r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 96367f956a4177aec7e7e80221539d58
8dcad10fde96c139d1ef212388cb6755fe3fe077
f4f9bdb5180359dfd734cef1e6f1b54bc9d8f72cae557366eb74f22100b94dc4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4F9BDB5180359DFD734CEF1E6F1B54BC9D8F72CAE557366EB74F22100B94DC4"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16916
Expires: Sat, 17 Dec 2022 07:45:04 GMT
Date: Sat, 17 Dec 2022 03:03:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ae86164fd9297dfdc05d67d69284d70e
5e5f27e3fd492f715baa6820f05c0fafde4040b3
be20f6ae6a51d20611cb4d350b52a5d0a339af6722fe9b2482ef58826c1e9de0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE20F6AE6A51D20611CB4D350B52A5D0A339AF6722FE9B2482EF58826C1E9DE0"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7204
Expires: Sat, 17 Dec 2022 05:03:12 GMT
Date: Sat, 17 Dec 2022 03:03:08 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2587
Expires: Sat, 17 Dec 2022 03:46:15 GMT
Date: Sat, 17 Dec 2022 03:03:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 17 Dec 2022 02:45:15 GMT
content-type: application/json
age: 1073
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YzQaLuLct/KIOV2WLoJn4gU6OrFzWpfh62a4pW/R4x7GqLKqsCBdrf/QoJ2Qje9ffAK5NGTc84AhdB3utb6Y/w==
x-amz-request-id: 726HX2DGF1RKFFG1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 17 Dec 2022 02:53:29 GMT
age: 579
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
sofa.jurynail.shop/ulggukxn/rwltag1288fnctareov/D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
200 OK 523 B URL HTTP/1.1 sofa.jurynail.shop/ulggukxn/rwltag1288fnctareov/D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b139427e9b383a4ccd1e6be7c1979c3d
58b4437c81ec5690dee13893a799244ff67fafc5
072aca33326303695b60b5a25923c2fcbb8917c25fc79704233155a8db0994a1
Analyzer Verdict Alert fortinet Malware
GET /ulggukxn/rwltag1288fnctareov/D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtWEDLeFa1WFzQwfDyJ1y5qjVan%2BJC5iMd0HpUTGuVA4p2HlOzuOY0ZZ73r0%2Bxkk6gMpigqT4VJVAkf1g4VMNGL7i3C6ps9RdY%2B6KzbCFBpTx83opZwbqJ6ePIkM%2BXANTsH9dyM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77ac6c8259a1b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Dec 2022 03:03:08 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sofa.jurynail.shop/jquery-1.11.0.min.js
200 OK 33 kB URL HTTP/1.1 sofa.jurynail.shop/jquery-1.11.0.min.js
IP
File type ASCII text, with very long lines (32341)
Hash 95fe3f4dd117c33f6015e1c3d6df1d0d
d5b8856932d1ea63f51824de0bb50670d2e960bc
e6945ac3f1927f242a9fd7a5cf67720f7763888127a7427eb24ffc52019d4b16
GET /jquery-1.11.0.min.js HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/ulggukxn/rwltag1288fnctareov/D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:20 GMT
ETag: W/"6388f8d4-1787d"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7036
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHtEInOGgiP3ygaDqwzJt1AcNRAadOPhJppW5OxJiaqRjmfQnxOEq7UuLsY%2B4e7hW6OP8XEr68XrNcSoDjrCao5MBbxUaxnL3JQm1VLq9FRDtOk21fMDk%2BMaK3o2%2Bd%2BibT4MFDk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c849a9cb518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cffeaa037aa43ee5dd38d9bf940f0ec
385130d35323155499a61e73e16a9d9e7a6448b5
2938e838bf98de278488e22b736756400136c887e31b44fc608c4da2a07e6ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 03:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sofa.jurynail.shop/offer.php?id=289&sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
200 OK 321 B URL HTTP/1.1 sofa.jurynail.shop/offer.php?id=289&sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 11a56d108c5797f22e2d588f96852c25
8ffac61879c3115f1b28a50368f8d7d0327d240d
e8bd7329bb295efd927a0e07e7d02ef054399f19f0f7b961a7836bd904e4b2a2
GET /offer.php?id=289&sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/ulggukxn/rwltag1288fnctareov/D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tlt%2B%2Bm7LhtHOHNNhy2V3z4xVUUShQXIkNsTj1GAU5UvIkW%2Bb%2F1OLyQAjViGAf2%2FcoQz9XN5jcPI9l14A6hyLWNH6osxIaO%2FsjCPzObj3VN0RbcQRxz79jD9yhnA3dYWGkpCyLDk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77ac6c851acfb518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 17 Dec 2022 02:33:23 GMT
