s4.dinoplanet.de/
62.138.218.36302 Found 20 B IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET / HTTP/1.1
Host: s4.dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 05 Feb 2023 01:39:41 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 20
Connection: keep-alive
Set-Cookie: PHPSESSID=htaa95j8uog7742uqv4j0igcn0; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: http://dinoplanet.de/
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4867
Expires: Sun, 05 Feb 2023 03:00:48 GMT
Date: Sun, 05 Feb 2023 01:39:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9156
Expires: Sun, 05 Feb 2023 04:12:17 GMT
Date: Sun, 05 Feb 2023 01:39:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 01:36:17 GMT
content-type: application/json
age: 204
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16782
Expires: Sun, 05 Feb 2023 06:19:23 GMT
Date: Sun, 05 Feb 2023 01:39:41 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EgHfxq393219/peoeLt86hc5HMtE1vg3mmK0/im45pXcXaxVkgaIIXsoCRvn99iaaSRvSLKe8jU=
x-amz-request-id: Q7VEVFRKJPYG39S2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 00:53:03 GMT
age: 2798
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
dinoplanet.de/
62.138.218.36200 OK 4.6 kB IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (669)
Hash 53a9f6e8aa10177bdcecbab645094f92
4dea566ee8bac7b1652f13b52cdafd75c08e9998
8a153a9737b46f1945476955e1a50834641bafaac3e519838b35c1714d078062
GET / HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:41 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 4645
Connection: keep-alive
Set-Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 01:39:41 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dinoplanet.de/templates/style.css
62.138.218.36200 OK 3.4 kB URL HTTP/1.1 dinoplanet.de/templates/style.css
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
Hash 8463b12560cfd332f01d7a792d44e4fb
4166ff7183dc63de61b5895c05670575685d914b
73a2b4493bc33fce9fb2ac7a4c56b0be0c469ab5624b5a3a7d2b177192401ac6
GET /templates/style.css HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: text/css
Content-Length: 3361
Last-Modified: Fri, 31 May 2013 13:39:00 GMT
Connection: keep-alive
ETag: "51a8a7f4-d21"
X-Powered-By: PleskLin
Accept-Ranges: bytes
dinoplanet.de/trackback.js
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 dinoplanet.de/trackback.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type ASCII text, with CRLF line terminators
Hash 05365a9791a01f9efdbe5124996c52b6
b17affe5ef3c73adf157e77f02faef508dd90880
d3102b9efcbbb99aa1602a5b011c8d05510e10415d1370d03720c2f0ef439283
GET /trackback.js HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: application/javascript
Content-Length: 1051
Last-Modified: Thu, 05 Jul 2012 01:25:00 GMT
Connection: keep-alive
ETag: "4ff4ecec-41b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
dinoplanet.de/templates/scripts/global.js
62.138.218.36200 OK 1.9 kB URL HTTP/1.1 dinoplanet.de/templates/scripts/global.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
Hash 6190d887980becc8751ec05d0ec5f71a
d34b9a66b9d18b66520c4ff2562e46095fd15b38
0d0ef75a2358525bdeaedb152d22999f07c3e669c7a8e7b5edd283cf4eb2b738
GET /templates/scripts/global.js HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: application/javascript
Content-Length: 1898
Last-Modified: Fri, 31 May 2013 14:19:00 GMT
Connection: keep-alive
ETag: "51a8b154-76a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
dinoplanet.de/templates/scripts/startform.js
62.138.218.36200 OK 1.6 kB URL HTTP/1.1 dinoplanet.de/templates/scripts/startform.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type ASCII text, with CRLF line terminators
Hash bc19a5dfea383c7fddfcc9c885b5796c
fc538015f9a06be0b1d31f6f95dcaf75eba6ce59
fe27e9a7e63e755eda0db0a69a77f1c06e9a5fbf11ec3f6e6322b4ddeb51b54b
GET /templates/scripts/startform.js HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: application/javascript
Content-Length: 1572
Last-Modified: Sun, 26 May 2013 11:25:00 GMT
Connection: keep-alive
ETag: "51a1f10c-624"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.town-tycoon.de/gamebox.js
62.138.218.36200 OK 4.1 kB URL HTTP/1.1 www.town-tycoon.de/gamebox.js
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type HTML document, ASCII text, with CRLF line terminators
Hash 9fa10d999b834eb0aa2cdd7836b9b8c8
37eaf4966f007077a4399daf39aae6909cd6323e
25b270c7ce7cf57d4231bd916efc3a24a901469943d8e83167fd6cd4ec825b3f
GET /gamebox.js HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: application/javascript
Content-Length: 4077
Connection: keep-alive
Last-Modified: Tue, 11 Jun 2013 21:09:00 GMT
ETag: "fed-4dee74e575300"
Accept-Ranges: bytes
X-Powered-By: PleskLin
tycoon.adspirit.net/adscript.php?pid=74&ord=[timestamp]
213.95.181.105200 OK 2.7 kB URL HTTP/1.1 tycoon.adspirit.net/adscript.php?pid=74&ord=[timestamp]
IP 213.95.181.105:0
ASN #12337 noris network AG
File type ASCII text, with very long lines (2747), with no line terminators
Hash 6f8223305afc805fbd8d0694dd59b439
c589e1abb35118be568110c3f00c51b85eb525fa
5754bda3ce1d09100052ffd0752bd18b5e18ea2ac7ac90f5b4e7f81f7a0a00bc
GET /adscript.php?pid=74&ord=[timestamp] HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:39:42 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Sun, 05 Feb 2023 01:39:42 GMT
Keep-Alive: timeout=3, max=1000
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.town-tycoon.de/img/promo/sg.gif
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/sg.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash 56f079a70acb27d71011803b1e6bf960
98db02960b9717bdfb36abbfb0dbb0a9632f9050
9995dfe375b411cd85c1cad418582f3f9112eb937fdab401a994ddfb59c9133f
GET /img/promo/sg.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/gif
Content-Length: 1080
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:19:00 GMT
ETag: "438-4edf8cc2cc100"
Accept-Ranges: bytes
X-Powered-By: PleskLin
dinoplanet.de/images/screenshots/01t.jpg
62.138.218.36200 OK 4.6 kB URL HTTP/1.1 dinoplanet.de/images/screenshots/01t.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 118x89, components 3\012- data
Hash 426f8abfbfc2e9a6a1c0476cb975b265
2bf3bc9b82487cd0712bcc05edb791602cc899ae
3bc9cb4247a093089d5c38de58c34ca33fd2d835134470b9d4d11024121dda41
GET /images/screenshots/01t.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 4620
Last-Modified: Tue, 11 Jun 2013 21:16:00 GMT
Connection: keep-alive
