www.protectiveassetmanagement.com/
195.149.84.100301 Moved Permanently 178 B URL HTTP/1.1 www.protectiveassetmanagement.com/
IP 195.149.84.100:0
ASN #43081 World News PTE. LTD
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.protectiveassetmanagement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 08 Oct 2022 14:26:23 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.protectiveassetmanagement.com/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1273d41c84b2b39f78a8033130d00282
556757697b70e019ed502585fcc888e2403f3229
ee3c03cc0a659fbc43d34feaa79a8ad6627b9c525d675956cdb434c1590db89e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EE3C03CC0A659FBC43D34FEAA79A8AD6627B9C525D675956CDB434C1590DB89E"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3884
Expires: Sat, 08 Oct 2022 15:31:07 GMT
Date: Sat, 08 Oct 2022 14:26:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.118200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nppbuEhqLYbKDx0jq95Dw2BciF3KBrZEoroQ3nfoiyu3BAE6Im3SvA==
Age: 254345
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7cba6aada5c0a04c1c0644769c09f64e
ed02f174a9b718951911343af8ec181c6d205b1d
ba863e734d5d38ed160758ab0b09d1b0f44fc795dcbcee4199329b011fcd1bd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA863E734D5D38ED160758AB0B09D1B0F44FC795DCBCEE4199329B011FCD1BD1"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3262
Expires: Sat, 08 Oct 2022 15:20:45 GMT
Date: Sat, 08 Oct 2022 14:26:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1bZg8YJIHW6ThNBjwS4oLOTIccl+15YDtXC3u6eU61Li+PWVazKMhs9QpH47ehfTf4kSV+ovSuQ=
x-amz-request-id: Y1ZVCX0Z3366GRD7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 08 Oct 2022 13:59:37 GMT
age: 1606
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 14:26:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e73e245ddc72a316606f46fbd6d2e644
0408be4858b8beffdcf1c8b729aff91ea525e63d
2cc20cd9f1b16dbf9823990abca9544090880a4960f1e18bb11cd219da15d6e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CC20CD9F1B16DBF9823990ABCA9544090880A4960F1E18BB11CD219DA15D6E2"
Last-Modified: Thu, 06 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19994
Expires: Sat, 08 Oct 2022 19:59:37 GMT
Date: Sat, 08 Oct 2022 14:26:23 GMT
Connection: keep-alive
www.protectiveassetmanagement.com/
195.149.84.101302 Found 216 B URL HTTP/2 www.protectiveassetmanagement.com/
IP 195.149.84.101:0
ASN #43081 World News PTE. LTD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3fb85398abb9aacd429227ff060ec3e3
0d746b67cf5ed9246d4d1544e28c4288cdfe0bc9
fb344a79db6d4683c67aecd42bce295add03dc34315e1f9fa206066c1bb171a1
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.protectiveassetmanagement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sat, 08 Oct 2022 14:26:23 GMT
content-type: text/html
content-length: 216
location: http://protectiveassetmanagement.com/
set-cookie: wnTrk=wn.1665239183.466065.wnstatic2.15410.1894; Domain=.protectiveassetmanagement.com; expires=Mon, 09 Oct 2090 03:00:23 GMT
vary: User-Agent
strict-transport-security: max-age=15768000
cache-control: must-revalidate
X-Firefox-Spdy: h2
protectiveassetmanagement.com/
195.149.84.101301 Moved Permanently 178 B URL HTTP/1.1 protectiveassetmanagement.com/
IP 195.149.84.101:0
ASN #43081 World News PTE. LTD
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: protectiveassetmanagement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 08 Oct 2022 14:26:23 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://protectiveassetmanagement.com/
protectiveassetmanagement.com/
195.149.84.101302 Found 256 B URL HTTP/2 protectiveassetmanagement.com/
IP 195.149.84.101:0
ASN #43081 World News PTE. LTD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash dc06bba0273484bb8a266abb08683a4e
780bdc6b2c06bc8d9f7bb1b4ecef250b89995387
7d6ffe530e07eb3bb86a82a3df7329976a5d77f11ea502d2c9754b437536bf06
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: protectiveassetmanagement.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: wnTrk=wn.1665239183.466065.wnstatic2.15410.1894
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
server: nginx
date: Sat, 08 Oct 2022 14:26:23 GMT
content-type: text/html
content-length: 256
location: https://wn.com/Protective_asset_management?from=protectiveassetmanagement.com
vary: User-Agent
strict-transport-security: max-age=15768000
cache-control: must-revalidate
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.118200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.118:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sat, 08 Oct 2022 13:29:41 GMT
Cache-Control: max-age=3600
Expires: Sat, 08 Oct 2022 14:23:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: lwPz1V8msdxH2GVpT6K6ukJOseEDNwGoJOUIRxfjjK2O72UrX-HExQ==
Age: 3402
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash fe1d81045a3a1c99f508c997948e5740
a3fb8458240dc918cf7e3b34ed7c66e5dd29581b
177b7f416c0289551337f0099a4793a4d4dd68795236a8db67d28dd376df1f9c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 14:26:23 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 20:34:51 GMT
Expires: Wed, 12 Oct 2022 20:34:50 GMT
Etag: "a3fb8458240dc918cf7e3b34ed7c66e5dd29581b"
Cache-Control: max-age=367106,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 756f8d22ecc51c16-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5479444ef227af03029fbb9d154f0107
0563678ec07ab3707b716ca4c638ece4c8ad7de4
4850d49786a140003b90ae108104ffbfe80a6e0d9f584656a09f0fff11dc9d0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 999
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Last-Modified: Sat, 08 Oct 2022 14:09:45 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ecdn4.wn.com/or/assets/assets/anything/logo.png
192.229.133.115200 OK 1.9 kB URL HTTP/2 ecdn4.wn.com/or/assets/assets/anything/logo.png
IP 192.229.133.115:0
File type PNG image data, 145 x 29, 8-bit/color RGB, non-interlaced\012- data
Hash f11850433376956d7719d988cf100bb6
bfb7785296bd66f02ae9772fe4a0fb70ede60dbf
1c8ab07491173b3eb01d403e09ff7a33c6185997996798dc1d9e8d4ff9c5a279
GET /or/assets/assets/anything/logo.png HTTP/1.1
Host: ecdn4.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/Protective_asset_management?from=protectiveassetmanagement.com
Connection: keep-alive
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 127067
cache-control: max-age=2592000
content-type: image/png
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "5614f0cf-79d"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Wed, 07 Oct 2015 10:15:43 GMT
server: ECS (ska/F704)
x-cache: HIT
content-length: 1949
X-Firefox-Spdy: h2
ecdn2.wn.com/or/assets/assets/avp/css/font-awesome.min.css
192.229.133.115200 OK 7.1 kB URL HTTP/2 ecdn2.wn.com/or/assets/assets/avp/css/font-awesome.min.css
IP 192.229.133.115:0
File type ASCII text, with very long lines (31023), with CRLF line terminators
Hash d81cbbdafabafcbc0f8f3b090a4c67d5
568172017f65e1f0dbcf8d45e994133bda08ff8b
a2d72fac4f89e369399d28dfa4179c3317407046b3816e430608d9bc79fc7675
GET /or/assets/assets/avp/css/font-awesome.min.css HTTP/1.1
Host: ecdn2.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/Protective_asset_management?from=protectiveassetmanagement.com
