tmearn.com/yhTymg
104.21.78.210301 Moved Permanently 0 B IP 104.21.78.210:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /yhTymg HTTP/1.1
Host: tmearn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 15 Nov 2022 00:05:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 15 Nov 2022 01:05:12 GMT
Location: https://tmearn.com/yhTymg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISTXBEeBSxHi4kFwwksd5ms8uIQScltpBeP3%2F2bYGKoJcyMYVIQ45aSfcIbX3V0kJCInPa7haeis%2FU59RlwnfhyfStAK3pOYCtuzODbd0gxzjrZPJOJBYIbxVPrB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76a3bbe28df0b515-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2233
Expires: Tue, 15 Nov 2022 00:42:26 GMT
Date: Tue, 15 Nov 2022 00:05:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2280
Cache-Control: max-age=126244
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:13 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:09:17 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6120
Expires: Tue, 15 Nov 2022 01:47:13 GMT
Date: Tue, 15 Nov 2022 00:05:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 14 Nov 2022 23:44:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1257
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4EseA0ri2Yu9JbbW60I40MN1fJjqcEtOtgd4H/RoEQ76udQBry8oiL7MdqDC3WtmFzeFXkTCYT4=
x-amz-request-id: C08C3N84MFA46H17
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 14 Nov 2022 23:51:18 GMT
age: 835
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d6f9a4ee026314138a4a85babbf0230b
8a063206e2ef73aac6a9b568648bf1b7efd87631
239b20ace249f933ef644b1e8da24aa78c1633abd7bac77322acf6390a61fffb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=86494
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:13 GMT
Etag: "63718697-117"
Expires: Wed, 16 Nov 2022 00:06:47 GMT
Last-Modified: Mon, 14 Nov 2022 00:06:47 GMT
Server: nginx
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 00:05:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d6f9a4ee026314138a4a85babbf0230b
8a063206e2ef73aac6a9b568648bf1b7efd87631
239b20ace249f933ef644b1e8da24aa78c1633abd7bac77322acf6390a61fffb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=86494
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:13 GMT
Etag: "63718697-117"
Expires: Wed, 16 Nov 2022 00:06:47 GMT
Last-Modified: Mon, 14 Nov 2022 00:06:47 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2eeea3e264187075d03a157ead32d525
35cea54f038bbed04b3bcabed5dfefdb727943ef
e7b911cf7cf9b3d69134be968a1dba0b1c7e08b54219369f027002e721d5449b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E7B911CF7CF9B3D69134BE968A1DBA0B1C7E08B54219369F027002E721D5449B"
Last-Modified: Sat, 12 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19171
Expires: Tue, 15 Nov 2022 05:24:44 GMT
Date: Tue, 15 Nov 2022 00:05:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 14 Nov 2022 23:25:01 GMT
cache-control: public,max-age=3600
age: 2412
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
tmearn.com/yhTymg
172.67.137.133301 Moved Permanently 27 kB IP 172.67.137.133:0
Hash a0ff1a632437b0f77958f252297d9a7e
41b565075e7738aef39c4ab3d4752d1d5d829317
00fefc121d893a39677115bda113ac9b1cf787a5895e27d125360725ec0df41b
GET /yhTymg HTTP/1.1
Host: tmearn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Tue, 15 Nov 2022 00:05:13 GMT
content-type: text/html; charset=UTF-8
location: https://blogmado.com/yhTymg
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTmativOix7PNqdSshfGpSMXaqii6n09itQYJYoNL2wUxncmlMQBFJcdBo7v5GvKj0WMe0dMEyUO7cDxTy2yh8H3qd%2BUcCO2DxG%2FipdVbKuvYo6ngHuw26E%2BShEf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bbe5a9c41c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2eeea3e264187075d03a157ead32d525
35cea54f038bbed04b3bcabed5dfefdb727943ef
e7b911cf7cf9b3d69134be968a1dba0b1c7e08b54219369f027002e721d5449b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E7B911CF7CF9B3D69134BE968A1DBA0B1C7E08B54219369F027002E721D5449B"
Last-Modified: Sat, 12 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19171
Expires: Tue, 15 Nov 2022 05:24:44 GMT
Date: Tue, 15 Nov 2022 00:05:13 GMT
Connection: keep-alive
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CLr9nG8MgUmkxKtwYz+KeQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KwXzBsV1MfFWikggsrQjgqBknks=
code.jquery.com/jquery-1.12.0.min.js
69.16.175.42200 OK 34 kB URL HTTP/2 code.jquery.com/jquery-1.12.0.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32060)
Hash e0865bea5b028ce4d913dc4d6166c751
b2df1f4068ce3040ba56512e7fa7674db72f8fcb
0dbb35dfe27885f4ab7cb2f5f3b6894d0fe03f691e4612cec613bd6a74193337
GET /jquery-1.12.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:14 GMT
content-encoding: gzip
content-length: 33820
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-17c52"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1668470714.dop024.sk1.t,1668470714.cds220.sk1.hn,1668470714.cds229.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.2 kB IP 142.250.74.3:0
Hash 20a4062821d26315407e4701ca994fcf
bec593b81bbf4c0ee7c73f23e859ea3531ba8493
4a2f56d09ceb7b2eab11ddd07c2e4c280c230c1781fcfa1e15a710574432ec5c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 3.4 kB IP 142.250.74.3:0
Hash 9527c3b03301a2226b53ec10c73a8242
0cc359acccd30c5b3eeb18aa41357cac537df930
18887472bd82390be01ef53c94e4341f39a95ed1aa19984000fcf965ffdda4e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 2.0 kB IP 142.250.74.3:0
Hash 21aafded7cc4519585d4f0bc67fdaa6d
d88ee9b31d180fa3eebb49d66f79831e3c7bcdd7
acf67225956c40c7b2cea961c68e90ad94bbd68393a583ff319c66260d264538
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8094f6d66cd067b92b99cc3c1ec916c6
cdb6d27ace38846e7a770dafce189f90a30db886
f07248933eddbab19c1153daaece5a2c3bcb421598bfab2c4b0f4c547d75e817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 22 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9535a2157e5d6944266f115c9e3a6056
2cc46d50cda3d779ad12d0c550307efaa8d687d3
0984fa0c9636157acfc0a6379a3bc10acfef2c3f15929c6fa2b7d2c9f8a51303
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CBE9E80747C5203462015C514ABF5BC51ADEAAD400F07E543327E9342C46B96D"
Last-Modified: Sun, 13 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10842
Expires: Tue, 15 Nov 2022 03:05:56 GMT
Date: Tue, 15 Nov 2022 00:05:14 GMT
Connection: keep-alive
www.google.com/recaptcha/api.js
142.250.74.164200 OK 555 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 943813f35a1dbbd894b0d7374f237a45
c0792c161486e285df11f930aab2cea60f0ba0bc
980e6e154794480b95f8c394ef9f38cde239e4bcee366e3b12fb693318f3dd1e
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 15 Nov 2022 00:05:14 GMT
date: Tue, 15 Nov 2022 00:05:14 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?onload=loadCaptcha&render=explicit
142.250.74.164200 OK 576 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=loadCaptcha&render=explicit
IP 142.250.74.164:0
File type ASCII text, with very long lines (906), with no line terminators
Hash 0803c611144dde81d93909742bcaf365
cb74da16a23e85eb186a4a970deb0caabc3f5946
3246d8f5ef68cd6b2ba51bdecf63528e30cf94be49b8ab34a0ddc6b07a2f2352
GET /recaptcha/api.js?onload=loadCaptcha&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 15 Nov 2022 00:05:14 GMT
date: Tue, 15 Nov 2022 00:05:14 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 576
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-233612758-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-233612758-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 9ee5b75a6a17eea94b7026aad553c960
fd74fd5466a50192891b1df780fbe83134273a2c
a0afa14e63189f61ecd6618c65497a204d7fc3ef9a9af7b9688353774e959bbf
GET /gtag/js?id=UA-233612758-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Nov 2022 00:05:14 GMT
expires: Tue, 15 Nov 2022 00:05:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43678
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
roucoutaivers.com/1clkn/28562
23.109.87.174200 OK 26 B URL HTTP/1.1 roucoutaivers.com/1clkn/28562
IP 23.109.87.174:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
Analyzer Verdict Alert quad9 Sinkholed
GET /1clkn/28562 HTTP/1.1
Host: roucoutaivers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Nov 2022 00:05:14 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Wed, 16-Nov-2022 00:05:14 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Wed, 16-Nov-2022 00:05:14 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 96c9e6a333b1f0fddf32f24e7b965151
647fee1eb0d6839e30115edebe8d0840e6152cdb
a2ac4ddc863a9d641d91d504db389e0116cf1699322d2391f17d5785bf5bc538
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 9.6 kB IP 142.250.74.3:0
Hash 07dd5d79cfafd437abd58d03f357ba66
6c7c1a734c1e9c1fea710d4a86a1bc67f98459e4
18003efce807d6653a91ea8228e96d0294563b65c5c836e526bb6d466533c6b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
142.250.74.10200 OK 776 B URL HTTP/2 fonts.googleapis.com/css?family=Droid+Sans%3Aregular%2C700
IP 142.250.74.10:0
Hash 731e4b5158d85889d1c5b68c57e4b061
d254aa036a3ec20654289e4a2d1812505832e404
1a665cd779b6e6b9999fe8fcb478ce92c180da48b2a556250fdf90dae980b121
GET /css?family=Droid+Sans%3Aregular%2C700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 00:05:14 GMT
date: Tue, 15 Nov 2022 00:05:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e919aecc05c20422b16c501df0dae03b
ef115390278cfdb418d2ecf35181e06a97eb4d68
9ddadc6683607ec1188f28afea84551a8b67e2997bb3665a5d43b13d948c0d0a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2138
Cache-Control: max-age=162070
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:14 GMT
Etag: "6372a577-117"
Expires: Wed, 16 Nov 2022 21:06:24 GMT
Last-Modified: Mon, 14 Nov 2022 20:30:47 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash e919aecc05c20422b16c501df0dae03b
ef115390278cfdb418d2ecf35181e06a97eb4d68
9ddadc6683607ec1188f28afea84551a8b67e2997bb3665a5d43b13d948c0d0a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2138
Cache-Control: max-age=162070
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:14 GMT
Etag: "6372a577-117"
Expires: Wed, 16 Nov 2022 21:06:24 GMT
Last-Modified: Mon, 14 Nov 2022 20:30:47 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 146005c9a9a5d0ae03c6f68626b05133
e2b3e577165d976b67d5e87611663bbf6a0f8ad9
018c39f26419ad59410a9d0351bdf7794285236fb75ce08872b28507b52643d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "018C39F26419AD59410A9D0351BDF7794285236FB75CE08872B28507B52643D2"
Last-Modified: Sun, 13 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10303
Expires: Tue, 15 Nov 2022 02:56:57 GMT
Date: Tue, 15 Nov 2022 00:05:14 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 25 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 57ab1f532094c156a2d098735e71c6b1
33f7b2b6dc363cbd2afe817bc0acd598cf5ecf5c
735bf79d109d375809ababa1c757000fe73230f296704c607c47a2cff1cb13b3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "018C39F26419AD59410A9D0351BDF7794285236FB75CE08872B28507B52643D2"
Last-Modified: Sun, 13 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10303
Expires: Tue, 15 Nov 2022 02:56:57 GMT