ETag: "51b79390-120c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
dinoplanet.de/images/screenshots/05t.jpg
62.138.218.36200 OK 4.9 kB URL HTTP/1.1 dinoplanet.de/images/screenshots/05t.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 118x89, components 3\012- data
Hash 4341c48803bb6b9f34d37b199ab5fcd0
a0cf106fdbfb241cd83ca8d3d74637264c18561a
6775bee1a10133fc0b9373567c0cde58d5c49f265fd5290ce8636291361660f2
GET /images/screenshots/05t.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 4900
Last-Modified: Tue, 11 Jun 2013 21:17:00 GMT
Connection: keep-alive
ETag: "51b793cc-1324"
X-Powered-By: PleskLin
Accept-Ranges: bytes
dinoplanet.de/images/screenshots/03t.jpg
62.138.218.36200 OK 3.3 kB URL HTTP/1.1 dinoplanet.de/images/screenshots/03t.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 118x89, components 3\012- data
Hash 5a503183dbb4e5f3025bdb6d0db5031f
a6ef42892b0929774875adcd28ca917ef102850a
a5251f1004da7e903e0758b6b12899a73011e38f82ccbdbbc12fe8a6c2c72d7d
GET /images/screenshots/03t.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 3300
Last-Modified: Tue, 11 Jun 2013 21:17:00 GMT
Connection: keep-alive
ETag: "51b793cc-ce4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
dinoplanet.de/images/screenshots/02t.jpg
62.138.218.36200 OK 4.7 kB URL HTTP/1.1 dinoplanet.de/images/screenshots/02t.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 118x89, components 3\012- data
Hash b361be683acf791e9bb937fe95f26c53
aac71cd0ab4b4a6ba8736590afad3a6832c33006
1fbaafb77968c995c7658b8b511cb6eb503f5d01af87fff25ff2929ebb39f0fb
GET /images/screenshots/02t.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 4747
Last-Modified: Tue, 11 Jun 2013 21:16:00 GMT
Connection: keep-alive
ETag: "51b79390-128b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
dinoplanet.de/images/spacer.gif
62.138.218.36200 OK 807 B URL HTTP/1.1 dinoplanet.de/images/spacer.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 1 x 1\012- data
Hash a0db3b8301c015a2de23b6aab08a48c9
5fcac40d47cd7bf5e58efbe0c9e9c56582867585
6bf788214f0920f04146aa23bc2d8588b55a3e81b5c7f25acc4377b895030979
GET /images/spacer.gif HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/gif
Content-Length: 807
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 31 May 2013 12:39:00 GMT
ETag: "327-4de02e62f4100"
Accept-Ranges: bytes
X-Powered-By: PleskLin
dinoplanet.de/images/screenshots/04t.jpg
62.138.218.36200 OK 4.1 kB URL HTTP/1.1 dinoplanet.de/images/screenshots/04t.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 118x89, components 3\012- data
Hash 88ceb03a00943f70ee41097a58c166d1
bbc5062533722477bc2eb184dc165e0d03ceff72
1b47781f21f26bc38d4a10a7f4cbee8999291515e1068f15e10a87976e82be5a
GET /images/screenshots/04t.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 4111
Last-Modified: Tue, 11 Jun 2013 21:17:00 GMT
Connection: keep-alive
ETag: "51b793cc-100f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
tycoon.adspirit.net/adscript.php?pid=74&ord=%5Btimestamp%5D&wpcn=asmpvx5532161675561182&&vis=-1
213.95.181.105200 OK 294 B URL HTTP/1.1 tycoon.adspirit.net/adscript.php?pid=74&ord=%5Btimestamp%5D&wpcn=asmpvx5532161675561182&&vis=-1
IP 213.95.181.105:0
ASN #12337 noris network AG
File type ASCII text, with no line terminators
Hash 2295cf32a54fb477dbe4bcd5d7d8e23d
979caf81f3e1181f11d9740b44cc88a4a09a35f0
a4f5d1f14ea7790445e77aa475c09cc41bfdc36aaffbbba87cb973dfc83e7d8f
GET /adscript.php?pid=74&ord=%5Btimestamp%5D&wpcn=asmpvx5532161675561182&&vis=-1 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:39:42 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Sun, 05 Feb 2023 01:39:42 GMT
Keep-Alive: timeout=3, max=999
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.town-tycoon.de/img/promo/ic.gif
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/ic.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash b115c5bb4bb4b8dc2280ff42f8cbd2a0
59a766e8924d376550d414b6c8e04ac374032bdf
b6dfd5e50e54dbd46e008469db025788af2e80ab1662dc5a4c5344ebe7579347
GET /img/promo/ic.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/gif
Content-Length: 1084
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:18:00 GMT
ETag: "43c-4edf8c8993a00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/pk.gif
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/pk.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash 72180b331085ab3124732ea36bf75c76
5285c25b3bbbc28b510bdedfef5fc67044aa3b87
26c2285e5784f808ca8da29345b219ad21c9aed1af2ef25357c96482438b592b
GET /img/promo/pk.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/gif
Content-Length: 1086
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:24:00 GMT
ETag: "43e-4edf8de0e6400"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/cf.gif
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/cf.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash 5a0b361846fc356a756fd002674e9fa2
883e32e8a681b8a6c4742f9994428036ddb5ed9c
995e7bab96489073cf9ef5acce20da15e0c1ec8d74ac817909ad5e9f2149f77e
GET /img/promo/cf.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/gif
Content-Length: 1087
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:17:00 GMT
ETag: "43f-4edf8c505b300"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/dp.gif
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/dp.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash f17de2c5ac02185dddd5b17fc1c29c67
6229eab9ab58b1188262bf681b726ece32674c99
643c8882bbd2ea1c9d3e51a73370decdfe985ec83c0117db79f4fc4571937efc
GET /img/promo/dp.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/gif
Content-Length: 1087
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:22:00 GMT
ETag: "43f-4edf8d6e75600"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/koe.gif
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/koe.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash f3a03af33b146c1314ff4ae7282521ab
1925d646453ae47e456c4dbe69957d26c975725b
8aaf783289612c5133caed85beb77c7e626e7c618a943ca4945e438c90fdc376
GET /img/promo/koe.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/gif
Content-Length: 1087
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:21:00 GMT
ETag: "43f-4edf8d353cf00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/ds.gif
62.138.218.36200 OK 1.1 kB URL HTTP/1.1 www.town-tycoon.de/img/promo/ds.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash a3abe3bce70de0d0eff6a0a7b016f4b0
75e9b9adbfa7b840100b2a81ca194444e210db4e
