dhvya.taitlastwebegan.com/CLOJOXH?tag_id=959433&sub_id1=&sub_id2=4564732110474706650&cookie_id=1970474985535407&lp=stanley&tb=redirect&allb=redirect&ob=redirect&href=https://ganismpro.com/?tid=959433&noocp=1&geo=MY&hop=7
54.162.51.18200 OK 5.0 kB URL HTTP/1.1 dhvya.taitlastwebegan.com/CLOJOXH?tag_id=959433&sub_id1=&sub_id2=4564732110474706650&cookie_id=1970474985535407&lp=stanley&tb=redirect&allb=redirect&ob=redirect&href=https://ganismpro.com/?tid=959433&noocp=1&geo=MY&hop=7
IP 54.162.51.18:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12748)
Hash 534e75d7176b4f4755e7bb47dbda3ea6
526eb3be2efe4169eaf56ae7b62ba681fdf94e29
d7125eab7188fa9b881801520b5e15658323ca62f4a1904fcaa6d75079f4e0e5
GET /CLOJOXH?tag_id=959433&sub_id1=&sub_id2=4564732110474706650&cookie_id=1970474985535407&lp=stanley&tb=redirect&allb=redirect&ob=redirect&href=https://ganismpro.com/?tid=959433&noocp=1&geo=MY&hop=7 HTTP/1.1
Host: dhvya.taitlastwebegan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty/1.21.4.1
Date: Fri, 24 Mar 2023 07:45:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"3227-P/CbICLMM0vACUKEfy2a9TgRjjI"
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 210a2a42cfc4f4aced144f5de9babcc6
ece6ecfb2db8d036c3bfc7f02f8ea387e3f965db
59553a312d3fb34f1f0aea469f7e7cc810ff9993481ddbd73ea5d461cf97ed51
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59553A312D3FB34F1F0AEA469F7E7CC810FF9993481DDBD73EA5D461CF97ED51"
Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7037
Expires: Fri, 24 Mar 2023 09:42:53 GMT
Date: Fri, 24 Mar 2023 07:45:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash bea3185dd820a31c1981317f37c3456d
1a548a5d27270fc11df9011837a7149571cedd78
469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9"
Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19779
Expires: Fri, 24 Mar 2023 13:15:15 GMT
Date: Fri, 24 Mar 2023 07:45:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash dc2752d83fbed82852248898a132467a
b27a6b4af2e07663a58cafb641513f7224c7a7c3
ea7838393d83805a7b8a2b01bd09e4423617c4da285b983a11e9ba36266810d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA7838393D83805A7B8A2B01BD09E4423617C4DA285B983A11E9BA36266810D5"
Last-Modified: Wed, 22 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7755
Expires: Fri, 24 Mar 2023 09:54:51 GMT
Date: Fri, 24 Mar 2023 07:45:36 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 24 Mar 2023 07:15:12 GMT
content-type: application/json
age: 1824
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XLavfWaYptQPJw3eb0aemF0hhqLzbEFY0D2oFCmwRKUvvKnCHUGfn6Sj3eO2e3jD4A5/p0SVrTc=
x-amz-request-id: 1HWNSVMS3RP06QM6
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 24 Mar 2023 06:54:23 GMT
age: 3073
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 24 Mar 2023 07:45:36 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dhvya.taitlastwebegan.com/favicon.ico
54.162.51.18204 No Content 0 B URL HTTP/1.1 dhvya.taitlastwebegan.com/favicon.ico
IP 54.162.51.18:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: dhvya.taitlastwebegan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhvya.taitlastwebegan.com/CLOJOXH?tag_id=959433&sub_id1=&sub_id2=4564732110474706650&cookie_id=1970474985535407&lp=stanley&tb=redirect&allb=redirect&ob=redirect&href=https://ganismpro.com/?tid=959433&noocp=1&geo=MY&hop=7
HTTP/1.1 204 No Content
Server: openresty/1.21.4.1
Date: Fri, 24 Mar 2023 07:45:36 GMT
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: X-Requested-With,content-type
dhvya.taitlastwebegan.com/dlp?st=1&lp=stanley&geo=MY
54.162.51.18200 OK 26 kB URL HTTP/1.1 dhvya.taitlastwebegan.com/dlp?st=1&lp=stanley&geo=MY
IP 54.162.51.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (56959)
Hash 89cf36717480cb43bb58cd9fe747d0c6
7b0e701d99423e9130ad21dc330f5380c7ac3130
326bf4ccfd1e100cb7f25c895971a4f4f630ce93ea713c76d95ef7e138752aa8
GET /dlp?st=1&lp=stanley&geo=MY HTTP/1.1
Host: dhvya.taitlastwebegan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dhvya.taitlastwebegan.com/CLOJOXH?tag_id=959433&sub_id1=&sub_id2=4564732110474706650&cookie_id=1970474985535407&lp=stanley&tb=redirect&allb=redirect&ob=redirect&href=https://ganismpro.com/?tid=959433&noocp=1&geo=MY&hop=7
HTTP/1.1 200 OK
Server: openresty/1.21.4.1
Date: Fri, 24 Mar 2023 07:45:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST
Access-Control-Allow-Headers: X-Requested-With,content-type
ETag: W/"10ad5-A0LYko0UZ93ftlYcAz/zrqvZwn0"
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 24 Mar 2023 07:14:33 GMT
age: 1863
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tanceteventu.com/utx?tid=959433&top=dhvya.taitlastwebegan.com&cb=hg7OBHKeL5D5
13.32.110.58204 0 B URL HTTP/1.1 tanceteventu.com/utx?tid=959433&top=dhvya.taitlastwebegan.com&cb=hg7OBHKeL5D5
IP 13.32.110.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?tid=959433&top=dhvya.taitlastwebegan.com&cb=hg7OBHKeL5D5 HTTP/1.1
