138.218.36200 OK 84 kB URL HTTP/1.1 crazyfarm.de/templates/anmeldung/js/jquery.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type ASCII text, with very long lines (65171)
Hash 4128deb8fe065c61bf33c808cda54f96
08516cd8b09d40c6250aca6caf2d8fe1e0f0be93
2db3d4cd038ad3c4dc4228bc8af0b72747cede2cd10fd9d6fc09d622166901c6
GET /templates/anmeldung/js/jquery.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:22 GMT
Content-Type: application/javascript
Content-Length: 84376
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-14998"
X-Powered-By: PleskLin
Accept-Ranges: bytes
tycoon.adspirit.net/adscript.php?pid=33&ord=1675902802
213.95.181.105200 OK 2.7 kB URL HTTP/1.1 tycoon.adspirit.net/adscript.php?pid=33&ord=1675902802
IP 213.95.181.105:0
ASN #12337 noris network AG
File type ASCII text, with very long lines (2738), with no line terminators
Hash dcc5f5860c28a8673441f00ece8e4afa
407e20e1462457cdf1ba37ff546c4a16e207fb80
ecdcdb361eb1e6d9a00315712e02755eeab2f23542613324a6578799528edc0b
GET /adscript.php?pid=33&ord=1675902802 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:33:22 GMT
Server: Apache
X-Powered-By: PHP/7.3.31
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Thu, 09 Feb 2023 00:33:22 GMT
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
35.155.255.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.155.255.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pGrr/c1tgdN1+lYQLt72aw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jT8ThdqLnH9QGop3+e0ouM/Qp2o=
crazyfarm.de/images/screenshot/css/lightbox.css
62.138.218.36200 OK 1.6 kB URL HTTP/1.1 crazyfarm.de/images/screenshot/css/lightbox.css
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
Hash de501f42d328deb2d67cf8ecdb1c8fe2
2cf7b8babfdfbdc6f3bf1f27f1c28ec2d546b4f0
5c42ba8f44c3368954124f3a1f19623d4c43ddc1831c97d2e0a0084535591db3
GET /images/screenshot/css/lightbox.css HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: text/css
Content-Length: 1648
Last-Modified: Sun, 27 Oct 2013 22:33:00 GMT
Connection: keep-alive
ETag: "526d949c-670"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/spacer.gif
62.138.218.36200 OK 807 B URL HTTP/1.1 crazyfarm.de/images/spacer.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash a0db3b8301c015a2de23b6aab08a48c9
5fcac40d47cd7bf5e58efbe0c9e9c56582867585
6bf788214f0920f04146aa23bc2d8588b55a3e81b5c7f25acc4377b895030979
GET /images/spacer.gif HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/gif
Content-Length: 807
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 27 Oct 2013 22:34:00 GMT
ETag: "327-4e9c0946ce600"
Accept-Ranges: bytes
X-Powered-By: PleskLin
crazyfarm.de/images/screenshots/screen-production-preview.jpg
62.138.218.36200 OK 6.7 kB URL HTTP/1.1 crazyfarm.de/images/screenshots/screen-production-preview.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 118x118, components 3\012- data
Hash d8e318e53d153a9b228641d4a3c08072
a36512756751b5e21555f00df944352bf7b604a4
cc4492a6f80b4c159802f134cce643d355d3c937849affd5c33e1e293d773af5
GET /images/screenshots/screen-production-preview.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/jpeg
Content-Length: 6679
Last-Modified: Sun, 27 Oct 2013 22:52:00 GMT
Connection: keep-alive
ETag: "526d9910-1a17"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/screenshots/screen-acker-preview.jpg
62.138.218.36200 OK 11 kB URL HTTP/1.1 crazyfarm.de/images/screenshots/screen-acker-preview.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 118x118, components 3\012- data
Hash d001916e12bd3ec86d33bbc861a08148
b7d8bf25eb5e1f2fbf012812a5d9378338bec309
d367ee87b6afb7a83a960f15ac81be71def978c769c158ae6cc2a5ba8f13741e
GET /images/screenshots/screen-acker-preview.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/jpeg
Content-Length: 10843
Last-Modified: Sun, 27 Oct 2013 22:52:00 GMT
Connection: keep-alive
ETag: "526d9910-2a5b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/screenshots/screen-haustier-preview.jpg
62.138.218.36200 OK 6.5 kB URL HTTP/1.1 crazyfarm.de/images/screenshots/screen-haustier-preview.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 118x118, components 3\012- data
Hash bc444ae09e4cd077b25a06c7874c9869
4c85c4bda94b2608f13513c2fb6c18ea2aaad8d9
2a9f34cc659badc0350308b126b3cacaeb8606e4d81fa92678675e4702038141
GET /images/screenshots/screen-haustier-preview.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/jpeg
Content-Length: 6456
Last-Modified: Sun, 27 Oct 2013 22:52:00 GMT
Connection: keep-alive
ETag: "526d9910-1938"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/screenshots/screen-farm-preview.jpg
62.138.218.36200 OK 7.3 kB URL HTTP/1.1 crazyfarm.de/images/screenshots/screen-farm-preview.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 118x118, components 3\012- data
Hash 9fc818e0327e489e9005500c6ed5a84c
611dbcfe678d615c46968c71a99f7f796cd6fdf0
0f4d202077e8b0bda57e8401b972dfbd400422c52e63407b7e1dc1fd41d40201
GET /images/screenshots/screen-farm-preview.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/jpeg
Content-Length: 7321
Last-Modified: Sun, 27 Oct 2013 22:52:00 GMT
Connection: keep-alive
ETag: "526d9910-1c99"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/screenshots/screen-bauhof-preview.jpg
62.138.218.36200 OK 7.3 kB URL HTTP/1.1 crazyfarm.de/images/screenshots/screen-bauhof-preview.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 118x118, components 3\012- data
Hash fbe21d6523b18e2cd7d15c4724578cfe
2a9286257c71cbd95be0ffeccf6eede724276452
dd0e836f47ddef6114744a6170b2211c54d7b5d241ac6622805063eeb88aa9b8
GET /images/screenshots/screen-bauhof-preview.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/jpeg
Content-Length: 7252
Last-Modified: Sun, 27 Oct 2013 22:52:00 GMT
Connection: keep-alive
ETag: "526d9910-1c54"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.town-tycoon.de/img/promo/cf.gif
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/cf.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash 5a0b361846fc356a756fd002674e9fa2
883e32e8a681b8a6c4742f9994428036ddb5ed9c
995e7bab96489073cf9ef5acce20da15e0c1ec8d74ac817909ad5e9f2149f77e
GET /img/promo/cf.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/gif
Content-Length: 1087
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:17:00 GMT
ETag: "43f-4edf8c505b300"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/tt.gif
62.138.218.36200 OK 427 B URL HTTP/1.1 www.town-tycoon.de/img/promo/tt.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash 6954a514c699d504a6da640fc862d9f5
366e9c2a50cf041ef10ec517c906088d64f1b436
7a88ea7f37d540c6b48e6acb3d237aef92128af27b070229fc3014e4955d4f1e
GET /img/promo/tt.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/gif
Content-Length: 427
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:17:00 GMT
ETag: "1ab-4edf8c505b300"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/koe.gif
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/koe.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash f3a03af33b146c1314ff4ae7282521ab
1925d646453ae47e456c4dbe69957d26c975725b
8aaf783289612c5133caed85beb77c7e626e7c618a943ca4945e438c90fdc376
GET /img/promo/koe.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/gif
Content-Length: 1087
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:21:00 GMT
ETag: "43f-4edf8d353cf00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/dp.gif
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/dp.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash f17de2c5ac02185dddd5b17fc1c29c67
6229eab9ab58b1188262bf681b726ece32674c99
643c8882bbd2ea1c9d3e51a73370decdfe985ec83c0117db79f4fc4571937efc
GET /img/promo/dp.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/gif
Content-Length: 1087
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:22:00 GMT