ec49462c6da910f562669d03919ebe0bc7a6d80ca4f6d5b852b39517f814781a
GET /img/promo/ds.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/gif
Content-Length: 1083
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:21:00 GMT
ETag: "43b-4edf8d353cf00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.town-tycoon.de/img/promo/tt.gif
62.138.218.36200 OK 427 B URL HTTP/1.1 www.town-tycoon.de/img/promo/tt.gif
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type GIF image data, version 89a, 16 x 16\012- data
Hash 6954a514c699d504a6da640fc862d9f5
366e9c2a50cf041ef10ec517c906088d64f1b436
7a88ea7f37d540c6b48e6acb3d237aef92128af27b070229fc3014e4955d4f1e
GET /img/promo/tt.gif HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/gif
Content-Length: 427
Connection: keep-alive
Last-Modified: Fri, 20 Dec 2013 15:17:00 GMT
ETag: "1ab-4edf8c505b300"
Accept-Ranges: bytes
X-Powered-By: PleskLin
dinoplanet.de/templates/images/bg.jpg
62.138.218.36200 OK 526 B URL HTTP/1.1 dinoplanet.de/templates/images/bg.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 13x500, components 3\012- data
Hash d8cfabb29a313cec21f05df69f037172
6fefc5493eda1f4a786b0dcf0ee63475f8715554
f17b803e80b9159ee3e651978c7b4a7bba4643cdbd6ca7a4deb0f609184b5f1a
GET /templates/images/bg.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/templates/style.css
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7; tb=1; tbs=
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 526
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 31 May 2013 14:19:00 GMT
ETag: "20e-4de044bcffd00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
cdn.adspirit.de/banner/asm_pageview.min.js
185.59.220.17200 OK 770 B URL HTTP/1.1 cdn.adspirit.de/banner/asm_pageview.min.js
IP 185.59.220.17:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (1958), with no line terminators
Hash 38719be41633c2bd705462c74876a4c5
c87c65ab7373a749f42ece37d19a91ce8ae7e5b6
e1688294d53ac14391b3b271de612b6d03c91e76b420b4657fbfd3f86db75b3b
GET /banner/asm_pageview.min.js HTTP/1.1
Host: cdn.adspirit.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 11 Jun 2019 08:31:43 GMT
ETag: W/"d6e34d9-7a6-58b08206459c0"
X-Accel-Expires: @1675604009
Server: CDN77-Turbo
X-77-NZT: Abk73BAvxpv/tfsBAA
X-77-NZT-Ray: 9083393004502b74de08df63bac38016
X-Cache: HIT
X-Age: 129973
X-77-POP: frankfurtDE
X-77-Cache: HIT
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 01:07:20 GMT
age: 1942
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
dinoplanet.de/advertising/sidebar-root.html
62.138.218.36200 OK 771 B URL HTTP/1.1 dinoplanet.de/advertising/sidebar-root.html
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash cffd376e762017e296b64265cbcb56e8
78a8f9595b2e81cf3371b7ba705aa4019dc33e1b
0c6e00be4a36075f5ff26a8749724d72196019f26c088fc23aef292fe7c19a70
GET /advertising/sidebar-root.html HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7; tb=1; tbs=
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: text/html
Content-Length: 771
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 31 May 2013 12:38:00 GMT
ETag: "303-4de02e29bba00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
dinoplanet.de/templates/images/content_bg.jpg
62.138.218.36200 OK 417 B URL HTTP/1.1 dinoplanet.de/templates/images/content_bg.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 745x2, components 3\012- data
Hash fc861419c5a381700cfffb63af3ec649
c79dd6fda2a697f354fd10520ba870fa0581041e
1acca165525adbd09d177ce7fc299e29e8399e89bfbff81e7439295e57379475
GET /templates/images/content_bg.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/templates/style.css
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7; tb=1; tbs=
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 417
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 31 May 2013 14:19:00 GMT
ETag: "1a1-4de044bcffd00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
dinoplanet.de/templates/images/content_top.jpg
62.138.218.36200 OK 9.6 kB URL HTTP/1.1 dinoplanet.de/templates/images/content_top.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 745x165, components 3\012- data
Hash 7838ccabbbdecb83282eb196de4fa51f
a9ff17eeffa8640c0f1c645c247920b2819de062
6b304ae01589513323d8921873293b929a0110791c57000e36a7b03d85355b3f
GET /templates/images/content_top.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/templates/style.css
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7; tb=1; tbs=
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 9567
Last-Modified: Fri, 31 May 2013 14:19:00 GMT
Connection: keep-alive
ETag: "51a8b154-255f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
dinoplanet.de/templates/images/title.jpg
62.138.218.36200 OK 2.0 kB URL HTTP/1.1 dinoplanet.de/templates/images/title.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 680x21, components 3\012- data
Hash cff128bb7ec669167c2cdd8aaa95c6d7
7f7c1136f6cd0d30913851fb324b8507f7e063f5
0429071eabb815adda9ce359f12cbf5d9acf7717b254175e0864fe5f0d39e29c
GET /templates/images/title.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/templates/style.css
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7; tb=1; tbs=
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 2018
Last-Modified: Fri, 31 May 2013 14:19:00 GMT
Connection: keep-alive
ETag: "51a8b154-7e2"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.town-tycoon.de/img/1x1gray2.png
62.138.218.36200 OK 5.6 kB URL HTTP/1.1 www.town-tycoon.de/img/1x1gray2.png
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced\012- data
Hash fe6dc10b4d2173024e825951d8f90d39
ca181a586423fbdcd4546c56c492f7da4805f055
5381fc7a38a7cee064ab4ad3d42e60b60452d73d79c745eac8e7d62721f26945
GET /img/1x1gray2.png HTTP/1.1
Host: www.town-tycoon.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/png
Content-Length: 5607
Connection: keep-alive
Last-Modified: Sat, 15 Sep 2012 16:22:00 GMT
ETag: "15e7-4c9bff0a31a00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
dinoplanet.de/templates/images/content_footer.jpg
62.138.218.36200 OK 4.0 kB URL HTTP/1.1 dinoplanet.de/templates/images/content_footer.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 745x80, components 3\012- data
Hash 80455938c537b50d4050bd9d2e6ae647
a4504e7c5c10ad06472b3bd3c905f574c3197cfe
231cb1ac168d6e3de4f589256f3025a1349db1955656f69b8e462364ba4f3997
GET /templates/images/content_footer.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/templates/style.css