Host: tanceteventu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://dhvya.taitlastwebegan.com
Connection: keep-alive
Referer: http://dhvya.taitlastwebegan.com/
HTTP/1.1 204
Content-Type: text/plain
Connection: keep-alive
Date: Fri, 24 Mar 2023 07:45:36 GMT
Server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://dhvya.taitlastwebegan.com
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
Set-Cookie: ut=x; Expires=Fri, 24 Mar 2023 07:46:36 GMT; Max-Age=60
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
X-Cache: Miss from cloudfront
Via: 1.1 c855d201fddbb6ef22989607fe8f5d1e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C2
X-Amz-Cf-Id: QqTrMvrbZTM7uj-nFDPS8troIxdSl_f5hxgnPn5m5JfcADtTd4PxMg==
fonts.googleapis.com/css?family=Roboto
172.217.21.170200 OK 983 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto
IP 172.217.21.170:0
Hash ab32164100b4fbf2cf5675987ae8aeac
9dd5a7bd165800b9ba40ce2a27a01cff75c13627
4071a25828f6cf4d790174d163ba965b96365002697421dcbbd91e1bab1aeba3
GET /css?family=Roboto HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhvya.taitlastwebegan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 24 Mar 2023 07:45:36 GMT
date: Fri, 24 Mar 2023 07:45:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 89447eb689782162ac5e4dca438e65c0
e1e8cde045a5eae9fbf1b20707fb8935b0418598
cfe3261f46a5fbe4f73fd16259b7c96480912874097ffea3b6bcb6149367a615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4362
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:36 GMT
Last-Modified: Fri, 24 Mar 2023 06:32:54 GMT
Server: ECAcc (ska/F73A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash 18b877ebbad1529e4bd91e12220d91c4
a3d64fb3d9cc1fe3a29b261c4ec9acfe134dfedc
7001d3ef847c7002ac15155f0dfcc0a369f19860e85c8e90530f1e7b2dd88f09
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7001D3EF847C7002AC15155F0DFCC0A369F19860E85C8E90530F1E7B2DD88F09"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14184
Expires: Fri, 24 Mar 2023 11:42:00 GMT
Date: Fri, 24 Mar 2023 07:45:36 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f2ae2af74a14f13b8e7cf2edaa12176a
181dd8fac61ebd4c194cc01f46246f5d8e814802
553247799d8fd8b439f5f54a124bec3b04b95b94499d51a03b4eb01c6164913b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://dhvya.taitlastwebegan.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 14:12:20 GMT
expires: Tue, 19 Mar 2024 14:12:20 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 322397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c1bec9941c82e2a75f433a9989ff131d
f362aafde39e53e6c85aed88514e7d9272d8b099
693fe25761b15b3f663bb491a3cad382f1bb0a60083375b6aec21af2fdddb58e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7Qjcp4trUl-XOqDavZ-HKSBQNbYHpGec3TAITr2Vpkq12HnMh2CJZ1W315usoDeaETvFxdR4g
142.250.74.45302 Found 397 B URL HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7Qjcp4trUl-XOqDavZ-HKSBQNbYHpGec3TAITr2Vpkq12HnMh2CJZ1W315usoDeaETvFxdR4g
IP 142.250.74.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (382)
Hash 1159febbca7cf543c95756574901c750
a0680c5bd52f83a55875fb911a5bde5e71f73871
b0931b869a7f9497060f4ff6fc9e1af7132e6683be261ee2d6b89a3ea4ba73d0
GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7Qjcp4trUl-XOqDavZ-HKSBQNbYHpGec3TAITr2Vpkq12HnMh2CJZ1W315usoDeaETvFxdR4g HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dhvya.taitlastwebegan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Mar 2023 07:45:37 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1241598380%3A1679643937055460&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7Q_ShWZHO-7sa23l41pN8S1mPVNuohm0lNEdY0gAE0HP82qTVAtwbvOeH0INkijaCGDgEFl&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-Obm7J1UrHly_hTbWM3u-sA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 397
server: GSE
set-cookie: __Host-GAPS=1:6OIU2VbtvjkdNFBV7QrU1FERB2byFA:2f45ttC9JwSiQPSX;Path=/;Expires=Sun, 23-Mar-2025 07:45:37 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash dd5380daefecc523858637dcbdda1cf3
0ec5910f57d8ab84179a5d0687e6b16d2cacfb1a
e58977b0dceb06edf2a7c752aa433c71b3bca571e814a7a83bbddc75d4428c0f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7TXGSm9nsIm0PFnN_iYRP0K8InR-l0zdh7fSk3w8nhss44VXYSwwih-NC4tqqurTFTbYuW3ew
142.250.74.45302 Found 392 B URL HTTP/2 accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7TXGSm9nsIm0PFnN_iYRP0K8InR-l0zdh7fSk3w8nhss44VXYSwwih-NC4tqqurTFTbYuW3ew
IP 142.250.74.45:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (378)
Hash 1452d29bd2aae377303758ac231ee83c
6a02316f3d31b47e729dc84b367b5837de3e70aa
605a5340c7cf1d224b78d7eeab539a8c2db054977742074d625167bbb569d5bd
GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7TXGSm9nsIm0PFnN_iYRP0K8InR-l0zdh7fSk3w8nhss44VXYSwwih-NC4tqqurTFTbYuW3ew HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dhvya.taitlastwebegan.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Mar 2023 07:45:37 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1594059889%3A1679643937063978&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AQMjQ7RAGvh0_0YeZEQynR0SmSbzPL6R4yuLeejJcaDGL9AGnrdG8zuV-b5pvZFzxhpSRPdc869Z&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-x2xmOVtCQxMmrcRPt0d1bA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 392
server: GSE
set-cookie: __Host-GAPS=1:EUQmSlx1iuUhjB-O8Ex2z7fQ93xOcQ:0DpMf-VeKJGAqGuq;Path=/;Expires=Sun, 23-Mar-2025 07:45:37 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 89447eb689782162ac5e4dca438e65c0
e1e8cde045a5eae9fbf1b20707fb8935b0418598
cfe3261f46a5fbe4f73fd16259b7c96480912874097ffea3b6bcb6149367a615
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4363
Cache-Control: max-age=129856
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:37 GMT
Etag: "641c9c56-1d7"
Expires: Sat, 25 Mar 2023 19:49:53 GMT
Last-Modified: Thu, 23 Mar 2023 18:37:10 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.187.206.80101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.206.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2TChwZXdIyAdUuXy1TJP9A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jRHl9kAxHUCtZoIt1Oi/UBmWD1c=
ganismpro.com/?tid=959433
18.66.15.95302 Found 804 B URL HTTP/2 ganismpro.com/?tid=959433
IP 18.66.15.95:0
File type gzip compressed data, max compression\012- data
Hash 1238c4e4c426e8bc0b20eca51821f07a
1cc6ad2da3fb02f96a4d22347587dc18d6e1b20a
95433a34be0fbc543246afe3f9e7adf0775b969a8c3c4a9cdf65f311367589c7
GET /?tid=959433 HTTP/1.1
Host: ganismpro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhvya.taitlastwebegan.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/plain
content-length: 0
location: https://redirect.yieldtrk.com/f3f3e9b5-a7f0-49fc-b195-2a662072764c?siteid=959433&conversion=1554042989593815530&fl=
date: Fri, 24 Mar 2023 07:45:37 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=cb0fbc66-db67-4f32-a41c-074c89db143e
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 353b8eaf90b8d7986000f2da151952bc.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: guOcHGVrNlt3Y1RdHCo7zyAp2v4as5Z6TcXs-049n-tY7Jkdo36-xA==
X-Firefox-Spdy: h2
redirect.yieldtrk.com/f3f3e9b5-a7f0-49fc-b195-2a662072764c?siteid=959433&conversion=1554042989593815530&fl=
18.196.138.182302 Found 0 B URL HTTP/2 redirect.yieldtrk.com/f3f3e9b5-a7f0-49fc-b195-2a662072764c?siteid=959433&conversion=1554042989593815530&fl=
IP 18.196.138.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f3f3e9b5-a7f0-49fc-b195-2a662072764c?siteid=959433&conversion=1554042989593815530&fl= HTTP/1.1
Host: redirect.yieldtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dhvya.taitlastwebegan.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 24 Mar 2023 07:45:37 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://yieldtrk.com/en/60c52a38-c810-46a9-b3e2-3aa764857da2/?cam=f3f3e9b5-a7f0-49fc-b195-2a662072764c&lid=60c52a38-c810-46a9-b3e2-3aa764857da2&tsid=f0410e4e-6f85-431e-83fa-bc03d284193e&utm_source=f0410e4e-6f85-431e-83fa-bc03d284193e&utm_campaign=f3f3e9b5-a7f0-49fc-b195-2a662072764c&utm_medium=&utm_content=&utm_term=&ref=dhvya.taitlastwebegan.com&pr=&sid=959433&ecid=&aid=®=&dev=&fl=&cep=Rd5Ugpcjh4YR__i5pNnm2EB943dSuvq6IZ9-ZNO3JYHlJdTvUi-27M0502h3mKVLVL7WOhV3A_oGxpuwVSE73qpxRu0UxcZdNnoutLnLcDYTU_-bMIiGxDXKWUcSHcSvCdgh3dVuZTY9bKuvRNeEYr9nKWqu7udL_tCceKxuSUc3_TmEVdfaZyd3fJmzEfgyn6dzOumrJhZvBSJFkF0u_Rnw5RamdoXabRdIUiGqV0mDqRYy4I4D8EO2ynsKPVvoMyaV7I4lSwSUS5Sh7qNFnxDstZimkTMMd281vGbdK8Iiq8OW2wRGOWP9gO-0R2oqrWu2fpXPFFtsg8LUl_Ef-4aVuiKtIH6eRw0QHNMCobSPvfJuJeNcZG4GSaw9_uJJjsrDlNSHOyWlbwAKwVrLu0m5V-Gyv6sl8eGrPvdb_YRROUS9KHbtGVPs7wyG0F7RHvymB-Av4IdhRVP2UvV_d7ceGMzSAMA_uCK7_px6xYI&lptoken=16bd791c6402570037de&siteid=959433&conversion=1554042989593815530
pragma: no-cache
set-cookie: f3f3e9b5-a7f0-49fc-b195-2a662072764c-v4=tHCSOz0nG_PJfRoeE14ySV5z8U1Q1zMzEKafxD3D7Ew; Max-Age=86400; Expires=Sat, 25-Mar-2023 07:45:37 GMT; Domain=redirect.yieldtrk.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=B6ogfwfpUk7WnyX6hZ22CiSMbvnz6cHEv1QNZK_t1o7mgQ9BtWzul0ft91rfmS2-pnxsfy2Dx-JCqpJ2J1LE4XFGPPcgFamODST7zhJu3KaId52ByLKbGFqNO_xBK8Mve6HWt_Kr_GRpfarCTzUrAPP2yQxXlUlL10xHRP7rr8mNl-Zy_0Lh1t6C1odyehaLdrQ1fJPA70krOH7N-xrPlCqHd69mJ9rcWhAFM3JNZ4mbmc_j1UfTMVWSn-ZOFBEYC5S9abERB7rH6a4yHLQyfZE7AQyKLuYcKdJSNvtA7q0m8KbYjMDbK7vcAkTx1d5uAwO83yAiYs0AVXkr0XIDgDWoKd2sofEx4BxVdEBE41iiEvj2lVgchF5ZSyiLxef2dLa7LE9DKm12h3QMwvp8vXrdI1wRbVdBp49sFiWx4bb-OkoQyEUQVvG8bUUGs90O6x26pV3fQ1xbNgX5tydKkdBKo55cRa5uXaV0Jntnk3A; Max-Age=86400; Expires=Sat, 25-Mar-2023 07:45:37 GMT; Domain=redirect.yieldtrk.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.r2m02.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m02.amazontrust.com/
IP 54.230.80.227:0
Hash 15663cdbe4c2f1dc6b9b9fa83c189b3f
d7107665f1a91b6b8705bed1420effdb3ab3be46
01ff81d3210e3969661f96767111ec8c7e6082115c0093fa5d013be389caca68