ETag: "43f-4edf8d6e75600"
Accept-Ranges: bytes
X-Powered-By: PleskLin
crazyfarm.de/images/screenshot/js/builder.js
62.138.218.36200 OK 4.7 kB URL HTTP/1.1 crazyfarm.de/images/screenshot/js/builder.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
Hash a80b3b917ded9b0d0e1bba21ee7cef61
082a70e55e4ea2e1a43bb8c232058392637d6d83
5f9742b13427e9a76cebe37094f94bdcb0721552da31ae03087a84ad2c9e1060
GET /images/screenshot/js/builder.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: application/javascript
Content-Length: 4745
Last-Modified: Sun, 27 Oct 2013 22:33:00 GMT
Connection: keep-alive
ETag: "526d949c-1289"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.town-tycoon.de/img/promo/ds.gif
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/ds.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash a3abe3bce70de0d0eff6a0a7b016f4b0
75e9b9adbfa7b840100b2a81ca194444e210db4e
ec49462c6da910f562669d03919ebe0bc7a6d80ca4f6d5b852b39517f814781a
GET /img/promo/ds.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/gif
Content-Length: 1083
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:21:00 GMT
ETag: "43b-4edf8d353cf00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
crazyfarm.de/images/screenshot/js/effects.js
62.138.218.36200 OK 38 kB URL HTTP/1.1 crazyfarm.de/images/screenshot/js/effects.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
Hash fdadbe178927aef6460fb725cee7dde7
8505a521fe136d0181b7f220522f2ceef1409697
cd4d228017c9e74d494e81a9ae96da0b906b1e9ecc04b81a3fe7906399f7dcdd
GET /images/screenshot/js/effects.js HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: application/javascript
Content-Length: 38472
Last-Modified: Sun, 27 Oct 2013 22:33:00 GMT
Connection: keep-alive
ETag: "526d949c-9648"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/images/screenshots/screen-uebersicht-preview.jpg
62.138.218.36200 OK 7.7 kB URL HTTP/1.1 crazyfarm.de/images/screenshots/screen-uebersicht-preview.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 118x118, components 3\012- data
Hash a79640eda18c010d5f5cf586547d358e
ce4af3a0399c685f62a87bedbe22d0501ae540d5
5912b5ee9fd5a180f710258b49da4340da274f73cb69762da27b78fc62735a30
GET /images/screenshots/screen-uebersicht-preview.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/jpeg
Content-Length: 7686
Last-Modified: Sun, 27 Oct 2013 22:52:00 GMT
Connection: keep-alive
ETag: "526d9910-1e06"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.town-tycoon.de/img/promo/pk.gif
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/pk.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash 72180b331085ab3124732ea36bf75c76
5285c25b3bbbc28b510bdedfef5fc67044aa3b87
26c2285e5784f808ca8da29345b219ad21c9aed1af2ef25357c96482438b592b
GET /img/promo/pk.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/gif
Content-Length: 1086
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:24:00 GMT
ETag: "43e-4edf8de0e6400"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/ic.gif
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/ic.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash b115c5bb4bb4b8dc2280ff42f8cbd2a0
59a766e8924d376550d414b6c8e04ac374032bdf
b6dfd5e50e54dbd46e008469db025788af2e80ab1662dc5a4c5344ebe7579347
GET /img/promo/ic.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/gif
Content-Length: 1084
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:18:00 GMT
ETag: "43c-4edf8c8993a00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/sg.gif
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/sg.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash 56f079a70acb27d71011803b1e6bf960
98db02960b9717bdfb36abbfb0dbb0a9632f9050
9995dfe375b411cd85c1cad418582f3f9112eb937fdab401a994ddfb59c9133f
GET /img/promo/sg.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/gif
Content-Length: 1080
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:19:00 GMT
ETag: "438-4edf8cc2cc100"
Accept-Ranges: bytes
X-Powered-By: PleskLin
crazyfarm.de/templates/anmeldung/css/img/bg3.jpg
62.138.218.36200 OK 495 B URL HTTP/1.1 crazyfarm.de/templates/anmeldung/css/img/bg3.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 3x490, components 3\012- data
Hash 59b287d8bffc460016e766c546bf4b34
d7403d5ba1748240fcb365bed04c6b9acdb3db0c
e672140ec43564124b6086711dcc19189b8cccef92f5a620c77d328a2ad06357
GET /templates/anmeldung/css/img/bg3.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazyfarm.de/templates/anmeldung/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:23 GMT
Content-Type: image/jpeg
Content-Length: 495
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
ETag: "1ef-4e9c05ec7fd00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
tycoon.adspirit.net/adscript.php?pid=93&ord=%5Btimestamp%5D&wpcn=asmpvx509681675902802&&vis=-1
213.95.181.105200 OK 293 B URL HTTP/1.1 tycoon.adspirit.net/adscript.php?pid=93&ord=%5Btimestamp%5D&wpcn=asmpvx509681675902802&&vis=-1
IP 213.95.181.105:0
ASN #12337 noris network AG
File type ASCII text, with no line terminators
Hash c24912d34defc622805f9fd82795d956
6da03131003086cabc82a293e7dac0bf47b81af0
292dcb534ddcd7ecf1a6234be71aeefe72fe323c08c057a819da23baad5ad02d
GET /adscript.php?pid=93&ord=%5Btimestamp%5D&wpcn=asmpvx509681675902802&&vis=-1 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:33:24 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Thu, 09 Feb 2023 00:33:24 GMT
Keep-Alive: timeout=3, max=1000
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
cdn.adspirit.de/banner/asm_pageview.min.js
185.59.220.18200 OK 770 B URL HTTP/1.1 cdn.adspirit.de/banner/asm_pageview.min.js
IP 185.59.220.18:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (1958), with no line terminators
Hash 38719be41633c2bd705462c74876a4c5
c87c65ab7373a749f42ece37d19a91ce8ae7e5b6
e1688294d53ac14391b3b271de612b6d03c91e76b420b4657fbfd3f86db75b3b
GET /banner/asm_pageview.min.js HTTP/1.1
Host: cdn.adspirit.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:33:24 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 11 Jun 2019 08:31:43 GMT
ETag: W/"d6e34d9-7a6-58b08206459c0"
X-Accel-Expires: @1675949611
Server: CDN77-Turbo
X-77-NZT: Abk73BA3UN3/KewBAA
X-77-NZT-Ray: 908339305a36513a543fe463d3f64309
X-Cache: HIT
X-Age: 125993
X-77-POP: frankfurtDE
X-77-Cache: HIT
Content-Encoding: gzip
crazyfarm.de/templates/anmeldung/css/img/hund.gif
62.138.218.36200 OK 8.9 kB URL HTTP/1.1 crazyfarm.de/templates/anmeldung/css/img/hund.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 74 x 83\012- data
Hash fcfefff1801e28d1f2f90648f0360a26
50f45a641b6cbf75117f515de07cfbd99b2547c3
ddf73b00d2ecffec271685a2681335645ff9a64681c1c36051e80050a4ef76b6
GET /templates/anmeldung/css/img/hund.gif HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazyfarm.de/templates/anmeldung/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:24 GMT
Content-Type: image/gif
Content-Length: 8868
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-22a4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/templates/anmeldung/css/img/buttons.png
62.138.218.36200 OK 5.5 kB URL HTTP/1.1 crazyfarm.de/templates/anmeldung/css/img/buttons.png
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type PNG image data, 254 x 132, 8-bit colormap, non-interlaced\012- data
Hash 81e5260b3f7d27687ab0b04585a5074b
632364b9ff6c01fb34c6d597058bf0debc4c8530
f0e3763f2cfdb7feb12ad45973f87663b88073e8827a9a5d03001087a443e9c7
GET /templates/anmeldung/css/img/buttons.png HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazyfarm.de/templates/anmeldung/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:24 GMT
Content-Type: image/png
Content-Length: 5508
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-1584"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.town-tycoon.de/img/1x1gray2.png
62.138.218.36200 OK 5.6 kB URL HTTP/1.1 www.town-tycoon.de/img/1x1gray2.png