age: 1785
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
sofa.jurynail.shop/clicks/SonusCompletetinnitus.php?sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
200 OK 5.2 kB URL HTTP/1.1 sofa.jurynail.shop/clicks/SonusCompletetinnitus.php?sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (15370), with CRLF line terminators
Hash d8061d78e86d5243a55d19d73a9ee1e5
1db8bb498bab2bb526b065e2104909482201e67c
dcc14fa17f88959b24c1cc9fe3a97949921310451fdcb214fca8a2519944677d
GET /clicks/SonusCompletetinnitus.php?sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmpEqwmQAMZAgBXPXB%2BT7JvBJ%2BoGQ9SIWmIFJ2jm%2FBhgE%2B5mKqdP0QsuWHs5VNxi7UisbU9uWH18WEcpP3EcVSvp270krBpz0hl98OyYVpwGMtd%2BodlXMjZMV%2FasY3zWmZ%2FqCP4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77ac6c863ba0b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.googletagmanager.com/gtag/js?id=UA-22484186-3
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-22484186-3
IP
File type ASCII text, with very long lines (1921)
Hash 0a906d5c080034eae79b344016105650
c5a75b5f6541062f5e0a12b30575a5dcf54a2f5b
6c373e6c27643c8430793cd7f3ee3e39bd64ad2810c1e35fd06b887c846adf55
GET /gtag/js?id=UA-22484186-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sofa.jurynail.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 17 Dec 2022 03:03:08 GMT
expires: Sat, 17 Dec 2022 03:03:08 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43583
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8cffeaa037aa43ee5dd38d9bf940f0ec
385130d35323155499a61e73e16a9d9e7a6448b5
2938e838bf98de278488e22b736756400136c887e31b44fc608c4da2a07e6ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 03:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 142400be99b933ea5e0c68ea6a6b3e89
80e94132940e5ebe69dd0a03396764127b8fda49
20e8cde3c6907a3c5d97fe9fbcf6a44035e1f7482f7e166adb2c38a30a9084ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5390
Cache-Control: max-age=113614
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 03:03:08 GMT
Etag: "639c352c-1d7"
Expires: Sun, 18 Dec 2022 10:36:42 GMT
Last-Modified: Fri, 16 Dec 2022 09:06:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/css.css
200 OK 254 B URL HTTP/1.1 sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/css.css
IP
Hash eed301ee3d1a49ec24b370be2af26b19
fdf2b75ebefa138ae3f1432f21d398cf16a80bcf
ecb8b31df57b425a60eb3f7e1b4445f2ee8318956028b1f5c41c5955f0bef638
GET /clicks/SonusCompletetinnitus_files/css.css HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus.php?sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-38b"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwACVREwy6AISPoWdIIK9IAtev9T2125RML1Gi53%2FhFKqTW5ilwvWMJntn8VLXoayCvQwuu6Xvc8SoLWiisrfZnpmsd2bcfTc5wqOVOFhL%2Bp%2FREDi2wvAraJjwBVjbGEWB5CZ4c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c877bfbb518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/post-519.css
200 OK 1.3 kB URL HTTP/1.1 sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/post-519.css
IP
File type ASCII text, with very long lines (4592)
Hash 8635c40916d198f3dde81fede870d2e0
f60af836ee03ad82344c7f1eb1ed8ce3b3f24508
e0481cce9872e490caf2573a61d7e9c1466a620c90416833d0e8ad905d0999ee
GET /clicks/SonusCompletetinnitus_files/post-519.css HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus.php?sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-23bf"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6osqI4KNBb5diHfOoXI6KTtnNmqEtmHSJ347I8cLpZcaaOfYmISOCCJJDgjcrm7YMu3QTW9WtmONNdAeAjWxVB8M2KBWRDcldA%2FwYtTnq0ELXJ8aPk4FtuAMYwMx713BrCkbqo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c878a950b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/global.css
200 OK 2.1 kB URL HTTP/1.1 sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/global.css
IP
File type ASCII text, with very long lines (9194)
Hash 7253308f9817d03f4279ba81d462ab20
7b4a488c3b26579751ddd72ee4eeddd6785391d6
3b3a9c7d49a3d715b6febf95adb409982293e5f3bb602ccef9f84a75d0a68a9d