Date: Tue, 15 Nov 2022 00:05:14 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 146005c9a9a5d0ae03c6f68626b05133
e2b3e577165d976b67d5e87611663bbf6a0f8ad9
018c39f26419ad59410a9d0351bdf7794285236fb75ce08872b28507b52643d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "018C39F26419AD59410A9D0351BDF7794285236FB75CE08872B28507B52643D2"
Last-Modified: Sun, 13 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10303
Expires: Tue, 15 Nov 2022 02:56:57 GMT
Date: Tue, 15 Nov 2022 00:05:14 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 146005c9a9a5d0ae03c6f68626b05133
e2b3e577165d976b67d5e87611663bbf6a0f8ad9
018c39f26419ad59410a9d0351bdf7794285236fb75ce08872b28507b52643d2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "018C39F26419AD59410A9D0351BDF7794285236FB75CE08872B28507B52643D2"
Last-Modified: Sun, 13 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10303
Expires: Tue, 15 Nov 2022 02:56:57 GMT
Date: Tue, 15 Nov 2022 00:05:14 GMT
Connection: keep-alive
fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21224, version 1.0\012- data
Hash 13bdfb843f942ccd9f485eb6c0bc1934
2bad44362ff7569f24f2a3df2521b27a97ec1297
7a291479495fbb281655d5e870c6d118dc6b7ed18e8c235aef5974c1e9de4e6c
GET /s/droidsans/v18/SlGVmQWMvZQIdix7AFxXkHNSbQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 23:13:45 GMT
expires: Wed, 08 Nov 2023 23:13:45 GMT
cache-control: public, max-age=31536000
age: 521489
last-modified: Tue, 19 Apr 2022 18:04:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fstatic.netpub.media/static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470714465
104.26.4.26301 Moved Permanently 472 B URL HTTP/2 fstatic.netpub.media/static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470714465
IP 104.26.4.26:0
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
GET /static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470714465 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 15 Nov 2022 00:05:14 GMT
location: https://fstatic.netpub.media/r/14f9494694a9078dc2f4ae3c92e41760/service.js
cache-control: max-age=3600
expires: Tue, 15 Nov 2022 01:05:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TF3T5pEkoUapxpS21zHdcOz%2Bo5qrcCaVWNyPwSHySpG8R%2Feb3Yr55l0bpVbOorP6YrHnn4Ci0PdMKuPrZQaOBZ32%2B3pvv9EU2vqGiEiA5YB7KyQ4%2B0sqdRB%2BTCtD%2Bw4BYaa9wHe9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a3bbef6cf3b50b-OSL
X-Firefox-Spdy: h2
blogmado.com/2022/06/22/what-is-the-cost-of-health-insurance-policy-for-a-family/
172.67.187.220200 OK 15 kB URL HTTP/2 blogmado.com/2022/06/22/what-is-the-cost-of-health-insurance-policy-for-a-family/
IP 172.67.187.220:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash d8b1758f45cb552d957187d14de1723b
4b5bb5ab01384f0928762144bde337f8aa6658ce
33675c4afd02548b7f2a9c5cd37bd0feb312b4bd6cc3ec8ac924d124e859dbe6
GET /2022/06/22/what-is-the-cost-of-health-insurance-policy-for-a-family/ HTTP/1.1
Host: blogmado.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=8de5a4e4d86b024b07451be10990a92e
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:14 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://blogmado.com/xmlrpc.php
link: <https://blogmado.com/wp-json/>; rel="https://api.w.org/", <https://blogmado.com/wp-json/wp/v2/posts/56>; rel="alternate"; type="application/json", <https://blogmado.com/?p=56>; rel=shortlink
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LpY9oE6Ax%2FiU%2FwALrToRY47YliBGz2Psl2%2B85CjzSgpfDVLBn6hRobhduku6u7%2FJSaYB3f4707RlaxXLD%2BWcML84lbjL1rHoJZLdp3z9Kk%2BrwIAjRTmNPmC3fFqeOKU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bbe9b9ed0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fstatic.netpub.media/r/14f9494694a9078dc2f4ae3c92e41760/service.js
104.26.4.26302 Found 575 B URL HTTP/2 fstatic.netpub.media/r/14f9494694a9078dc2f4ae3c92e41760/service.js
IP 104.26.4.26:0
Hash 251b56083871e83942defe83edf052eb
bd71724934acf7d096bc21a788cb86ea15f19394
3575dd1e1267bbe96213e831cc4af217ed88a9673a4fd945ac95e27c172c919f
GET /r/14f9494694a9078dc2f4ae3c92e41760/service.js HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blogmado.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 15 Nov 2022 00:05:14 GMT
content-type: text/html; charset=iso-8859-1
location: https://fstatic.netpub.media/r/14f9494694a9078dc2f4ae3c92e41760/450e059b.js?npr=c1a3b9540f4290a1a965ead6c5f2ea5c
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zo%2FowXYtnTdeYJ43GlGS7T9jsCFL%2F1RQMVvUtie7UwgidDQqHCCUNvceeCMPFFZaWutsinAjqI1yDgqnJ11Q7Ifdivkj4%2FnpYBdqtrIY3BrztPwgMNEBiGhXtt4Qw025Pu06I%2Foj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bbef9d1bb50b-OSL
X-Firefox-Spdy: h2
plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js
173.233.139.164403 Forbidden 0 B URL HTTP/1.1 plungebriefinggladly.com/7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7e/1d/8f/7e1d8f1ae70c40a4c328807cbe5300ca.js HTTP/1.1
Host: plungebriefinggladly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Tue, 15 Nov 2022 00:05:15 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
fstatic.netpub.media/r/14f9494694a9078dc2f4ae3c92e41760/service.js
104.26.4.26302 Found 13 kB URL HTTP/2 fstatic.netpub.media/r/14f9494694a9078dc2f4ae3c92e41760/service.js
IP 104.26.4.26:0
Hash 061b6d02a54d1a2441dc7884fb889859
0e00c5b955a910e1c186133f9b87b561728fc262
42d3c851b7f82f51156a2669a8341f319f5660349684f0b93b36eb5ca7e7a80c
GET /r/14f9494694a9078dc2f4ae3c92e41760/service.js HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blogmado.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Tue, 15 Nov 2022 00:05:14 GMT
content-type: text/html; charset=iso-8859-1
location: https://fstatic.netpub.media/r/14f9494694a9078dc2f4ae3c92e41760/450e059b.js?npr=c1a3b9540f4290a1a965ead6c5f2ea5c
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEDxVpaRTwb4eHrMpFlQY%2F%2BjzdOLdY5Juh7TJcEyNsqmbAMJDqTIzQ8qylPfopSgCsCfeHgINETOgvk606BQPL0RRVfOpb6iL4srTj9DqW42%2BhM%2F30LM5JRcaqpjImkxlxPakCGb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bbf03d9bb50b-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2878
Expires: Tue, 15 Nov 2022 00:53:14 GMT
Date: Tue, 15 Nov 2022 00:05:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2878
Expires: Tue, 15 Nov 2022 00:53:14 GMT
Date: Tue, 15 Nov 2022 00:05:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2878
Expires: Tue, 15 Nov 2022 00:53:14 GMT
Date: Tue, 15 Nov 2022 00:05:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe4f5dc12e097182fed4de0161bc5b8a
746804d683bea55f44d5f6456a7e69d0048e4f58
d8a2095cd57455bab301ae68b7478997f3db056039886d85301eb85d7d196cf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b12e479-a09c-431c-aecf-6e63c60a01f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5882
x-amzn-requestid: a9d913e4-c9c1-4054-a9ff-c5ff5287c854
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhQZ2H2loAMFsmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370610b-63cf663851f2e04b7f2cb70a;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:14:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0DjdK2du8K9O1d0rcWaDO6yqWBuHYSSiEJmscryUraTH73vwcwubNg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 03:32:26 GMT
age: 73970
etag: "746804d683bea55f44d5f6456a7e69d0048e4f58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c6daffa-b6ce-4709-8faf-5c9d010efd87.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c6daffa-b6ce-4709-8faf-5c9d010efd87.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 32c2a360d4897787f15b26d4a4cbfb00
18e1aa8e48e835336709e6f29dfc1b050867ed70
c6865753db8e92a8ed28b22dd6ada4d17a18035a850cbee1272fb8019c9ad8d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c6daffa-b6ce-4709-8faf-5c9d010efd87.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10330
x-amzn-requestid: cf1ae48b-2202-4f8f-aace-1502854159ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhQZ8EtVIAMF6sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370610c-731fe2271954c26130f700f2;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:14:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: PAEqTK7ePU0kPfZmKq0y04XyWXW7oAkIkdiIoV2YCSwuCJoIfeGw1w==
via: 1.1 94f8839a97f73584e70cc07d9f704d62.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 04:17:31 GMT
age: 71265
etag: "18e1aa8e48e835336709e6f29dfc1b050867ed70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94c82cd0e4204ea23b9bd86a3f576fa8
1651325ad361d1c86a4b81edb6b75af27f490a39
0173a565be87e87b2a8fccb3bfe4f237ddd9fdafa5711e79f0c4381882238886
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b1ce583-5604-4223-b88e-880659fdc0e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8025
x-amzn-requestid: c876c502-bde1-4c03-a946-7af2117240ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bg3EUF0foAMFfyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63703881-0594a8076fb64f570f824ad1;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 00:21:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eWpoQ8Bkfez0fw2HBZVlPIWIrtjeS6i6V-Dn0NthrKeeDYQEYq62kQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:49:06 GMT
etag: "1651325ad361d1c86a4b81edb6b75af27f490a39"
content-type: image/jpeg
age: 8170
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lp5eW92D8SbFtcQLk-LRSaSKNMNFYCW7XTALdNdrJxN6ebgdH8_1Dw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:52:43 GMT
age: 7953
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F818b8415-26b4-4768-a1f1-8eafa6e11c16.webp
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F818b8415-26b4-4768-a1f1-8eafa6e11c16.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b76f3ae29d447b9c8938462c4adb6463
f22e89c145d1ede9e3d731e6748bfe338c1a0d6b
b5bf1a0416425ffef9f3b0954c7c4659e33ab1dacfb812e8308e2095dd1bc409
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F818b8415-26b4-4768-a1f1-8eafa6e11c16.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7414
x-amzn-requestid: ff411645-d77f-4ef2-a175-c534bcd21f28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bM2cjFwqIAMFxgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63683783-552038846aadb8be53bb3ea1;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 22:38:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ivVEyCNKURmHSP1rbwcmv3mUrpIJ13B7LGsFzYYufJIMx2I5aZXY3g==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 10:03:33 GMT
age: 50503
etag: "f22e89c145d1ede9e3d731e6748bfe338c1a0d6b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49fc9477e5982c76b5205fe284f50848
2ca4915631ddcda64c1cb70674f4b1379e288050
496e4e4317538bd34bc6bc28f0c772b7afaf0edac6d2a8686f5e6c4f44331bb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11290
x-amzn-requestid: e56e4731-696e-4c63-9b48-1be184b32098
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPzMHOEoAMFVJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63706014-22c49f066ed90cf35d5bba3d;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4GdlXHpFADt-b7aq-JhGnU4derYUx0ta39dEXO3ywma3_J0L3D1fug==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 04:13:15 GMT
age: 71521
etag: "2ca4915631ddcda64c1cb70674f4b1379e288050"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c1abc90e3b0a3418b27aa617d9e6f6eb