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140920
Date: Fri, 24 Mar 2023 07:45:38 GMT
Etag: "641cc7e1-1d7"
Expires: Sat, 25 Mar 2023 22:54:18 GMT
Last-Modified: Thu, 23 Mar 2023 21:42:57 GMT
Server: ECAcc (nya/1C5C)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: djvIzqLnexUoo9ynhRhxSepiTAvC7h7lCCAO4-rfWlTYBc6VlO1P9w==
Age: 4281
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 1d54d3c84e73cd1f00a835aa7616c399
e869898915967fb645a7ae3bd711a831329cc792
9cca1d2ea17f54a8688823e6fb8cbb7247c0a808808b382ffdda35b2770a26f8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yieldtrk.com/en/60c52a38-c810-46a9-b3e2-3aa764857da2/?cam=f3f3e9b5-a7f0-49fc-b195-2a662072764c&lid=60c52a38-c810-46a9-b3e2-3aa764857da2&tsid=f0410e4e-6f85-431e-83fa-bc03d284193e&utm_source=f0410e4e-6f85-431e-83fa-bc03d284193e&utm_campaign=f3f3e9b5-a7f0-49fc-b195-2a662072764c&utm_medium=&utm_content=&utm_term=&ref=dhvya.taitlastwebegan.com&pr=&sid=959433&ecid=&aid=®=&dev=&fl=&cep=Rd5Ugpcjh4YR__i5pNnm2EB943dSuvq6IZ9-ZNO3JYHlJdTvUi-27M0502h3mKVLVL7WOhV3A_oGxpuwVSE73qpxRu0UxcZdNnoutLnLcDYTU_-bMIiGxDXKWUcSHcSvCdgh3dVuZTY9bKuvRNeEYr9nKWqu7udL_tCceKxuSUc3_TmEVdfaZyd3fJmzEfgyn6dzOumrJhZvBSJFkF0u_Rnw5RamdoXabRdIUiGqV0mDqRYy4I4D8EO2ynsKPVvoMyaV7I4lSwSUS5Sh7qNFnxDstZimkTMMd281vGbdK8Iiq8OW2wRGOWP9gO-0R2oqrWu2fpXPFFtsg8LUl_Ef-4aVuiKtIH6eRw0QHNMCobSPvfJuJeNcZG4GSaw9_uJJjsrDlNSHOyWlbwAKwVrLu0m5V-Gyv6sl8eGrPvdb_YRROUS9KHbtGVPs7wyG0F7RHvymB-Av4IdhRVP2UvV_d7ceGMzSAMA_uCK7_px6xYI&lptoken=16bd791c6402570037de&siteid=959433&conversion=1554042989593815530
54.230.111.18200 OK 8.9 kB URL HTTP/2 yieldtrk.com/en/60c52a38-c810-46a9-b3e2-3aa764857da2/?cam=f3f3e9b5-a7f0-49fc-b195-2a662072764c&lid=60c52a38-c810-46a9-b3e2-3aa764857da2&tsid=f0410e4e-6f85-431e-83fa-bc03d284193e&utm_source=f0410e4e-6f85-431e-83fa-bc03d284193e&utm_campaign=f3f3e9b5-a7f0-49fc-b195-2a662072764c&utm_medium=&utm_content=&utm_term=&ref=dhvya.taitlastwebegan.com&pr=&sid=959433&ecid=&aid=®=&dev=&fl=&cep=Rd5Ugpcjh4YR__i5pNnm2EB943dSuvq6IZ9-ZNO3JYHlJdTvUi-27M0502h3mKVLVL7WOhV3A_oGxpuwVSE73qpxRu0UxcZdNnoutLnLcDYTU_-bMIiGxDXKWUcSHcSvCdgh3dVuZTY9bKuvRNeEYr9nKWqu7udL_tCceKxuSUc3_TmEVdfaZyd3fJmzEfgyn6dzOumrJhZvBSJFkF0u_Rnw5RamdoXabRdIUiGqV0mDqRYy4I4D8EO2ynsKPVvoMyaV7I4lSwSUS5Sh7qNFnxDstZimkTMMd281vGbdK8Iiq8OW2wRGOWP9gO-0R2oqrWu2fpXPFFtsg8LUl_Ef-4aVuiKtIH6eRw0QHNMCobSPvfJuJeNcZG4GSaw9_uJJjsrDlNSHOyWlbwAKwVrLu0m5V-Gyv6sl8eGrPvdb_YRROUS9KHbtGVPs7wyG0F7RHvymB-Av4IdhRVP2UvV_d7ceGMzSAMA_uCK7_px6xYI&lptoken=16bd791c6402570037de&siteid=959433&conversion=1554042989593815530
IP 54.230.111.18:0
Hash 2b28c04fc4babb73d5547916efee2ac3
b8b0428bff64a452b49bc5cbb27f503fa0d927be
c9f1ea606a5f8458d64c0f20b9d8ef885a6d982f62da24d96153d2c9d8d5bb18
GET /en/60c52a38-c810-46a9-b3e2-3aa764857da2/?cam=f3f3e9b5-a7f0-49fc-b195-2a662072764c&lid=60c52a38-c810-46a9-b3e2-3aa764857da2&tsid=f0410e4e-6f85-431e-83fa-bc03d284193e&utm_source=f0410e4e-6f85-431e-83fa-bc03d284193e&utm_campaign=f3f3e9b5-a7f0-49fc-b195-2a662072764c&utm_medium=&utm_content=&utm_term=&ref=dhvya.taitlastwebegan.com&pr=&sid=959433&ecid=&aid=®=&dev=&fl=&cep=Rd5Ugpcjh4YR__i5pNnm2EB943dSuvq6IZ9-ZNO3JYHlJdTvUi-27M0502h3mKVLVL7WOhV3A_oGxpuwVSE73qpxRu0UxcZdNnoutLnLcDYTU_-bMIiGxDXKWUcSHcSvCdgh3dVuZTY9bKuvRNeEYr9nKWqu7udL_tCceKxuSUc3_TmEVdfaZyd3fJmzEfgyn6dzOumrJhZvBSJFkF0u_Rnw5RamdoXabRdIUiGqV0mDqRYy4I4D8EO2ynsKPVvoMyaV7I4lSwSUS5Sh7qNFnxDstZimkTMMd281vGbdK8Iiq8OW2wRGOWP9gO-0R2oqrWu2fpXPFFtsg8LUl_Ef-4aVuiKtIH6eRw0QHNMCobSPvfJuJeNcZG4GSaw9_uJJjsrDlNSHOyWlbwAKwVrLu0m5V-Gyv6sl8eGrPvdb_YRROUS9KHbtGVPs7wyG0F7RHvymB-Av4IdhRVP2UvV_d7ceGMzSAMA_uCK7_px6xYI&lptoken=16bd791c6402570037de&siteid=959433&conversion=1554042989593815530 HTTP/1.1
Host: yieldtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dhvya.taitlastwebegan.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
last-modified: Thu, 19 Jan 2023 17:15:45 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 23 Mar 2023 07:56:57 GMT
etag: W/"1271b1cc1f810cd6d8abc1b379224feb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mxhQkSUxRv54ZySvuIhIlsoYcWzOGoOiybMe9Nfl1ae_7RA1qob7Qg==
age: 85722
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.227200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://yieldtrk.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 18:05:11 GMT
expires: Thu, 21 Mar 2024 18:05:11 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
age: 135627
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/hzlvmGVNGtE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/hzlvmGVNGtE
IP 142.250.74.131:0
Hash 0f22c10bd91d450b00616b76c1ba7bb7
491cffdc1bd201eba04b08b8a0d9c4f939665cbe
70f36dd6c0f14aa2772978ba2b506bc9fe28f3aef36c10da56e76c3ffaa1ef5f
POST /s/gts1d4/hzlvmGVNGtE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:38 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4974
Expires: Fri, 24 Mar 2023 09:08:32 GMT