GET /clicks/SonusCompletetinnitus_files/global.css HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus.php?sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-519f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FZL0r9WXbMsz44l7nciNwJ0EXMdJBYDIqWtYcv0wuIaz1b8vFvrTcGTLBXlRKsjmjpVHVL0Xl4yithaK%2B5yEgf%2BHBeIKEHRrNrg73TnkiG0D%2BJQj75BbHMR1u5XWxU9wZWBVALg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c8788eeb509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6HOkIhUIEuw+urJycDCrbw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yzm1png0pVFMr3mPPWvLoYVoFFE=
sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/frontend_002.css
200 OK 14 kB URL HTTP/1.1 sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/frontend_002.css
IP
File type ASCII text, with very long lines (65497)
Hash 7906ef86d55e7df783d8eec8a21a14fd
37b90b7dcf42702d1dc8f2929dbab282f633fb8e
0937deb44b9a144b05a71b7c1d7110e07bab4dc5db08dbc677db97a6f0f1fe43
GET /clicks/SonusCompletetinnitus_files/frontend_002.css HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus.php?sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-1973f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHV316Y09HZUkZHMmKppFnpkc8QFYuQHK0Hfji7A1gcmgjqSxIvCgURwzAbPK6FjoCTWwvgfWeWlUvMqKl%2FAdvb6ZNgxWPVMSvgq%2BqzaoxRxQHQVzScJYuzJeisAEdzXyc0FEJA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c878d0db512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/frontend.css
200 OK 21 kB URL HTTP/1.1 sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/frontend.css
IP
File type ASCII text, with very long lines (65493)
Hash ac968c2953375f9544c2e75d78073b80
23bbcefc9f81bc5978770f3d6da64b89b99aacf8
d2952a13da8eeaafdbf2918b348b035ec6c0e6a0183cff707ac89c9c7f0ed01b
GET /clicks/SonusCompletetinnitus_files/frontend.css HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus.php?sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-307cc"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bGovmLmvIuJ0u02suytXmpE4Oyw7DeWS3khKXbNyYFpNxPTz1dgRlXFMK0VzcvgWbb2OpMvScOz7GbtmmuIlcUAh6EvBWe64teHwbirbHPuS1FB6to8BytFNR218FC%2F1eu%2BU3rI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c87893ab4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/style.css
200 OK 15 kB URL HTTP/1.1 sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/style.css
IP
File type ASCII text, with very long lines (855)
Hash dcd06935a495012b76e5d75d7d159c2e
d2dd2d7dc6557fe8e593dbeba95163341c7dc74f
f2bf9db1ef940bd0bef4541a3d7d6a8dbc634000f4caef4603a03bddfb9dad24
GET /clicks/SonusCompletetinnitus_files/style.css HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus.php?sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-18baa"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEy7GLcHsQ3TJ7aQpQK8Bp%2BRs%2B3q6P5FJnUYJJg7VGEoCf%2FC22ULx9RDAkQXncvPEKKLng2Q9GZeky0Ezx6sgkjZKS8fZaItySQca2s2SpxiwYmEtQXXUa4LP4pVWuzZ1A0jjtM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c878c47fab4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/jquery.js
200 OK 30 kB URL HTTP/1.1 sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/jquery.js
IP
File type ASCII text, with very long lines (65451)
Hash ca9d617a98c509cd24e10eae39ea15d3
1a9197526a13967413a4bba8e5a2446eea4fd4ea
a95d26bd14a6aade75c9a263f28d7fc0effce309a114781e6abc89b7c0c0fdae
GET /clicks/SonusCompletetinnitus_files/jquery.js HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus.php?sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-1538f"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xARQk%2FE0POTeAn4E2dO9b0RiNj63Dx8GzkIlhv1nq7wuhjUKtg2mzcHjDpSnSRfa8rk965SjO8WB1HgZyLDIwNLlZkV2s89yTKb%2B0B8uZ8kC4O6fXPZnaVcGfCiGjYutDcsRw4w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c894ca6b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
sofa.jurynail.shop/clicks/fonts/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alwg.ttf
404 Not Found 131 B URL HTTP/1.1 sofa.jurynail.shop/clicks/fonts/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alwg.ttf
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
GET /clicks/fonts/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkV2EH7alwg.ttf HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/css.css
HTTP/1.1 404 Not Found