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced\012- data
Hash fe6dc10b4d2173024e825951d8f90d39
ca181a586423fbdcd4546c56c492f7da4805f055
5381fc7a38a7cee064ab4ad3d42e60b60452d73d79c745eac8e7d62721f26945
GET /img/1x1gray2.png HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:24 GMT
Content-Type: image/png
Content-Length: 5607
Connection: keep-alive
Last-Modified: Sat, 15 Sep 2012 16:22:00 GMT
ETag: "15e7-4c9bff0a31a00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
crazyfarm.de/templates/anmeldung/css/img/bg.jpg
62.138.218.36200 OK 154 kB URL HTTP/1.1 crazyfarm.de/templates/anmeldung/css/img/bg.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 983x1152, components 3\012- data
Size 154 kB (153518 bytes)
Hash a5ddc3d2a0bd2a66bcb9bbede2b8eba3
c93525f53aca8556a03c017d833e6e8fb7f2024e
c99e57cb21920d86db7843dc96278fb49dbe940894dda5797342bf9bd725bb8e
GET /templates/anmeldung/css/img/bg.jpg HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazyfarm.de/templates/anmeldung/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:24 GMT
Content-Type: image/jpeg
Content-Length: 153518
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-257ae"
X-Powered-By: PleskLin
Accept-Ranges: bytes
tycoon.adspirit.net/adscript.php?pid=33&ord=1675902802&wpcn=asmpvx5901781675902802&&vis=4
213.95.181.105200 OK 4.4 kB URL HTTP/1.1 tycoon.adspirit.net/adscript.php?pid=33&ord=1675902802&wpcn=asmpvx5901781675902802&&vis=4
IP 213.95.181.105:0
ASN #12337 noris network AG
File type ASCII text, with very long lines (3677)
Hash 339e05670269e0d83ed22cd5d02f2055
4d252fad3e7c8be4979a89fe87d99a84d0341374
ff294a74055d95dcf30fb5bccf7288b76d30cecb14f6f6e43e3efe67d94d1716
GET /adscript.php?pid=33&ord=1675902802&wpcn=asmpvx5901781675902802&&vis=4 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:33:24 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Thu, 09 Feb 2023 00:33:24 GMT
Keep-Alive: timeout=3, max=999
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13884
Expires: Thu, 09 Feb 2023 04:24:48 GMT
Date: Thu, 09 Feb 2023 00:33:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13884
Expires: Thu, 09 Feb 2023 04:24:48 GMT
Date: Thu, 09 Feb 2023 00:33:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d885cfc22a04f1216c98dd64df5338a
589916a844b81fac40af88a772865b8e28dfb64e
40c0e55533794d72bbba4bc9d0f07fe0741e24ca23fd9b3e31d2830c77a51bf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40C0E55533794D72BBBA4BC9D0F07FE0741E24CA23FD9B3E31D2830C77A51BF3"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13884
Expires: Thu, 09 Feb 2023 04:24:48 GMT
Date: Thu, 09 Feb 2023 00:33:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95081172f8e19d19921acc802488e019
8531c150cb11de44361a95624b11cf46b9e0ba02
7a2d8f012c7d590f3f39ad834d4f3f9fb729143b7395bc588bd608b5bdee039b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8db31dc-3366-48e5-8c4b-ebe994dd40ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15019
x-amzn-requestid: 574e3e2c-2fbe-4215-9500-021147338832
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f583LHiioAMFqkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a82d-4f12aac524c39f822ca4f422;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:11:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _3jIo3Giw3zmTmnSkJArAllT6uigN7EEzLPfkGpd6168_mSdqdk_Cg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 12:41:28 GMT
age: 42716
etag: "8531c150cb11de44361a95624b11cf46b9e0ba02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28ae39b238f62d6c0aee7bb16ff863d5
3c2247e40747c3ca72dd7877facee9a9fecf0f59
c530ba92455ea45e14410f497d2df04cc1321e2937cc7e81aa75f4fc14206a7c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F718f24db-3c28-422f-953f-730a3ae78cb5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3014
x-amzn-requestid: bec40915-584b-48fc-94c2-293e96567474
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKGrGoAMFelg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-2250ff00772341353151dd34;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lmJxNCnPKUD5O4HCWIjqeVaanXL50KZ60Xu1iOC6bisRBDJNkVXvww==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:37 GMT
etag: "3c2247e40747c3ca72dd7877facee9a9fecf0f59"
content-type: image/jpeg
age: 10727
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb7c8b758fe17f6c06ce2bebb5008495
032d747cf20951f6ca6fd51489fefd7c09c4948d
835d89e028ec4c85a845f2835cb5eddb9653937f6736e2713b671419474608ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f087272-940e-484d-ad9d-2c67bcd6dccd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12811
x-amzn-requestid: be33f9ef-31cb-4572-9f22-0a433423e195
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChzZFiWIAMFgmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4167b-70ed2a756b8da4372ccc1f83;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:39:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JpeDqbyAp9qLkVVqTKxmVy96vqBfyK4-GDiWdgkAjQlUN4Fu160VLA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:45:55 GMT
etag: "032d747cf20951f6ca6fd51489fefd7c09c4948d"
content-type: image/jpeg
age: 10049
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 113363afa7cfd484dbc115a9f44c1723
2f9dfb845aa919a51a0b5fa9a824ac4845f669be
a91a045600ef2fdebd582ce453a85f7ce0c9f8be7258baf311d0d940de027c20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90107713-2512-413b-bb6c-0156521b403c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4308
x-amzn-requestid: 2d4ce596-9a69-4394-8e10-cd5c54687a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzKZ0F2DoAMF6nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ddf10b-6c4fabe01360b8781bdd8e06;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 05:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GnbG_CYddidhGlygFinwMyN81eHxP_vRzxsm7QBIAJzFqwaKTt-POQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:44 GMT
age: 10720
etag: "2f9dfb845aa919a51a0b5fa9a824ac4845f669be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 764b732e88dd1e9c1824529b24b3dffc
2ba954a51c2972b267ae0536e343e608aa9aa7f4
a1efdf03b14bb05cf8e407b92476592c35fa2d27c5e66705322abdb4c6412a06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc03326d1-bbfd-4654-a9db-ac431757b9f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8150
x-amzn-requestid: 3834493a-4162-4cc9-b67c-541cc9be895b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8IH0TIAMFWqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb380-3746ff7b0a6894366efa848e;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I3qmC4D6qdsheK8VO3oKbPDU7XV1r9_XEPMcExKnvATDkVUsJHjHbg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 04:19:43 GMT
age: 72821
etag: "2ba954a51c2972b267ae0536e343e608aa9aa7f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9203cfb9f0c1c958dd008eac55a9d3c4
6bdd1047590dd3fb54c15d5d6d38e7c86274b203
09770229be5ff3037708543e3204c66de84253b3a858a83a0e1672a04c0e9cb1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ab2faf0-d9a7-41a6-b5cf-bf6189f66342.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11760
x-amzn-requestid: b2863a01-4714-4554-a478-5402467b3448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AChJKHc_oAMFwlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e4156d-1c5a3edf37bc7cc937c800d2;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: y-1zzLzVegi0T-SAyTpUuFD6iVVYbuL5u71dc74BY2l7PrxVu-am5w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:34:37 GMT
etag: "6bdd1047590dd3fb54c15d5d6d38e7c86274b203"
content-type: image/jpeg
age: 10727
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
crazyfarm.de/templates/anmeldung/css/img/controls.png
62.138.218.36200 OK 2.2 kB URL HTTP/1.1 crazyfarm.de/templates/anmeldung/css/img/controls.png
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type PNG image data, 48 x 122, 8-bit colormap, non-interlaced\012- data