Date: Fri, 24 Mar 2023 07:45:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.225200 OK 503 B IP 23.36.76.225:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4974
Expires: Fri, 24 Mar 2023 09:08:32 GMT
Date: Fri, 24 Mar 2023 07:45:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fced2b6fc-bd10-4ea8-bf1d-03a29da081f6.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fced2b6fc-bd10-4ea8-bf1d-03a29da081f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 09021529f311448e284f6b65ef322bf9
f9aecb6f69fb068c5b2bb660d21338ab6cff3ae9
2bc6b1fd474101cbbc6100f2afab3973552ff71d3fd73e9970efd6c67e71cd38
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fced2b6fc-bd10-4ea8-bf1d-03a29da081f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8001
x-amzn-requestid: c128e071-673c-4e31-96a8-049a6eb48660
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQQjsHlXIAMFX3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc7b0-3efff85e1cdbe08118fe7dce;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:42:08 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: t-lqKBTduo9OZniqXSzzvxHu2XzsQIn0CsboARa7nwcIuHA63Ir0UA==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:14:01 GMT
age: 34297
etag: "f9aecb6f69fb068c5b2bb660d21338ab6cff3ae9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4aeb81c-baed-41b0-91c6-0a3439c6f3aa.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4aeb81c-baed-41b0-91c6-0a3439c6f3aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6cdbc190c56cfc889845d881cf88fed4
106075aa275beeaa40d4fa0587c3cee93b763bcf
5959109c9d987617bdcbb6e1ca8553d970b365390140906d41ff9a84462f1b2b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4aeb81c-baed-41b0-91c6-0a3439c6f3aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4970
x-amzn-requestid: d55dee06-0562-4a17-8109-595ec62cc440
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPHzHu2IAMFgfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc564-2f3b14aa47db00ba68b963b8;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:32:20 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: ypBVMdGLEmHeFdKuIcGWPOXwDKy2hwIlTCudH7oKauDUUqNnzvVCBg==
via: 1.1 ec27e2bbc77d9805bead471453d2094c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 22:25:11 GMT
age: 33627
etag: "106075aa275beeaa40d4fa0587c3cee93b763bcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6fd060-2d96-4a61-881d-85e205f198c2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6fd060-2d96-4a61-881d-85e205f198c2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5302ee71fa3e150cdb8c7349c03efd9
f4bd3fafd333c5a4e376cf2f4231c665f4d3d9d3
cc7cdde20f7140802d5404b9c374fb7aa50d551e37ab9b560e48a8c476c5b2ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6fd060-2d96-4a61-881d-85e205f198c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11443
x-amzn-requestid: ba7e025c-6706-41da-8013-90552bfa7107
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPt6GklIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc658-3d2b7a661e1ef3bd4b8c9731;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: jNW300e9Q31z_2uRbeRRIYZxNrOxXTLy3W2vB9qYZvIGGbePBcBPhQ==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:42:31 GMT
age: 36187
etag: "f4bd3fafd333c5a4e376cf2f4231c665f4d3d9d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bb55b1044454d0db2324a4af956cd51
5aa34545aa2274453b301c74a083034273177cbd
fb7fa8b91ff7374ac6be2df05e1e98194f2adf3ce728b02a66323993145975ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d9f0256-f2a3-48d2-9cbe-230433c09812.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7405
x-amzn-requestid: 9865b715-ff9b-498d-95b3-c728fd3430be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CQPt7E46oAMF1Fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641cc658-78b66faf317a7aaf689de782;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 21:36:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: MOdi4IjE6ooc_bhXhjI2pikpJfBxxg7kS8qHmvDRZD169vLef4FKYw==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Mar 2023 21:42:31 GMT
age: 36187
etag: "5aa34545aa2274453b301c74a083034273177cbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d733019c5326d4617096c74ae22fdffd
72bc0b2a19ca257ac974460f81af47fcfa2fee24
6746fcedbf4aad5c94582162e343d160fdc7d127bae807d1a97a9d7a231c9a70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6bf7d96-8563-4612-89c2-6d00db18f9f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: bf32e1c8-cac1-4f04-abe6-fba2e9e824f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK89vHbyoAMFc7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa857-5d84ed861375c4ba04a2ae30;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:51 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 60VbucTVJnuo0rLzrTvbdbQOIMQmhDMQT8st-Y49_plnM_akqw_V4w==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 07:14:47 GMT
age: 1851
etag: "72bc0b2a19ca257ac974460f81af47fcfa2fee24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 06:24:35 GMT