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2Fwc0jzS357FQPCPwcZ7AA%2BdMKEZrrCGF7StOqVEEmcKlGCcapfgXwtfuJJWc8qTZ%2BRTiJ4SXdy60EZEfj0pmvUmvsjHNWYoqnHpLIdZcbC%2FREjcv7cBWmOB9gxCtJsQCqfNyoM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c8c5c3c0b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/3c74d4a9e0d1665351f749d5bda254778cb8c2b39d3af9f7feb426b0cb3f.png
200 OK 6.7 kB URL HTTP/1.1 sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/3c74d4a9e0d1665351f749d5bda254778cb8c2b39d3af9f7feb426b0cb3f.png
IP
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 3fc866dd424beaf246da4671122aa5cc
01867e9939dea33d74abf8603200d3afa0965ec9
db3bf27182a095ce8eb5721b4547730034b6cf3751c11a32e43e3c0864424813
GET /clicks/SonusCompletetinnitus_files/3c74d4a9e0d1665351f749d5bda254778cb8c2b39d3af9f7feb426b0cb3f.png HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus.php?sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: image/png
Content-Length: 6693
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: "6388f8ca-1a25"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TVTw%2BMVU%2FasYswELy0xIdS8Lq06KuKEHavCTruXgKObrSYuJmwR4A4OSd0zS8ywLZzEcnwEEqwBf9212E%2B2DQS5Y3lIYzz1igOAhYoo5XjgioY1vEpQMH5cXjuLq3Ue982vDHPA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c8c0ff7b512-OSL
alt-svc: h2=":443"; ma=60
sofa.jurynail.shop/clicks/fonts/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alwg.ttf
404 Not Found 131 B URL HTTP/1.1 sofa.jurynail.shop/clicks/fonts/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alwg.ttf
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
GET /clicks/fonts/u-4X0qWljRw-PfU81xCKCpdpbgZJl6XFpfEd7eA9BIxxkbqDH7alwg.ttf HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/css.css
HTTP/1.1 404 Not Found
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WSpFkeCcNHeJ5OQZseRJJ86RqLdmj9e2T%2FeJmT0AKX5OhmTZkwAsT%2FHRTfegvbPFdr8B%2BUhnN2izzn3fId9V%2B7qghVlzYEn0zN72U0eCMRXJ5HffefrRbTiEBD8G0EiJJmO4GiI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c8c4a75b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
sofa.jurynail.shop/clicks/fonts/S6u9w4BMUTPHh6UVSwiPHA.ttf
404 Not Found 131 B URL HTTP/1.1 sofa.jurynail.shop/clicks/fonts/S6u9w4BMUTPHh6UVSwiPHA.ttf
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
GET /clicks/fonts/S6u9w4BMUTPHh6UVSwiPHA.ttf HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/css.css
HTTP/1.1 404 Not Found
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RhHPBcW4aVMCWCqOhaF5jzpwadc%2FpiGjdtmw%2BcX2uCdG8Yenw9QaM42DCEY%2B8lkounIHLGEak7wJZljJHg6dMKn4DqY1TTy2GdM7WKO6TukLRoFCCRPxeX8FDaAI4QybXnX%2FXEg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c8c4cd5fab4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/blank.html
200 OK 548 B URL HTTP/1.1 sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/blank.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1254), with CRLF line terminators
Hash 0a16aec008013f053a922381dee71f9d
13a69b2e43a426ce54f9a47146955ec0bb169172
4686bf42f5ae452ed851ee0e084ece44ceccef9bc2fde5eee10a33a6c92461ae
GET /clicks/SonusCompletetinnitus_files/blank.html HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus.php?sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxIs8zfvF6rmoWOaG%2FfjTnDTECpREhFNjkBtOsHYK7mzfMNOYWXfLT0RulHEp152w7RQqMwuiJKKd1Xosirv3C%2F2M5p3lbVKasb%2BenzMfnmBAzCeBNpm%2BNu1SImbUi7hW7nMZ%2FQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77ac6c8d6c810b31-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/prostate-1.jpg
200 OK 58 kB URL HTTP/1.1 sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/prostate-1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x525, components 3\012- data
Hash 4312030b1540bf4adb326bc468d82782
096530e02a0d0eadabeca8cadb8a055e6bc8442a
a1b1b90b1726ff072f4b1e157269ca74cb7e89c412e60525ac364bc7c0e9278b
GET /clicks/SonusCompletetinnitus_files/prostate-1.jpg HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus.php?sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: image/jpeg
Content-Length: 57930
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: "6388f8ca-e24a"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6GVkp%2FMaODpyTeAZ4D1AK%2Bcy9d9Zv1Ythbb69rttE1SXDseiOKjFC%2BT%2BUqxJ8%2BrJuyZ6graM5CI1TOW65VTWRWD9VUhOy%2FosxxwA2LOz52k7II01SFLPovaafFiDqZoISeFy78%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c8c0b32b4e8-OSL