Connection: keep-alive
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 2082000
cache-control: max-age=2592000
content-type: text/css
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "60f804eb-79d6+gzip"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Wed, 21 Jul 2021 11:28:43 GMT
server: ECS (ska/F705)
vary: Accept-Encoding
x-cache: HIT
content-length: 7075
X-Firefox-Spdy: h2
ecdn7.wn.com/vp/m/b3/46fdad8764c144cad1ce9d0549eed6.css
192.229.133.115200 OK 14 kB URL HTTP/2 ecdn7.wn.com/vp/m/b3/46fdad8764c144cad1ce9d0549eed6.css
IP 192.229.133.115:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5c31ea84da61ff825b9f5028942ac28f
17098c839c99f7dd6976bdde91ff761d5296dc6c
0328c940c36272f4585539f2d66ce569295ee975d1ca6dfef52817ad9232d648
GET /vp/m/b3/46fdad8764c144cad1ce9d0549eed6.css HTTP/1.1
Host: ecdn7.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 1900603
cache-control: max-age=2592000
content-type: text/css
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "62fcf77b-12bca+gzip"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Wed, 17 Aug 2022 14:13:15 GMT
server: ECS (ska/F71B)
vary: Accept-Encoding
x-cache: HIT
content-length: 13687
X-Firefox-Spdy: h2
cdn.wn.com/or/assets/mw.css
192.229.133.115200 OK 17 kB URL HTTP/2 cdn.wn.com/or/assets/mw.css
IP 192.229.133.115:0
File type Unicode text, UTF-8 text, with very long lines (41832)
Hash 0cf890b01a6daf444c780304bb3c142c
3ec542d83fca9c1fae42d83e73de472fa2f0a6f5
90ef97329dae98c26d0e6866fe0a96350d0038619836dafaa1c12197740a55e6
GET /or/assets/mw.css HTTP/1.1
Host: cdn.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/Protective_asset_management?from=protectiveassetmanagement.com
Connection: keep-alive
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
age: 577161
cache-control: max-age=2592000
content-type: text/css
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "579e1270-1463d+gzip"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Sun, 31 Jul 2016 15:00:00 GMT
server: ECS (ska/F710)
vary: Accept-Encoding
x-cache: HIT
content-length: 17053
X-Firefox-Spdy: h2
ecdn5.wn.com/or/js/videoplayer-20181002-4.min.js
192.229.133.115200 OK 39 kB URL HTTP/2 ecdn5.wn.com/or/js/videoplayer-20181002-4.min.js
IP 192.229.133.115:0
File type ASCII text, with very long lines (39336), with no line terminators
Hash bff09a177852fd078d5f6eb1ee513104
1d58099eeb3048ddbeca24e5dadbc86e9c51dc7c
9c3e94dc7b5080fb6a59561f9740ee74bc30d8192de18387254b971c42faf3cc
GET /or/js/videoplayer-20181002-4.min.js HTTP/1.1
Host: ecdn5.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/Protective_asset_management?from=protectiveassetmanagement.com
Connection: keep-alive
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 83707
cache-control: max-age=2592000
content-type: application/javascript
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "5bb34735-99a8"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Tue, 02 Oct 2018 10:23:49 GMT
server: ECS (ska/F70C)
x-cache: HIT
content-length: 39336
X-Firefox-Spdy: h2
ecdn4.wn.com/or/assets/assets/wn/img/logo.png
192.229.133.115200 OK 2.8 kB URL HTTP/2 ecdn4.wn.com/or/assets/assets/wn/img/logo.png
IP 192.229.133.115:0
File type PNG image data, 120 x 29, 8-bit/color RGBA, interlaced\012- data
Hash f89fd976b340dccdf5015e78ee081ca8
b0b87cb7c249e0caec9b0ef7a7c08e315f7e49d1
1dc65363fde14ad469dfcc75c9e24f69f2a11d7a5c3b692d7ade889a5854dced
GET /or/assets/assets/wn/img/logo.png HTTP/1.1
Host: ecdn4.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/Protective_asset_management?from=protectiveassetmanagement.com
Connection: keep-alive
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 220561
cache-control: max-age=2592000
content-type: image/png
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "552b7f8b-b05"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Mon, 13 Apr 2015 08:34:19 GMT
server: ECS (ska/F709)
x-cache: HIT
content-length: 2821
X-Firefox-Spdy: h2
ecdn2.wn.com/vp/m/ae/f10fd2cbad84386e125817a309cd00.js
192.229.133.115200 OK 446 kB URL HTTP/2 ecdn2.wn.com/vp/m/ae/f10fd2cbad84386e125817a309cd00.js
IP 192.229.133.115:0
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65171)
Size 446 kB (445487 bytes)
Hash 33b01116d94102e37bc2e71510d5b00d
d7ae6f7c397a039c6ef910caf7234400defc4492
a30d4979b19c1de5480f9275190c53dd4a97f58268390e8cfaf363fe1f99b28b
GET /vp/m/ae/f10fd2cbad84386e125817a309cd00.js HTTP/1.1
Host: ecdn2.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 1911760
cache-control: max-age=2592000
content-type: application/javascript
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "61714761-6cc2f"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Thu, 21 Oct 2021 10:56:33 GMT
server: ECS (ska/F6FD)
x-cache: HIT
content-length: 445487
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b68686971ebe6a5514d6c01d3f7262db
a31b3f0e5085a3fa35fe2b14217e3e36ade610ea
c707c064fa2dbfa02fc4199523bf9ad9f2091e29303ddc8995ff5b7c54bf774e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 08 Oct 2022 14:26:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 07 Oct 2022 09:57:40 GMT
Expires: Fri, 14 Oct 2022 09:57:39 GMT
Etag: "a31b3f0e5085a3fa35fe2b14217e3e36ade610ea"
Cache-Control: max-age=501674,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 756f8d253e591c16-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1cfaa533e9824a6356e191c5f6d1752a
f6ab903ced2dbf86204334502d4cb7f4d32934c5
1d9f324978a89d84236dc4ed22d38f270b7ddaeb1d01ab0bfe7d79d558b13f1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.onthe.io/io.js/fMXW9rrR6xmp
142.93.164.116200 OK 307 B URL HTTP/1.1 cdn.onthe.io/io.js/fMXW9rrR6xmp
IP 142.93.164.116:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (545), with no line terminators
Hash 725946ac755596b9c28a222912ee1861
304d528294c6e15d867588244412db98519317f8
aa605abbcf67a371e8bd858e0928eb4bd8a95d3f58259d3e0d2acc8bff97545d
GET /io.js/fMXW9rrR6xmp HTTP/1.1
Host: cdn.onthe.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 08 Oct 2022 14:26:24 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Apr 2020 15:14:06 GMT
ETag: W/"5e95d33e-221"
Expires: Sun, 09 Oct 2022 14:26:24 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1cfaa533e9824a6356e191c5f6d1752a
f6ab903ced2dbf86204334502d4cb7f4d32934c5
1d9f324978a89d84236dc4ed22d38f270b7ddaeb1d01ab0bfe7d79d558b13f1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1cfaa533e9824a6356e191c5f6d1752a
f6ab903ced2dbf86204334502d4cb7f4d32934c5
1d9f324978a89d84236dc4ed22d38f270b7ddaeb1d01ab0bfe7d79d558b13f1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1cfaa533e9824a6356e191c5f6d1752a
f6ab903ced2dbf86204334502d4cb7f4d32934c5
1d9f324978a89d84236dc4ed22d38f270b7ddaeb1d01ab0bfe7d79d558b13f1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1cfaa533e9824a6356e191c5f6d1752a
f6ab903ced2dbf86204334502d4cb7f4d32934c5
1d9f324978a89d84236dc4ed22d38f270b7ddaeb1d01ab0bfe7d79d558b13f1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 68f39e55b8deb7c2578a4793dc87653d
fdaab9c0576f1110c275b7c458e5c4608303253c
1497446def960127f5dd2820466787be932c8b7b2f1180bfb5ca9827af91cffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1497446DEF960127F5DD2820466787BE932C8B7B2F1180BFB5CA9827AF91CFFD"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12395