ec09eabd2f48a4013c6ae13d0145d5cd5823aa96
57905b7c1951f7340d51107297e02bd848abecfcf701ea8bc1befa105ee0178f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/tag/js/gpt.js
216.58.207.194200 OK 27 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (40254)
Hash 212a7110ff8a9e4571a66d21c1066915
520df0745b7a92a83e4a9ada8bbf9e56c63aff0b
de0ef204a9d8462292f936c68f30e29179c693ae6bd9bdfb3d9c01d9dda76eff
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27313
date: Tue, 15 Nov 2022 00:05:16 GMT
expires: Tue, 15 Nov 2022 00:05:16 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1392 / 375 of 1000 / last-modified: 1668467156"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js
142.250.74.163200 OK 409 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (668)
Size 409 kB (408610 bytes)
Hash 5e4857e008de71aa0e33e9cd123d008e
307c748fabe2497c790a20dcacde300ff7e20749
fdfeba02862c96c6d6fa5c6ecc5db0b1f9c04b93941ffa0dd47b23e66a7f9e8f
GET /recaptcha/releases/jF-AgDWy8ih0GfLx4Semh9UK/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 408610
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 23:36:34 GMT
expires: Tue, 14 Nov 2023 23:36:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 07 Nov 2022 23:32:29 GMT
content-type: text/javascript
age: 1722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 14 Nov 2022 22:41:09 GMT
expires: Tue, 15 Nov 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 5047
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
216.58.207.194200 OK 132 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (65395)
Size 132 kB (132474 bytes)
Hash b9657eee866229927e2230cd0fd82254
822322d5ea967c609aa55dd010e2d83570540851
155afb85072d720a2e01ccaffd8c1ea95f459ac50629b0ce3ad824d6903e0dac
GET /gpt/pubads_impl_2022111001.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 132474
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Nov 2022 11:32:04 GMT
expires: Fri, 10 Nov 2023 11:32:04 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 10 Nov 2022 09:36:20 GMT
content-type: text/javascript
age: 390792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blogmado.com
216.58.207.194200 OK 144 B URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=blogmado.com
IP 216.58.207.194:0
File type JSON data\012- , ASCII text, with very long lines (369), with no line terminators
Hash eec49b6a658e70597ed1554795ee8350
88e1821b7972ee2cd56b87e97026e83aee16e0b7
10e7443f0420031e4670741a16a44fbccd9250f8feef202e56e89c8f96e49ffe
GET /pagead/ppub_config?ippd=blogmado.com HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Tue, 15 Nov 2022 00:05:16 GMT
expires: Tue, 15 Nov 2022 00:05:16 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 144
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 15-Nov-2022 00:20:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:18 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://blogmado.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a3bc06ad4eb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 3846e2a74d09c297a8585e7774c0fff9
ec3c36ebb115a0c12cfc636d46d89e44b2dd6fb6
8daa4f8054be723e966722673fcbcc8c2b0ff86769b90c1304f737ff69d79ade
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 00:05:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 12:04:33 GMT
Expires: Sun, 20 Nov 2022 12:04:32 GMT
Etag: "ec3c36ebb115a0c12cfc636d46d89e44b2dd6fb6"
Cache-Control: max-age=474553,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a3bc05fe3ab4e8-OSL
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 00:05:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://blogmado.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 12:31:58 GMT
expires: Sun, 12 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 214400
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 3846e2a74d09c297a8585e7774c0fff9
ec3c36ebb115a0c12cfc636d46d89e44b2dd6fb6
8daa4f8054be723e966722673fcbcc8c2b0ff86769b90c1304f737ff69d79ade
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 00:05:18 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 12:04:33 GMT
Expires: Sun, 20 Nov 2022 12:04:32 GMT
Etag: "ec3c36ebb115a0c12cfc636d46d89e44b2dd6fb6"
Cache-Control: max-age=474553,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a3bc06edcfb4ed-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f823364b87c7b824bf66233ef28288cf
ee909bfac301b51876c4f38e24430bee2acedcb7
37152b5b37d0075b1250616d3409e955a99cb57ca5dad10d1c254b5df15b1f72
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37152B5B37D0075B1250616D3409E955A99CB57CA5DAD10D1C254B5DF15B1F72"
Last-Modified: Sun, 13 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8492
Expires: Tue, 15 Nov 2022 02:26:50 GMT
Date: Tue, 15 Nov 2022 00:05:18 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 96c9e6a333b1f0fddf32f24e7b965151
647fee1eb0d6839e30115edebe8d0840e6152cdb
a2ac4ddc863a9d641d91d504db389e0116cf1699322d2391f17d5785bf5bc538
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=blogmado.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=blogmado.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=blogmado.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 15 Nov 2022 00:05:18 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=blogmado.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=blogmado.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=blogmado.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 15 Nov 2022 00:05:18 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
56wtdwxxsqjn.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 56wtdwxxsqjn.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 56wtdwxxsqjn.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 00:05:18 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111001&st=env
142.250.74.98200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111001&st=env
IP 142.250.74.98:0
File type JSON data\012- , ASCII text, with very long lines (14858), with no line terminators
Hash a630d9193273dfc4c1432496c9189255
929b5d1de529ed9026f2b95656c3d4963d7a5658
a0d0fb4e4a0ff6a693fccfc65fa37171cee1cb3f5fabbfb50e893b71bc50de57
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022111001&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Tue, 15 Nov 2022 00:05:19 GMT
server: cafe
content-length: 11209
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c8bafb9239017db4d25ccb3c18843abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
142.250.74.65200 OK 2.7 kB URL HTTP/2 c8bafb9239017db4d25ccb3c18843abe.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
IP 142.250.74.65:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html?n=1 HTTP/1.1
Host: c8bafb9239017db4d25ccb3c18843abe.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Tue, 15 Nov 2022 00:05:19 GMT
expires: Wed, 15 Nov 2023 00:05:19 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adsco.re/p
162.252.214.5200 OK 171 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 5b6043a110394bb78ed10ed6616af492
1d8a47202a10831cba660d65c37449a6a05d8632
f6eb25cffba0b8bc7e014d64f093eb13add762513bd99eb0bef0e7918d5e1e63
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1927
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 00:05:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://blogmado.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0d697bbbbb4b408b969813e674821d32
481b93a1788b27c0e392fdfa2611b68a41fca5b4
01ea5a196fe27ebb6778d8b31a2e161f1d5e20776dfe800b2f407af1c11c17f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Tue, 15 Nov 2022 00:05:19 GMT
expires: Tue, 15 Nov 2022 00:05:19 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 58327823fa88456d037b11fbf8330bf1
795e0637abb2ba1b4c50d69b485bce22af79b283
e4bea4980b22d4ce76727b59e8f13b6048ad7990daa8187987cc5400db957a04
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4BEA4980B22D4CE76727B59E8F13B6048AD7990DAA8187987CC5400DB957A04"
Last-Modified: Sun, 13 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7445
Expires: Tue, 15 Nov 2022 02:09:24 GMT
Date: Tue, 15 Nov 2022 00:05:19 GMT
Connection: keep-alive
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 17:40:04 GMT
expires: Tue, 14 Nov 2023 17:40:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 23115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 7efbeb4d9a7f1d9627143168451ac23f
b4bff89098ffce5eb0498a743c05637e85848ee1
abeaed4d01747c54cd5472d655d75ee306b5aaa555f69c798f5b07b2df4f9817
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 00:05:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 13 Nov 2022 17:30:48 GMT
Expires: Sun, 20 Nov 2022 17:30:47 GMT
Etag: "b4bff89098ffce5eb0498a743c05637e85848ee1"
Cache-Control: max-age=494127,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76a3bc0c7b36b4e8-OSL
xadsmart.com/rIlPOE.htm?_=BAYAY3LXvwFjcte_gAGBAsAAIHH3InC3JGPda7lHm-cmYSNyqs7o7_ooG91v5FlntjjUwQBHMEUCIQDfpEWHJGDeJDNTOH8AzdANLI1PjTDKHxw36k3V3M6NNQIgC7pb6CV2dSXlx7tDSFbZ18fzFtoOn5a7ivUb07RIOqU&v=4&cexFsaBr=4792524&minBid=&OGtjIQUi=0,0&JnvrfPHD=&dRIwzakM=&s=1280,1024,1,1280,1024,0
104.153.197.251200 OK 44 B URL HTTP/2 xadsmart.com/rIlPOE.htm?_=BAYAY3LXvwFjcte_gAGBAsAAIHH3InC3JGPda7lHm-cmYSNyqs7o7_ooG91v5FlntjjUwQBHMEUCIQDfpEWHJGDeJDNTOH8AzdANLI1PjTDKHxw36k3V3M6NNQIgC7pb6CV2dSXlx7tDSFbZ18fzFtoOn5a7ivUb07RIOqU&v=4&cexFsaBr=4792524&minBid=&OGtjIQUi=0,0&JnvrfPHD=&dRIwzakM=&s=1280,1024,1,1280,1024,0
IP 104.153.197.251:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /rIlPOE.htm?_=BAYAY3LXvwFjcte_gAGBAsAAIHH3InC3JGPda7lHm-cmYSNyqs7o7_ooG91v5FlntjjUwQBHMEUCIQDfpEWHJGDeJDNTOH8AzdANLI1PjTDKHxw36k3V3M6NNQIgC7pb6CV2dSXlx7tDSFbZ18fzFtoOn5a7ivUb07RIOqU&v=4&cexFsaBr=4792524&minBid=&OGtjIQUi=0,0&JnvrfPHD=&dRIwzakM=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: xadsmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Tue, 15 Nov 2022 00:05:19 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.3 kB IP 142.250.74.3:0
File type gzip compressed data, max compression\012- data
Hash f6c108bb13efefaa4474cda09307c6b3
913baae4fb85ca68ca7fff267c06035e85b915a1
02487fab5d8690ae0c2013435dcacdd2be1e4e690a92ddf76a1e493a7a7ae9e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 80113bfe5fdd1d461ea77e3cfcd00bbb
daee0b39946d0d704feb0eef3d221f356e12b7ce
ee06712531273cc99903a1bf2f56f8665aaa503dbeae6fe20428821dd608fc69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 80113bfe5fdd1d461ea77e3cfcd00bbb
daee0b39946d0d704feb0eef3d221f356e12b7ce
ee06712531273cc99903a1bf2f56f8665aaa503dbeae6fe20428821dd608fc69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 80113bfe5fdd1d461ea77e3cfcd00bbb
daee0b39946d0d704feb0eef3d221f356e12b7ce
ee06712531273cc99903a1bf2f56f8665aaa503dbeae6fe20428821dd608fc69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75188b04dfe7a6571e2f1cf0724b08fb
bc0055cc8e8964f7407a71279b6f0d509c2bdf7d
cf649f3552c7fafb04772f26d667fac57292abb8eea7e76e672794865d739792
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
216.58.211.1200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
IP 216.58.211.1:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash 190bcb4c44fd9e0e93baa80c9b2535b8