alt-svc: h2=":443"; ma=60
sofa.jurynail.shop/clicks/fonts/S6uyw4BMUTPHjx4wWw.ttf
404 Not Found 131 B URL HTTP/1.1 sofa.jurynail.shop/clicks/fonts/S6uyw4BMUTPHjx4wWw.ttf
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f758914aa953116df6aebbd7dd3c71cf
9e679d79c4e87bad87ab10d8a5f5d955a50c0350
2b35b9f42b9b30156ec8d39984dcab7b255df8e79682ebd0213fc45a9982cd10
GET /clicks/fonts/S6uyw4BMUTPHjx4wWw.ttf HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/css.css
HTTP/1.1 404 Not Found
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWJO0dgRqFFu9PY953vVkHdVS29uywoJ%2FFQNxKXMx4L8UopF%2BcKE0Itk89oAMk7Q8yqeiCI8dWXSnRuosM9Lyb8uagkn1mJBz8rkp93pKloogbgEhQfw7LmlvSJ4i9jRlohE%2Bjg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c8d1de6b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
sofa.jurynail.shop/favicon.ico
200 OK 69 B URL HTTP/1.1 sofa.jurynail.shop/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16\012- data
Hash f12fb6edbda074603f749a028770f49a
419983c6073469bac7fb8535a847b8f78c2040ce
8aec3412c7c37feacec2dc9d7b2f3560a2e0af0af573085665a57e1d09ab397d
GET /favicon.ico HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus.php?sid=1001146&h=D7hLLLxbiGV0ALSU-aBPhcvWSToqNw_NKP0TQY59UQg/tPk0KbQ3yveIJyoalSr392Fn5rF___ochlWIBW-5tMhf3lrfNPLg3CpG3u02RQnIfGYu4ETocnFIOTYtL2wKoUhFzMBBNoB8exXJrbqX7HM
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:09 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:52:31 GMT
ETag: W/"6388f7ef-57e"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 7036
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1hUrX1AWuNU7uKrybSq0VYkwseh9qLvPWhLozK8KXtTbRjkkFWuUkUSNvPMJM3KBJnv5Cwmth84EJb3FHgdU0kil6PZzrRoNAQxpe6CfcYW2fuyW89SW4AxzZ%2F9%2BwBFeOQewp0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c8efc65b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sofa.jurynail.shop/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 17 Dec 2022 02:41:08 GMT
expires: Sat, 17 Dec 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 1321
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 03:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/blank_data/inject.css
200 OK 928 B URL HTTP/1.1 sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/blank_data/inject.css
IP
File type ASCII text, with CRLF line terminators
Hash e1c22e631b7cce42e3ef13cd9bb02ff5
6c6c2b15c56e776d9eac10babf3a6c4a2bd964ae
93950a736308fe62073a44a76b8ec05b9a651062f6ecee4782059d0718aab6dc
GET /clicks/SonusCompletetinnitus_files/blank_data/inject.css HTTP/1.1
Host: sofa.jurynail.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sofa.jurynail.shop/clicks/SonusCompletetinnitus_files/blank.html
HTTP/1.1 200 OK
Date: Sat, 17 Dec 2022 03:03:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 18:56:10 GMT
ETag: W/"6388f8ca-f28"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJjyZ%2BLQhXLaQXFGQQh6%2BHZAJT3J9eo7CKiDLP5jOZqxhp3Px%2B8IpoQiWxmR5gYJOTx6vHL1f9Wqqx1O94F6FtRApLSSBpyMBzXrBg3pXFZjbjMXUXfMsciLw6If7zPi4p3k%2Fdw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ac6c8e5d32fab4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=1789376490.1671246187&jid=164123632&gjid=702682117&_gid=1937003767.1671246187&_u=YEBAAUAAAAAAACAAI~&z=404820605
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=1789376490.1671246187&jid=164123632&gjid=702682117&_gid=1937003767.1671246187&_u=YEBAAUAAAAAAACAAI~&z=404820605
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-22484186-3&cid=1789376490.1671246187&jid=164123632&gjid=702682117&_gid=1937003767.1671246187&_u=YEBAAUAAAAAAACAAI~&z=404820605 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://sofa.jurynail.shop
Connection: keep-alive
Referer: http://sofa.jurynail.shop/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://sofa.jurynail.shop
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 17 Dec 2022 03:03:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 03:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c8a49c10c60b31f85897b10f4ec4cf83
a36d1f2e9c383be9d1e8f3582e4245848c737942