Expires: Sat, 08 Oct 2022 17:52:59 GMT
Date: Sat, 08 Oct 2022 14:26:24 GMT
Connection: keep-alive
i.ytimg.com/vi/8GAEGFqT2xY/0.jpg
142.250.74.86200 OK 13 kB URL HTTP/2 i.ytimg.com/vi/8GAEGFqT2xY/0.jpg
IP 142.250.74.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 93a1dd18551c776f66e536c39ac05157
d040f25259ead30edb3af040e965084aaa973a74
e9e8f05983fae7d5f55fd693bda9cb2e2ce7c089b1423ddb9bb10b3a7f16ebea
GET /vi/8GAEGFqT2xY/0.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 12841
date: Sat, 08 Oct 2022 14:26:24 GMT
expires: Sat, 08 Oct 2022 16:26:24 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/IrGujqc0B5A/0.jpg
142.250.74.86200 OK 30 kB URL HTTP/2 i.ytimg.com/vi/IrGujqc0B5A/0.jpg
IP 142.250.74.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 987085104c1c279eee3a4c6f3f93a8c7
3334607fa6a970e88f534338ae86868f033e39af
fb4f5fe954765347186ec6d0fdd8623c6725bc6238018117e213ea03943697fa
GET /vi/IrGujqc0B5A/0.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 30123
date: Sat, 08 Oct 2022 14:26:24 GMT
expires: Sat, 08 Oct 2022 16:26:24 GMT
cache-control: public, max-age=7200
etag: "1591890710"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/kg9jJ7ccE4c/0.jpg
142.250.74.86200 OK 16 kB URL HTTP/2 i.ytimg.com/vi/kg9jJ7ccE4c/0.jpg
IP 142.250.74.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 127f4dce5d0f9d5be0d9ca88552decca
28963f36d5e4b614a56ce3b73fe3a8ccacb3355a
513f1683ea17184d1c3d5ea0ec476cf1ca7295171e0730d1d863fa2c1a7e63d2
GET /vi/kg9jJ7ccE4c/0.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 16274
date: Sat, 08 Oct 2022 14:26:24 GMT
expires: Sat, 08 Oct 2022 16:26:24 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/VqD_Epy-V_E/0.jpg
142.250.74.86200 OK 21 kB URL HTTP/2 i.ytimg.com/vi/VqD_Epy-V_E/0.jpg
IP 142.250.74.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 03da8fd63d5087208a70dbc8f9da71db
0bf00c3200d593e8c8e257a9f0fee519c59856c3
1a9002add8abe40cb862c9832f7df6da195defa1ee5bab3329ad4c528132f8c8
GET /vi/VqD_Epy-V_E/0.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 20736
date: Sat, 08 Oct 2022 14:26:24 GMT
expires: Sat, 08 Oct 2022 16:26:24 GMT
cache-control: public, max-age=7200
etag: "1659555050"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assets.wn.com/wiki/en/6/b1/Society.svg-bb59a4.png
195.149.84.78200 OK 3.3 kB URL HTTP/1.1 assets.wn.com/wiki/en/6/b1/Society.svg-bb59a4.png
IP 195.149.84.78:0
ASN #43081 World News PTE. LTD
File type PNG image data, 200 x 79, 8-bit colormap, non-interlaced\012- data
Hash b0c0e0e91351b7f0a94a4d9be7d514c2
03f9878742b4230effb829149b494d8516d33c29
dc2c4c43d76610950ca677b766615bc184a4953a5c0934d4e784d52db46363f2
GET /wiki/en/6/b1/Society.svg-bb59a4.png HTTP/1.1
Host: assets.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/Protective_asset_management?from=protectiveassetmanagement.com
Connection: keep-alive
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2218963074"
Last-Modified: Tue, 26 Apr 2016 17:47:43 GMT
Content-Length: 3263
Date: Sat, 08 Oct 2022 14:26:24 GMT
Server: lighttpd
i.ytimg.com/vi/l6mZ5yDPN4I/0.jpg
142.250.74.86200 OK 25 kB URL HTTP/2 i.ytimg.com/vi/l6mZ5yDPN4I/0.jpg
IP 142.250.74.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash bdfdd1f270912296f960f3cc4fb1d65b
6e0bdc7f381e1eb5e232623a31490b6cfe1b0694
625c2d0034de920a7420d8023c99f72e0fc1eae7e938416bf8b959a8fc9222de
GET /vi/l6mZ5yDPN4I/0.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 25355
date: Sat, 08 Oct 2022 14:26:24 GMT
expires: Sat, 08 Oct 2022 16:26:24 GMT
cache-control: public, max-age=7200
etag: "1592393376"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/5NgAMczeUEc/0.jpg
142.250.74.86200 OK 10 kB URL HTTP/2 i.ytimg.com/vi/5NgAMczeUEc/0.jpg
IP 142.250.74.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 7c36054a63c7e05247cbd1e8fc4647ff
230dcd785c12321dcfb14c1e8d0cde92c04f6be1
b045a1fbbbf5c99ceaf579e51003ec6cdf184362260158462bd6b0510e9a64dc
GET /vi/5NgAMczeUEc/0.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 10464
date: Sat, 08 Oct 2022 14:26:24 GMT
expires: Sat, 08 Oct 2022 16:26:24 GMT
cache-control: public, max-age=7200
etag: "1587845738"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.161.230.192101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.230.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UlgwyG1Dr2NBWg8raF0DKw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: cB5s219UohQ+fgcv3V/cI4BNN0k=
i.ytimg.com/vi/W_RFAUJGcCg/0.jpg
142.250.74.86200 OK 24 kB URL HTTP/2 i.ytimg.com/vi/W_RFAUJGcCg/0.jpg
IP 142.250.74.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 510f8180a6bde718cb3c8c06390ac28e
7af7d8518c956a7df80cb61966f76c77a55138d5
ae9fccfc8a48216ca4f2e3670bb6107fd2674d8e59f93a4acb5246b9a1702621
GET /vi/W_RFAUJGcCg/0.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 23659
date: Sat, 08 Oct 2022 14:26:24 GMT
expires: Sat, 08 Oct 2022 16:26:24 GMT
cache-control: public, max-age=7200
etag: "1604014250"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/_EQGj78W0ic/0.jpg
142.250.74.86200 OK 32 kB URL HTTP/2 i.ytimg.com/vi/_EQGj78W0ic/0.jpg
IP 142.250.74.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 8fda39ce1717cda724fef9cfb50c067c
e5835bc40bcf49d0e87563ab8e662b80df6dd6e4
422c490e0d4d12168e82b173bb3044d9b1d0a1528b66dfbab268b3c72cad180e
GET /vi/_EQGj78W0ic/0.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 31585
date: Sat, 08 Oct 2022 14:26:24 GMT
expires: Sat, 08 Oct 2022 16:26:24 GMT
cache-control: public, max-age=7200
etag: "1649945248"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/xfz18lgkkF0/0.jpg
142.250.74.86200 OK 17 kB URL HTTP/2 i.ytimg.com/vi/xfz18lgkkF0/0.jpg
IP 142.250.74.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 694aed5dbafb42179f0911502b3bc113
228d4c171d37fbe64a0db81a84737605e3194091
028afd713b806152d46534ba5f7ef2b3488569656ef7cd196fe86d9c437bc653
GET /vi/xfz18lgkkF0/0.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 17440
date: Sat, 08 Oct 2022 14:26:24 GMT
expires: Sat, 08 Oct 2022 16:26:24 GMT
cache-control: public, max-age=7200
etag: "1583194083"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/pWEe11QNEsQ/0.jpg
142.250.74.86200 OK 11 kB URL HTTP/2 i.ytimg.com/vi/pWEe11QNEsQ/0.jpg
IP 142.250.74.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 68684bee2f91b067c6f0405de4a280e2
77501bf8a5f24c02b8514eed77ae7f10f820052b
b89f82bfbfd39e850e1df149ebc9d290a8dc3b247ad6b659b6d3ab6c2dd4275f
GET /vi/pWEe11QNEsQ/0.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 11190
date: Sat, 08 Oct 2022 14:26:24 GMT
expires: Sat, 08 Oct 2022 16:26:24 GMT
cache-control: public, max-age=7200
etag: "1651608936"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.wn.com/or/assets/assets/avp/fonts/fontawesome-webfont.woff2?v=4.7.0
192.229.133.115200 OK 77 kB URL HTTP/2 cdn.wn.com/or/assets/assets/avp/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 192.229.133.115:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /or/assets/assets/avp/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdn.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://wn.com
Connection: keep-alive