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7; tb=1; tbs=
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 3994
Last-Modified: Fri, 31 May 2013 14:19:00 GMT
Connection: keep-alive
ETag: "51a8b154-f9a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
dinoplanet.de/templates/images/side_bg.jpg
62.138.218.36200 OK 363 B URL HTTP/1.1 dinoplanet.de/templates/images/side_bg.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 215x2, components 3\012- data
Hash 0df6b3984af848602d6cbb204aebdb9c
948a5c38d8bca1feedf9d8576ff85fbc525426c4
2e982fa55a0fd80d166ca5c09fe8855628e9d5ae990a9152393b701050acb117
GET /templates/images/side_bg.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/templates/style.css
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7; tb=1; tbs=
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 363
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 31 May 2013 14:19:00 GMT
ETag: "16b-4de044bcffd00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
dinoplanet.de/templates/images/side_top.jpg
62.138.218.36200 OK 1.5 kB URL HTTP/1.1 dinoplanet.de/templates/images/side_top.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 215x165, components 3\012- data
Hash 81c7d4d160e53a934a33fa370ad10618
20f02ea6c711453a27787914e5e58fa003589f4e
9868d5d74b2f7a21cdff4fe1db3b966c096c4a329307582ec5149d4d1e66ea88
GET /templates/images/side_top.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/templates/style.css
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7; tb=1; tbs=
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 1503
Last-Modified: Fri, 31 May 2013 14:19:00 GMT
Connection: keep-alive
ETag: "51a8b154-5df"
X-Powered-By: PleskLin
Accept-Ranges: bytes
dinoplanet.de/images/splash.jpg
62.138.218.36200 OK 26 kB URL HTTP/1.1 dinoplanet.de/images/splash.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 510x120, components 3\012- data
Hash ac9d14223915a0e4e4add08ea3235f90
8223c7aa450ccd3e3b75bd353e6258bd1a0e7db4
9b1c275a7b93c300f440ee2f2f73f3ae5cd07d9121e55750dee4d9d61897f692
GET /images/splash.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7; tb=1; tbs=
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 25533
Last-Modified: Fri, 31 May 2013 12:39:00 GMT
Connection: keep-alive
ETag: "51a899e4-63bd"
X-Powered-By: PleskLin
Accept-Ranges: bytes
dinoplanet.de/templates/images/dinos_bg.jpg
62.138.218.36200 OK 17 kB URL HTTP/1.1 dinoplanet.de/templates/images/dinos_bg.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 510x120, components 3\012- data
Hash fbd98271fedffb8727d1a413a67d5d17
ee88526b3c427267f9699507f02631b83cffe7a6
a6018bbb351ad68bf958be48b514c3734477eb7bc84b546157efd00e778756ed
GET /templates/images/dinos_bg.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7; tb=1; tbs=
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 16706
Last-Modified: Fri, 31 May 2013 14:19:00 GMT
Connection: keep-alive
ETag: "51a8b154-4142"
X-Powered-By: PleskLin
Accept-Ranges: bytes
dinoplanet.de/templates/images/side_footer.jpg
62.138.218.36200 OK 616 B URL HTTP/1.1 dinoplanet.de/templates/images/side_footer.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 215x20, components 3\012- data
Hash c6e7882137b5cb11e2edfec50c509976
4c2c30eaf04ef8fa2a943cc3c92c1688c44264f2
3c5c7d9cd6f27c9f0131ee7dd8bcdc2a5c26293626b9ff433dc96448127c6a20
GET /templates/images/side_footer.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/templates/style.css
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7; tb=1; tbs=
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 616
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 31 May 2013 14:19:00 GMT
ETag: "268-4de044bcffd00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
tycoon.adspirit.net/adscript.php?pid=71&ord=[timestamp]
213.95.181.105200 OK 2.8 kB URL HTTP/1.1 tycoon.adspirit.net/adscript.php?pid=71&ord=[timestamp]
IP 213.95.181.105:0
ASN #12337 noris network AG
File type ASCII text, with very long lines (2751), with no line terminators
Hash fb48e73521db2c22bcfbd1b35196391e
5e2252695c2902fb8dee648823cdba3e60b952ec
a0bd41933aa57993ca6a535ff877a76e3522805377d553822564b4fe94259546
GET /adscript.php?pid=71&ord=[timestamp] HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:39:42 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Sun, 05 Feb 2023 01:39:42 GMT
Keep-Alive: timeout=3, max=998
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
dinoplanet.de/templates/images/header.jpg
62.138.218.36200 OK 95 kB URL HTTP/1.1 dinoplanet.de/templates/images/header.jpg
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 960x335, components 3\012- data
Hash eca63e771831425462dc6e4f50de34ff
fec3e9ca60832e14867b5e7a0857fdcdb85700c0
79a8357796a0db14405c65956d91b52ecdb42fbbfd37787c1237673fdd091c77
GET /templates/images/header.jpg HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/templates/style.css
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7; tb=1; tbs=
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: image/jpeg
Content-Length: 94592
Last-Modified: Fri, 31 May 2013 14:19:00 GMT
Connection: keep-alive
ETag: "51a8b154-17180"
X-Powered-By: PleskLin
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6199
Expires: Sun, 05 Feb 2023 03:23:01 GMT
Date: Sun, 05 Feb 2023 01:39:42 GMT
Connection: keep-alive
tycoon.adspirit.net/adscript.php?pid=71&ord=%5Btimestamp%5D&wpcn=asmpvx8878941675561182&&vis=3
213.95.181.105200 OK 3.3 kB URL HTTP/1.1 tycoon.adspirit.net/adscript.php?pid=71&ord=%5Btimestamp%5D&wpcn=asmpvx8878941675561182&&vis=3
IP 213.95.181.105:0
ASN #12337 noris network AG
File type ASCII text, with very long lines (2630)
Hash e6aefc759c93704469cd0ad9492ff41a
bfcbbafb069f2620d004b3e6321615ca1dca6a1b
30eb0ed40d832f9c5b40a762b85913c2bfde7705f3a9d7c992f6a0571c2bd38f
GET /adscript.php?pid=71&ord=%5Btimestamp%5D&wpcn=asmpvx8878941675561182&&vis=3 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:39:42 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Last-Modified: Sun, 05 Feb 2023 01:39:42 GMT
Keep-Alive: timeout=3, max=997
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
cdn.adspirit.de/banner/adviewability.js
185.59.220.17200 OK 1.9 kB URL HTTP/1.1 cdn.adspirit.de/banner/adviewability.js
IP 185.59.220.17:0
ASN #60068 Datacamp Limited
Hash a4cec1ecc8880ad56e0a00aa795e5fc9
ecd46ff19ac3b262d8218f5adabe9871e36eb38b
9db4da4f2b367afe0cfe2352133c8321e225793e86c4ca6577829b96165af866
GET /banner/adviewability.js HTTP/1.1