Hash a9181776ffa0c37e656712bf4f09fe87
7c4efb8dea21aa421530699cdf60f706a0ff914a
cabf56227cf506b2a38601e5b4cf8b82652d9dc897c087d395d396204803afde
GET /templates/anmeldung/css/img/controls.png HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazyfarm.de/templates/anmeldung/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:24 GMT
Content-Type: image/png
Content-Length: 2155
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
Connection: keep-alive
ETag: "526d9154-86b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
crazyfarm.de/templates/anmeldung/css/img/haken.png
62.138.218.36200 OK 409 B URL HTTP/1.1 crazyfarm.de/templates/anmeldung/css/img/haken.png
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type PNG image data, 14 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash cd63e2a2ceb1e605e4eb112c081331fb
8cf4df1ee9d3fc04e93ea48ed2e8dfc0b259947f
f7170792c02bad5e99462c949d58feea570ee511e437e963d4c7453d43cf25b5
GET /templates/anmeldung/css/img/haken.png HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crazyfarm.de/templates/anmeldung/css/style.css
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:24 GMT
Content-Type: image/png
Content-Length: 409
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 27 Oct 2013 22:19:00 GMT
ETag: "199-4e9c05ec7fd00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
23.38.200.201200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=109217
expires: Fri, 10 Feb 2023 06:53:41 GMT
date: Thu, 09 Feb 2023 00:33:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
23.38.200.201200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=109217
expires: Fri, 10 Feb 2023 06:53:41 GMT
date: Thu, 09 Feb 2023 00:33:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
23.38.200.201200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=109217
expires: Fri, 10 Feb 2023 06:53:41 GMT
date: Thu, 09 Feb 2023 00:33:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
23.38.200.201200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?p=52307&predirect=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=109217
expires: Fri, 10 Feb 2023 06:53:41 GMT
date: Thu, 09 Feb 2023 00:33:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ssp.adspirit.de/rtb/getusermatch.php?umid=-1&output=1&external_user_id=1de85ea5beec709b44d65935a03e34096e6f23afebdbb2377c8affbd261c7
85.215.2.53200 OK 1.1 kB URL HTTP/1.1 ssp.adspirit.de/rtb/getusermatch.php?umid=-1&output=1&external_user_id=1de85ea5beec709b44d65935a03e34096e6f23afebdbb2377c8affbd261c7
IP 85.215.2.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 944044e4fa88647b8b10affe686c7104
91917d207b2dd656c3632f5a059fa5515cd93dd6
b0b1825cf1260549bdea1cc00d2d539cc3d4932450263960877d64436019399e
GET /rtb/getusermatch.php?umid=-1&output=1&external_user_id=1de85ea5beec709b44d65935a03e34096e6f23afebdbb2377c8affbd261c7 HTTP/1.1
Host: ssp.adspirit.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Thu, 09 Feb 2023 00:33:24 GMT
server: Apache
access-control-allow-origin: *
content-length: 1100
content-type: text/html; charset=UTF-8
ads.pubmatic.com/AdServer/js/userSync.js
23.38.200.201200 OK 2.3 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/userSync.js
IP 23.38.200.201:0
File type ASCII text, with very long lines (6899), with no line terminators
Hash a4c2f0a7daeda6ee5645a39c5421a0b6
a51a4d193e533f27cfeb2b3b02dc90e8b82b0d05
1bcf542a8d631d12c8114f2431cb2aacf33881a0d878e11ac0bcfd440d18a6e5
GET /AdServer/js/userSync.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ssp.adspirit.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Jun 2021 06:08:14 GMT
etag: "1300709-1af3-5c4c7cca9e573"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2267
content-type: text/javascript
cache-control: max-age=50796
expires: Thu, 09 Feb 2023 14:40:00 GMT
date: Thu, 09 Feb 2023 00:33:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.adtiger.de/rtb/usermatch.php?umid=2&dataid=1&userid=1de85ea5beec709b44d65935a03e34096e6f23afebdbb2377c8affbd261c7&redirecturl=http%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fdataid%3D1%26output%3D1%26&call_type=redirect
213.95.181.109302 Found 0 B URL HTTP/1.1 ads.adtiger.de/rtb/usermatch.php?umid=2&dataid=1&userid=1de85ea5beec709b44d65935a03e34096e6f23afebdbb2377c8affbd261c7&redirecturl=http%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fdataid%3D1%26output%3D1%26&call_type=redirect
IP 213.95.181.109:0
ASN #12337 noris network AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/usermatch.php?umid=2&dataid=1&userid=1de85ea5beec709b44d65935a03e34096e6f23afebdbb2377c8affbd261c7&redirecturl=http%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fdataid%3D1%26output%3D1%26&call_type=redirect HTTP/1.1
Host: ads.adtiger.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Thu, 09 Feb 2023 00:33:24 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
Location: http://tycoon.adspirit.net/rtb/getusermatch.php?dataid=1&output=1&&dataid=adspirit&user_id=1de85ea5beec709b44d65935a03e34096e6f23afebdbb2377c8affbd261c7&external_user_id=1de85ea5beec709b44d65935a03e34094b07deeb2c4069ece7fb9e9eb843c&ord=1675902804
Keep-Alive: timeout=3, max=1000
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
tycoon.adspirit.net/rtb/getusermatch.php?dataid=1&output=1&&dataid=adspirit&user_id=1de85ea5beec709b44d65935a03e34096e6f23afebdbb2377c8affbd261c7&external_user_id=1de85ea5beec709b44d65935a03e34094b07deeb2c4069ece7fb9e9eb843c&ord=1675902804
213.95.181.105200 OK 56 B URL HTTP/1.1 tycoon.adspirit.net/rtb/getusermatch.php?dataid=1&output=1&&dataid=adspirit&user_id=1de85ea5beec709b44d65935a03e34096e6f23afebdbb2377c8affbd261c7&external_user_id=1de85ea5beec709b44d65935a03e34094b07deeb2c4069ece7fb9e9eb843c&ord=1675902804
IP 213.95.181.105:0
ASN #12337 noris network AG
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 63561412d13debd335c392e63049e792
3e1948d5848326760de01e30cbcb42f84cf78c77
a8c29603cd20494f040a991cb5fb085f6b0a8ecec0d92459c90a2736545e6c5e
GET /rtb/getusermatch.php?dataid=1&output=1&&dataid=adspirit&user_id=1de85ea5beec709b44d65935a03e34096e6f23afebdbb2377c8affbd261c7&external_user_id=1de85ea5beec709b44d65935a03e34094b07deeb2c4069ece7fb9e9eb843c&ord=1675902804 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://s5.crazyfarm.de/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:33:24 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
Access-Control-Allow-Origin: *
Keep-Alive: timeout=3, max=998
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d09192b0325fc351f837998af0ec0859
9a2e9bd3eafa7a522727e29908c1576e7d256a87
def6f8c8083625ad72cb4a4e93336979b5ab7d0181031f639c3abc3f5b63ef99
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4631
Cache-Control: max-age=123612
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:24 GMT
Etag: "63e36d1a-1d7"
Expires: Fri, 10 Feb 2023 10:53:36 GMT
Last-Modified: Wed, 08 Feb 2023 09:36:26 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d09192b0325fc351f837998af0ec0859
9a2e9bd3eafa7a522727e29908c1576e7d256a87
def6f8c8083625ad72cb4a4e93336979b5ab7d0181031f639c3abc3f5b63ef99
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4558
Cache-Control: max-age=123540
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:24 GMT
Etag: "63e36d1a-1d7"
Expires: Fri, 10 Feb 2023 10:52:24 GMT
Last-Modified: Wed, 08 Feb 2023 09:36:26 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d09192b0325fc351f837998af0ec0859
9a2e9bd3eafa7a522727e29908c1576e7d256a87
def6f8c8083625ad72cb4a4e93336979b5ab7d0181031f639c3abc3f5b63ef99
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4567
Cache-Control: max-age=123549
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:24 GMT
Etag: "63e36d1a-1d7"
Expires: Fri, 10 Feb 2023 10:52:33 GMT