Referer: https://ecdn2.wn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 2080176
cache-control: max-age=2592000
content-type: application/octet-stream
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "60f8016e-12d68"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Wed, 21 Jul 2021 11:13:50 GMT
server: ECS (ska/F71C)
x-cache: HIT
content-length: 77160
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1cfaa533e9824a6356e191c5f6d1752a
f6ab903ced2dbf86204334502d4cb7f4d32934c5
1d9f324978a89d84236dc4ed22d38f270b7ddaeb1d01ab0bfe7d79d558b13f1b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash de13f970f8aba26b5635ed31a9f7c667
2ce848652b67e0c2f9d8f5b299a80764cf83bf31
e3c3ee004ba0175fe4363bc1011e26f66fce0f848c83949a5d430e7d61ab781a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
IP 216.58.207.195:0
File type TrueType Font data, 18 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open SansR\012- data
Hash 63f124cc58fb3f1e5e04b2961edc0f7b
a7e225ab157af0246fbc151ffe513c0b555032c5
484be1fa4b0ddf5a535046b293963ce7cfe6f2659f50309d7bdb6399a732637d
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wn.com
Connection: keep-alive
Referer: https://ecdn7.wn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21006
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 10:38:23 GMT
expires: Thu, 05 Oct 2023 10:38:23 GMT
cache-control: public, max-age=31536000
age: 272881
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash de13f970f8aba26b5635ed31a9f7c667
2ce848652b67e0c2f9d8f5b299a80764cf83bf31
e3c3ee004ba0175fe4363bc1011e26f66fce0f848c83949a5d430e7d61ab781a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9e7b3a5105621077352c47c4dc17ba30
e1360acf92eae61a8b92ffcec8b0c6bf59f593f8
319a5f06ec0273afde9d1ae89cb1a8dba08220802dfc1ceda72c2c55bea8d015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "319A5F06EC0273AFDE9D1AE89CB1A8DBA08220802DFC1CEDA72C2C55BEA8D015"
Last-Modified: Fri, 07 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12424
Expires: Sat, 08 Oct 2022 17:53:28 GMT
Date: Sat, 08 Oct 2022 14:26:24 GMT
Connection: keep-alive
phpadsnew.wn.com/www/delivery/ajs.php?zoneid=464&cb=29121748909&charset=UTF-8&loc=https%3A//wn.com/Protective_asset_management
195.149.84.37200 OK 0 B URL HTTP/2 phpadsnew.wn.com/www/delivery/ajs.php?zoneid=464&cb=29121748909&charset=UTF-8&loc=https%3A//wn.com/Protective_asset_management
IP 195.149.84.37:0
ASN #43081 World News PTE. LTD
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /www/delivery/ajs.php?zoneid=464&cb=29121748909&charset=UTF-8&loc=https%3A//wn.com/Protective_asset_management HTTP/1.1
Host: phpadsnew.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/Protective_asset_management
Connection: keep-alive
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 14:26:24 GMT
content-type: application/javascript
content-length: 0
last-modified: Wed, 10 Jan 2018 02:10:23 GMT
etag: "5a55760f-0"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
login.wn.com/actions/i/?callback=jQuery1609614653101204966_1665239184275&edit=Protective+Asset+Management&owner=wn&author=system&atUrl=https%3A%2F%2Fwn.com%2FProtective_asset_management&fromUrl=protectiveassetmanagement.com&built=1665238830.21&_=1665239184306
195.149.84.78200 OK 1.1 kB URL HTTP/1.1 login.wn.com/actions/i/?callback=jQuery1609614653101204966_1665239184275&edit=Protective+Asset+Management&owner=wn&author=system&atUrl=https%3A%2F%2Fwn.com%2FProtective_asset_management&fromUrl=protectiveassetmanagement.com&built=1665238830.21&_=1665239184306
IP 195.149.84.78:0
ASN #43081 World News PTE. LTD
File type HTML document, ASCII text, with very long lines (1102), with no line terminators
Hash 175ecbb37f03601566c8ace32b0d330d
1115d8509e1b60658b4b6e408ac1eeee586385b1
a569f7739896884fd165b4650c0f09e34f183df78c54cc8453e832c103fde05b
GET /actions/i/?callback=jQuery1609614653101204966_1665239184275&edit=Protective+Asset+Management&owner=wn&author=system&atUrl=https%3A%2F%2Fwn.com%2FProtective_asset_management&fromUrl=protectiveassetmanagement.com&built=1665238830.21&_=1665239184306 HTTP/1.1
Host: login.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/Protective_asset_management
Connection: keep-alive
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Security-Policy: frame-ancestors 'self' wn.com *.wn.com worldnews.com *.worldnews.com;
Vary: Cookie, Accept-Language
Content-Length: 1102
Content-Type: text/html; charset=utf-8
Content-Language: en
Set-Cookie: wnuser=; Domain=.wn.com; expires=Sat, 22-Oct-2022 14:26:24 GMT; Max-Age=1209600; Path=/
Date: Sat, 08 Oct 2022 14:26:24 GMT
Server: lighttpd
ecdn4.wn.com/or/images/search-button.png
192.229.133.115200 OK 1.5 kB URL HTTP/2 ecdn4.wn.com/or/images/search-button.png
IP 192.229.133.115:0
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash b2f119a1b46a6e171837dc51635af8e6
038edd75f773216565e4017853c0f7158565dd80
75e518fdd45541be6d902d2fa6fc70d8228f3eac59935d89d9b77768d6995485
GET /or/images/search-button.png HTTP/1.1
Host: ecdn4.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/Protective_asset_management
Connection: keep-alive
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 2143961
cache-control: max-age=2592000
content-type: image/png
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "527a24af-5d7"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Wed, 06 Nov 2013 11:14:55 GMT
server: ECS (ska/F707)
x-cache: HIT
content-length: 1495
X-Firefox-Spdy: h2
phpadsnew.wn.com/www/delivery/ajs.php?zoneid=465&cb=27420196073&charset=UTF-8&loc=https%3A//wn.com/Protective_asset_management
195.149.84.37200 OK 0 B URL HTTP/2 phpadsnew.wn.com/www/delivery/ajs.php?zoneid=465&cb=27420196073&charset=UTF-8&loc=https%3A//wn.com/Protective_asset_management
IP 195.149.84.37:0
ASN #43081 World News PTE. LTD
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /www/delivery/ajs.php?zoneid=465&cb=27420196073&charset=UTF-8&loc=https%3A//wn.com/Protective_asset_management HTTP/1.1
Host: phpadsnew.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/Protective_asset_management
Connection: keep-alive
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359; wnuser=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 14:26:24 GMT
content-type: application/javascript
content-length: 0
last-modified: Wed, 10 Jan 2018 02:10:23 GMT
etag: "5a55760f-0"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
ecdn7.wn.com/or/images/anything/iconSprite.png
192.229.133.115200 OK 23 kB URL HTTP/2 ecdn7.wn.com/or/images/anything/iconSprite.png
IP 192.229.133.115:0
File type PNG image data, 360 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash f7ab28c297e49d9ce998ef580505a905
57d8a5eddf9d437e87270e660297b6d47de2e806
2e4500bc47341cdc2bf91b165c6f489a65c65c8516dc92877459479a26c79123
GET /or/images/anything/iconSprite.png HTTP/1.1
Host: ecdn7.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecdn7.wn.com/vp/m/b3/46fdad8764c144cad1ce9d0549eed6.css
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359; wnuser=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 1595834
cache-control: max-age=2592000
content-type: image/png