97bda56ddc8d6a00d19e1747d63325051f3fd144
b7677f820f06329e357561f570729fe4110af4ac5fb741b97567e20a0f533301
GET /rtv/012211060024000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61592
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 18:08:54 GMT
expires: Tue, 14 Nov 2023 18:08:54 GMT
cache-control: public, max-age=31536000
etag: "a2fca7132416d151"
content-type: text/javascript; charset=UTF-8
age: 21385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
216.58.211.1200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
IP 216.58.211.1:0
File type ASCII text, with very long lines (14697)
Hash ae1a9f090984c448deb0629cc2304ee3
e601825ccec746695f370ed68fa33325152e0d9f
6a947bfcdeea64faa6c795caea11ee09dbe00f5d4003b7b9d47e4945c05ac1e4
GET /rtv/012211060024000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blogmado.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5218
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 18:08:54 GMT
expires: Tue, 14 Nov 2023 18:08:54 GMT
cache-control: public, max-age=31536000
etag: "abd4378f71571d78"
content-type: text/javascript; charset=UTF-8
age: 21385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
216.58.211.1200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
IP 216.58.211.1:0
File type ASCII text, with very long lines (65534)
Hash c88b4e73b12307e42222d337bdd646a2
621233bf4e777b2d44b1bc143187111aca2fe718
ef6935537cd5a603b79bc98d4274b70ee5608955792523fc58e818c8ddbb7b48
GET /rtv/012211060024000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blogmado.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28809
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 18:08:54 GMT
expires: Tue, 14 Nov 2023 18:08:54 GMT
cache-control: public, max-age=31536000
etag: "dd6615029de85e23"
content-type: text/javascript; charset=UTF-8
age: 21385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
216.58.211.1200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
IP 216.58.211.1:0
File type ASCII text, with very long lines (5046)
Hash 669c8592ef8f63e7404e45dd6ca56b71
3f6753966361bb86594193009c9097612c361064
d174ae2c0722ab8d4bf736f0200dc5b15d288f9500a706bb161b64f5a3b74f01
GET /rtv/012211060024000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blogmado.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1913
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 18:08:54 GMT
expires: Tue, 14 Nov 2023 18:08:54 GMT
cache-control: public, max-age=31536000
etag: "403438c4d550ee88"
content-type: text/javascript; charset=UTF-8
age: 21385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.netpub.media/iab?o=474&k=5&b=fetch&xx=15663b3c58a43d9a93f21c260527a47a&s=complete&g=0&p=515.5&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&e=0&w=14f9494694a9078dc2f4ae3c92e41760&z=1c2b3d8f5084c3670b0ffbd768d4c149&m=898&f=dfp&c=FR&q=320&i=1&a=true&y=%2F29636627%2C22620349674%2Fblogmado.com_fluid_6&v=1.6.0&x=netpub&r=100&yy=f34f336f7278c146e753e83ab53009ee&zz=a2302996a403f19e6e59ea1be534c7f07672dc1417748ef308fa580490652a4e&aa=5a4fc3df82df6af687e37ede081e671f5224a4c52beec2e57327aa7e874220a3&j=0&n=100&l=1268&t=1668470719702&h=0&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F
104.26.4.26200 OK 477 B URL HTTP/2 px.netpub.media/iab?o=474&k=5&b=fetch&xx=15663b3c58a43d9a93f21c260527a47a&s=complete&g=0&p=515.5&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&e=0&w=14f9494694a9078dc2f4ae3c92e41760&z=1c2b3d8f5084c3670b0ffbd768d4c149&m=898&f=dfp&c=FR&q=320&i=1&a=true&y=%2F29636627%2C22620349674%2Fblogmado.com_fluid_6&v=1.6.0&x=netpub&r=100&yy=f34f336f7278c146e753e83ab53009ee&zz=a2302996a403f19e6e59ea1be534c7f07672dc1417748ef308fa580490652a4e&aa=5a4fc3df82df6af687e37ede081e671f5224a4c52beec2e57327aa7e874220a3&j=0&n=100&l=1268&t=1668470719702&h=0&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F
IP 104.26.4.26:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash a68aeff1e6d56d3a1beec656687b02d8
5064e9649f206cbd502a65226830c09b68fda29e
ca14f74a77deb0356235822308b69fc2bca16ce40b1d64b2747579b22eafb1b4
GET /iab?o=474&k=5&b=fetch&xx=15663b3c58a43d9a93f21c260527a47a&s=complete&g=0&p=515.5&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&e=0&w=14f9494694a9078dc2f4ae3c92e41760&z=1c2b3d8f5084c3670b0ffbd768d4c149&m=898&f=dfp&c=FR&q=320&i=1&a=true&y=%2F29636627%2C22620349674%2Fblogmado.com_fluid_6&v=1.6.0&x=netpub&r=100&yy=f34f336f7278c146e753e83ab53009ee&zz=a2302996a403f19e6e59ea1be534c7f07672dc1417748ef308fa580490652a4e&aa=5a4fc3df82df6af687e37ede081e671f5224a4c52beec2e57327aa7e874220a3&j=0&n=100&l=1268&t=1668470719702&h=0&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F HTTP/1.1
Host: px.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:19 GMT
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: X-HTTPREQUEST
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2ByXOhZLGjpV4D1wbTNq4YPzyrnh8yYaxtMysVN2a2G9EdgQ5EokQyDu3NlnKb3MK6JPJDSlnfO0YQaPF7Y5J40B%2FuCulKWEphknPDD0UJPVx8KXKwe4iF64y7nkxy7KGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bc0e6dfcb50b-OSL
X-Firefox-Spdy: h2
px.netpub.media/iab?o=474&k=5&b=fetch&xx=15663b3c58a43d9a93f21c260527a47a&s=complete&g=1&p=515.5&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&e=0&w=14f9494694a9078dc2f4ae3c92e41760&z=1c2b3d8f5084c3670b0ffbd768d4c149&m=898&f=dfp&c=FR&q=320&i=1&a=true&y=%2F29636627%2C22620349674%2Fblogmado.com_fluid_6&v=1.6.0&x=netpub&r=100&yy=f34f336f7278c146e753e83ab53009ee&zz=a2302996a403f19e6e59ea1be534c7f07672dc1417748ef308fa580490652a4e&aa=5a4fc3df82df6af687e37ede081e671f5224a4c52beec2e57327aa7e874220a3&j=0&n=100&l=1268&t=1668470719703&h=0&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F
104.26.4.26200 OK 182 B URL HTTP/2 px.netpub.media/iab?o=474&k=5&b=fetch&xx=15663b3c58a43d9a93f21c260527a47a&s=complete&g=1&p=515.5&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&e=0&w=14f9494694a9078dc2f4ae3c92e41760&z=1c2b3d8f5084c3670b0ffbd768d4c149&m=898&f=dfp&c=FR&q=320&i=1&a=true&y=%2F29636627%2C22620349674%2Fblogmado.com_fluid_6&v=1.6.0&x=netpub&r=100&yy=f34f336f7278c146e753e83ab53009ee&zz=a2302996a403f19e6e59ea1be534c7f07672dc1417748ef308fa580490652a4e&aa=5a4fc3df82df6af687e37ede081e671f5224a4c52beec2e57327aa7e874220a3&j=0&n=100&l=1268&t=1668470719703&h=0&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F
IP 104.26.4.26:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 68afddc5fc6dff20732a10e111220622
eff6f5a1bc6cea1bdcb4b62b02d5c345a638c811
e2d9f74c1dc050a2bcd7d6b7a8803b1ec8387e4e4c3b85978742dc182d0b5383
GET /iab?o=474&k=5&b=fetch&xx=15663b3c58a43d9a93f21c260527a47a&s=complete&g=1&p=515.5&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&e=0&w=14f9494694a9078dc2f4ae3c92e41760&z=1c2b3d8f5084c3670b0ffbd768d4c149&m=898&f=dfp&c=FR&q=320&i=1&a=true&y=%2F29636627%2C22620349674%2Fblogmado.com_fluid_6&v=1.6.0&x=netpub&r=100&yy=f34f336f7278c146e753e83ab53009ee&zz=a2302996a403f19e6e59ea1be534c7f07672dc1417748ef308fa580490652a4e&aa=5a4fc3df82df6af687e37ede081e671f5224a4c52beec2e57327aa7e874220a3&j=0&n=100&l=1268&t=1668470719703&h=0&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F HTTP/1.1
Host: px.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:19 GMT
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: X-HTTPREQUEST
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oj3JcU%2BFlIGyh4lW0y4epuvhRzyYnvQroZ2F%2FEMAA4v17s7NdwUxvZjuH1DmSp3wmcYA0ZIiHPSqkDolM%2FtbMuMdsZKmnT%2BYn4uwhgh2L1YVpBhGKrVXj3T9KVWUF%2BGy3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bc0e6dfeb50b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 80113bfe5fdd1d461ea77e3cfcd00bbb
daee0b39946d0d704feb0eef3d221f356e12b7ce
ee06712531273cc99903a1bf2f56f8665aaa503dbeae6fe20428821dd608fc69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
56wtdwxxsqjn.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 56wtdwxxsqjn.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 56wtdwxxsqjn.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 15 Nov 2022 00:05:19 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
px.netpub.media/iab?n=100&v=1.6.0&f=dfp&z=1c2b3d8f5084c3670b0ffbd768d4c149&x=netpub&g=1&e=0&b=fetch&a=true&h=0&o=270&k=-1&p=798&q=728&t=1668470719585&r=100&y=%2F112081842%2C22620349674%2Fblogmado.com_728x90_banner2_marco2&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&yy=982fdaf3264edf3ccf1ccd8bffa6f325&m=898&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&c=FR&aa=2a19ccfc969079cc941309bd190e5ea0aa19fb0cb57f62bd7219ebe8fabd9362&zz=e9897d4705d1abeccc2ac009221c30f3c353cc5f66595476624de8b86dd48b02&j=0&w=14f9494694a9078dc2f4ae3c92e41760&l=1268&xx=b103e6a025422713ccb90c8e14aba948&i=1&s=complete
104.26.4.26200 OK 364 B URL HTTP/2 px.netpub.media/iab?n=100&v=1.6.0&f=dfp&z=1c2b3d8f5084c3670b0ffbd768d4c149&x=netpub&g=1&e=0&b=fetch&a=true&h=0&o=270&k=-1&p=798&q=728&t=1668470719585&r=100&y=%2F112081842%2C22620349674%2Fblogmado.com_728x90_banner2_marco2&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&yy=982fdaf3264edf3ccf1ccd8bffa6f325&m=898&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&c=FR&aa=2a19ccfc969079cc941309bd190e5ea0aa19fb0cb57f62bd7219ebe8fabd9362&zz=e9897d4705d1abeccc2ac009221c30f3c353cc5f66595476624de8b86dd48b02&j=0&w=14f9494694a9078dc2f4ae3c92e41760&l=1268&xx=b103e6a025422713ccb90c8e14aba948&i=1&s=complete
IP 104.26.4.26:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash b0a7502da46af4b71bb6927a47025159
5e6e07691c3e567bf7d082beb82b8fef6379bb1f
3389c3a983fece0433eeb66a17ad8df49f7b086504fd905ad2f3c57ca3de980b
GET /iab?n=100&v=1.6.0&f=dfp&z=1c2b3d8f5084c3670b0ffbd768d4c149&x=netpub&g=1&e=0&b=fetch&a=true&h=0&o=270&k=-1&p=798&q=728&t=1668470719585&r=100&y=%2F112081842%2C22620349674%2Fblogmado.com_728x90_banner2_marco2&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&yy=982fdaf3264edf3ccf1ccd8bffa6f325&m=898&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&c=FR&aa=2a19ccfc969079cc941309bd190e5ea0aa19fb0cb57f62bd7219ebe8fabd9362&zz=e9897d4705d1abeccc2ac009221c30f3c353cc5f66595476624de8b86dd48b02&j=0&w=14f9494694a9078dc2f4ae3c92e41760&l=1268&xx=b103e6a025422713ccb90c8e14aba948&i=1&s=complete HTTP/1.1
Host: px.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:19 GMT
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: X-HTTPREQUEST
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfaBBrhgW6AwMlWGG9k4mbSKOfc%2Fj4n6YfyGsUazoPWGTrCcl8%2BL9qpNoOBZ3ODIh1PUwBEhdteP79Lq5Fkm3iIP9EfCpJCVgtsAtyTeq63vOk8BVMvmbarDxb0kh5Cy%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bc0dcd7cb50b-OSL
X-Firefox-Spdy: h2
www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
142.250.74.66200 OK 48 kB URL HTTP/2 www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
IP 142.250.74.66:0
File type ASCII text, with very long lines (3502)
Hash 297e24828abaf97fb29460fd75369140
e9e02d737f1bcf9874a55562edff5f795a1c170c
cdbe4e689ca060e94f00f0aa4c45a89efacddac90df42929ff42a3bff44a9d3e
GET /activeview/js/current/rx_lidar.js?cache=r20110914 HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c8bafb9239017db4d25ccb3c18843abe.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-length: 48265