Last-Modified: Wed, 08 Feb 2023 09:36:26 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
185.64.189.115200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 185.64.189.115:0
File type ASCII text, with no line terminators
Hash 70e069fce62b77f362999aa3a9deedca
3749772bec25a311c6f23436c43a87c4ce4e0db1
7810d9ee2833c328c9c1ab5c1ef0cb5261684fb6a877a63ae31eabdf82705e2a
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Tue, 9 May 2023 17:32:38 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Thu, 09 Feb 2023 00:33:23 GMT
content-length: 60
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 8522bb3d4dcbd7e52007953d8fcef959
8f998b130698d06fd00f2d7f16e5a06c0049acfd
91872c7214a9db7a399bfeecd164896ce11edf4caeb8063bf78481b326cf22cd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 00:33:24 GMT
Etag: "63e37cc5-1d7"
Server: ECS (dcb/7FA3)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pH2H0TXF7FDwqnvgQwd_C5BjpGzfOvFy1E1p8EqMN7_-fhJqWEpiFQ==
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 44bf378d3750537baa26c6ee0d8a9bed
693e6f2b0c03f45e7fafa193a1827582c6161fc5
2e2eff7bd87e95bd7f7a330e30ff78a0cca8cdb07cc1915644e2f302598321fa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 09 Feb 2023 00:33:24 GMT
Etag: "63e2eeb8-1d7"
Last-Modified: Wed, 08 Feb 2023 23:34:33 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uBTzOD1llCAY1rIL61WHY0lZmGK3RyafYc78Oo6y7wI8WnzHAqzDHA==
Age: 3531
pad.360polaris.biz/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
54.195.3.142302 Found 0 B URL HTTP/1.1 pad.360polaris.biz/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
IP 54.195.3.142:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: pad.360polaris.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
set-cookie: tuuid=afea2b1b-a1f3-4e93-aa59-e5a57a054f0b; Expires=Wed, 10 May 2023 00:33:24 GMT; Domain=.360polaris.biz; Path=/;
tuuid_lu=1675902804; Expires=Wed, 10 May 2023 00:33:24 GMT; Domain=.360polaris.biz; Path=/;
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: http://pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
content-type: text/plain
content-length: 0
date: Thu, 09 Feb 2023 00:33:24 GMT
ice.360yield.com/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
18.158.114.168302 Found 0 B URL HTTP/2 ice.360yield.com/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
IP 18.158.114.168:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ssp.adspirit.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 09 Feb 2023 00:33:24 GMT
content-type: text/plain
content-length: 0
location: https://ice.360yield.com/ul_cb/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=bc2c24f8-e034-47d1-b688-862bd963a7c8; Expires=Wed, 10 May 2023 00:33:24 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1675902804; Expires=Wed, 10 May 2023 00:33:24 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D4681AF8E-8DE7-480E-B966-CFE2799F675F%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
23.38.200.201200 OK 878 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D4681AF8E-8DE7-480E-B966-CFE2799F675F%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1524), with no line terminators
Hash 2d4d43862bd7f604d0034d47cb2e5549
8d3bc9e49c3823d379b92d21f11f36274a118391
700ca0b0c89a1732084acaec0f049d37cdc8c014d51db719e70fc4bb9354d685
GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D4681AF8E-8DE7-480E-B966-CFE2799F675F%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: Apache
last-modified: Wed, 08 Feb 2023 05:37:50 GMT
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 878
content-type: text/html
cache-control: max-age=105016
expires: Fri, 10 Feb 2023 05:43:40 GMT
date: Thu, 09 Feb 2023 00:33:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ice.360yield.com/ul_cb/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
18.158.114.168200 OK 43 B URL HTTP/2 ice.360yield.com/ul_cb/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
IP 18.158.114.168:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ssp.adspirit.de/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:33:24 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
54.195.3.142301 Moved Permanently 0 B URL HTTP/1.1 pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
IP 54.195.3.142:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: pad.360polaris.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://s5.crazyfarm.de/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
54.195.3.142200 OK 43 B URL HTTP/1.1 pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
IP 54.195.3.142:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: pad.360polaris.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://s5.crazyfarm.de/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: image/gif
content-length: 43
date: Thu, 09 Feb 2023 00:33:24 GMT
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f8a51ec6a04ebc3b97c7edf0b438ee3
1eb26ccec45c65f001efcc1dab34eb60f3d89f45
4919f8a65f8a8b4dea035a98a50ecd8fa3aab4d03aed3072ab729cdb5eb368f6
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3793
Cache-Control: max-age=134293
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:25 GMT
Etag: "63e39a19-1d7"
Expires: Fri, 10 Feb 2023 13:51:38 GMT
Last-Modified: Wed, 08 Feb 2023 12:48:25 GMT
Server: ECS (amb/6B85)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f8a51ec6a04ebc3b97c7edf0b438ee3
1eb26ccec45c65f001efcc1dab34eb60f3d89f45
4919f8a65f8a8b4dea035a98a50ecd8fa3aab4d03aed3072ab729cdb5eb368f6
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3793
Cache-Control: max-age=134293
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:25 GMT
Etag: "63e39a19-1d7"
Expires: Fri, 10 Feb 2023 13:51:38 GMT
Last-Modified: Wed, 08 Feb 2023 12:48:25 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f8a51ec6a04ebc3b97c7edf0b438ee3
1eb26ccec45c65f001efcc1dab34eb60f3d89f45
4919f8a65f8a8b4dea035a98a50ecd8fa3aab4d03aed3072ab729cdb5eb368f6
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3793
Cache-Control: max-age=134293
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:25 GMT
Etag: "63e39a19-1d7"
Expires: Fri, 10 Feb 2023 13:51:38 GMT
Last-Modified: Wed, 08 Feb 2023 12:48:25 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f8a51ec6a04ebc3b97c7edf0b438ee3
1eb26ccec45c65f001efcc1dab34eb60f3d89f45
4919f8a65f8a8b4dea035a98a50ecd8fa3aab4d03aed3072ab729cdb5eb368f6
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3793
Cache-Control: max-age=134293
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:25 GMT
Etag: "63e39a19-1d7"
Expires: Fri, 10 Feb 2023 13:51:38 GMT
Last-Modified: Wed, 08 Feb 2023 12:48:25 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ads.adtiger.de/rtb/getusermatch.php?dataid=25&tpuid=4681AF8E-8DE7-480E-B966-CFE2799F675F
213.95.181.109200 OK 56 B URL HTTP/2 ads.adtiger.de/rtb/getusermatch.php?dataid=25&tpuid=4681AF8E-8DE7-480E-B966-CFE2799F675F
IP 213.95.181.109:0
ASN #12337 noris network AG
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 63561412d13debd335c392e63049e792
3e1948d5848326760de01e30cbcb42f84cf78c77
a8c29603cd20494f040a991cb5fb085f6b0a8ecec0d92459c90a2736545e6c5e
GET /rtb/getusermatch.php?dataid=25&tpuid=4681AF8E-8DE7-480E-B966-CFE2799F675F HTTP/1.1
Host: ads.adtiger.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:33:25 GMT
server: Apache
x-powered-by: PHP/7.3.29
access-control-allow-origin: *
content-type: text/html;charset=UTF-8
content-length: 56
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 449 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
Hash 719fc9e390f44b08155c42ed79019078
86676696485d5187c0fb99914ddd19bc826d3a99
be840a1002deeae2fa0edb51ab71bfe5c803d6f92ab95128b4ef835f46396f17
GET /AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:33:23 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 449 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