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "54ca1b8b-59f5"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Thu, 29 Jan 2015 11:37:47 GMT
server: ECS (ska/F711)
x-cache: HIT
content-length: 23029
X-Firefox-Spdy: h2
phpadsnew.wn.com/www/delivery/ajs.php?zoneid=465&cb=9720784042&charset=UTF-8&loc=https%3A//wn.com/Protective_asset_management
195.149.84.37200 OK 0 B URL HTTP/2 phpadsnew.wn.com/www/delivery/ajs.php?zoneid=465&cb=9720784042&charset=UTF-8&loc=https%3A//wn.com/Protective_asset_management
IP 195.149.84.37:0
ASN #43081 World News PTE. LTD
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /www/delivery/ajs.php?zoneid=465&cb=9720784042&charset=UTF-8&loc=https%3A//wn.com/Protective_asset_management HTTP/1.1
Host: phpadsnew.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/Protective_asset_management
Connection: keep-alive
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359; wnuser=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 14:26:24 GMT
content-type: application/javascript
content-length: 0
last-modified: Wed, 10 Jan 2018 02:10:23 GMT
etag: "5a55760f-0"
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVc.ttf
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVc.ttf
IP 216.58.207.195:0
File type TrueType Font data, 18 tables, 1st "GDEF", 16 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open Sans \012- data
Hash ead36ae9b8f3825b43f1a85f6cfe9878
fa9dd17c86d42e27e5a26a03b99c4fa465ece38a
80891f3a33b7c5edeff83dfa379d079cecae7f771e18fc48c532a46d80c3d19c
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgshZ1x4gaVc.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wn.com
Connection: keep-alive
Referer: https://ecdn7.wn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 01:13:58 GMT
expires: Wed, 04 Oct 2023 01:13:58 GMT
cache-control: public, max-age=31536000
age: 393146
last-modified: Mon, 15 Aug 2022 18:16:21 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ecdn8.wn.com/or/images/anything/wn_logo.png
192.229.133.115200 OK 21 kB URL HTTP/2 ecdn8.wn.com/or/images/anything/wn_logo.png
IP 192.229.133.115:0
File type PNG image data, 103 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash bf72e190ccfecf3dc63c309c6846e6a1
004e3a54712fdd211a95862f2b07b7193129571d
09a1d4878b57d2213d92b601941bd1e48c28a1b32746aad4d1478e95bb907c4b
GET /or/images/anything/wn_logo.png HTTP/1.1
Host: ecdn8.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecdn7.wn.com/
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359; wnuser=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 1323215
cache-control: max-age=2592000
content-type: image/png
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "5491cdfe-536b"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Wed, 17 Dec 2014 18:39:58 GMT
server: ECS (ska/F705)
x-cache: HIT
content-length: 21355
X-Firefox-Spdy: h2
ecdn3.wn.com/or/images/modal-gloss.png
192.229.133.115200 OK 2.9 kB URL HTTP/2 ecdn3.wn.com/or/images/modal-gloss.png
IP 192.229.133.115:0
File type PNG image data, 800 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 14ac18a2f0348c88734800f89bba0fdc
b13d3c9a3fa766b2e5bdcf83d314186dd7aeebfc
7d2aab4db2f4758ad052077dde124507d2f84e8c7a0d882853b271b8ea189671
GET /or/images/modal-gloss.png HTTP/1.1
Host: ecdn3.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecdn7.wn.com/
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359; wnuser=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 1339410
cache-control: max-age=2592000
content-type: image/png
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "4d777040-b60"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Wed, 09 Mar 2011 12:19:12 GMT
server: ECS (ska/F6FD)
x-cache: HIT
content-length: 2912
X-Firefox-Spdy: h2
ecdn4.wn.com/or/images/anything/iconSprite01.png
192.229.133.115200 OK 12 kB URL HTTP/2 ecdn4.wn.com/or/images/anything/iconSprite01.png
IP 192.229.133.115:0
File type PNG image data, 160 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e8bcaec57099e10dd5c11c6abb99f1f
812c2f4a499ab52db22395f1904308ca36453f68
833cd1b4ba4bec28f8f6df2ae860401ded67c60d3f4eb74183330aac2ebd34cc
GET /or/images/anything/iconSprite01.png HTTP/1.1
Host: ecdn4.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecdn7.wn.com/
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359; wnuser=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 1088883
cache-control: max-age=2592000
content-type: image/png
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "52dd0bb1-2e16"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Mon, 20 Jan 2014 11:42:41 GMT
server: ECS (ska/F70F)
x-cache: HIT
content-length: 11798
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9907c0b0c9e33a762367ed66d24ef9c1
449864ba79103de0ee907422bbbd0ee94feac2cb
1e8f8280344b04234918f99a6569588a249507a29cf5eb05968e766f8b222c40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2728
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Last-Modified: Sat, 08 Oct 2022 13:40:56 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ecdn0.wn.com/st/favicon-20131209.ico
192.229.133.115200 OK 5.4 kB URL HTTP/2 ecdn0.wn.com/st/favicon-20131209.ico
IP 192.229.133.115:0
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 85efd37ab472d135bea2d2637c0a8e6c
871c17eeb9694c1a4d643332815d1cbace72ffdf
caab4b62e57d412908f5f028a315fc768b66032eaf461713ae4bb2386fcec082
GET /st/favicon-20131209.ico HTTP/1.1
Host: ecdn0.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/Protective_asset_management
Connection: keep-alive
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359; wnuser=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 1717904
cache-control: max-age=2592000
content-type: image/x-icon
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "52aafabe-1536"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Fri, 13 Dec 2013 12:17:02 GMT
server: ECS (ska/F705)
x-cache: HIT
content-length: 5430
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 74b63831a0a449c3e37b584db0009072
929f9f036c4a6a078c51c3b3dc2a7f902c9ee9ac
686845b4cf9a67078f03cb221ce13175a72074f6aa3804ba4fa06623ab856bae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 42a0aeab14d679e68618a1811d197d9e
9ec483a6a52abfd9464daca6ff95a534cd5d9b99
285943939297fc00a4a9639e175efb1202701e8b33c0e461848c8dd87d615be2
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 50c6b0ea383c7550dc1e8489dce0fe8a
etag: "68168b762981fa5a7a67cb20ead0effd"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 08 Oct 2022 14:43:37 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: QqCuqxTWeeaGGKGBHRl9ng==
x-fb-debug: uTZFhUGeMUN65vVm9nHic24b9hiRsXsq23AfVNBcYVewggkck1jEkIdEn1KnKheZqxPySbgazyeAmRoSMZ/x2w==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1904183273
date: Sat, 08 Oct 2022 14:26:24 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 00776157dc98913405595c4b126e9ee2
8ee3950fa60340b03e0c53c8e5e07d18321a69f0
daa313ad6f0cb705d8a4fdb55aa65ffd6c1695326409c2ccf378e3c7e36de35c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
216.58.207.200200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 216.58.207.200:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Sat, 08 Oct 2022 14:17:11 GMT
expires: Sat, 08 Oct 2022 16:17:11 GMT