Host: cdn.adspirit.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:39:42 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 12 Jul 2022 09:23:18 GMT
ETag: W/"d6e34c4-192d-5e3983805ed80"
X-Accel-Expires: @1675590382
Server: CDN77-Turbo
X-77-NZT: Abk73BCLFaH/8DACAA
X-77-NZT-Ray: 9083393004502b74de08df6308a6102b
X-Cache: HIT
X-Age: 143600
X-77-POP: frankfurtDE
X-77-Cache: HIT
Content-Encoding: gzip
tycoon.adspirit.net/adview.php?tz=1675561182340982271tzmacro&&pid=71&kid=81&wmid=410&gdpr_consent=&nvc=1&tgt=000000128&target=-
213.95.181.105200 OK 43 B URL HTTP/1.1 tycoon.adspirit.net/adview.php?tz=1675561182340982271tzmacro&&pid=71&kid=81&wmid=410&gdpr_consent=&nvc=1&tgt=000000128&target=-
IP 213.95.181.105:0
ASN #12337 noris network AG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6f81c41597d3f5a336f458822cc0c32a
8cd77a54b38f1fb376b45af2eaab8f5982523b8d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /adview.php?tz=1675561182340982271tzmacro&&pid=71&kid=81&wmid=410&gdpr_consent=&nvc=1&tgt=000000128&target=- HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:39:42 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Connection: close
Last-Modified: Sun, 05 Feb 2023 01:39:42 GMT
Content-Length: 43
Content-Type: image/gif
tycoon.adspirit.net/adviewability.php?pid=71&wmid=410&sid=0&sid2=0&sid3=0&gdpr_consent=&s=0&t=1675561220842
213.95.181.105200 OK 43 B URL HTTP/1.1 tycoon.adspirit.net/adviewability.php?pid=71&wmid=410&sid=0&sid2=0&sid3=0&gdpr_consent=&s=0&t=1675561220842
IP 213.95.181.105:0
ASN #12337 noris network AG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6f81c41597d3f5a336f458822cc0c32a
8cd77a54b38f1fb376b45af2eaab8f5982523b8d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /adviewability.php?pid=71&wmid=410&sid=0&sid2=0&sid3=0&gdpr_consent=&s=0&t=1675561220842 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:39:42 GMT
Server: Apache
X-Powered-By: PHP/7.3.31
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Connection: close
Last-Modified: Sun, 05 Feb 2023 01:39:42 GMT
Content-Length: 43
Content-Type: image/gif
ssp.adspirit.de/rtb/getusermatch.php?umid=0&output=1&external_user_id=a397625a403c26efed47d6149a8d580f21e49ddfe619b31bf0a294464fadd
85.215.2.53200 OK 1.1 kB URL HTTP/1.1 ssp.adspirit.de/rtb/getusermatch.php?umid=0&output=1&external_user_id=a397625a403c26efed47d6149a8d580f21e49ddfe619b31bf0a294464fadd
IP 85.215.2.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 944044e4fa88647b8b10affe686c7104
91917d207b2dd656c3632f5a059fa5515cd93dd6
b0b1825cf1260549bdea1cc00d2d539cc3d4932450263960877d64436019399e
GET /rtb/getusermatch.php?umid=0&output=1&external_user_id=a397625a403c26efed47d6149a8d580f21e49ddfe619b31bf0a294464fadd HTTP/1.1
Host: ssp.adspirit.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
date: Sun, 05 Feb 2023 01:39:42 GMT
server: Apache
access-control-allow-origin: *
content-length: 1100
content-type: text/html; charset=UTF-8
ads.adtiger.de/rtb/usermatch.php?umid=2&dataid=1&userid=a397625a403c26efed47d6149a8d580f21e49ddfe619b31bf0a294464fadd&redirecturl=http%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fdataid%3D1%26output%3D1%26&call_type=redirect
213.95.181.109302 Found 0 B URL HTTP/1.1 ads.adtiger.de/rtb/usermatch.php?umid=2&dataid=1&userid=a397625a403c26efed47d6149a8d580f21e49ddfe619b31bf0a294464fadd&redirecturl=http%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fdataid%3D1%26output%3D1%26&call_type=redirect
IP 213.95.181.109:0
ASN #12337 noris network AG
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rtb/usermatch.php?umid=2&dataid=1&userid=a397625a403c26efed47d6149a8d580f21e49ddfe619b31bf0a294464fadd&redirecturl=http%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fdataid%3D1%26output%3D1%26&call_type=redirect HTTP/1.1
Host: ads.adtiger.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 05 Feb 2023 01:39:42 GMT
Server: Apache
X-Powered-By: PHP/7.3.31
Location: http://tycoon.adspirit.net/rtb/getusermatch.php?dataid=1&output=1&&dataid=adspirit&user_id=a397625a403c26efed47d6149a8d580f21e49ddfe619b31bf0a294464fadd&external_user_id=a397625a403c26efed47d6149a8d580f8d2af9a643606df555c1762484883&ord=1675561182
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ads.pubmatic.com/AdServer/js/userSync.js
23.38.200.201200 OK 2.3 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/userSync.js
IP 23.38.200.201:0
File type ASCII text, with very long lines (6899), with no line terminators
Hash a4c2f0a7daeda6ee5645a39c5421a0b6
a51a4d193e533f27cfeb2b3b02dc90e8b82b0d05
1bcf542a8d631d12c8114f2431cb2aacf33881a0d878e11ac0bcfd440d18a6e5
GET /AdServer/js/userSync.js HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ssp.adspirit.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 15 Jun 2021 06:08:14 GMT
etag: "1300709-1af3-5c4c7cca9e573"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 2267
content-type: text/javascript
cache-control: max-age=19135
expires: Sun, 05 Feb 2023 06:58:37 GMT
date: Sun, 05 Feb 2023 01:39:42 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
tycoon.adspirit.net/rtb/getusermatch.php?dataid=1&output=1&&dataid=adspirit&user_id=a397625a403c26efed47d6149a8d580f21e49ddfe619b31bf0a294464fadd&external_user_id=a397625a403c26efed47d6149a8d580f8d2af9a643606df555c1762484883&ord=1675561182
213.95.181.105200 OK 56 B URL HTTP/1.1 tycoon.adspirit.net/rtb/getusermatch.php?dataid=1&output=1&&dataid=adspirit&user_id=a397625a403c26efed47d6149a8d580f21e49ddfe619b31bf0a294464fadd&external_user_id=a397625a403c26efed47d6149a8d580f8d2af9a643606df555c1762484883&ord=1675561182
IP 213.95.181.105:0
ASN #12337 noris network AG
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 63561412d13debd335c392e63049e792
3e1948d5848326760de01e30cbcb42f84cf78c77
a8c29603cd20494f040a991cb5fb085f6b0a8ecec0d92459c90a2736545e6c5e
GET /rtb/getusermatch.php?dataid=1&output=1&&dataid=adspirit&user_id=a397625a403c26efed47d6149a8d580f21e49ddfe619b31bf0a294464fadd&external_user_id=a397625a403c26efed47d6149a8d580f8d2af9a643606df555c1762484883&ord=1675561182 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dinoplanet.de/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:39:42 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
Access-Control-Allow-Origin: *
Keep-Alive: timeout=3, max=1000
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=UTF-8
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oxCL7V0NHk4pzGz8F85Nxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aPuhsnCagicFz+f4nLd1XAu/pW8=