Hash 719fc9e390f44b08155c42ed79019078
86676696485d5187c0fb99914ddd19bc826d3a99
be840a1002deeae2fa0edb51ab71bfe5c803d6f92ab95128b4ef835f46396f17
GET /AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:33:23 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
ads.adtiger.de/rtb/getusermatch.php?dataid=25&tpuid=4681AF8E-8DE7-480E-B966-CFE2799F675F
213.95.181.109200 OK 56 B URL HTTP/2 ads.adtiger.de/rtb/getusermatch.php?dataid=25&tpuid=4681AF8E-8DE7-480E-B966-CFE2799F675F
IP 213.95.181.109:0
ASN #12337 noris network AG
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 63561412d13debd335c392e63049e792
3e1948d5848326760de01e30cbcb42f84cf78c77
a8c29603cd20494f040a991cb5fb085f6b0a8ecec0d92459c90a2736545e6c5e
GET /rtb/getusermatch.php?dataid=25&tpuid=4681AF8E-8DE7-480E-B966-CFE2799F675F HTTP/1.1
Host: ads.adtiger.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:33:25 GMT
server: Apache
x-powered-by: PHP/7.3.31
access-control-allow-origin: *
content-type: text/html;charset=UTF-8
content-length: 56
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159098&s=665465&predirect=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
23.38.200.201200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159098&s=665465&predirect=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159098&s=665465&predirect=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ssp.adspirit.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=109216
expires: Fri, 10 Feb 2023 06:53:41 GMT
date: Thu, 09 Feb 2023 00:33:25 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.adspirit.de/banner/adviewability.js
185.59.220.18200 OK 1.9 kB URL HTTP/1.1 cdn.adspirit.de/banner/adviewability.js
IP 185.59.220.18:0
ASN #60068 Datacamp Limited
Hash a4cec1ecc8880ad56e0a00aa795e5fc9
ecd46ff19ac3b262d8218f5adabe9871e36eb38b
9db4da4f2b367afe0cfe2352133c8321e225793e86c4ca6577829b96165af866
GET /banner/adviewability.js HTTP/1.1
Host: cdn.adspirit.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:33:25 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 12 Jul 2022 09:23:18 GMT
ETag: W/"d6e34c4-192d-5e3983805ed80"
X-Accel-Expires: @1675935994
Server: CDN77-Turbo
X-77-NZT: Abk73BBjQKn/WyECAA
X-77-NZT-Ray: 908339305a36513a553fe46379b67128
X-Cache: HIT
X-Age: 139611
X-77-POP: frankfurtDE
X-77-Cache: HIT
Content-Encoding: gzip
www.google-analytics.com/ga.js
142.250.74.110200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Wed, 08 Feb 2023 23:14:00 GMT
Expires: Thu, 09 Feb 2023 01:14:00 GMT
Cache-Control: public, max-age=7200
Age: 4765
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
connect.facebook.net/de_DE/all.js
157.240.205.11301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/de_DE/all.js
IP 157.240.205.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /de_DE/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/de_DE/all.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Thu, 09 Feb 2023 00:33:25 GMT
Connection: keep-alive
Content-Length: 0
tycoon.adspirit.net/adpageview.php?&wsid=4&sid=0&sid2=0&sid3=0&gdpr_consent=&tz=1675902861007
213.95.181.105200 OK 43 B URL HTTP/1.1 tycoon.adspirit.net/adpageview.php?&wsid=4&sid=0&sid2=0&sid3=0&gdpr_consent=&tz=1675902861007
IP 213.95.181.105:0
ASN #12337 noris network AG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6f81c41597d3f5a336f458822cc0c32a
8cd77a54b38f1fb376b45af2eaab8f5982523b8d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /adpageview.php?&wsid=4&sid=0&sid2=0&sid3=0&gdpr_consent=&tz=1675902861007 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:33:25 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Connection: close
Last-Modified: Thu, 09 Feb 2023 00:33:25 GMT
Content-Length: 43
Content-Type: image/gif
crazyfarm.de/favicon.ico
62.138.218.36200 OK 1.2 kB IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 0f11f5089e845637e147da329556f0c3
e91c9182b20d65d544439437ed73a102dd135f1a
3e3de02e3234e90cd93214e82f8ff0b56129deeaaafd3d11253c0391b7338d1f
GET /favicon.ico HTTP/1.1
Host: crazyfarm.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 09 Feb 2023 00:33:25 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 1150
Last-Modified: Sun, 27 Oct 2013 22:53:00 GMT
Connection: keep-alive
ETag: "526d994c-47e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.162200 OK 52 kB URL HTTP/1.1 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (3649)
Hash cf928e3b0e4f0f54deab6e29bd6f5f43
20935fa4e3c19518cb8efe9b649f0af9e8ef16d2
b9ea368f3db3da7ec4700fb0277cfef43c4088a9acb74269e8aae1434d02851e
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Date: Thu, 09 Feb 2023 00:33:25 GMT
Expires: Thu, 09 Feb 2023 00:33:25 GMT
Cache-Control: private, max-age=3600
Content-Type: text/javascript; charset=UTF-8
ETag: 17029640978976434929
Access-Control-Allow-Origin: *
X-Content-Type-Options: nosniff
Content-Disposition: attachment; filename="f.txt"
Content-Encoding: gzip
Server: cafe
Content-Length: 52428
X-XSS-Protection: 0
tycoon.adspirit.net/adview.php?tz=1675902804205309133tzmacro&&pid=33&kid=217&wmid=1294&gdpr_consent=&nvc=1&tgt=000000128&target1=-
213.95.181.105200 OK 43 B URL HTTP/1.1 tycoon.adspirit.net/adview.php?tz=1675902804205309133tzmacro&&pid=33&kid=217&wmid=1294&gdpr_consent=&nvc=1&tgt=000000128&target1=-
IP 213.95.181.105:0
ASN #12337 noris network AG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6f81c41597d3f5a336f458822cc0c32a
8cd77a54b38f1fb376b45af2eaab8f5982523b8d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /adview.php?tz=1675902804205309133tzmacro&&pid=33&kid=217&wmid=1294&gdpr_consent=&nvc=1&tgt=000000128&target1=- HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:33:25 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Connection: close
Last-Modified: Thu, 09 Feb 2023 00:33:25 GMT
Content-Length: 43
Content-Type: image/gif
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20230206/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20230206/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20230206/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Wed, 08 Feb 2023 09:55:58 GMT
expires: Wed, 22 Feb 2023 09:55:58 GMT
cache-control: public, max-age=1209600
age: 52647
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 50ca5deab68ba881743e691a693819f1
fd6b74d17a961f751a8edf09fcfaab273f0a7408
139c5ed1fd10f67669a5de174c5ffb02411f96463217781882c9d22b050a02d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 9d3f1af8e54506677fed9b383c6d3d51
f0184051c17813c1528964a14cd97bb12cdb6c3f
a30d01c9e6ec001168430f8780766bc6fac65d0cd5b122694d77b89232496823
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:33:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 08 Feb 2023 08:43:28 GMT
Expires: Wed, 15 Feb 2023 08:43:27 GMT
Etag: "f0184051c17813c1528964a14cd97bb12cdb6c3f"
Cache-Control: max-age=547201,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 796883783c291c0a-OSL
ssp.adspirit.de/rtb/getusermatch.php?umid=10&output=1&external_user_id=4681AF8E-8DE7-480E-B966-CFE2799F675F
85.215.2.53200 OK 56 B URL HTTP/2 ssp.adspirit.de/rtb/getusermatch.php?umid=10&output=1&external_user_id=4681AF8E-8DE7-480E-B966-CFE2799F675F
IP 85.215.2.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 63561412d13debd335c392e63049e792
3e1948d5848326760de01e30cbcb42f84cf78c77
a8c29603cd20494f040a991cb5fb085f6b0a8ecec0d92459c90a2736545e6c5e
GET /rtb/getusermatch.php?umid=10&output=1&external_user_id=4681AF8E-8DE7-480E-B966-CFE2799F675F HTTP/1.1
Host: ssp.adspirit.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 00:33:26 GMT
server: Apache
access-control-allow-origin: *
content-length: 56