cache-control: public, max-age=7200
age: 553
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 47193b26ce77a37f8cb6f4a479c07544
823158b95a0762b89ab41603a57c84c920416056
3fcade39afafe9bb242cf43243931fce6f60f59d9b54781600f17f0fe32464ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6104
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Last-Modified: Sat, 08 Oct 2022 12:44:40 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9907c0b0c9e33a762367ed66d24ef9c1
449864ba79103de0ee907422bbbd0ee94feac2cb
1e8f8280344b04234918f99a6569588a249507a29cf5eb05968e766f8b222c40
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2728
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Last-Modified: Sat, 08 Oct 2022 13:40:56 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 00776157dc98913405595c4b126e9ee2
8ee3950fa60340b03e0c53c8e5e07d18321a69f0
daa313ad6f0cb705d8a4fdb55aa65ffd6c1695326409c2ccf378e3c7e36de35c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ecdn5.wn.com/or/images/anything/playPrev-button.png
192.229.133.115200 OK 1.2 kB URL HTTP/2 ecdn5.wn.com/or/images/anything/playPrev-button.png
IP 192.229.133.115:0
File type PNG image data, 40 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash d40e721bb45540c731cd069549c45859
cf7840cc906d96b44a7e39ff70b6a77abdd45626
d8a99f8f9e3b8687de480656020524b6b082d7c53f312d2e6bd7b6de1ec4f551
GET /or/images/anything/playPrev-button.png HTTP/1.1
Host: ecdn5.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecdn7.wn.com/
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359; wnuser=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 1628297
cache-control: max-age=2592000
content-type: image/png
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "52823ee9-4ce"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Tue, 12 Nov 2013 14:44:57 GMT
server: ECS (ska/F6FC)
x-cache: HIT
content-length: 1230
X-Firefox-Spdy: h2
ecdn7.wn.com/or/images/anything/playNext-button.png
192.229.133.115200 OK 1.2 kB URL HTTP/2 ecdn7.wn.com/or/images/anything/playNext-button.png
IP 192.229.133.115:0
File type PNG image data, 40 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash ebf2ea4fe56d77d2aaefb640fd531903
d185d902bb6c9fd4a6f9ad7e4a5cae6b2f025b31
00bf6fba58238d4276a3b6696ec6c433a774e1e0d4c847dccd2abd2e0d4443bf
GET /or/images/anything/playNext-button.png HTTP/1.1
Host: ecdn7.wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ecdn7.wn.com/vp/m/b3/46fdad8764c144cad1ce9d0549eed6.css
Cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359; wnuser=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 464294
cache-control: max-age=2592000
content-type: image/png
date: Sat, 08 Oct 2022 14:26:24 GMT
etag: "52823eef-4cc"
expires: Mon, 07 Nov 2022 14:26:24 GMT
last-modified: Tue, 12 Nov 2013 14:45:03 GMT
server: ECS (ska/F710)
x-cache: HIT
content-length: 1228
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 74b63831a0a449c3e37b584db0009072
929f9f036c4a6a078c51c3b3dc2a7f902c9ee9ac
686845b4cf9a67078f03cb221ce13175a72074f6aa3804ba4fa06623ab856bae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rules.quantcount.com/rules-p-69LMgINxZpq8g.js
54.230.111.33200 OK 209 B URL HTTP/2 rules.quantcount.com/rules-p-69LMgINxZpq8g.js
IP 54.230.111.33:0
Hash e78d1e8027810f38f3f0156695bff9a3
3f3e667d48d5548e2ba5867cc1967b701e85c65c
d96df75d77ba8247f7c9e3f0fadd9f6eca13f2e06d36a3cf851d06c26db60fdf
GET /rules-p-69LMgINxZpq8g.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 209
last-modified: Thu, 25 Aug 2022 04:07:24 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Sat, 08 Oct 2022 14:22:41 GMT
cache-control: max-age=3600
etag: "e78d1e8027810f38f3f0156695bff9a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E9aYjQxjTjMrXmSZwxV8bnrcDSlZVhn5xuDAk4K16gXEOAyq8rcDZw==
age: 297
X-Firefox-Spdy: h2
pxl.qccerttest.com/pixel?r=1278367957;fpan=1;fpa=P0-211231009-1665239185018;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=wn.com;dst=0;et=1665239185016;tzo=0;url=https%3A%2F%2Fwn.com%2FProtective_asset_management;ogl=title.Protective%20asset%20management%2Curl.https%3A%2F%2Fwn%252Ecom%2FProtective_Asset_Management%2Cimage.https%3A%2F%2Fi%252Eytimg%252Ecom%2Fvi%2FIrGujqc0B5A%2F0%252Ejpg%2Csite_name.World%20News%2Cvideo.http%3A%2F%2Fwww%252Eyoutube-nocookie%252Ecom%2Fv%2FIrGujqc0B5A%2Cvideo%3Aheight.240%2Cvideo%3Awidth.320%2Cvideo%3Atype.application%2Fx-shockwave-flash
54.230.111.92200 OK 35 B URL HTTP/2 pxl.qccerttest.com/pixel?r=1278367957;fpan=1;fpa=P0-211231009-1665239185018;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=wn.com;dst=0;et=1665239185016;tzo=0;url=https%3A%2F%2Fwn.com%2FProtective_asset_management;ogl=title.Protective%20asset%20management%2Curl.https%3A%2F%2Fwn%252Ecom%2FProtective_Asset_Management%2Cimage.https%3A%2F%2Fi%252Eytimg%252Ecom%2Fvi%2FIrGujqc0B5A%2F0%252Ejpg%2Csite_name.World%20News%2Cvideo.http%3A%2F%2Fwww%252Eyoutube-nocookie%252Ecom%2Fv%2FIrGujqc0B5A%2Cvideo%3Aheight.240%2Cvideo%3Awidth.320%2Cvideo%3Atype.application%2Fx-shockwave-flash
IP 54.230.111.92:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel?r=1278367957;fpan=1;fpa=P0-211231009-1665239185018;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=wn.com;dst=0;et=1665239185016;tzo=0;url=https%3A%2F%2Fwn.com%2FProtective_asset_management;ogl=title.Protective%20asset%20management%2Curl.https%3A%2F%2Fwn%252Ecom%2FProtective_Asset_Management%2Cimage.https%3A%2F%2Fi%252Eytimg%252Ecom%2Fvi%2FIrGujqc0B5A%2F0%252Ejpg%2Csite_name.World%20News%2Cvideo.http%3A%2F%2Fwww%252Eyoutube-nocookie%252Ecom%2Fv%2FIrGujqc0B5A%2Cvideo%3Aheight.240%2Cvideo%3Awidth.320%2Cvideo%3Atype.application%2Fx-shockwave-flash HTTP/1.1
Host: pxl.qccerttest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 35
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 08 Oct 2022 02:01:57 GMT
etag: "55d25e9dc950d5db4d53a3b195c046c6"
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NHMViQ8VCCG023wGhFvvo6RgH4-MnN7MPq53A-QL3ZdKL33GV_8_VQ==
age: 44669
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
pixel.quantserve.com/pixel;r=1870595179;labels=wn.anything.main;rf=0;a=p-69LMgINxZpq8g;url=https%3A%2F%2Fwn.com%2FProtective_asset_management;uht=2;fpan=0;fpa=P0-211231009-1665239185018;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=wn.com;dst=0;et=1665239185021;tzo=0;ogl=title.Protective%20asset%20management%2Curl.https%3A%2F%2Fwn%252Ecom%2FProtective_Asset_Management%2Cimage.https%3A%2F%2Fi%252Eytimg%252Ecom%2Fvi%2FIrGujqc0B5A%2F0%252Ejpg%2Csite_name.World%20News%2Cvideo.http%3A%2F%2Fwww%252Eyoutube-nocookie%252Ecom%2Fv%2FIrGujqc0B5A%2Cvideo%3Aheight.240%2Cvideo%3Awidth.320%2Cvideo%3Atype.application%2Fx-shockwave-flash;ses=fa35cb57-3ac7-440f-bb19-0f5adb5c873f
91.228.74.200200 OK 35 B URL HTTP/2 pixel.quantserve.com/pixel;r=1870595179;labels=wn.anything.main;rf=0;a=p-69LMgINxZpq8g;url=https%3A%2F%2Fwn.com%2FProtective_asset_management;uht=2;fpan=0;fpa=P0-211231009-1665239185018;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=wn.com;dst=0;et=1665239185021;tzo=0;ogl=title.Protective%20asset%20management%2Curl.https%3A%2F%2Fwn%252Ecom%2FProtective_Asset_Management%2Cimage.https%3A%2F%2Fi%252Eytimg%252Ecom%2Fvi%2FIrGujqc0B5A%2F0%252Ejpg%2Csite_name.World%20News%2Cvideo.http%3A%2F%2Fwww%252Eyoutube-nocookie%252Ecom%2Fv%2FIrGujqc0B5A%2Cvideo%3Aheight.240%2Cvideo%3Awidth.320%2Cvideo%3Atype.application%2Fx-shockwave-flash;ses=fa35cb57-3ac7-440f-bb19-0f5adb5c873f