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 5f4b811e1ed861667a048ffadb3192bf
7ec2e45caaae22cedca695ad321bbc0ad8000341
4a253e303685052e73d5c1cb74d5967324a5932c408f3f65464c4b6121fc294d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=119012
Date: Sun, 05 Feb 2023 01:39:43 GMT
Etag: "63de36c3-1d7"
Expires: Mon, 06 Feb 2023 10:43:15 GMT
Last-Modified: Sat, 04 Feb 2023 10:43:15 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: f7jU3wtsGP24qGT4DGUmuE0JpP63LTbEBNrMVul2NXgY9o9O7XhqhA==
cdn.adspirit.de/banner/tycoon/81/2013-05-22/0_inselcompany_160x600_03.gif
185.59.220.17200 OK 50 kB URL HTTP/1.1 cdn.adspirit.de/banner/tycoon/81/2013-05-22/0_inselcompany_160x600_03.gif
IP 185.59.220.17:0
ASN #60068 Datacamp Limited
File type GIF image data, version 89a, 160 x 600\012- data
Hash 2a7e3178ba979d2e6bcbe3257c2a9d3b
d8b595cd0a8260af112b5933df074e7bbc7f71ee
fddad11928f533ff0b4d428d857a1f99c163a111a45216aad53b7f3189167e9c
GET /banner/tycoon/81/2013-05-22/0_inselcompany_160x600_03.gif HTTP/1.1
Host: cdn.adspirit.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:39:43 GMT
Content-Type: image/gif
Content-Length: 50261
Connection: keep-alive
Last-Modified: Fri, 17 Apr 2015 16:43:11 GMT
ETag: "101547a2-c455-513ee4698a0a3"
X-Accel-Expires: @1675733983
Server: CDN77-Turbo
X-77-NZT: Abk73BCwV3ah
X-77-NZT-Ray: 90833930f2450579de08df636fba682c
X-Cache: MISS
X-77-POP: frankfurtDE
X-77-Cache: MISS
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash b4354a9ba9090b58b80e2006507706bb
68543577ba09b6d3e5af06d831d09e5c75babcb1
17915bcdc8d702be290ea7aace9aed85ffc3dca4659ef6aadf77c04aa904bcf4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 01:39:43 GMT
Last-Modified: Sun, 05 Feb 2023 00:03:32 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: d0_V7E-RWxYedKr-09ynDKMGJPnELf-HgPmJ7gMVgjn289zMt5eCBg==
Age: 5771
ice.360yield.com/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
18.193.152.7302 Found 0 B URL HTTP/2 ice.360yield.com/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
IP 18.193.152.7:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ssp.adspirit.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 01:39:43 GMT
content-type: text/plain
content-length: 0
location: https://ice.360yield.com/ul_cb/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
set-cookie: tuuid=cbf89c22-b249-40bb-a6e8-1a44d8b555fc; Expires=Sat, 06 May 2023 01:39:43 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1675561183; Expires=Sat, 06 May 2023 01:39:43 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
pad.360polaris.biz/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
54.155.210.17302 Found 0 B URL HTTP/1.1 pad.360polaris.biz/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
IP 54.155.210.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: pad.360polaris.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dinoplanet.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
set-cookie: tuuid=c633f636-f580-4fb4-b7ff-d5a8a36b92a3; Expires=Sat, 06 May 2023 01:39:43 GMT; Domain=.360polaris.biz; Path=/;
tuuid_lu=1675561183; Expires=Sat, 06 May 2023 01:39:43 GMT; Domain=.360polaris.biz; Path=/;
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: http://pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
content-type: text/plain
content-length: 0
date: Sun, 05 Feb 2023 01:39:43 GMT
ice.360yield.com/ul_cb/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
18.193.152.7200 OK 43 B URL HTTP/2 ice.360yield.com/ul_cb/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
IP 18.193.152.7:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?partner_id=1539&r=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D1%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: ice.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ssp.adspirit.de/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 01:39:43 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
54.155.210.17301 Moved Permanently 0 B URL HTTP/1.1 pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
IP 54.155.210.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: pad.360polaris.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dinoplanet.de/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
content-length: 0
location: https://pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
54.155.210.17200 OK 43 B URL HTTP/1.1 pad.360polaris.biz/ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D
IP 54.155.210.17:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/server_match?partner_id=2078&r=https%3A%2F%2Ftycoon.adspirit.net%2Frtb%2Fgetusermatch.php%3Fumid%3D11%26output%3D1%26external_user_id%3D%7BPUB_USER_ID%7D HTTP/1.1
Host: pad.360polaris.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dinoplanet.de/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type: image/gif
content-length: 43
date: Sun, 05 Feb 2023 01:39:43 GMT
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20085
Date: Sat, 04 Feb 2023 23:43:22 GMT
Expires: Sun, 05 Feb 2023 01:43:22 GMT
Cache-Control: public, max-age=7200
Age: 6981
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
tycoon.adspirit.net/adpageview.php?&wsid=11&sid=0&sid2=0&sid3=0&gdpr_consent=&tz=1675561220684
213.95.181.105200 OK 43 B URL HTTP/1.1 tycoon.adspirit.net/adpageview.php?&wsid=11&sid=0&sid2=0&sid3=0&gdpr_consent=&tz=1675561220684
IP 213.95.181.105:0
ASN #12337 noris network AG
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6f81c41597d3f5a336f458822cc0c32a
8cd77a54b38f1fb376b45af2eaab8f5982523b8d
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
GET /adpageview.php?&wsid=11&sid=0&sid2=0&sid3=0&gdpr_consent=&tz=1675561220684 HTTP/1.1
Host: tycoon.adspirit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 01:39:43 GMT
Server: Apache
X-Powered-By: PHP/7.3.29
P3P: policyref="https://help.adspirit.de/w3c/adspirit.p3p", CP="NOI DSP COR NID PSAo PSDo IVAo IVDo OUR STP UNI COM NAV DEM"
Cache-Control: no-store, no-cache, must-revalidate
Expires: 0
Pragma: no-cache
Access-Control-Allow-Origin: *
X-XSS-Protection: 0
Connection: close
Last-Modified: Sun, 05 Feb 2023 01:39:43 GMT
Content-Length: 43
Content-Type: image/gif
dinoplanet.de/favicon.ico
62.138.218.36200 OK 2.3 kB URL HTTP/1.1 dinoplanet.de/favicon.ico
IP 62.138.218.36:0
ASN #61157 PlusServer GmbH
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 16x16, 32 bits/pixel\012- data