date: Tue, 15 Nov 2022 00:05:20 GMT
expires: Tue, 15 Nov 2022 00:05:20 GMT
cache-control: private, max-age=3000
etag: "1668095300071091"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.netpub.media/iab?l=1268&o=454&v=1.6.0&r=300&c=FR&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&z=1c2b3d8f5084c3670b0ffbd768d4c149&f=dfp&w=14f9494694a9078dc2f4ae3c92e41760&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=0&yy=441caf19b459c0357a9f96d60b566e6c&m=898&p=438&t=1668470720784&a=true&i=1&zz=59d79e37b1097c19ba46486ba269b28f8d8612026a33fd9c9b0af6ab13f3e616&aa=16321753645e64c2b00f56db2260b9b17a159c86dc773ec5601fd34eb1efc02e&e=0&b=static&g=0&s=complete&j=0&xx=9e7606b30d00152d42dd3bbb3c0fe4d2&k=6&y=%2F29636627%2C22620349674%2Fblogmado.com_fluid_7&n=100&q=360&x=netpub
104.26.4.26200 OK 182 B URL HTTP/2 px.netpub.media/iab?l=1268&o=454&v=1.6.0&r=300&c=FR&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&z=1c2b3d8f5084c3670b0ffbd768d4c149&f=dfp&w=14f9494694a9078dc2f4ae3c92e41760&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=0&yy=441caf19b459c0357a9f96d60b566e6c&m=898&p=438&t=1668470720784&a=true&i=1&zz=59d79e37b1097c19ba46486ba269b28f8d8612026a33fd9c9b0af6ab13f3e616&aa=16321753645e64c2b00f56db2260b9b17a159c86dc773ec5601fd34eb1efc02e&e=0&b=static&g=0&s=complete&j=0&xx=9e7606b30d00152d42dd3bbb3c0fe4d2&k=6&y=%2F29636627%2C22620349674%2Fblogmado.com_fluid_7&n=100&q=360&x=netpub
IP 104.26.4.26:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 68afddc5fc6dff20732a10e111220622
eff6f5a1bc6cea1bdcb4b62b02d5c345a638c811
e2d9f74c1dc050a2bcd7d6b7a8803b1ec8387e4e4c3b85978742dc182d0b5383
GET /iab?l=1268&o=454&v=1.6.0&r=300&c=FR&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&z=1c2b3d8f5084c3670b0ffbd768d4c149&f=dfp&w=14f9494694a9078dc2f4ae3c92e41760&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&h=0&yy=441caf19b459c0357a9f96d60b566e6c&m=898&p=438&t=1668470720784&a=true&i=1&zz=59d79e37b1097c19ba46486ba269b28f8d8612026a33fd9c9b0af6ab13f3e616&aa=16321753645e64c2b00f56db2260b9b17a159c86dc773ec5601fd34eb1efc02e&e=0&b=static&g=0&s=complete&j=0&xx=9e7606b30d00152d42dd3bbb3c0fe4d2&k=6&y=%2F29636627%2C22620349674%2Fblogmado.com_fluid_7&n=100&q=360&x=netpub HTTP/1.1
Host: px.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:20 GMT
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: X-HTTPREQUEST
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQ5nqkL%2FFnQPdiRHgwSHAkCH%2BSkjQAy9yJm6Ti%2FZ5PHKX8fOaJCAhm0JhIaaWGP%2FIpAUJFjRDBjuR0LNf9NsLaFpVuGYcAM8k7FXyghEwcbRFlNMq1BAJyG6HnTovfM4Og%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bc152b3fb50b-OSL
X-Firefox-Spdy: h2
px.netpub.media/iab?g=0&m=898&l=1268&h=0&b=string&z=1c2b3d8f5084c3670b0ffbd768d4c149&r=90&w=14f9494694a9078dc2f4ae3c92e41760&v=1.6.0&y=%2F112081842%2C22620349674%2Fblogmado.com_728x90_banner1_marco2&n=100&e=0&zz=4f77504282e29ecfe43ad0ca4eeada5a87b59c0d71f560cf7f770249af716ab8&a=true&p=287&aa=fa22b249cd650d670071fea21d2096f040c2a5b15e969792c89bc8a1b136bef1&xx=4a54823cf5abfe9f0e9d3cdf405aacc7&j=0&k=3&x=netpub&f=dfp&i=1&t=1668470720607&s=complete&c=FR&q=728&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&yy=1664726d9fa4060b660f7b682c21cd9e&o=270&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0
104.26.4.26200 OK 406 B URL HTTP/2 px.netpub.media/iab?g=0&m=898&l=1268&h=0&b=string&z=1c2b3d8f5084c3670b0ffbd768d4c149&r=90&w=14f9494694a9078dc2f4ae3c92e41760&v=1.6.0&y=%2F112081842%2C22620349674%2Fblogmado.com_728x90_banner1_marco2&n=100&e=0&zz=4f77504282e29ecfe43ad0ca4eeada5a87b59c0d71f560cf7f770249af716ab8&a=true&p=287&aa=fa22b249cd650d670071fea21d2096f040c2a5b15e969792c89bc8a1b136bef1&xx=4a54823cf5abfe9f0e9d3cdf405aacc7&j=0&k=3&x=netpub&f=dfp&i=1&t=1668470720607&s=complete&c=FR&q=728&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&yy=1664726d9fa4060b660f7b682c21cd9e&o=270&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0
IP 104.26.4.26:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 74576aa64a28ae448662ba16c55afd13
5dd0e44d052c3b9ccb40523dfdb526af535f22c7
eb75ddd2cfdec1af40cf99b45838ae65ac03d45bbb28c58208a4d87ee93bbea4
GET /iab?g=0&m=898&l=1268&h=0&b=string&z=1c2b3d8f5084c3670b0ffbd768d4c149&r=90&w=14f9494694a9078dc2f4ae3c92e41760&v=1.6.0&y=%2F112081842%2C22620349674%2Fblogmado.com_728x90_banner1_marco2&n=100&e=0&zz=4f77504282e29ecfe43ad0ca4eeada5a87b59c0d71f560cf7f770249af716ab8&a=true&p=287&aa=fa22b249cd650d670071fea21d2096f040c2a5b15e969792c89bc8a1b136bef1&xx=4a54823cf5abfe9f0e9d3cdf405aacc7&j=0&k=3&x=netpub&f=dfp&i=1&t=1668470720607&s=complete&c=FR&q=728&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&yy=1664726d9fa4060b660f7b682c21cd9e&o=270&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0 HTTP/1.1
Host: px.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:20 GMT
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: X-HTTPREQUEST
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiauFssPPGgPNdzN4W01sEWsMCOPreKbRck%2Fj%2FSRmOaw%2BEe8NAaaTvYI7PLBUZEEw6EV1XgJGT2v07%2BxJGVR1E8mhBNsKVyDqkB3mxxnMP1MgUHcFfOy9ownb9eg9Oxfxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bc140a23b50b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c032f30e41c8a71a7610a7be9f7b6255
01daaa4dbbb0e2d2402e4796c37843f01464c813
bcefb7ad2179e9704c340d8cefc2de63aac8e9e35c10433090127cd7e323bb7c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstHY3SKQYRq7RqXftCrlS2NApA7sUDorFA0DTQ1Ev0NuuAcmNVUXSe44tDXGq1dd5xbM4QcdsVzqJHyK_BNOl0pCtmES_jKt4a-YeQJCzF8Zr5MU3egxc3FBnKTvy-6RFiRj0hOeUURXjAos9U6KnURdBLjgt8q5dDCwdm3ZHTsLBH4nhmvL0SjtsKb0-Qj_Eg_bqdQH8Wai8zD7yKPY14w4uIM1nz_qdPScUaPY2M1BiyfFA7NWcwrC2HCfZnXaKb-33iDsaLjgq3DS9hg35RJCenJW-5qA9KTe68a1fsb64R7sRs4L6ZUYAdqpjeRLK45Ub1aiLCjQJJ-jpd349cimji296bGfuGKBq_UKRBWgNKoUWTzAi-4H7azCiyi3vqsPMZ9JM5WraF1d3_iV0qYiTja0qdAzJp0Xx_Cv0aG1sBSZgljR-hlDvEpRh7NcL3fCXB2ip-_F8kE6lmDP4-bGfJ99JFJkzMY2w0d0nRIeMUSEB7dKSZx6KEi4ra1Jvl1zkaNMB0cBLVKftX4d0djDlFYZhBlQomcybIDmmtxMiM3U1F1i9-BJ1sVnUG66N02eBkPidKmsTsN-FGUa7zRxfSj6Edm9ME4aonxq-Gq8OouXL3iCd89NVxhK5MH44fXoJ9BHfvALzj7KvgqjOzcVzCQZUmwJuuOV9MqNifZJSch2j4-Xfk4Db9SlbaOAJtFn4pA98iN1fzxd3CncgsR8wu2wGI7PUlQACp6NCNE7ZMF6gFCkpsEsprDIBz0_JdRQu5eLC5tRWyDqkbEwCJQ_ddq_WRLQE7xSJBZRc4z6L_XU3QHjUK-rTmOnK6-SnPVCt9GSj95a2zDnU3Av9eRwb-VWQYliQLDMftQoJaYVv74c-gSvdoGsTYl65kQOQs9ChpUHvA4SxOTCJFiZuqQUutracycPwKIFMH7U-NxysOD8MivwaJxhyVQSCX7yH7eawTnKgtX-ZWbRSQkWOOyiJkOPQGEPdmbSISPpI1QY1MUxDpEFeq9aBsUcIOuw7yQIf-y0pjs9fTH0f6ZYf8FCA80rb_u0hc28JL3LlJ1nhadwuyhC8wkTAZCHmLmqrM13TQRGhhzLVS4JuCy_6eD1cTUU97M0jGnmj3WMNIK9v80fBKBCYZvSfPh5LhWHMB4t29Y36UrZSaSpw2Y0fi6xbkmyq56fq68x71sl6EGyb2v5VfNA1e1KgsHRAaP4i_Dof1Ad5jhst-k5jFCFMN9828XZpl1WPGgPssSVNFSy1B-m21Ah6VosgfBl7qNomAP2JmfnTHF1g&sai=AMfl-YRqJ8wZiO-IFKCqpG0g6Ur1S36BjozZa7WTHoGQdYlUW3UzcIsOwI1QWXctlch8yP5gRcWWa3ABXYi1eZdYKIeou1gK3mWrGqeKldRQdh43s7unWSDcxbkAmhOwnN2LWqrrkBxTXoH8CpXFITtHmFWCAONzLGE_o3ufV0VH6XO2hh_atoYQrbRZQRaoFBp2sDc0n-WlOw2NKffkyZJ-wFig89eXkXc9L9d6eNd7jlwh2Bxvd1aegQqDtoFNa7znQqc7UDT_sjziaBoQYjeh6Bw&sig=Cg0ArKJSzCOn6GwUcUs4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.83225&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstHY3SKQYRq7RqXftCrlS2NApA7sUDorFA0DTQ1Ev0NuuAcmNVUXSe44tDXGq1dd5xbM4QcdsVzqJHyK_BNOl0pCtmES_jKt4a-YeQJCzF8Zr5MU3egxc3FBnKTvy-6RFiRj0hOeUURXjAos9U6KnURdBLjgt8q5dDCwdm3ZHTsLBH4nhmvL0SjtsKb0-Qj_Eg_bqdQH8Wai8zD7yKPY14w4uIM1nz_qdPScUaPY2M1BiyfFA7NWcwrC2HCfZnXaKb-33iDsaLjgq3DS9hg35RJCenJW-5qA9KTe68a1fsb64R7sRs4L6ZUYAdqpjeRLK45Ub1aiLCjQJJ-jpd349cimji296bGfuGKBq_UKRBWgNKoUWTzAi-4H7azCiyi3vqsPMZ9JM5WraF1d3_iV0qYiTja0qdAzJp0Xx_Cv0aG1sBSZgljR-hlDvEpRh7NcL3fCXB2ip-_F8kE6lmDP4-bGfJ99JFJkzMY2w0d0nRIeMUSEB7dKSZx6KEi4ra1Jvl1zkaNMB0cBLVKftX4d0djDlFYZhBlQomcybIDmmtxMiM3U1F1i9-BJ1sVnUG66N02eBkPidKmsTsN-FGUa7zRxfSj6Edm9ME4aonxq-Gq8OouXL3iCd89NVxhK5MH44fXoJ9BHfvALzj7KvgqjOzcVzCQZUmwJuuOV9MqNifZJSch2j4-Xfk4Db9SlbaOAJtFn4pA98iN1fzxd3CncgsR8wu2wGI7PUlQACp6NCNE7ZMF6gFCkpsEsprDIBz0_JdRQu5eLC5tRWyDqkbEwCJQ_ddq_WRLQE7xSJBZRc4z6L_XU3QHjUK-rTmOnK6-SnPVCt9GSj95a2zDnU3Av9eRwb-VWQYliQLDMftQoJaYVv74c-gSvdoGsTYl65kQOQs9ChpUHvA4SxOTCJFiZuqQUutracycPwKIFMH7U-NxysOD8MivwaJxhyVQSCX7yH7eawTnKgtX-ZWbRSQkWOOyiJkOPQGEPdmbSISPpI1QY1MUxDpEFeq9aBsUcIOuw7yQIf-y0pjs9fTH0f6ZYf8FCA80rb_u0hc28JL3LlJ1nhadwuyhC8wkTAZCHmLmqrM13TQRGhhzLVS4JuCy_6eD1cTUU97M0jGnmj3WMNIK9v80fBKBCYZvSfPh5LhWHMB4t29Y36UrZSaSpw2Y0fi6xbkmyq56fq68x71sl6EGyb2v5VfNA1e1KgsHRAaP4i_Dof1Ad5jhst-k5jFCFMN9828XZpl1WPGgPssSVNFSy1B-m21Ah6VosgfBl7qNomAP2JmfnTHF1g&sai=AMfl-YRqJ8wZiO-IFKCqpG0g6Ur1S36BjozZa7WTHoGQdYlUW3UzcIsOwI1QWXctlch8yP5gRcWWa3ABXYi1eZdYKIeou1gK3mWrGqeKldRQdh43s7unWSDcxbkAmhOwnN2LWqrrkBxTXoH8CpXFITtHmFWCAONzLGE_o3ufV0VH6XO2hh_atoYQrbRZQRaoFBp2sDc0n-WlOw2NKffkyZJ-wFig89eXkXc9L9d6eNd7jlwh2Bxvd1aegQqDtoFNa7znQqc7UDT_sjziaBoQYjeh6Bw&sig=Cg0ArKJSzCOn6GwUcUs4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.83225&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjstHY3SKQYRq7RqXftCrlS2NApA7sUDorFA0DTQ1Ev0NuuAcmNVUXSe44tDXGq1dd5xbM4QcdsVzqJHyK_BNOl0pCtmES_jKt4a-YeQJCzF8Zr5MU3egxc3FBnKTvy-6RFiRj0hOeUURXjAos9U6KnURdBLjgt8q5dDCwdm3ZHTsLBH4nhmvL0SjtsKb0-Qj_Eg_bqdQH8Wai8zD7yKPY14w4uIM1nz_qdPScUaPY2M1BiyfFA7NWcwrC2HCfZnXaKb-33iDsaLjgq3DS9hg35RJCenJW-5qA9KTe68a1fsb64R7sRs4L6ZUYAdqpjeRLK45Ub1aiLCjQJJ-jpd349cimji296bGfuGKBq_UKRBWgNKoUWTzAi-4H7azCiyi3vqsPMZ9JM5WraF1d3_iV0qYiTja0qdAzJp0Xx_Cv0aG1sBSZgljR-hlDvEpRh7NcL3fCXB2ip-_F8kE6lmDP4-bGfJ99JFJkzMY2w0d0nRIeMUSEB7dKSZx6KEi4ra1Jvl1zkaNMB0cBLVKftX4d0djDlFYZhBlQomcybIDmmtxMiM3U1F1i9-BJ1sVnUG66N02eBkPidKmsTsN-FGUa7zRxfSj6Edm9ME4aonxq-Gq8OouXL3iCd89NVxhK5MH44fXoJ9BHfvALzj7KvgqjOzcVzCQZUmwJuuOV9MqNifZJSch2j4-Xfk4Db9SlbaOAJtFn4pA98iN1fzxd3CncgsR8wu2wGI7PUlQACp6NCNE7ZMF6gFCkpsEsprDIBz0_JdRQu5eLC5tRWyDqkbEwCJQ_ddq_WRLQE7xSJBZRc4z6L_XU3QHjUK-rTmOnK6-SnPVCt9GSj95a2zDnU3Av9eRwb-VWQYliQLDMftQoJaYVv74c-gSvdoGsTYl65kQOQs9ChpUHvA4SxOTCJFiZuqQUutracycPwKIFMH7U-NxysOD8MivwaJxhyVQSCX7yH7eawTnKgtX-ZWbRSQkWOOyiJkOPQGEPdmbSISPpI1QY1MUxDpEFeq9aBsUcIOuw7yQIf-y0pjs9fTH0f6ZYf8FCA80rb_u0hc28JL3LlJ1nhadwuyhC8wkTAZCHmLmqrM13TQRGhhzLVS4JuCy_6eD1cTUU97M0jGnmj3WMNIK9v80fBKBCYZvSfPh5LhWHMB4t29Y36UrZSaSpw2Y0fi6xbkmyq56fq68x71sl6EGyb2v5VfNA1e1KgsHRAaP4i_Dof1Ad5jhst-k5jFCFMN9828XZpl1WPGgPssSVNFSy1B-m21Ah6VosgfBl7qNomAP2JmfnTHF1g&sai=AMfl-YRqJ8wZiO-IFKCqpG0g6Ur1S36BjozZa7WTHoGQdYlUW3UzcIsOwI1QWXctlch8yP5gRcWWa3ABXYi1eZdYKIeou1gK3mWrGqeKldRQdh43s7unWSDcxbkAmhOwnN2LWqrrkBxTXoH8CpXFITtHmFWCAONzLGE_o3ufV0VH6XO2hh_atoYQrbRZQRaoFBp2sDc0n-WlOw2NKffkyZJ-wFig89eXkXc9L9d6eNd7jlwh2Bxvd1aegQqDtoFNa7znQqc7UDT_sjziaBoQYjeh6Bw&sig=Cg0ArKJSzCOn6GwUcUs4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.83225&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c8bafb9239017db4d25ccb3c18843abe.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Tue, 15 Nov 2022 00:05:21 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 15-Nov-2022 00:20:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Nov 2022 00:05:21 GMT
X-Firefox-Spdy: h2
s0.2mdn.net/simgad/17973904251275291763
142.250.74.70200 OK 54 kB URL HTTP/2 s0.2mdn.net/simgad/17973904251275291763
IP 142.250.74.70:0
File type JPEG image data, progressive, precision 8, 728x90, components 3\012- data
Hash ef9eec6e9c65bb7a274954f1f9fee952
03a4a895d58d9be37aa72a614cdc989dfd1cb36c