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=74146721&utmhn=s5.crazyfarm.de&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Crazy%20Farm%20Spiel%20-%20Online%20Bauernhof%20Browsergame%20kostenlos%20spielen!&utmhid=897975104&utmr=-&utmp=%2F&utmht=1675902862420&utmac=UA-25000444-5&utmcc=__utma%3D168103027.1111539453.1675902862.1675902862.1675902862.1%3B%2B__utmz%3D168103027.1675902862.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=408493292&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.110302 Found 368 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=74146721&utmhn=s5.crazyfarm.de&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Crazy%20Farm%20Spiel%20-%20Online%20Bauernhof%20Browsergame%20kostenlos%20spielen!&utmhid=897975104&utmr=-&utmp=%2F&utmht=1675902862420&utmac=UA-25000444-5&utmcc=__utma%3D168103027.1111539453.1675902862.1675902862.1675902862.1%3B%2B__utmz%3D168103027.1675902862.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=408493292&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.110:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash fd79364eda7dce7eaa194d441ecb88e9
61698794c594932c38782eaeb887807196d60b72
5b31dd81374cfb7bec19daae6fd2229e330d8dc22a7341755cbf8ba9259d6bd8
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=74146721&utmhn=s5.crazyfarm.de&utmcs=UTF-8&utmsr=1280x1024&utmvp=1268x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Crazy%20Farm%20Spiel%20-%20Online%20Bauernhof%20Browsergame%20kostenlos%20spielen!&utmhid=897975104&utmr=-&utmp=%2F&utmht=1675902862420&utmac=UA-25000444-5&utmcc=__utma%3D168103027.1111539453.1675902862.1675902862.1675902862.1%3B%2B__utmz%3D168103027.1675902862.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=408493292&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-25000444-5&cid=1111539453.1675902862&jid=408493292&_v=5.7.2&z=74146721
Access-Control-Allow-Origin: *
Date: Thu, 09 Feb 2023 00:33:27 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 368
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5139
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:28 GMT
Last-Modified: Wed, 08 Feb 2023 23:07:49 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
tycoon.adspirit.net/adviewability.php?pid=33&wmid=1294&sid=0&sid2=0&sid3=0&gdpr_consent=&s=1&t=1675902862400
213.95.181.105200 OK 43 B URL HTTP/1.1 tycoon.adspirit.net/adviewability.php?pid=33&wmid=1294&sid=0&sid2=0&sid3=0&gdpr_consent=&s=1&t=1675902862400
IP 213.95.181.105:0
ASN #12337 noris network AG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6f81c41597d3f5a336f458822cc0c32a
8cd77a54b38f1fb376b45af2eaab8f5982523b8d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /adviewability.php?pid=33&wmid=1294&sid=0&sid2=0&sid3=0&gdpr_consent=&s=1&t=1675902862400 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:33:28 GMT
Server: Apache
X-Powered-By: PHP/7.3.31
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Connection: close
Last-Modified: Thu, 09 Feb 2023 00:33:28 GMT
Content-Length: 43
Content-Type: image/gif
tycoon.adspirit.net/adviewability.php?pid=33&wmid=1294&sid=0&sid2=0&sid3=0&gdpr_consent=&s=2&t=1675902863465
213.95.181.105200 OK 43 B URL HTTP/1.1 tycoon.adspirit.net/adviewability.php?pid=33&wmid=1294&sid=0&sid2=0&sid3=0&gdpr_consent=&s=2&t=1675902863465
IP 213.95.181.105:0
ASN #12337 noris network AG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6f81c41597d3f5a336f458822cc0c32a
8cd77a54b38f1fb376b45af2eaab8f5982523b8d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /adviewability.php?pid=33&wmid=1294&sid=0&sid2=0&sid3=0&gdpr_consent=&s=2&t=1675902863465 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
HTTP/1.1 200 OK
Date: Thu, 09 Feb 2023 00:33:28 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Connection: close
Last-Modified: Thu, 09 Feb 2023 00:33:28 GMT
Content-Length: 43
Content-Type: image/gif
connect.facebook.net/de_DE/all.js
157.240.205.11200 OK 1.7 kB URL HTTP/2 connect.facebook.net/de_DE/all.js
IP 157.240.205.11:0
File type ASCII text, with very long lines (1957)
Hash d3aac89b870e5ee2e3f24af051210a27
392fa527eeb65bf098b1cdd15fedee7575b3a688
b1249ef389261a154034bf6dce554e2e6a558610d1a0df1ed9a9f546a459ffcd
GET /de_DE/all.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://s5.crazyfarm.de/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 27db8b089b1d0bc9b6a998475c2599ef
etag: "6819eb64db9d6597a858ccbde0bdb199"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 09 Feb 2023 00:53:27 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 06rIm4cOXuLj8krwUSEKJw==
x-fb-debug: nV/iz0tE4zuwByU2xR8aoIpGiuHu42sktVpBCzZ8BDOgd/aF1ztHOnsKSmcFj3+VsVOK+i0PI5A4QD0QQmr4bg==
content-length: 1685
x-fb-trip-id: 1679558926
date: Thu, 09 Feb 2023 00:33:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8415242947780661&plah=s5.crazyfarm.de&bust=31072295
142.250.74.162200 OK 122 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8415242947780661&plah=s5.crazyfarm.de&bust=31072295
IP 142.250.74.162:0
File type ASCII text, with very long lines (3694)
Size 122 kB (121528 bytes)
Hash 01dc59684c5b4d32d3418277e1c159df
12fdf6b625efdd736bebcaf102f9572ae48b5e70
2134a8ee17b65791570d02499efff8935fa400fff2da060b487974dabab90feb
GET /pagead/managed/js/adsense/m202302010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8415242947780661&plah=s5.crazyfarm.de&bust=31072295 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 09 Feb 2023 00:33:28 GMT
expires: Thu, 09 Feb 2023 00:33:28 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 6547956144326708963
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 121528
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 39f72ee961e1afed82fed52212ec6b65
557eae661c60433cfbbe14dbca5df31259e0c59b
b527888545839ca25e30f2fe8d409f3de6ab08d98a974dd14626b728e5ead13c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3815
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:28 GMT
Last-Modified: Wed, 08 Feb 2023 23:29:53 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a746d459d4fbc7da99072462ed09b456
6ca7c899101b7ddcc1228f148cdcf16113a805f7
cbed8854f94d225ec82298e5039b9c163f58f9fede0db72510d22867003cb4a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=s5.crazyfarm.de
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=s5.crazyfarm.de
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=s5.crazyfarm.de HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 09 Feb 2023 00:33:28 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=s5.crazyfarm.de
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=s5.crazyfarm.de
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=s5.crazyfarm.de HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 09 Feb 2023 00:33:28 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 72226fa2f9513f894889fa652cb2a8bf
8a1b4f108db687c34b334a94e6d931544fd7508e
a70034db82d42d5deb58f551cb4de47a5cf6b226dbc9aa98892adb62c2f73289
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 44fc0cb48c26edb9ce36736707b9182a
62de7faa3e8171c0d38a2e03a604d2545a3ede7f
9e511ad6ed9e7c5f28f573422e3891d2f4e5c2ba5107f7eda808c529a95931a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 7980999daf055fc9e21ce2d8663483ab
3e584c1676ed7789a50dc5c9391653a0b96a9bab
44143d9428bae54918244e95d8f31dfea0865929c0a0805c0f328a2a7eb78fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/de_DE/all.js?hash=b23561e76ea11ecadfb7710e38bc9e86
157.240.205.11200 OK 88 kB URL HTTP/2 connect.facebook.net/de_DE/all.js?hash=b23561e76ea11ecadfb7710e38bc9e86
IP 157.240.205.11:0
File type ASCII text, with very long lines (18605)
Hash 23ebfc6699c65eb74b4a56b317199d31
1c13c1c37866efacc9bea28ed2f21483e8070bf5
cec31453874dbd96a285bd628646724888d3708062cc3d86fc02f0c34353b436
GET /de_DE/all.js?hash=b23561e76ea11ecadfb7710e38bc9e86 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://s5.crazyfarm.de
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c634904638174c4e07e0f35182c9652f