Hash 283ea0367905f9eb82c32bfe5c9acaac
b529ced9cf3a016ffac4a99e37a0e37e93eaf802
3e4ceda44e4c4615500ed80165ce2bf6b6e55b70207023a3ba448baae0033775
GET /favicon.ico HTTP/1.1
Host: dinoplanet.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dinoplanet.de/
Cookie: PHPSESSID=l1cmqbb13rbn1csl11tea2k1i7; tb=1; tbs=
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 01:39:43 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 2294
Last-Modified: Fri, 31 May 2013 12:38:00 GMT
Connection: keep-alive
ETag: "51a899a8-8f6"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 01:39:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j99&a=827079858&t=pageview&_s=1&dl=http%3A%2F%2Fdinoplanet.de%2F&ul=en-us&de=UTF-8&dt=Dinosaurier%20Browsergame%20DinoPlanet%20-%20Dinoplanet%20-&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAAABAAAAACAAI~&jid=792099854&gjid=1727382144&cid=826861667.1675561222&tid=UA-25000444-9&_gid=1808765444.1675561222&_r=1&_slc=1&z=586228378
142.250.74.110200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j99&a=827079858&t=pageview&_s=1&dl=http%3A%2F%2Fdinoplanet.de%2F&ul=en-us&de=UTF-8&dt=Dinosaurier%20Browsergame%20DinoPlanet%20-%20Dinoplanet%20-&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAAABAAAAACAAI~&jid=792099854&gjid=1727382144&cid=826861667.1675561222&tid=UA-25000444-9&_gid=1808765444.1675561222&_r=1&_slc=1&z=586228378
IP 142.250.74.110:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j99&a=827079858&t=pageview&_s=1&dl=http%3A%2F%2Fdinoplanet.de%2F&ul=en-us&de=UTF-8&dt=Dinosaurier%20Browsergame%20DinoPlanet%20-%20Dinoplanet%20-&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=IEBAAAABAAAAACAAI~&jid=792099854&gjid=1727382144&cid=826861667.1675561222&tid=UA-25000444-9&_gid=1808765444.1675561222&_r=1&_slc=1&z=586228378 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://dinoplanet.de
Connection: keep-alive
Referer: http://dinoplanet.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://dinoplanet.de
date: Sun, 05 Feb 2023 01:39:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 01:39:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159098&s=665465&predirect=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
23.38.200.201200 OK 5.6 kB URL HTTP/2 ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159098&s=665465&predirect=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=&
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15889), with no line terminators
Hash 18a6bc0e051c0767f814f63ff07e65f9
8fbe4eb399d8501b90276723d38c9ffb4ab483fa
26341482a8d6c8384b2cb91aba95833ac2002bd284ff690adbd2009bf76cb95b
GET /AdServer/js/user_sync.html?kdntuid=1&SPug=true&p=159098&s=665465&predirect=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&userIdMacro=(PM_UID)&gdpr_consent=&gdpr=0&us_privacy=& HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ssp.adspirit.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5554
content-type: text/html
cache-control: max-age=139800
expires: Mon, 06 Feb 2023 16:29:43 GMT
date: Sun, 05 Feb 2023 01:39:43 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 01:39:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25000444-9&cid=826861667.1675561222&jid=792099854&gjid=1727382144&_gid=1808765444.1675561222&_u=IEBAAAAAAAAAACAAI~&z=1594037057
142.251.1.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25000444-9&cid=826861667.1675561222&jid=792099854&gjid=1727382144&_gid=1808765444.1675561222&_u=IEBAAAAAAAAAACAAI~&z=1594037057
IP 142.251.1.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25000444-9&cid=826861667.1675561222&jid=792099854&gjid=1727382144&_gid=1808765444.1675561222&_u=IEBAAAAAAAAAACAAI~&z=1594037057 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://dinoplanet.de
Connection: keep-alive
Referer: http://dinoplanet.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://dinoplanet.de
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 05 Feb 2023 01:39:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 01:39:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 27ce914bad3a60d980c23e19ae639690
270acbd8d798698216b3c48f0e09e0a2d8576836
d5ebe8ba92a47d866879d7a7ab736b586ff458f57e81552255eb423d2eb6719a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6528
Cache-Control: max-age=121533
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 01:39:44 GMT
Etag: "63de271d-1d7"
Expires: Mon, 06 Feb 2023 11:25:17 GMT
Last-Modified: Sat, 04 Feb 2023 09:36:29 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
198.47.127.19200 OK 60 B URL HTTP/2 image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
IP 198.47.127.19:0
File type ASCII text, with no line terminators
Hash d5643d725bdb6b08bc961ae55f3f0ce0
68f3ef442828c8ae72827b22d900a0f5b14e876f
590c9fea97bf5bee1122d811faf446a067b57ef6c7f1f328cab70e1fe5e93b40
GET /AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB HTTP/1.1
Host: image6.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=UTF-8
expires: Fri, 5 May 2023 17:55:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sun, 05 Feb 2023 01:39:42 GMT
content-length: 60
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3488
Expires: Sun, 05 Feb 2023 02:37:52 GMT
Date: Sun, 05 Feb 2023 01:39:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3488
Expires: Sun, 05 Feb 2023 02:37:52 GMT
Date: Sun, 05 Feb 2023 01:39:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3488
Expires: Sun, 05 Feb 2023 02:37:52 GMT
Date: Sun, 05 Feb 2023 01:39:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3488
Expires: Sun, 05 Feb 2023 02:37:52 GMT
Date: Sun, 05 Feb 2023 01:39:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b596a8e984911df703e15c72d25d513
a1fa1355f4de6f246d35bed9f128e13fc9dc4e72
aba708124199ec6b0ce86ac14c6c18d233ff405071a7f22522217c2fcb0aa9b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13557
x-amzn-requestid: 981a0f31-e874-4392-a81d-12d667020700
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH8-JGEsoAMFhZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca85a-7398031f2676734c65447e5b;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dDjAyq5pSck1A4V9vIFxwjPfUfo4B23FmPmq9AJwxGLqy6m99zEH-Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:09:58 GMT
age: 12586
etag: "a1fa1355f4de6f246d35bed9f128e13fc9dc4e72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 062e186a259eda97173695240a492c63
9b476a4ec219667f560b88199a3a4e4b0a93b579
d18570d3c4ada689b5c2a99b0783ce41c629bd125e6683cf225e01b7032f14a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12256