1cdcb95ea4a913e03f155bf2cd59bac143a4a3c22285ec1c793fe76202944fd2
GET /simgad/17973904251275291763 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c8bafb9239017db4d25ccb3c18843abe.safeframe.googlesyndication.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 53520
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Fri, 11 Nov 2022 06:53:28 GMT
expires: Sat, 11 Nov 2023 06:53:28 GMT
cache-control: public, max-age=31536000
age: 321113
last-modified: Thu, 13 Oct 2022 11:56:16 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 7c6a6db24d1ff3ffe787a8a5f78ef812
d9b2d385df52929ea7c6080b7c2e10c38df51572
3950ecddae384c36f9fb092dd5d27d3aa20c1197a37ff465d0bd350952dd9774
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 00:05:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstHY3SKQYRq7RqXftCrlS2NApA7sUDorFA0DTQ1Ev0NuuAcmNVUXSe44tDXGq1dd5xbM4QcdsVzqJHyK_BNOl0pCtmES_jKt4a-YeQJCzF8Zr5MU3egxc3FBnKTvy-6RFiRj0hOeUURXjAos9U6KnURdBLjgt8q5dDCwdm3ZHTsLBH4nhmvL0SjtsKb0-Qj_Eg_bqdQH8Wai8zD7yKPY14w4uIM1nz_qdPScUaPY2M1BiyfFA7NWcwrC2HCfZnXaKb-33iDsaLjgq3DS9hg35RJCenJW-5qA9KTe68a1fsb64R7sRs4L6ZUYAdqpjeRLK45Ub1aiLCjQJJ-jpd349cimji296bGfuGKBq_UKRBWgNKoUWTzAi-4H7azCiyi3vqsPMZ9JM5WraF1d3_iV0qYiTja0qdAzJp0Xx_Cv0aG1sBSZgljR-hlDvEpRh7NcL3fCXB2ip-_F8kE6lmDP4-bGfJ99JFJkzMY2w0d0nRIeMUSEB7dKSZx6KEi4ra1Jvl1zkaNMB0cBLVKftX4d0djDlFYZhBlQomcybIDmmtxMiM3U1F1i9-BJ1sVnUG66N02eBkPidKmsTsN-FGUa7zRxfSj6Edm9ME4aonxq-Gq8OouXL3iCd89NVxhK5MH44fXoJ9BHfvALzj7KvgqjOzcVzCQZUmwJuuOV9MqNifZJSch2j4-Xfk4Db9SlbaOAJtFn4pA98iN1fzxd3CncgsR8wu2wGI7PUlQACp6NCNE7ZMF6gFCkpsEsprDIBz0_JdRQu5eLC5tRWyDqkbEwCJQ_ddq_WRLQE7xSJBZRc4z6L_XU3QHjUK-rTmOnK6-SnPVCt9GSj95a2zDnU3Av9eRwb-VWQYliQLDMftQoJaYVv74c-gSvdoGsTYl65kQOQs9ChpUHvA4SxOTCJFiZuqQUutracycPwKIFMH7U-NxysOD8MivwaJxhyVQSCX7yH7eawTnKgtX-ZWbRSQkWOOyiJkOPQGEPdmbSISPpI1QY1MUxDpEFeq9aBsUcIOuw7yQIf-y0pjs9fTH0f6ZYf8FCA80rb_u0hc28JL3LlJ1nhadwuyhC8wkTAZCHmLmqrM13TQRGhhzLVS4JuCy_6eD1cTUU97M0jGnmj3WMNIK9v80fBKBCYZvSfPh5LhWHMB4t29Y36UrZSaSpw2Y0fi6xbkmyq56fq68x71sl6EGyb2v5VfNA1e1KgsHRAaP4i_Dof1Ad5jhst-k5jFCFMN9828XZpl1WPGgPssSVNFSy1B-m21Ah6VosgfBl7qNomAP2JmfnTHF1g&sai=AMfl-YRqJ8wZiO-IFKCqpG0g6Ur1S36BjozZa7WTHoGQdYlUW3UzcIsOwI1QWXctlch8yP5gRcWWa3ABXYi1eZdYKIeou1gK3mWrGqeKldRQdh43s7unWSDcxbkAmhOwnN2LWqrrkBxTXoH8CpXFITtHmFWCAONzLGE_o3ufV0VH6XO2hh_atoYQrbRZQRaoFBp2sDc0n-WlOw2NKffkyZJ-wFig89eXkXc9L9d6eNd7jlwh2Bxvd1aegQqDtoFNa7znQqc7UDT_sjziaBoQYjeh6Bw&sig=Cg0ArKJSzCOn6GwUcUs4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=788&vt=11&dtpt=787&dett=2&cstd=0&cisv=r20221110.83225&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstHY3SKQYRq7RqXftCrlS2NApA7sUDorFA0DTQ1Ev0NuuAcmNVUXSe44tDXGq1dd5xbM4QcdsVzqJHyK_BNOl0pCtmES_jKt4a-YeQJCzF8Zr5MU3egxc3FBnKTvy-6RFiRj0hOeUURXjAos9U6KnURdBLjgt8q5dDCwdm3ZHTsLBH4nhmvL0SjtsKb0-Qj_Eg_bqdQH8Wai8zD7yKPY14w4uIM1nz_qdPScUaPY2M1BiyfFA7NWcwrC2HCfZnXaKb-33iDsaLjgq3DS9hg35RJCenJW-5qA9KTe68a1fsb64R7sRs4L6ZUYAdqpjeRLK45Ub1aiLCjQJJ-jpd349cimji296bGfuGKBq_UKRBWgNKoUWTzAi-4H7azCiyi3vqsPMZ9JM5WraF1d3_iV0qYiTja0qdAzJp0Xx_Cv0aG1sBSZgljR-hlDvEpRh7NcL3fCXB2ip-_F8kE6lmDP4-bGfJ99JFJkzMY2w0d0nRIeMUSEB7dKSZx6KEi4ra1Jvl1zkaNMB0cBLVKftX4d0djDlFYZhBlQomcybIDmmtxMiM3U1F1i9-BJ1sVnUG66N02eBkPidKmsTsN-FGUa7zRxfSj6Edm9ME4aonxq-Gq8OouXL3iCd89NVxhK5MH44fXoJ9BHfvALzj7KvgqjOzcVzCQZUmwJuuOV9MqNifZJSch2j4-Xfk4Db9SlbaOAJtFn4pA98iN1fzxd3CncgsR8wu2wGI7PUlQACp6NCNE7ZMF6gFCkpsEsprDIBz0_JdRQu5eLC5tRWyDqkbEwCJQ_ddq_WRLQE7xSJBZRc4z6L_XU3QHjUK-rTmOnK6-SnPVCt9GSj95a2zDnU3Av9eRwb-VWQYliQLDMftQoJaYVv74c-gSvdoGsTYl65kQOQs9ChpUHvA4SxOTCJFiZuqQUutracycPwKIFMH7U-NxysOD8MivwaJxhyVQSCX7yH7eawTnKgtX-ZWbRSQkWOOyiJkOPQGEPdmbSISPpI1QY1MUxDpEFeq9aBsUcIOuw7yQIf-y0pjs9fTH0f6ZYf8FCA80rb_u0hc28JL3LlJ1nhadwuyhC8wkTAZCHmLmqrM13TQRGhhzLVS4JuCy_6eD1cTUU97M0jGnmj3WMNIK9v80fBKBCYZvSfPh5LhWHMB4t29Y36UrZSaSpw2Y0fi6xbkmyq56fq68x71sl6EGyb2v5VfNA1e1KgsHRAaP4i_Dof1Ad5jhst-k5jFCFMN9828XZpl1WPGgPssSVNFSy1B-m21Ah6VosgfBl7qNomAP2JmfnTHF1g&sai=AMfl-YRqJ8wZiO-IFKCqpG0g6Ur1S36BjozZa7WTHoGQdYlUW3UzcIsOwI1QWXctlch8yP5gRcWWa3ABXYi1eZdYKIeou1gK3mWrGqeKldRQdh43s7unWSDcxbkAmhOwnN2LWqrrkBxTXoH8CpXFITtHmFWCAONzLGE_o3ufV0VH6XO2hh_atoYQrbRZQRaoFBp2sDc0n-WlOw2NKffkyZJ-wFig89eXkXc9L9d6eNd7jlwh2Bxvd1aegQqDtoFNa7znQqc7UDT_sjziaBoQYjeh6Bw&sig=Cg0ArKJSzCOn6GwUcUs4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=788&vt=11&dtpt=787&dett=2&cstd=0&cisv=r20221110.83225&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjstHY3SKQYRq7RqXftCrlS2NApA7sUDorFA0DTQ1Ev0NuuAcmNVUXSe44tDXGq1dd5xbM4QcdsVzqJHyK_BNOl0pCtmES_jKt4a-YeQJCzF8Zr5MU3egxc3FBnKTvy-6RFiRj0hOeUURXjAos9U6KnURdBLjgt8q5dDCwdm3ZHTsLBH4nhmvL0SjtsKb0-Qj_Eg_bqdQH8Wai8zD7yKPY14w4uIM1nz_qdPScUaPY2M1BiyfFA7NWcwrC2HCfZnXaKb-33iDsaLjgq3DS9hg35RJCenJW-5qA9KTe68a1fsb64R7sRs4L6ZUYAdqpjeRLK45Ub1aiLCjQJJ-jpd349cimji296bGfuGKBq_UKRBWgNKoUWTzAi-4H7azCiyi3vqsPMZ9JM5WraF1d3_iV0qYiTja0qdAzJp0Xx_Cv0aG1sBSZgljR-hlDvEpRh7NcL3fCXB2ip-_F8kE6lmDP4-bGfJ99JFJkzMY2w0d0nRIeMUSEB7dKSZx6KEi4ra1Jvl1zkaNMB0cBLVKftX4d0djDlFYZhBlQomcybIDmmtxMiM3U1F1i9-BJ1sVnUG66N02eBkPidKmsTsN-FGUa7zRxfSj6Edm9ME4aonxq-Gq8OouXL3iCd89NVxhK5MH44fXoJ9BHfvALzj7KvgqjOzcVzCQZUmwJuuOV9MqNifZJSch2j4-Xfk4Db9SlbaOAJtFn4pA98iN1fzxd3CncgsR8wu2wGI7PUlQACp6NCNE7ZMF6gFCkpsEsprDIBz0_JdRQu5eLC5tRWyDqkbEwCJQ_ddq_WRLQE7xSJBZRc4z6L_XU3QHjUK-rTmOnK6-SnPVCt9GSj95a2zDnU3Av9eRwb-VWQYliQLDMftQoJaYVv74c-gSvdoGsTYl65kQOQs9ChpUHvA4SxOTCJFiZuqQUutracycPwKIFMH7U-NxysOD8MivwaJxhyVQSCX7yH7eawTnKgtX-ZWbRSQkWOOyiJkOPQGEPdmbSISPpI1QY1MUxDpEFeq9aBsUcIOuw7yQIf-y0pjs9fTH0f6ZYf8FCA80rb_u0hc28JL3LlJ1nhadwuyhC8wkTAZCHmLmqrM13TQRGhhzLVS4JuCy_6eD1cTUU97M0jGnmj3WMNIK9v80fBKBCYZvSfPh5LhWHMB4t29Y36UrZSaSpw2Y0fi6xbkmyq56fq68x71sl6EGyb2v5VfNA1e1KgsHRAaP4i_Dof1Ad5jhst-k5jFCFMN9828XZpl1WPGgPssSVNFSy1B-m21Ah6VosgfBl7qNomAP2JmfnTHF1g&sai=AMfl-YRqJ8wZiO-IFKCqpG0g6Ur1S36BjozZa7WTHoGQdYlUW3UzcIsOwI1QWXctlch8yP5gRcWWa3ABXYi1eZdYKIeou1gK3mWrGqeKldRQdh43s7unWSDcxbkAmhOwnN2LWqrrkBxTXoH8CpXFITtHmFWCAONzLGE_o3ufV0VH6XO2hh_atoYQrbRZQRaoFBp2sDc0n-WlOw2NKffkyZJ-wFig89eXkXc9L9d6eNd7jlwh2Bxvd1aegQqDtoFNa7znQqc7UDT_sjziaBoQYjeh6Bw&sig=Cg0ArKJSzCOn6GwUcUs4EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=788&vt=11&dtpt=787&dett=2&cstd=0&cisv=r20221110.83225&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://c8bafb9239017db4d25ccb3c18843abe.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Tue, 15 Nov 2022 00:05:21 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 15-Nov-2022 00:20:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Nov 2022 00:05:21 GMT
X-Firefox-Spdy: h2
www.xadsmart.com/floating.js
185.76.9.17200 OK 0 B URL HTTP/2 www.xadsmart.com/floating.js
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
GET /floating.js HTTP/1.1
Host: www.xadsmart.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:15 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
expires: Tue, 15 Nov 2022 21:51:54 GMT
access-control-allow-origin: *
link: <https://xadsmart.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1668549114
server: CDN77-Turbo
x-77-nzt: AblMCQ2TWXL/QQgIAA
x-77-nzt-ray: ffffffffdc7539ecbbd772636eee5715
x-cache: HIT
x-age: 526401
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
adserve.mahimeta.com/networks/?domain=blogmado.com&pathname=%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&query=¤tPage=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&size=Native_Widget&placement=inline&adId=mMTag_NativeWidget_59146925&screenWidth=1280&screenHeight=939&keywordViolation=false&blockedKeywords=&autoBlock=false&timezone=0&currTime=00:05&referrer=blogmado.com&time_exceeded=false&page_categories=&thin_content_count=100
172.67.154.3200 OK 0 B URL HTTP/2 adserve.mahimeta.com/networks/?domain=blogmado.com&pathname=%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&query=¤tPage=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&size=Native_Widget&placement=inline&adId=mMTag_NativeWidget_59146925&screenWidth=1280&screenHeight=939&keywordViolation=false&blockedKeywords=&autoBlock=false&timezone=0&currTime=00:05&referrer=blogmado.com&time_exceeded=false&page_categories=&thin_content_count=100
IP 172.67.154.3:0
POST /networks/?domain=blogmado.com&pathname=%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&query=¤tPage=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&size=Native_Widget&placement=inline&adId=mMTag_NativeWidget_59146925&screenWidth=1280&screenHeight=939&keywordViolation=false&blockedKeywords=&autoBlock=false&timezone=0&currTime=00:05&referrer=blogmado.com&time_exceeded=false&page_categories=&thin_content_count=100 HTTP/1.1
Host: adserve.mahimeta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 5526
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:15 GMT
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-Token
cache-control: no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jy7t2OiglONnVpjcH66DT80kp1B5Rfa1pLgvHc54YHk1GJh%2BoEq48e5Y%2Fq%2F5LLjjpUh7X2dyt9tq9bzwphphTefnX2orZpphe5qoAOjCsCcbkixZBvZUirsUKyKcLXqBsOUkr7CzWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bbf4bb5bb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.netpub.media/iab?y=%2F112081842%2C22620349674%2Fblogmado.com_336x280_banner1_marco2&c=FR&g=1&s=complete&yy=e57d0178b8e46c2d872be9636dc62597&w=14f9494694a9078dc2f4ae3c92e41760&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&zz=24fac1c26125a39afd0aa5ac58135f3216b75e1533eebfa826bfb5a9838d817f&r=280&j=0&n=100&v=1.6.0&b=object&a=true&xx=ddd2f09014d68a254357be908a6d89fd&t=1668470720266&q=336&o=466&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&i=1&z=1c2b3d8f5084c3670b0ffbd768d4c149&x=netpub&e=0&aa=e35100fa0fd83af175d97a7addde33550875c3e52102a799311624a412bf988e&k=2&l=1268&p=918.5&h=0&m=898&f=dfp
104.26.4.26200 OK 0 B URL HTTP/2 px.netpub.media/iab?y=%2F112081842%2C22620349674%2Fblogmado.com_336x280_banner1_marco2&c=FR&g=1&s=complete&yy=e57d0178b8e46c2d872be9636dc62597&w=14f9494694a9078dc2f4ae3c92e41760&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&zz=24fac1c26125a39afd0aa5ac58135f3216b75e1533eebfa826bfb5a9838d817f&r=280&j=0&n=100&v=1.6.0&b=object&a=true&xx=ddd2f09014d68a254357be908a6d89fd&t=1668470720266&q=336&o=466&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&i=1&z=1c2b3d8f5084c3670b0ffbd768d4c149&x=netpub&e=0&aa=e35100fa0fd83af175d97a7addde33550875c3e52102a799311624a412bf988e&k=2&l=1268&p=918.5&h=0&m=898&f=dfp
IP 104.26.4.26:0
GET /iab?y=%2F112081842%2C22620349674%2Fblogmado.com_336x280_banner1_marco2&c=FR&g=1&s=complete&yy=e57d0178b8e46c2d872be9636dc62597&w=14f9494694a9078dc2f4ae3c92e41760&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&zz=24fac1c26125a39afd0aa5ac58135f3216b75e1533eebfa826bfb5a9838d817f&r=280&j=0&n=100&v=1.6.0&b=object&a=true&xx=ddd2f09014d68a254357be908a6d89fd&t=1668470720266&q=336&o=466&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&i=1&z=1c2b3d8f5084c3670b0ffbd768d4c149&x=netpub&e=0&aa=e35100fa0fd83af175d97a7addde33550875c3e52102a799311624a412bf988e&k=2&l=1268&p=918.5&h=0&m=898&f=dfp HTTP/1.1
Host: px.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:20 GMT
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: X-HTTPREQUEST