96090cb245f690b7cc9a8b4cd11b6fbb1eede6e139f3a5485c8e58196024e7bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 03:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17276
Expires: Sat, 17 Dec 2022 07:51:06 GMT
Date: Sat, 17 Dec 2022 03:03:10 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 03:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fdbd1e175352e7ec7dc2a25f04a5a9d
954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2
bdba0c3d4509764e87db688c1b8086c309f4a2cbe95d1f2130ce01d184f2fa17
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9741
x-amzn-requestid: 5d9871d6-1512-4ffa-8b85-3c4c7595b723
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dEj3XGsxoAMFxIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639819c8-7a65df352cc4e71e5aa518f8;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 06:20:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V2j4CWBbvNniyBK3vdt4Hg7ROB-xjuzsvdGBmh2U1BGYGWwkT6JJ_g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:42:32 GMT
age: 19238
etag: "954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbbbb8f-0eab-4f38-b7e0-ab00a145f982.png
200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbbbb8f-0eab-4f38-b7e0-ab00a145f982.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62219550410b7dbb13b65fba676108a0
3c7b81028588d85befc44634efc9ee39f02e733b
d1cc51b3c3feea95db29db4350c70dec212a6b8ae3af50b079700e412b3b9173
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbbbb8f-0eab-4f38-b7e0-ab00a145f982.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4302
x-amzn-requestid: feeb4cdf-bf8d-4869-b838-e927add51177
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dHh8IG3-oAMF6Ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639949e7-098a41870006f6ce4b976be4;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 03:58:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z6Rp-yQ2Z6P89fhudu0u6MXeTZhIqRKf0lKrapW5-RvximEu0rZztw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:46:58 GMT
age: 18972
etag: "3c7b81028588d85befc44634efc9ee39f02e733b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff51ac90a-c2c5-496b-b25c-c63f50725d46.jpeg
200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff51ac90a-c2c5-496b-b25c-c63f50725d46.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f07a84becb488cb02572fe128497847b
980c7c7808e8df6ba78b8f2567640b7d8f8e05a1
586d4afd9c889128c22ba61144df743d70a65b7b75b07a96f2cda821db1503af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff51ac90a-c2c5-496b-b25c-c63f50725d46.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3694
x-amzn-requestid: 49e877d8-c2cd-4497-8658-385caa25a6ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjEbHJNIAMF8Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce54f-0c9c4b5d18502bdd5b3c9be9;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P_b17hLfntWIkfYHVfgiAvNgG0iZKOqFGLn8Tm56gD8E4NY9ftPYiQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
age: 19371
etag: "980c7c7808e8df6ba78b8f2567640b7d8f8e05a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0991e368-99b1-4e13-ad85-32e41c11922d.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0991e368-99b1-4e13-ad85-32e41c11922d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2acab402381f19830cb38a330fad29f3
04066039213672a571687711d39598104ca5b6a9
d901d3af43eea2d140377599a985ccfefe31575daa1e23fe6a9e272c398ca40a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0991e368-99b1-4e13-ad85-32e41c11922d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5520
x-amzn-requestid: 970d0949-100c-4fce-8b9c-1351ab50e095
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC7Gp2oAMFRiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-2e216c22383a85a639331fc1;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _B9qbbv-CbjdG0NeW7VIqzX82pPaVKCfQGwNxcQEq7-WpxmLO6zrqg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:26 GMT
etag: "04066039213672a571687711d39598104ca5b6a9"
content-type: image/jpeg
age: 19364
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3e4365-26b7-4a94-a43a-aa8b34ec9d30.jpeg