age: 4863
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-221044685-1&cid=1505777796.1679643949&jid=1306971698&_gid=1364686659.1679643949&gjid=1555181479&_v=j99&z=1733059485
209.85.233.157302 Found 368 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-221044685-1&cid=1505777796.1679643949&jid=1306971698&_gid=1364686659.1679643949&gjid=1555181479&_v=j99&z=1733059485
IP 209.85.233.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ce833385639cba566b94f43e776cb05a
a1c56ab79205d203430306500e17da74f80b54c3
ab973d8195ea732dc678f8d6df8a2020c8c7189a7720341ba4bb225361a180c8
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-221044685-1&cid=1505777796.1679643949&jid=1306971698&_gid=1364686659.1679643949&gjid=1555181479&_v=j99&z=1733059485 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://yieldtrk.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-221044685-1&cid=1505777796.1679643949&jid=1306971698&_v=j99&z=1733059485
access-control-allow-origin: null
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 24 Mar 2023 07:45:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash af767a0f38aa932dc23106c403e9b5f3
5a5662e147f43d1561ba78517738f6be86eb2cde
359fea0fbdd5740a613795d4491c534ebf14e2ffb55edf78c80dc0dde78c42e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a37ccb2b0d2b6bd75ea76a9535478b74
282cdfc85b1bc6e7b8741fb82ea37844ba831a53
6f9eded96973ad739947a784fddd57298bd3bc8abb3d71eff5c5492826cf254a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trk.yieldtrk.com/g/collect?v=2&tid=G-P4Y8F8YSKW>m=45he33m0&_p=1806142712&cid=1505777796.1679643949&ul=en-us&sr=1280x1024&_fplc=0&sst.gcsub=region1&_s=1&sid=1679643948&sct=1&seg=0&dl=https%3A%2F%2Fyieldtrk.com%2Fen%2F60c52a38-c810-46a9-b3e2-3aa764857da2%2F%3Fcam%3Df3f3e9b5-a7f0-49fc-b195-2a662072764c%26lid%3D60c52a38-c810-46a9-b3e2-3aa764857da2%26tsid%3Df0410e4e-6f85-431e-83fa-bc03d284193e%26utm_source%3Df0410e4e-6f85-431e-83fa-bc03d284193e%26utm_campaign%3Df3f3e9b5-a7f0-49fc-b195-2a662072764c%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26ref%3Ddhvya.taitlastwebegan.com%26pr%3D%26sid%3D959433%26ecid%3D%26aid%3D%26reg%3D%26dev%3D%26fl%3D%26cep%3DRd5Ugpcjh4YR__i5pNnm2EB943dSuvq6IZ9-ZNO3JYHlJdTvUi-27M0502h3mKVLVL7WOhV3A_oGxpuwVSE73qpxRu0UxcZdNnoutLnLcDYTU_-bMIiGxDXKWUcSHcSvCdgh3dVuZTY9bKuvRNeEYr9nKWqu7udL_tCceKxuSUc3_TmEVdfaZyd3fJmzEfgyn6dzOumrJhZvBSJFkF0u_Rnw5RamdoXabRdIUiGqV0mDqRYy4I4D8EO2ynsKPVvoMyaV7I4lSwSUS5Sh7qNFnxDstZimkTMMd281vGbdK8Iiq8OW2wRGOWP9gO-0R2oqrWu2fpXPFFtsg8LUl_Ef-4aVuiKtIH6eRw0QHNMCobSPvfJuJeNcZG4GSaw9_uJJjsrDlNSHOyWlbwAKwVrLu0m5V-Gyv6sl8eGrPvdb_YRROUS9KHbtGVPs7wyG0F7RHvymB-Av4IdhRVP2UvV_d7ceGMzSAMA_uCK7_px6xYI%26lptoken%3D16bd791c6402570037de%26siteid%3D959433%26conversion%3D1554042989593815530&dr=http%3A%2F%2Fdhvya.taitlastwebegan.com%2F&dt=Download%20Now!&en=page_view&_fv=1&_ss=1&richsstsse
216.239.32.21200 OK 90 B URL HTTP/2 trk.yieldtrk.com/g/collect?v=2&tid=G-P4Y8F8YSKW>m=45he33m0&_p=1806142712&cid=1505777796.1679643949&ul=en-us&sr=1280x1024&_fplc=0&sst.gcsub=region1&_s=1&sid=1679643948&sct=1&seg=0&dl=https%3A%2F%2Fyieldtrk.com%2Fen%2F60c52a38-c810-46a9-b3e2-3aa764857da2%2F%3Fcam%3Df3f3e9b5-a7f0-49fc-b195-2a662072764c%26lid%3D60c52a38-c810-46a9-b3e2-3aa764857da2%26tsid%3Df0410e4e-6f85-431e-83fa-bc03d284193e%26utm_source%3Df0410e4e-6f85-431e-83fa-bc03d284193e%26utm_campaign%3Df3f3e9b5-a7f0-49fc-b195-2a662072764c%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26ref%3Ddhvya.taitlastwebegan.com%26pr%3D%26sid%3D959433%26ecid%3D%26aid%3D%26reg%3D%26dev%3D%26fl%3D%26cep%3DRd5Ugpcjh4YR__i5pNnm2EB943dSuvq6IZ9-ZNO3JYHlJdTvUi-27M0502h3mKVLVL7WOhV3A_oGxpuwVSE73qpxRu0UxcZdNnoutLnLcDYTU_-bMIiGxDXKWUcSHcSvCdgh3dVuZTY9bKuvRNeEYr9nKWqu7udL_tCceKxuSUc3_TmEVdfaZyd3fJmzEfgyn6dzOumrJhZvBSJFkF0u_Rnw5RamdoXabRdIUiGqV0mDqRYy4I4D8EO2ynsKPVvoMyaV7I4lSwSUS5Sh7qNFnxDstZimkTMMd281vGbdK8Iiq8OW2wRGOWP9gO-0R2oqrWu2fpXPFFtsg8LUl_Ef-4aVuiKtIH6eRw0QHNMCobSPvfJuJeNcZG4GSaw9_uJJjsrDlNSHOyWlbwAKwVrLu0m5V-Gyv6sl8eGrPvdb_YRROUS9KHbtGVPs7wyG0F7RHvymB-Av4IdhRVP2UvV_d7ceGMzSAMA_uCK7_px6xYI%26lptoken%3D16bd791c6402570037de%26siteid%3D959433%26conversion%3D1554042989593815530&dr=http%3A%2F%2Fdhvya.taitlastwebegan.com%2F&dt=Download%20Now!&en=page_view&_fv=1&_ss=1&richsstsse
IP 216.239.32.21:0
Hash 169015d9a1c4742ef1b19ab13dfac200
5a31df9e8f8d370f893c6f087c5974cb3e4ddd7f
8dfbc19663da6a43557027f2e6d3e94066517ce50334a83f410e0a4853935d40