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpH9Rw42K5YR%2Fe7cW6ZhW5s%2FiP1sggbI3hvXYDmakL%2BV%2BP3FmGQiHtuYjjGN8OhYXa%2FyDnFVZDb3MGo3S1jVUJyfRUUv1fiMsITXcRXg0TcOssibQsAOeLL7zcpgSa4MRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bc120896b50b-OSL
X-Firefox-Spdy: h2
px.netpub.media/iab?z=1c2b3d8f5084c3670b0ffbd768d4c149&c=FR&q=300&aa=ec6845b2374fe7d3f9270552f1a05ded3b1a68221597e4d3e2e90babf21bde23&b=embed&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&k=4&y=%2F112081842%2C22620349674%2Fblogmado.com_300x250_banner2_marco2&g=1&l=1268&x=netpub&xx=f89e668722348d1b1d1ea79f6e599d31&w=14f9494694a9078dc2f4ae3c92e41760&yy=234f3fd5f395a12d9a72baaa86622449&a=true&f=dfp&p=1607.5&s=complete&h=0&n=100&t=1668470720036&v=1.6.0&m=898&e=0&j=0&o=827.5&r=250&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&zz=77413f43f2a9c12117925ea79667dff531356ccf86f94cb9e7d38ea10e5f43f7&i=1
104.26.4.26200 OK 0 B URL HTTP/2 px.netpub.media/iab?z=1c2b3d8f5084c3670b0ffbd768d4c149&c=FR&q=300&aa=ec6845b2374fe7d3f9270552f1a05ded3b1a68221597e4d3e2e90babf21bde23&b=embed&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&k=4&y=%2F112081842%2C22620349674%2Fblogmado.com_300x250_banner2_marco2&g=1&l=1268&x=netpub&xx=f89e668722348d1b1d1ea79f6e599d31&w=14f9494694a9078dc2f4ae3c92e41760&yy=234f3fd5f395a12d9a72baaa86622449&a=true&f=dfp&p=1607.5&s=complete&h=0&n=100&t=1668470720036&v=1.6.0&m=898&e=0&j=0&o=827.5&r=250&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&zz=77413f43f2a9c12117925ea79667dff531356ccf86f94cb9e7d38ea10e5f43f7&i=1
IP 104.26.4.26:0
GET /iab?z=1c2b3d8f5084c3670b0ffbd768d4c149&c=FR&q=300&aa=ec6845b2374fe7d3f9270552f1a05ded3b1a68221597e4d3e2e90babf21bde23&b=embed&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&k=4&y=%2F112081842%2C22620349674%2Fblogmado.com_300x250_banner2_marco2&g=1&l=1268&x=netpub&xx=f89e668722348d1b1d1ea79f6e599d31&w=14f9494694a9078dc2f4ae3c92e41760&yy=234f3fd5f395a12d9a72baaa86622449&a=true&f=dfp&p=1607.5&s=complete&h=0&n=100&t=1668470720036&v=1.6.0&m=898&e=0&j=0&o=827.5&r=250&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&zz=77413f43f2a9c12117925ea79667dff531356ccf86f94cb9e7d38ea10e5f43f7&i=1 HTTP/1.1
Host: px.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:20 GMT
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: X-HTTPREQUEST
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bjxz2KFmntuU98ORHJ2Iyjnb5WGr2Mq3UstdQpN8sqvHEf1ZUVUr3EgOSMNnmzRzbFcIhaoZIjn8f2%2FbsdR0GzxIPgdkXEcof%2F27WX6IduIVukTbEs4q%2B9avJ4vtjtYeQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bc108f85b50b-OSL
X-Firefox-Spdy: h2
fstatic.netpub.media/static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470714455
104.26.4.26301 Moved Permanently 0 B URL HTTP/2 fstatic.netpub.media/static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470714455
IP 104.26.4.26:0
GET /static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470714455 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 15 Nov 2022 00:05:14 GMT
location: https://fstatic.netpub.media/r/14f9494694a9078dc2f4ae3c92e41760/service.js
cache-control: max-age=3600
expires: Tue, 15 Nov 2022 01:05:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3a%2FG6lzwJY3%2FqNuwW6Oq6rlk5C5WWg8J68VMJ7u9THMHUK%2Faci8Y%2Fkp2qN1RYYE3uMTjDqzK7KusCVT4zY7m0F9m3TMvEyVvzTbHKuBGo3WuSLC2aG8bmUHKAap99LDMw8lSw7w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a3bbef6ceeb50b-OSL
X-Firefox-Spdy: h2
fstatic.netpub.media/static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470714468
104.26.4.26301 Moved Permanently 0 B URL HTTP/2 fstatic.netpub.media/static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470714468
IP 104.26.4.26:0
GET /static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470714468 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 15 Nov 2022 00:05:14 GMT
location: https://fstatic.netpub.media/r/14f9494694a9078dc2f4ae3c92e41760/service.js
cache-control: max-age=3600
expires: Tue, 15 Nov 2022 01:05:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7CDblIGVp%2Bm3Lf2RNiDK%2BpBZENrRMw%2F%2F4tMByUHVvBf8KsynV%2B9WUZOkODYg6cbbwQjjWNpcknjCO4wPdYTuHl%2BKcxt1AYgJTd3GFSE5TV4ifUy96dO2FUXvvdm9xFEHNYV59fn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a3bbef6cf1b50b-OSL
X-Firefox-Spdy: h2
fstatic.netpub.media/static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470715260
104.26.4.26301 Moved Permanently 0 B URL HTTP/2 fstatic.netpub.media/static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470715260
IP 104.26.4.26:0
GET /static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470715260 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 15 Nov 2022 00:05:15 GMT
location: https://fstatic.netpub.media/r/14f9494694a9078dc2f4ae3c92e41760/service.js
cache-control: max-age=3600
expires: Tue, 15 Nov 2022 01:05:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgexgiCUx9TDlFixlgPVvXC5MUXtWCVWtFfCEbDJBYZ9lYSy2qpSWYhey%2BJpWiYKESHRnUhevuyDNqJtyVVg91zrDm4z%2F1236eGpdq82KejJ%2BUdk%2FPcF%2FubnAr1ceg7NtnXtF67S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a3bbf2af18b50b-OSL
X-Firefox-Spdy: h2
adserve2.mahimeta.com/networks/time/?domain=blogmado.com&pathname=%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&query=¤tPage=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&screenWidth=1280&screenHeight=939&landed=true&ping=false
172.67.154.3200 OK 0 B URL HTTP/2 adserve2.mahimeta.com/networks/time/?domain=blogmado.com&pathname=%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&query=¤tPage=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&screenWidth=1280&screenHeight=939&landed=true&ping=false
IP 172.67.154.3:0
POST /networks/time/?domain=blogmado.com&pathname=%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&query=¤tPage=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&screenWidth=1280&screenHeight=939&landed=true&ping=false HTTP/1.1
Host: adserve2.mahimeta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 5526
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:15 GMT
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-Token
cache-control: no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IsHTIj4IGeZU3flPzYaWlkcrpCIUXd4jGoAbbiEB3QsYHF8VbiSGSuaAfefsuLnOQdIK0yYfLX1is95LaLzMh0OeFLgTcyL0vIxLCYCjSOaOombJAN6JlhdlI0QkcVsnXbdELDG2TTs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bbf4cb74b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adserve.mahimeta.com/networks/?domain=blogmado.com&pathname=%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&query=¤tPage=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&size=Responsive&placement=inline&adId=mMTag_Responsive_31402556&screenWidth=1280&screenHeight=939&keywordViolation=false&blockedKeywords=&autoBlock=false&timezone=0&currTime=00:05&desktop=728x90&tablet=336x280&mobile=300x250&time_exceeded=false&page_categories=&thin_content_count=100
172.67.154.3200 OK 0 B URL HTTP/2 adserve.mahimeta.com/networks/?domain=blogmado.com&pathname=%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&query=¤tPage=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&size=Responsive&placement=inline&adId=mMTag_Responsive_31402556&screenWidth=1280&screenHeight=939&keywordViolation=false&blockedKeywords=&autoBlock=false&timezone=0&currTime=00:05&desktop=728x90&tablet=336x280&mobile=300x250&time_exceeded=false&page_categories=&thin_content_count=100
IP 172.67.154.3:0
POST /networks/?domain=blogmado.com&pathname=%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&query=¤tPage=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&size=Responsive&placement=inline&adId=mMTag_Responsive_31402556&screenWidth=1280&screenHeight=939&keywordViolation=false&blockedKeywords=&autoBlock=false&timezone=0&currTime=00:05&desktop=728x90&tablet=336x280&mobile=300x250&time_exceeded=false&page_categories=&thin_content_count=100 HTTP/1.1
Host: adserve.mahimeta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 5526
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:15 GMT
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-Token
cache-control: no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FAHwlGSUa0aNTxg6Mxd99QebjzcYAWQ%2BdL8sLtCIRl3LhSGefFerR8M36rlnYj46fbC7Be4kAj4aaeE3n7SGkI5c5WNAxo9DFVNrY48578meF2Mz5D%2F8qqel7iLyVxxuXYw8la0fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bbf4bb68b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fstatic.netpub.media/r/14f9494694a9078dc2f4ae3c92e41760/450e059b.js?npr=c1a3b9540f4290a1a965ead6c5f2ea5c
104.26.4.26200 OK 0 B URL HTTP/2 fstatic.netpub.media/r/14f9494694a9078dc2f4ae3c92e41760/450e059b.js?npr=c1a3b9540f4290a1a965ead6c5f2ea5c
IP 104.26.4.26:0
GET /r/14f9494694a9078dc2f4ae3c92e41760/450e059b.js?npr=c1a3b9540f4290a1a965ead6c5f2ea5c HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blogmado.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 31 Oct 2022 22:22:14 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cache-control: max-age=2678400
cf-cache-status: HIT
age: 2883
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpE0ZxojYKt9ETjzzVxym8l3VKiqFEdUw4j1gzWU3MAqlpioygCZVMUiUt0ebpcAt%2Bh2Ta4I48VRO0Jxrshh7yJs25A0ZAke6UCnZIURRJDlFwSZpwVhbhTblAEQHchvg8bjOmCk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bbf04d9fb50b-OSL
content-encoding: br
X-Firefox-Spdy: h2
adserve.mahimeta.com/networks/?domain=blogmado.com&pathname=%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&query=¤tPage=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&size=Responsive&placement=inline&adId=mMTag_Responsive_86548769&screenWidth=1280&screenHeight=939&keywordViolation=false&blockedKeywords=&autoBlock=false&timezone=0&currTime=00:05&desktop=336x280&tablet=336x280&mobile=336x280&time_exceeded=false&page_categories=&thin_content_count=100
172.67.154.3200 OK 0 B URL HTTP/2 adserve.mahimeta.com/networks/?domain=blogmado.com&pathname=%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&query=¤tPage=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&size=Responsive&placement=inline&adId=mMTag_Responsive_86548769&screenWidth=1280&screenHeight=939&keywordViolation=false&blockedKeywords=&autoBlock=false&timezone=0&currTime=00:05&desktop=336x280&tablet=336x280&mobile=336x280&time_exceeded=false&page_categories=&thin_content_count=100
IP 172.67.154.3:0
POST /networks/?domain=blogmado.com&pathname=%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&query=¤tPage=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&size=Responsive&placement=inline&adId=mMTag_Responsive_86548769&screenWidth=1280&screenHeight=939&keywordViolation=false&blockedKeywords=&autoBlock=false&timezone=0&currTime=00:05&desktop=336x280&tablet=336x280&mobile=336x280&time_exceeded=false&page_categories=&thin_content_count=100 HTTP/1.1
Host: adserve.mahimeta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 5526
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:15 GMT
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-Token