200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3e4365-26b7-4a94-a43a-aa8b34ec9d30.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b10096b589872abc03d6befdaa8d08c
3ce5ecf8b36fdf9e7f537f9d0d9010239b00c633
d8019629d58b20fdd78b1e0c2bb5e55ed9bb4f22c9b103e92958b25ef5400ac1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fab3e4365-26b7-4a94-a43a-aa8b34ec9d30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3054
x-amzn-requestid: 7a937c11-1609-4327-b74b-4ae36b361061
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6yO9GvsoAMF-GA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639430c5-16b31f3d6da3cefd613053a3;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 07:09:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PzIDVxWEWPcBWVj7qoHzJTRzTRIAdi2VOs3lcF5OEzl-LxfUs2X3Fg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 13:53:08 GMT
age: 47402
etag: "3ce5ecf8b36fdf9e7f537f9d0d9010239b00c633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dce7a87ac0852f838007018af2e83cb5
379f7844a18284958ec0250cc45f2c91ac1ddfcf
31a5191700b9d5c2e471c0e6db15d43f1804b61c6a0867340e8001c32a0dabb5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F340d7003-71e4-4f8e-a457-d067d05e0525.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: f8f1832c-4269-4c4b-83c0-4c2d8c2fdd8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dQjC7GLSIAMFd4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ce545-4c54f9704a32da245a90ab0d;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 21:38:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CrmrekFQeOTjAkIBgbGSNGN66ysdrtGK1uuzJV-b6nB1WFrOrtf1OA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 21:40:19 GMT
etag: "379f7844a18284958ec0250cc45f2c91ac1ddfcf"
content-type: image/jpeg
age: 19371
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1789376490.1671246187&jid=164123632&_u=YEBAAUAAAAAAACAAI~&z=1532371704
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1789376490.1671246187&jid=164123632&_u=YEBAAUAAAAAAACAAI~&z=1532371704
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1789376490.1671246187&jid=164123632&_u=YEBAAUAAAAAAACAAI~&z=1532371704 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sofa.jurynail.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 03:03:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1789376490.1671246187&jid=164123632&_u=YEBAAUAAAAAAACAAI~&z=1532371704
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1789376490.1671246187&jid=164123632&_u=YEBAAUAAAAAAACAAI~&z=1532371704
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-22484186-3&cid=1789376490.1671246187&jid=164123632&_u=YEBAAUAAAAAAACAAI~&z=1532371704 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sofa.jurynail.shop/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Dec 2022 03:03:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 03:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b56a3548738502fa3cc2d975411a7900
e6584e903da8e7e6062fd14d0c927495f6819b83
8b4ed97669a9d9a093cb9b4c92f1676681ea9c279ac47105042fa922bb32057b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Dec 2022 03:03:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5b78c3c-24c2-48f2-958f-cdfa78f1e1ea.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5b78c3c-24c2-48f2-958f-cdfa78f1e1ea.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f8fe2f78bb86d228cf165eb31101fd4
0ac6629b0ffb8a8027df8a70b2a8fe704e7d16b2
4ce9bc42db1dd638919faadfc32802e2b6289de61d1427dd8fd43f4d00e6eac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5b78c3c-24c2-48f2-958f-cdfa78f1e1ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7506
x-amzn-requestid: 7f47b055-78b2-4323-b1b8-026c463ab255
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dOKjKFKcIAMF_hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639bf147-66522f1e3abeb31450af768f;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 04:17:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nvXhZneb6zc0nczspwnytmWMFDmrfqKk9eOwQVES912ftd_AkUvJ0g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 17:40:45 GMT
age: 33752
etag: "0ac6629b0ffb8a8027df8a70b2a8fe704e7d16b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
188.114.97.1
172.217.21.168
23.36.76.226
93.184.220.29