IP 91.228.74.200:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55d25e9dc950d5db4d53a3b195c046c6
75e91ae3e549dab12ed1c9787ade9131aef1c981
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
GET /pixel;r=1870595179;labels=wn.anything.main;rf=0;a=p-69LMgINxZpq8g;url=https%3A%2F%2Fwn.com%2FProtective_asset_management;uht=2;fpan=0;fpa=P0-211231009-1665239185018;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=wn.com;dst=0;et=1665239185021;tzo=0;ogl=title.Protective%20asset%20management%2Curl.https%3A%2F%2Fwn%252Ecom%2FProtective_Asset_Management%2Cimage.https%3A%2F%2Fi%252Eytimg%252Ecom%2Fvi%2FIrGujqc0B5A%2F0%252Ejpg%2Csite_name.World%20News%2Cvideo.http%3A%2F%2Fwww%252Eyoutube-nocookie%252Ecom%2Fv%2FIrGujqc0B5A%2Cvideo%3Aheight.240%2Cvideo%3Awidth.320%2Cvideo%3Atype.application%2Fx-shockwave-flash;ses=fa35cb57-3ac7-440f-bb19-0f5adb5c873f HTTP/1.1
Host: pixel.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 08 Oct 2022 14:26:25 GMT
content-type: image/gif
content-length: 35
cache-control: private, no-cache, no-store, proxy-revalidate
expires: Fri, 04 Aug 1978 12:00:00 GMT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
set-cookie: mc=63418891-1848c-a885e-c6995; expires=Wed, 08-Nov-2023 14:26:25 GMT; path=/; domain=.quantserve.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5075628-13&cid=2113437615.1665239185&jid=457038911&_v=5.7.2&z=293318310
173.194.73.154302 Found 367 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5075628-13&cid=2113437615.1665239185&jid=457038911&_v=5.7.2&z=293318310
IP 173.194.73.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 38f1f35a734ef2146cd9019a46b0577e
864d956947ba81e7c02bbd37284b1f100ccc5e15
170326ee9b84c7afc0b5f755962b4d4840a7b846f97ca6e94343fc0bcf3b198a
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5075628-13&cid=2113437615.1665239185&jid=457038911&_v=5.7.2&z=293318310 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5075628-13&cid=2113437615.1665239185&jid=457038911&_v=5.7.2&z=293318310
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 08 Oct 2022 14:26:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 367
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 579e733097a7260db68f6ab5fc4ab3c9
bcee618650f7eb1595974812db6995d7ee0e9764
c025aa32afae5edb4c793bcc3076c86ae945438c7d2e96f7847054aeb1ed690b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5075628-13&cid=2113437615.1665239185&jid=457038911&_v=5.7.2&z=293318310
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5075628-13&cid=2113437615.1665239185&jid=457038911&_v=5.7.2&z=293318310
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5075628-13&cid=2113437615.1665239185&jid=457038911&_v=5.7.2&z=293318310 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 08 Oct 2022 14:26:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5075628-13&cid=2113437615.1665239185&jid=457038911&_v=5.7.2&z=293318310&slf_rd=1&random=992343431
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5075628-13&cid=2113437615.1665239185&jid=457038911&_v=5.7.2&z=293318310&slf_rd=1&random=992343431
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5075628-13&cid=2113437615.1665239185&jid=457038911&_v=5.7.2&z=293318310&slf_rd=1&random=992343431
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-5075628-13&cid=2113437615.1665239185&jid=457038911&_v=5.7.2&z=293318310&slf_rd=1&random=992343431 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://wn.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 08 Oct 2022 14:26:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3732
Expires: Sat, 08 Oct 2022 15:28:37 GMT
Date: Sat, 08 Oct 2022 14:26:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3732
Expires: Sat, 08 Oct 2022 15:28:37 GMT
Date: Sat, 08 Oct 2022 14:26:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b5cf0255a785469b033344c2ec0ed394
a4a700c1c250cb10f175e67b4b11f2c94afb2bdb
191e75d8e785c03eb558af6f3efe0d557669b65b94d17b42a1b9b7f623947c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "191E75D8E785C03EB558AF6F3EFE0D557669B65B94D17B42A1B9B7F623947C6F"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3732
Expires: Sat, 08 Oct 2022 15:28:37 GMT
Date: Sat, 08 Oct 2022 14:26:25 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash da5f54e2d234b159e435039798b4f58c
115cbe08795735df780e8d1a5fb31141187c074e
20fefe2ac7fcd44ae4d6714ff2148b54810a8e7b7f66103e4bbe9c0156b7b2fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8d22189-9354-45d8-a562-99fb9adeda28.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8d22189-9354-45d8-a562-99fb9adeda28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d67e1b7a9224fb617581c14af1e369ac
941b8fdd8736691d796738233681f12900af92c4
ed88575e76e6919ab4702bb29db5c48c5bd250ad2a89047d4d8a31cf3c77f12e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8d22189-9354-45d8-a562-99fb9adeda28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9112
x-amzn-requestid: 94c5c303-a221-4b00-9d01-95607233fbc4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp2PxHXuoAMFZzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409d97-5080b3765b6cd57c64e36e80;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:43:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: caUfhYpcvVq0JjR0INv3aPuCZDq50dJg9p7Wjlz6TcJaX7kU3OIHDA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:50:09 GMT
age: 59776
etag: "941b8fdd8736691d796738233681f12900af92c4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dcf23b32642f7a82a0a7d734a631bca
9dc8bd1a00dcb896fade6d3112ef53439ecb8fe7
add9aab4427819610f8d693758a752910cf314346e974b7636a82381ab9daa4d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff4d93b-bc27-41dd-ad6a-5d295cfb6472.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4252
x-amzn-requestid: 8d6a225c-6389-4f20-9b90-494841f47c99
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1R4GjCIAMFX-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409c0b-4076dc933185d9fd6b68e802;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:37:15 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Wb1JAlWtR9sSEi_KuYZivvMivSxZjo92LGpWgFppol5zgapK6eQ-dg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:37:16 GMT
etag: "9dc8bd1a00dcb896fade6d3112ef53439ecb8fe7"
content-type: image/jpeg
age: 60549
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Y_VpleudG3M2sQd7mFGVhPvfULiNQl3YY8xuhiTnTE5VIC64O8vqMA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:44:19 GMT
age: 60126
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ceff04a-841a-487e-8a19-5bf8deb18775.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ceff04a-841a-487e-8a19-5bf8deb18775.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c656736249c63b689259baf51691e164
f64c6152a5e4591e93e4a7b199785f1486354602
f4a342ef5a47b99e74d467dd23c9190bda65f8b58dfb469be07a5819f61f80f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ceff04a-841a-487e-8a19-5bf8deb18775.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9270