GET /g/collect?v=2&tid=G-P4Y8F8YSKW>m=45he33m0&_p=1806142712&cid=1505777796.1679643949&ul=en-us&sr=1280x1024&_fplc=0&sst.gcsub=region1&_s=1&sid=1679643948&sct=1&seg=0&dl=https%3A%2F%2Fyieldtrk.com%2Fen%2F60c52a38-c810-46a9-b3e2-3aa764857da2%2F%3Fcam%3Df3f3e9b5-a7f0-49fc-b195-2a662072764c%26lid%3D60c52a38-c810-46a9-b3e2-3aa764857da2%26tsid%3Df0410e4e-6f85-431e-83fa-bc03d284193e%26utm_source%3Df0410e4e-6f85-431e-83fa-bc03d284193e%26utm_campaign%3Df3f3e9b5-a7f0-49fc-b195-2a662072764c%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26ref%3Ddhvya.taitlastwebegan.com%26pr%3D%26sid%3D959433%26ecid%3D%26aid%3D%26reg%3D%26dev%3D%26fl%3D%26cep%3DRd5Ugpcjh4YR__i5pNnm2EB943dSuvq6IZ9-ZNO3JYHlJdTvUi-27M0502h3mKVLVL7WOhV3A_oGxpuwVSE73qpxRu0UxcZdNnoutLnLcDYTU_-bMIiGxDXKWUcSHcSvCdgh3dVuZTY9bKuvRNeEYr9nKWqu7udL_tCceKxuSUc3_TmEVdfaZyd3fJmzEfgyn6dzOumrJhZvBSJFkF0u_Rnw5RamdoXabRdIUiGqV0mDqRYy4I4D8EO2ynsKPVvoMyaV7I4lSwSUS5Sh7qNFnxDstZimkTMMd281vGbdK8Iiq8OW2wRGOWP9gO-0R2oqrWu2fpXPFFtsg8LUl_Ef-4aVuiKtIH6eRw0QHNMCobSPvfJuJeNcZG4GSaw9_uJJjsrDlNSHOyWlbwAKwVrLu0m5V-Gyv6sl8eGrPvdb_YRROUS9KHbtGVPs7wyG0F7RHvymB-Av4IdhRVP2UvV_d7ceGMzSAMA_uCK7_px6xYI%26lptoken%3D16bd791c6402570037de%26siteid%3D959433%26conversion%3D1554042989593815530&dr=http%3A%2F%2Fdhvya.taitlastwebegan.com%2F&dt=Download%20Now!&en=page_view&_fv=1&_ss=1&richsstsse HTTP/1.1
Host: trk.yieldtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yieldtrk.com
Connection: keep-alive
Referer: https://yieldtrk.com/
Cookie: _ga=GA1.1.1505777796.1679643949; _gid=GA1.2.1364686659.1679643949; _gat_UA-221044685-1=1; _ga_P4Y8F8YSKW=GS1.1.1679643948.1.0.1679643948.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 07:45:38 GMT
content-type: text/plain
vary: Accept-Encoding
set-cookie: FPAU=1.2.560470252.1679643939; Max-Age=7776000; Domain=yieldtrk.com; Path=/; Secure
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-origin: https://yieldtrk.com
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a6cad75209fdd6f267646b8382348c4b
35d993c683277cba55a4a86e15afa0c378d9a1d8
f3490031d4088f3580570dd096c1daf3780b76da85039fa904a35a9f0d6298be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-221044685-1&cid=1505777796.1679643949&jid=1306971698&_v=j99&z=1733059485&slf_rd=1&random=2322130937
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-221044685-1&cid=1505777796.1679643949&jid=1306971698&_v=j99&z=1733059485&slf_rd=1&random=2322130937
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-221044685-1&cid=1505777796.1679643949&jid=1306971698&_v=j99&z=1733059485&slf_rd=1&random=2322130937 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://yieldtrk.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 24 Mar 2023 07:45:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
access-control-allow-origin: null
access-control-allow-credentials: true
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a6cad75209fdd6f267646b8382348c4b
35d993c683277cba55a4a86e15afa0c378d9a1d8
f3490031d4088f3580570dd096c1daf3780b76da85039fa904a35a9f0d6298be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 24 Mar 2023 07:45:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://yieldtrk.com
Connection: keep-alive
Referer: https://yieldtrk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 07:45:38 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/18/2022 06:18:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: d7cf79762b442ebb4e92b4e80ff46dc7
cdn-cache: HIT
cf-cache-status: HIT
age: 5869970
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7acd4bb588601c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:300,400,500
172.217.21.170200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500
IP 172.217.21.170:0
GET /css?family=Poppins:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yieldtrk.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 24 Mar 2023 07:45:38 GMT
date: Fri, 24 Mar 2023 07:45:38 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trk.yieldtrk.com/analytics.js
216.239.32.21200 OK 0 B URL HTTP/2 trk.yieldtrk.com/analytics.js
IP 216.239.32.21:0
GET /analytics.js HTTP/1.1
Host: trk.yieldtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yieldtrk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 07:45:38 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=7200
expires: Fri, 24 Mar 2023 09:45:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-encoding: gzip
via: 1.1 google
X-Firefox-Spdy: h2
trk.yieldtrk.com/gtag/js?id=G-P4Y8F8YSKW&l=dataLayer&cx=c
216.239.32.21200 OK 0 B URL HTTP/2 trk.yieldtrk.com/gtag/js?id=G-P4Y8F8YSKW&l=dataLayer&cx=c
IP 216.239.32.21:0
GET /gtag/js?id=G-P4Y8F8YSKW&l=dataLayer&cx=c HTTP/1.1
Host: trk.yieldtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yieldtrk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Fri, 24 Mar 2023 07:45:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=900
expires: Fri, 24 Mar 2023 08:00:19 GMT
content-encoding: gzip
via: 1.1 google
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.45302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.45:0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhvya.taitlastwebegan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Mar 2023 07:45:36 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AQMjQ7Qjcp4trUl-XOqDavZ-HKSBQNbYHpGec3TAITr2Vpkq12HnMh2CJZ1W315usoDeaETvFxdR4g