etag: "6c2f1492f136819889e4c12cb303fb70"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 09 Feb 2024 00:33:28 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: I+v8ZpnGXrdLSlazFxmdMQ==
x-fb-debug: wetSwjkY4tiWjYzULNVETlfkFYUhqNubeuh+1JzCNACguf3BxpKt05ZMYxTL437KNSlzdeGDLcGou258b8lH1g==
content-length: 88419
x-fb-trip-id: 1679558926
date: Thu, 09 Feb 2023 00:33:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=s5.crazyfarm.de&callback=_gfp_s_&client=ca-pub-8415242947780661
216.58.207.226200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=s5.crazyfarm.de&callback=_gfp_s_&client=ca-pub-8415242947780661
IP 216.58.207.226:0
File type ASCII text, with very long lines (391), with no line terminators
Hash 6a3cac9436fe6b8aa77520679d69bf76
ca84424f7d43f80c46de9f06c8bcc3101441904e
e00a567f41ca041557d9e4678b8e122922a9e54341c5c063bfe305c9488c461d
GET /gampad/cookie.js?domain=s5.crazyfarm.de&callback=_gfp_s_&client=ca-pub-8415242947780661 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://s5.crazyfarm.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 09 Feb 2023 00:33:29 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 7980999daf055fc9e21ce2d8663483ab
3e584c1676ed7789a50dc5c9391653a0b96a9bab
44143d9428bae54918244e95d8f31dfea0865929c0a0805c0f328a2a7eb78fe6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/x/oauth/status?client_id=355001011300974&input_token&origin=1&redirect_uri=http%3A%2F%2Fs5.crazyfarm.de%2F&sdk=joey&wants_cookie_data=false
157.240.205.35200 OK 0 B URL HTTP/2 www.facebook.com/x/oauth/status?client_id=355001011300974&input_token&origin=1&redirect_uri=http%3A%2F%2Fs5.crazyfarm.de%2F&sdk=joey&wants_cookie_data=false
IP 157.240.205.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/oauth/status?client_id=355001011300974&input_token&origin=1&redirect_uri=http%3A%2F%2Fs5.crazyfarm.de%2F&sdk=joey&wants_cookie_data=false HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://s5.crazyfarm.de/
Origin: http://s5.crazyfarm.de
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: http://s5.crazyfarm.de
fb-s: unknown
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
x-fb-debug: TkisbDLY6yTKy0aQH+2Av+rebvX2j53k2LzAY7CeBb0L71Tvox7a7FtE0Jwku06tub5ORbNEIHgj72GZkpWz7w==
content-length: 0
date: Thu, 09 Feb 2023 00:33:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a9c5a278f07b138c1503ea3f0ec3797e
d36fe8427bd7ba735b06e69469ef715d1600da4e
978b6a189d73e308e1d79ac9241b2e1d07c43bc9ec65e2f4112ed74f143e342b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.130200 OK 49 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.130:0
File type ASCII text, with very long lines (3399)
Hash 8672c93eebf80542ce1bb4cdd88e792e
4fa55188126d1a55d20669bc0feb0f752f33c0fa
b608a61e0aa05e55b03d747074f8c7b92bcd1930992f95a995f50bc94821aa16
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48910
date: Thu, 09 Feb 2023 00:33:29 GMT
expires: Thu, 09 Feb 2023 00:33:29 GMT
cache-control: private, max-age=3000
etag: "1675860536307976"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a9c5a278f07b138c1503ea3f0ec3797e
d36fe8427bd7ba735b06e69469ef715d1600da4e
978b6a189d73e308e1d79ac9241b2e1d07c43bc9ec65e2f4112ed74f143e342b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js
216.58.207.193200 OK 9.0 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230207/r20110914/abg_lite_fy2021.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1672)
Hash 67e9f3846a4d9685bbb4817ecf1c3202
0cb354df8a3a60509c250eddc56e58a7dec8254d
a34fe37960ae8dcb6339643c2b87da2e9cba62ff25e47219a190bc783f9ba198
GET /pagead/js/r20230207/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 9030
x-xss-protection: 0
date: Wed, 08 Feb 2023 18:50:23 GMT
expires: Wed, 22 Feb 2023 18:50:23 GMT
cache-control: public, max-age=1209600
age: 20586
etag: 14849286796705262889
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js
216.58.207.193200 OK 7.6 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1605)
Hash a1bdac34c79f5ba9432de66913f54fa3
788719361fe56969d37a9ef49c046906defdd892
6e1e58bc51902fe55ace9d2545d3d00c4e4d00be1065a5c2dfb5e3c377e2f0b6
GET /pagead/js/r20230207/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7626
x-xss-protection: 0
date: Wed, 08 Feb 2023 18:38:17 GMT
expires: Wed, 22 Feb 2023 18:38:17 GMT
cache-control: public, max-age=1209600
age: 21312
etag: 5262822293969176042
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0333fa3e34f17f01e9829bd8ee662c23
be4c7a8599038facc49c73d6d14451023bc919e7
8b4ad992549334395b268f43cf73150ed0dfe58801cf9595c3e245ea92dea7d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mts0.google.com/vt/data=PK10mf7i1glxLoBzj28CQOpY1oVRwZtSi-bsaU3OyN2xsgxvEooqFGstMnkzuhsoLXvsoVw99kqRIew177ztLuY
142.250.74.78200 OK 25 kB URL HTTP/2 mts0.google.com/vt/data=PK10mf7i1glxLoBzj28CQOpY1oVRwZtSi-bsaU3OyN2xsgxvEooqFGstMnkzuhsoLXvsoVw99kqRIew177ztLuY
IP 142.250.74.78:0
File type PNG image data, 600 x 350, 8-bit colormap, non-interlaced\012- data
Hash cc56b12211fa7467bdf8e6b28d9ca787
12d65cac3ce0d6e4bfb039172d3197123b0fe733
2234634731897e3196f577d11033d6d231deda14ffd0b5116bc51c00e4d368a4
GET /vt/data=PK10mf7i1glxLoBzj28CQOpY1oVRwZtSi-bsaU3OyN2xsgxvEooqFGstMnkzuhsoLXvsoVw99kqRIew177ztLuY HTTP/1.1
Host: mts0.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBDSmYifBg==
server: scaffolding on HTTPServer2
content-length: 24682
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Wed, 08 Feb 2023 23:46:50 GMT
expires: Thu, 09 Feb 2023 00:46:50 GMT
cache-control: public, max-age=3600
age: 2800
etag: 02b55dc5ba0aaef94
content-type: image/png
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
142.250.74.35200 OK 14 kB URL HTTP/2 www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019
IP 142.250.74.35:0
File type C++ source, ASCII text, with very long lines (1688)
Hash 3582c692298538eabf17eebd7434e582
587a6222383df174947008131dcccc13efbd3dba
ac83b4d1ea4abd201377d450290a7cc306499837a4b6ff1cd2b0f8d275baaa82
GET /mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019 HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="mysidia"
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-length: 14079
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 07 Feb 2023 18:29:00 GMT
expires: Mon, 08 May 2023 18:29:00 GMT
cache-control: public, max-age=7776000
last-modified: Thu, 02 Feb 2023 22:14:51 GMT
content-type: text/javascript
age: 108270
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 14:34:21 GMT
expires: Fri, 02 Feb 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 554349
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 986afab4bad851da3c4a2b8db670c876
c58b7142ce3bebda918b77649973715dbd71b4d2
24e4025e6576d86e781fd0861a0a87338b7b5d52b9e559ae76ca52755cc3a865
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 00:33:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
GET /AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:33:23 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=159098&s=665465&sc=1&pr=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&umc=(PM_UID)&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=159098&s=665465&sc=1&pr=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&umc=(PM_UID)&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
GET /AdServer/SPug?o=1&p=159098&s=665465&sc=1&pr=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&umc=(PM_UID)&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:33:23 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 0 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
GET /AdServer/SPug?o=1&p=52307&sc=1&pr=https%3A%2F%2Fads.adtiger.de%2Frtb%2Fgetusermatch.php%3Fdataid%3D25%26tpuid%3D&u=4681AF8E-8DE7-480E-B966-CFE2799F675F&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 00:33:24 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2