cache-control: no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbG4F8hhFl995WPu%2BEtKnPgj4AvDbq%2FJGZk8M8QDXYlV0VfZRHxmdffblyZXJhzIyUDLob7tkBoavE0spIBTNkEQaDDnLvoVz5eJs5Xa10%2ByXGgMWc0LnVx8z%2FOWyLr1Xwr3ZqNQvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bbf4bb6db52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.netpub.media/iab?n=100&v=1.6.0&f=dfp&z=1c2b3d8f5084c3670b0ffbd768d4c149&x=netpub&g=0&e=0&b=fetch&a=true&h=0&o=270&k=-1&p=798&q=728&t=1668470719584&r=100&y=%2F112081842%2C22620349674%2Fblogmado.com_728x90_banner2_marco2&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&yy=982fdaf3264edf3ccf1ccd8bffa6f325&m=898&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&c=FR&aa=2a19ccfc969079cc941309bd190e5ea0aa19fb0cb57f62bd7219ebe8fabd9362&zz=e9897d4705d1abeccc2ac009221c30f3c353cc5f66595476624de8b86dd48b02&j=0&w=14f9494694a9078dc2f4ae3c92e41760&l=1268&xx=b103e6a025422713ccb90c8e14aba948&i=1&s=complete
104.26.4.26200 OK 0 B URL HTTP/2 px.netpub.media/iab?n=100&v=1.6.0&f=dfp&z=1c2b3d8f5084c3670b0ffbd768d4c149&x=netpub&g=0&e=0&b=fetch&a=true&h=0&o=270&k=-1&p=798&q=728&t=1668470719584&r=100&y=%2F112081842%2C22620349674%2Fblogmado.com_728x90_banner2_marco2&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&yy=982fdaf3264edf3ccf1ccd8bffa6f325&m=898&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&c=FR&aa=2a19ccfc969079cc941309bd190e5ea0aa19fb0cb57f62bd7219ebe8fabd9362&zz=e9897d4705d1abeccc2ac009221c30f3c353cc5f66595476624de8b86dd48b02&j=0&w=14f9494694a9078dc2f4ae3c92e41760&l=1268&xx=b103e6a025422713ccb90c8e14aba948&i=1&s=complete
IP 104.26.4.26:0
GET /iab?n=100&v=1.6.0&f=dfp&z=1c2b3d8f5084c3670b0ffbd768d4c149&x=netpub&g=0&e=0&b=fetch&a=true&h=0&o=270&k=-1&p=798&q=728&t=1668470719584&r=100&y=%2F112081842%2C22620349674%2Fblogmado.com_728x90_banner2_marco2&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&yy=982fdaf3264edf3ccf1ccd8bffa6f325&m=898&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&c=FR&aa=2a19ccfc969079cc941309bd190e5ea0aa19fb0cb57f62bd7219ebe8fabd9362&zz=e9897d4705d1abeccc2ac009221c30f3c353cc5f66595476624de8b86dd48b02&j=0&w=14f9494694a9078dc2f4ae3c92e41760&l=1268&xx=b103e6a025422713ccb90c8e14aba948&i=1&s=complete HTTP/1.1
Host: px.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:19 GMT
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: X-HTTPREQUEST
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSvmy99xYKi%2Fi4xus0tbdhNXCf4qZVLHYQEf4r70yUdG8EtuiQoiYmfYeLu6%2FH02cyhc%2FPVAqhr0jg0ZakYP1yYabE51c4E0jZl3ujRRGp9FoiIogB2xNMobB3QjWhpXtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bc0dcd7ab50b-OSL
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
216.58.211.1200 OK 0 B URL HTTP/2 cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
IP 216.58.211.1:0
GET /rtv/012211060024000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://blogmado.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12946
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Nov 2022 18:08:54 GMT
expires: Tue, 14 Nov 2023 18:08:54 GMT
cache-control: public, max-age=31536000
etag: "0bacd3f1ce38a7db"
content-type: text/javascript; charset=UTF-8
age: 21385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.netpub.media/iab?y=%2F112081842%2C22620349674%2Fblogmado.com_336x280_banner1_marco2&c=FR&g=0&s=complete&yy=e57d0178b8e46c2d872be9636dc62597&w=14f9494694a9078dc2f4ae3c92e41760&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&zz=24fac1c26125a39afd0aa5ac58135f3216b75e1533eebfa826bfb5a9838d817f&r=280&j=0&n=100&v=1.6.0&b=object&a=true&xx=ddd2f09014d68a254357be908a6d89fd&t=1668470720266&q=336&o=466&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&i=1&z=1c2b3d8f5084c3670b0ffbd768d4c149&x=netpub&e=0&aa=e35100fa0fd83af175d97a7addde33550875c3e52102a799311624a412bf988e&k=2&l=1268&p=918.5&h=0&m=898&f=dfp
104.26.4.26200 OK 0 B URL HTTP/2 px.netpub.media/iab?y=%2F112081842%2C22620349674%2Fblogmado.com_336x280_banner1_marco2&c=FR&g=0&s=complete&yy=e57d0178b8e46c2d872be9636dc62597&w=14f9494694a9078dc2f4ae3c92e41760&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&zz=24fac1c26125a39afd0aa5ac58135f3216b75e1533eebfa826bfb5a9838d817f&r=280&j=0&n=100&v=1.6.0&b=object&a=true&xx=ddd2f09014d68a254357be908a6d89fd&t=1668470720266&q=336&o=466&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&i=1&z=1c2b3d8f5084c3670b0ffbd768d4c149&x=netpub&e=0&aa=e35100fa0fd83af175d97a7addde33550875c3e52102a799311624a412bf988e&k=2&l=1268&p=918.5&h=0&m=898&f=dfp
IP 104.26.4.26:0
GET /iab?y=%2F112081842%2C22620349674%2Fblogmado.com_336x280_banner1_marco2&c=FR&g=0&s=complete&yy=e57d0178b8e46c2d872be9636dc62597&w=14f9494694a9078dc2f4ae3c92e41760&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&zz=24fac1c26125a39afd0aa5ac58135f3216b75e1533eebfa826bfb5a9838d817f&r=280&j=0&n=100&v=1.6.0&b=object&a=true&xx=ddd2f09014d68a254357be908a6d89fd&t=1668470720266&q=336&o=466&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&i=1&z=1c2b3d8f5084c3670b0ffbd768d4c149&x=netpub&e=0&aa=e35100fa0fd83af175d97a7addde33550875c3e52102a799311624a412bf988e&k=2&l=1268&p=918.5&h=0&m=898&f=dfp HTTP/1.1
Host: px.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:20 GMT
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: X-HTTPREQUEST
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jTvlUfl%2Bzje35jPySzP6zlzZlr9cPzvYbxP%2BG66WS4Zptgr5nj0A1XAB%2F%2BhYLzoVAUg03hnJdggDc8FoWxNXsm0wEC2C3iXOK07fJjmxXErCQMvkdtl7%2FdRAckRa02PiXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bc11f890b50b-OSL
X-Firefox-Spdy: h2
fstatic.netpub.media/static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470715257
104.26.4.26301 Moved Permanently 0 B URL HTTP/2 fstatic.netpub.media/static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470715257
IP 104.26.4.26:0
GET /static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470715257 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Tue, 15 Nov 2022 00:05:15 GMT
location: https://fstatic.netpub.media/r/14f9494694a9078dc2f4ae3c92e41760/service.js
cache-control: max-age=3600
expires: Tue, 15 Nov 2022 01:05:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfRE%2FokdmzJL%2FhxiLj5yKAngvKh2fVMlG1MLGlHfWpWv94KqtvBndPCkTlbg9ZUKOKPFUAlNoLdk1hoFUxNIRWit9Vq3IVDihFDqbXTx16AgaknepUVdlhnrvVRBKAOkEGIObQ3W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a3bbf29f15b50b-OSL
X-Firefox-Spdy: h2
fstatic.netpub.media/static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470714466
104.26.4.26301 Moved Permanently 0 B URL HTTP/2 fstatic.netpub.media/static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470714466
IP 104.26.4.26:0
GET /static/14f9494694a9078dc2f4ae3c92e41760.min.js?1668470714466 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 15 Nov 2022 00:05:14 GMT
location: https://fstatic.netpub.media/r/14f9494694a9078dc2f4ae3c92e41760/service.js
cache-control: max-age=3600
expires: Tue, 15 Nov 2022 01:05:14 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FM%2FTuPD5cKf0DfMlZEJC3GIkP9aIf%2BDrfaokm4%2FI99uY%2FOthcH0UIUSSqcQilqnXPXTctv2z0RmEUwOoCzem%2BnW03Tg0yWkUQGMZzroHb4hv4Hflys0lsH2TSizpoNNaqoK4hJug"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a3bbef6cf0b50b-OSL
X-Firefox-Spdy: h2
mahimeta.com/networks/tag.js?cache=1668470714
172.67.154.3200 OK 0 B URL HTTP/2 mahimeta.com/networks/tag.js?cache=1668470714
IP 172.67.154.3:0
GET /networks/tag.js?cache=1668470714 HTTP/1.1
Host: mahimeta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:14 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 26 Aug 2022 12:40:56 GMT
etag: W/"6308bf58-271a6"
expires: Thu, 15 Dec 2022 00:05:14 GMT
cache-control: public, max-age=2592000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8OQAHj8NZCHDYXAGzcOOut%2BYLld%2FGhq%2BMZatSV%2FrYJz4AK3KGXu51qcR%2BozvkB81ZHST5Sgba5BOmhxFTFpAYJfWbSartJHANTMR5Gb8aexxliAkElhmDEeimb%2Fou8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a3bbef2e61b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adserve2.mahimeta.com/ip/
172.67.154.3200 OK 0 B URL HTTP/2 adserve2.mahimeta.com/ip/
IP 172.67.154.3:0
GET /ip/ HTTP/1.1
Host: adserve2.mahimeta.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://blogmado.com
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:15 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-Token
cache-control: no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSP1Uo%2FMmjT7LB0vMOHIoyfO6IQ9j3WEqsbDY%2BLnYze%2FYiW0pfgQCUpYGQ8FJB0nicg00C7hBsVVeQXhg24ClX0W4N2zKDmSWp2L5urNEHicErOZYJbhR47waUZmsEyu8lqYa2o6kr0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bbf4cb76b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:18 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 16 Dec 2022 00:05:18 GMT
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
cf-cache-status: HIT
age: 2177814
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a3bc05cf9ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
px.netpub.media/iab?g=1&m=898&l=1268&h=0&b=string&z=1c2b3d8f5084c3670b0ffbd768d4c149&r=90&w=14f9494694a9078dc2f4ae3c92e41760&v=1.6.0&y=%2F112081842%2C22620349674%2Fblogmado.com_728x90_banner1_marco2&n=100&e=0&zz=4f77504282e29ecfe43ad0ca4eeada5a87b59c0d71f560cf7f770249af716ab8&a=true&p=287&aa=fa22b249cd650d670071fea21d2096f040c2a5b15e969792c89bc8a1b136bef1&xx=4a54823cf5abfe9f0e9d3cdf405aacc7&j=0&k=3&x=netpub&f=dfp&i=1&t=1668470720607&s=complete&c=FR&q=728&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&yy=1664726d9fa4060b660f7b682c21cd9e&o=270&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0
104.26.4.26200 OK 0 B URL HTTP/2 px.netpub.media/iab?g=1&m=898&l=1268&h=0&b=string&z=1c2b3d8f5084c3670b0ffbd768d4c149&r=90&w=14f9494694a9078dc2f4ae3c92e41760&v=1.6.0&y=%2F112081842%2C22620349674%2Fblogmado.com_728x90_banner1_marco2&n=100&e=0&zz=4f77504282e29ecfe43ad0ca4eeada5a87b59c0d71f560cf7f770249af716ab8&a=true&p=287&aa=fa22b249cd650d670071fea21d2096f040c2a5b15e969792c89bc8a1b136bef1&xx=4a54823cf5abfe9f0e9d3cdf405aacc7&j=0&k=3&x=netpub&f=dfp&i=1&t=1668470720607&s=complete&c=FR&q=728&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&yy=1664726d9fa4060b660f7b682c21cd9e&o=270&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0
IP 104.26.4.26:0
GET /iab?g=1&m=898&l=1268&h=0&b=string&z=1c2b3d8f5084c3670b0ffbd768d4c149&r=90&w=14f9494694a9078dc2f4ae3c92e41760&v=1.6.0&y=%2F112081842%2C22620349674%2Fblogmado.com_728x90_banner1_marco2&n=100&e=0&zz=4f77504282e29ecfe43ad0ca4eeada5a87b59c0d71f560cf7f770249af716ab8&a=true&p=287&aa=fa22b249cd650d670071fea21d2096f040c2a5b15e969792c89bc8a1b136bef1&xx=4a54823cf5abfe9f0e9d3cdf405aacc7&j=0&k=3&x=netpub&f=dfp&i=1&t=1668470720607&s=complete&c=FR&q=728&d=https%3A%2F%2Fblogmado.com%2F2022%2F06%2F22%2Fwhat-is-the-cost-of-health-insurance-policy-for-a-family%2F&yy=1664726d9fa4060b660f7b682c21cd9e&o=270&u=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0 HTTP/1.1
Host: px.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://blogmado.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 15 Nov 2022 00:05:20 GMT
content-type: image/png
access-control-allow-origin: *
access-control-allow-headers: X-HTTPREQUEST
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gBl0iAGANAoDmJMDtIB7PPDTRlNqM8Gdsda8l2e8T7YVj4MlUgxODabEb6AnRRIVpHDiStqY2tngee5IeYeT3yl52aO0eDksTHulEfjiVEnocIS3McX%2F5tDE87aFpeK9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a3bc140a25b50b-OSL
X-Firefox-Spdy: h2