x-amzn-requestid: cbab3d28-6a82-4dcb-893f-2d65f62964b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1R5H7MoAMFjtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409c0b-0742c17042e08a403c3afcfb;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:37:15 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: vvIXg3LNlltrHMME43_Z3L-qUTocl70oRb3qQnUyj3PQFaasDGijSQ==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:37:16 GMT
etag: "f64c6152a5e4591e93e4a7b199785f1486354602"
content-type: image/jpeg
age: 60549
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bc50d1380ae8fc980ae1cc38f2371c7
be79aecfd7eefa89c409ed743402a292ff0ce6c0
43e015802ba453d4cd79984b53efa8a529ece62760f6693f9daeb2388179201f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57a0ead-deef-46c2-985b-fb7ba539285b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6366
x-amzn-requestid: ddcd915d-2606-4243-969e-19fb02b5b6d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1EJGoSIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409bb3-1c7bd17a2dcdd25e4da6d346;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:35:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Cm4uaStVKEsemoOHrc04J9qNysQJoMB7-R8LEzmlRXt47mpXi2NRPA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:50:12 GMT
age: 59773
etag: "be79aecfd7eefa89c409ed743402a292ff0ce6c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70128380-51a1-430f-bca1-5212a3dd8807.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70128380-51a1-430f-bca1-5212a3dd8807.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c712a8d12119cdef4376b6055f3493c
e040dc81a71c6a94dc600ecb61bf0c8f1a086e85
6a2c6384e05dae0013a2890ad63c91af7d2f04a0d706ce496f44defc7b209fa7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70128380-51a1-430f-bca1-5212a3dd8807.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11618
x-amzn-requestid: 5a8e397a-41df-41a1-a71e-25cedc35b063
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zp1R5H9aoAMFyew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63409c0b-3286ff464612a56158b81f4e;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 21:37:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dpzW4--jwWxQ7cD4rKIZuX4pr9LQI0CivP6grcpduuNMPoKyQwSecg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 07 Oct 2022 21:37:16 GMT
etag: "e040dc81a71c6a94dc600ecb61bf0c8f1a086e85"
content-type: image/jpeg
age: 60549
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ebcacb94db1196ad457d9d0f99f1f05c
c29dd9bb8f75a26b57712af80eeed8a224c8869b
3683d9f0309804614cff247d22fd62443e039b180c763bc953582aad45cab8dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.98302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sat, 08 Oct 2022 14:26:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 08 Oct 2022 14:12:37 GMT
expires: Sat, 08 Oct 2022 14:27:37 GMT
cache-control: public, max-age=900
age: 828
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ebcacb94db1196ad457d9d0f99f1f05c
c29dd9bb8f75a26b57712af80eeed8a224c8869b
3683d9f0309804614cff247d22fd62443e039b180c763bc953582aad45cab8dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1d13c38762edee3ea0af663f3e4553be
894a45402ded63c20b5062b2aae8b3894be80996
781d3684b9efe9d34182e7a740c759749a80c085576681bd5077d342e4448ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1d13c38762edee3ea0af663f3e4553be
894a45402ded63c20b5062b2aae8b3894be80996
781d3684b9efe9d34182e7a740c759749a80c085576681bd5077d342e4448ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 08 Oct 2022 14:26:25 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f30090f9c36480ca113bd893345d086c
d476a9fc5d01c313f3052274c3db2b78112c7af3
e7bba522e33c469157357d0a279caf3163404f505dc6ad33fd5cde54bcf1074b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 08 Oct 2022 14:26:25 GMT
server: ESF
cache-control: private
content-length: 30906
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1d13c38762edee3ea0af663f3e4553be
894a45402ded63c20b5062b2aae8b3894be80996
781d3684b9efe9d34182e7a740c759749a80c085576681bd5077d342e4448ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3c653b7d4151c89bf97b26a6bf854af2
cbcefae0da43945c106c7ab708bb851348b35481
d273d605cfa789a4350cf4e9d56016820eb8b7999e71c1ef9ecbeb3da62b82b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu-Hj40kyYpRoKKl0NrJHrFYMerUsE-SNhCYJdfJSg=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.5 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu-Hj40kyYpRoKKl0NrJHrFYMerUsE-SNhCYJdfJSg=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 115ddeea6a21b2b7844d85ccf889c8cf
7a08ae2ee4f0ba0d1fc23791747621a061c56833
d0d74400c9001a4c4e447ae18af7b98398ec7265f93d6158e4156535d7be9a05
GET /ytc/AMLnZu-Hj40kyYpRoKKl0NrJHrFYMerUsE-SNhCYJdfJSg=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2461
x-xss-protection: 0
date: Sat, 08 Oct 2022 14:26:25 GMT
expires: Fri, 07 Oct 2022 19:46:49 GMT
cache-control: public, max-age=86400, no-transform
etag: "vd6"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3c653b7d4151c89bf97b26a6bf854af2
cbcefae0da43945c106c7ab708bb851348b35481
d273d605cfa789a4350cf4e9d56016820eb8b7999e71c1ef9ecbeb3da62b82b5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 08 Oct 2022 14:26:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sat, 08 Oct 2022 14:26:26 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8003625cc9da1bb2500d3ecce38f798c
d6058cb870e6edc5582c8736283f0bf8b2e74fcd
6c8a5d189738d31504cb15c7504a3d717c0a0716db8360fbfcafaf007d5a0c81
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1308
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sat, 08 Oct 2022 14:26:26 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.110200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.110:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sat, 08 Oct 2022 14:26:24 GMT
date: Sat, 08 Oct 2022 14:26:24 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=tkKuLFTddWE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=TfDrU_05FP8; Domain=.youtube.com; Expires=Thu, 06-Apr-2023 14:26:24 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+384; expires=Mon, 07-Oct-2024 14:26:24 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.200200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.200:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 08 Oct 2022 14:26:24 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "+b0B6ncQDCugPb96DWf2QA=="
expires: Sat, 15 Oct 2022 14:26:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
wn.com/Protective_asset_management?from=protectiveassetmanagement.com
195.149.84.100200 OK 0 B URL HTTP/2 wn.com/Protective_asset_management?from=protectiveassetmanagement.com
IP 195.149.84.100:0
ASN #43081 World News PTE. LTD
GET /Protective_asset_management?from=protectiveassetmanagement.com HTTP/1.1
Host: wn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 08 Oct 2022 14:26:23 GMT
content-type: text/html; charset=utf-8
set-cookie: wnTrk=wn.1665239183.895028.wnstatic1.3575.359; Domain=.wn.com; expires=Mon, 09 Oct 2090 03:00:23 GMT
vary: Accept-Encoding, User-Agent
cache-control: must-revalidate
strict-transport-security: max-age=15768000
content-encoding: gzip
X-Firefox-Spdy: h2