x-amzn-requestid: 1b959eb9-cf69-414c-b57b-4a63277d709c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvgx-EhgoAMF2wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc7b3f-2c58e8ac2aee8a8f409a93a0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 03:10:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dvxlk1iSyNfjmNRI_8HcmhG9_xe0ZlaZ0Pzj0H9EBR6wwXKg0L7YVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 04:43:21 GMT
age: 75383
etag: "9b476a4ec219667f560b88199a3a4e4b0a93b579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bee08788da5b88dde69aeb1d4de005c9
537c7a19a9395a60452b6b0b3ae08d47f4705181
02365d88ae9ff3ace3f29509df0e436ab0838d44714ef0f25dea463d665f794a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94063a59-0665-4d1d-89f4-785b4ab501d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6486
x-amzn-requestid: 544d13b9-8d45-4029-88e0-280f27cc0fa3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi4-SHN1IAMFSkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76ec1-3f1ee84f53fe45cc01439a28;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:16:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TtyPO9j12ZpU3XdElRgCrqB4XNERrppavwJZJn5As8mqjjDLyZBmsw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:26 GMT
age: 14178
etag: "537c7a19a9395a60452b6b0b3ae08d47f4705181"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 75caf9549ac23c827c10d6baabb84884
e8391e4046acb91cd4a6113974fda1c44dcd3865
a01e3a9aaa0b0fa156303bcbf38c1c45ea6abe8d0a052734b05ea4da82f176c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad342374-789b-497a-b212-29d0b2aaced0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7060
x-amzn-requestid: 9379b64e-3a3f-4b8d-aba2-bc3cd7dab98f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3cgFCkIAMFrhA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c4f-6ac6da215407497043249929;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:51 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 75uKxGlJDSXzIUgR5Rm4f13SClTT1UIDLgbkTrFDEDvKmGmViQ3Djg==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:25:50 GMT
age: 11634
etag: "e8391e4046acb91cd4a6113974fda1c44dcd3865"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:51:26 GMT
age: 13698
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626efb39-4b90-4979-bc7d-1a1ba9e7fc73.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626efb39-4b90-4979-bc7d-1a1ba9e7fc73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eaca60722d35484e7cad5e6521465c75
470c81f1cab13436da9f94e97bb152fc9d01ad04
8c75170cdf9f6b97aef972568348aa4e6d67486ad1fdb7aa9d346e1cc8ae9df7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F626efb39-4b90-4979-bc7d-1a1ba9e7fc73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9290
x-amzn-requestid: 5ed93026-d87a-4c82-81ce-8faa9e8dba60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsnFtFVUoAMF6Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db5224-0e5fea32709d6f665f6b09db;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 06:03:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AD5rpaPGI6jezDtJBS7-XTUoJQetiG6yyo6VbDfBYzk9RwPNYN5h2Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 20:04:29 GMT
age: 20115
etag: "470c81f1cab13436da9f94e97bb152fc9d01ad04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D2DA083C3-8BA6-4450-B219-B8D6D8E927C0%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
23.38.200.201200 OK 953 B URL HTTP/2 ads.pubmatic.com/AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D2DA083C3-8BA6-4450-B219-B8D6D8E927C0%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID
IP 23.38.200.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1720), with no line terminators
Hash 499546dec064c08e4c7c354bab138f7f
f155d071d071e4e7c1d45e22943915df9d9f2b75
1a9219bc3962479cfa6ff0ca64e2f810aab8b816ae4f937b252d0ca044d693b4
GET /AdServer/js/cl_partner.html?pid=2&gdpr=0&gdpr_consent=&rdu=https%3A%2F%2Fsimage4.pubmatic.com%2FAdServer%2FSPug%3Fo%3D3%26u%3D2DA083C3-8BA6-4450-B219-B8D6D8E927C0%26vcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%23%23P_UID HTTP/1.1
Host: ads.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 17 Aug 2016 09:36:32 GMT
etag: "fa18f0-6b8-53a413358bd01"
server: Apache
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 953
content-type: text/html; charset=UTF-8
cache-control: max-age=105288
expires: Mon, 06 Feb 2023 06:54:32 GMT
date: Sun, 05 Feb 2023 01:39:44 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
simage4.pubmatic.com/AdServer/SPug?o=1&p=159098&s=665465&sc=1&pr=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&umc=(PM_UID)&u=2DA083C3-8BA6-4450-B219-B8D6D8E927C0&rs=3&gdpr=0&gdpr_consent=&us_privacy=
198.47.127.20200 OK 882 B URL HTTP/2 simage4.pubmatic.com/AdServer/SPug?o=1&p=159098&s=665465&sc=1&pr=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&umc=(PM_UID)&u=2DA083C3-8BA6-4450-B219-B8D6D8E927C0&rs=3&gdpr=0&gdpr_consent=&us_privacy=
IP 198.47.127.20:0
Hash ea9d665e4550b7ccc3339f2e0ab12c44
79707fa65d0154db3ce9249add4ad5fc33055461
0520c55d472ad11c9050905e516681234063371a0e0f25e468bafd4c01fd1bcb
GET /AdServer/SPug?o=1&p=159098&s=665465&sc=1&pr=https%3A%2F%2Fssp.adspirit.de%2Frtb%2Fgetusermatch.php%3Fumid%3D10%26output%3D1%26external_user_id%3D(PM_UID)&umc=(PM_UID)&u=2DA083C3-8BA6-4450-B219-B8D6D8E927C0&rs=3&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: simage4.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 01:39:43 GMT
content-type: text/html; charset=utf-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip
X-Firefox-Spdy: h2
ssp.adspirit.de/rtb/getusermatch.php?umid=10&output=1&external_user_id=2DA083C3-8BA6-4450-B219-B8D6D8E927C0
85.215.2.53200 OK 56 B URL HTTP/2 ssp.adspirit.de/rtb/getusermatch.php?umid=10&output=1&external_user_id=2DA083C3-8BA6-4450-B219-B8D6D8E927C0
IP 85.215.2.53:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 63561412d13debd335c392e63049e792
3e1948d5848326760de01e30cbcb42f84cf78c77
a8c29603cd20494f040a991cb5fb085f6b0a8ecec0d92459c90a2736545e6c5e
GET /rtb/getusermatch.php?umid=10&output=1&external_user_id=2DA083C3-8BA6-4450-B219-B8D6D8E927C0 HTTP/1.1
Host: ssp.adspirit.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://simage4.pubmatic.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 01:39:44 GMT
server: Apache
access-control-allow-origin: *
content-length: 56
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2