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-E-KG-GwzW9ILAojVrNBrJA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"AccountsSigninPassiveLoginHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSigninPassiveLoginHttp/external"}]}, {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none; report-to="AccountsSigninPassiveLoginHttp"
content-type: application/binary
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:3OkpIm6pyeIao1d_RB5HRe4Rqj8ZvQ:hY_qgnulOyio60Gu; Expires=Sun, 23-Mar-2025 07:45:36 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.45302 Found 0 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.45:0
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhvya.taitlastwebegan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 24 Mar 2023 07:45:36 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AQMjQ7TXGSm9nsIm0PFnN_iYRP0K8InR-l0zdh7fSk3w8nhss44VXYSwwih-NC4tqqurTFTbYuW3ew
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-dO3KRgU5X2mYZjlbDYkVLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-type: application/binary
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
set-cookie: __Host-GAPS=1:hOGBnwjnKLrDKQ97rf-wlT_kgyoWjg:zhuerlisfK-ffKJN; Expires=Sun, 23-Mar-2025 07:45:36 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trk.yieldtrk.com/track?id=GTM-T3H5V3H
216.239.32.21200 OK 0 B URL HTTP/2 trk.yieldtrk.com/track?id=GTM-T3H5V3H
IP 216.239.32.21:0
GET /track?id=GTM-T3H5V3H HTTP/1.1
Host: trk.yieldtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://yieldtrk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Fri, 24 Mar 2023 07:45:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
last-modified: Fri, 24 Mar 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
x-xss-protection: 0
content-encoding: gzip
via: 1.1 google
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 31.13.72.36:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dhvya.taitlastwebegan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: rUC+kc6Qqv7jzsjNPRBmzzkYqajjJe0Dvd8y800ef6TIPT45TEysVhTHJIxv+avPywuDsiuAkhOVy+L1P2Zj1g==
date: Fri, 24 Mar 2023 07:45:37 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
trk.yieldtrk.com/j/collect?v=1&_v=j99&a=1806142712&t=pageview&_s=1&dl=https%3A%2F%2Fyieldtrk.com%2Fen%2F60c52a38-c810-46a9-b3e2-3aa764857da2%2F%3Fcam%3Df3f3e9b5-a7f0-49fc-b195-2a662072764c%26lid%3D60c52a38-c810-46a9-b3e2-3aa764857da2%26tsid%3Df0410e4e-6f85-431e-83fa-bc03d284193e%26utm_source%3Df0410e4e-6f85-431e-83fa-bc03d284193e%26utm_campaign%3Df3f3e9b5-a7f0-49fc-b195-2a662072764c%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26ref%3Ddhvya.taitlastwebegan.com%26pr%3D%26sid%3D959433%26ecid%3D%26aid%3D%26reg%3D%26dev%3D%26fl%3D%26cep%3DRd5Ugpcjh4YR__i5pNnm2EB943dSuvq6IZ9-ZNO3JYHlJdTvUi-27M0502h3mKVLVL7WOhV3A_oGxpuwVSE73qpxRu0UxcZdNnoutLnLcDYTU_-bMIiGxDXKWUcSHcSvCdgh3dVuZTY9bKuvRNeEYr9nKWqu7udL_tCceKxuSUc3_TmEVdfaZyd3fJmzEfgyn6dzOumrJhZvBSJFkF0u_Rnw5RamdoXabRdIUiGqV0mDqRYy4I4D8EO2ynsKPVvoMyaV7I4lSwSUS5Sh7qNFnxDstZimkTMMd281vGbdK8Iiq8OW2wRGOWP9gO-0R2oqrWu2fpXPFFtsg8LUl_Ef-4aVuiKtIH6eRw0QHNMCobSPvfJuJeNcZG4GSaw9_uJJjsrDlNSHOyWlbwAKwVrLu0m5V-Gyv6sl8eGrPvdb_YRROUS9KHbtGVPs7wyG0F7RHvymB-Av4IdhRVP2UvV_d7ceGMzSAMA_uCK7_px6xYI%26lptoken%3D16bd791c6402570037de%26siteid%3D959433%26conversion%3D1554042989593815530&dr=http%3A%2F%2Fdhvya.taitlastwebegan.com%2F&ul=en-us&de=windows-1252&dt=Download%20Now!&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&cn=f3f3e9b5-a7f0-49fc-b195-2a662072764c&_u=YEBAAEABAAAAACAAII~&jid=1306971698&gjid=1555181479&cid=1505777796.1679643949&tid=UA-221044685-1&_gid=1364686659.1679643949&_fplc=0&_r=1>m=45Fe33m0n81T3H5V3H&z=1733059485
216.239.32.21302 Found 0 B URL HTTP/2 trk.yieldtrk.com/j/collect?v=1&_v=j99&a=1806142712&t=pageview&_s=1&dl=https%3A%2F%2Fyieldtrk.com%2Fen%2F60c52a38-c810-46a9-b3e2-3aa764857da2%2F%3Fcam%3Df3f3e9b5-a7f0-49fc-b195-2a662072764c%26lid%3D60c52a38-c810-46a9-b3e2-3aa764857da2%26tsid%3Df0410e4e-6f85-431e-83fa-bc03d284193e%26utm_source%3Df0410e4e-6f85-431e-83fa-bc03d284193e%26utm_campaign%3Df3f3e9b5-a7f0-49fc-b195-2a662072764c%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26ref%3Ddhvya.taitlastwebegan.com%26pr%3D%26sid%3D959433%26ecid%3D%26aid%3D%26reg%3D%26dev%3D%26fl%3D%26cep%3DRd5Ugpcjh4YR__i5pNnm2EB943dSuvq6IZ9-ZNO3JYHlJdTvUi-27M0502h3mKVLVL7WOhV3A_oGxpuwVSE73qpxRu0UxcZdNnoutLnLcDYTU_-bMIiGxDXKWUcSHcSvCdgh3dVuZTY9bKuvRNeEYr9nKWqu7udL_tCceKxuSUc3_TmEVdfaZyd3fJmzEfgyn6dzOumrJhZvBSJFkF0u_Rnw5RamdoXabRdIUiGqV0mDqRYy4I4D8EO2ynsKPVvoMyaV7I4lSwSUS5Sh7qNFnxDstZimkTMMd281vGbdK8Iiq8OW2wRGOWP9gO-0R2oqrWu2fpXPFFtsg8LUl_Ef-4aVuiKtIH6eRw0QHNMCobSPvfJuJeNcZG4GSaw9_uJJjsrDlNSHOyWlbwAKwVrLu0m5V-Gyv6sl8eGrPvdb_YRROUS9KHbtGVPs7wyG0F7RHvymB-Av4IdhRVP2UvV_d7ceGMzSAMA_uCK7_px6xYI%26lptoken%3D16bd791c6402570037de%26siteid%3D959433%26conversion%3D1554042989593815530&dr=http%3A%2F%2Fdhvya.taitlastwebegan.com%2F&ul=en-us&de=windows-1252&dt=Download%20Now!&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&cn=f3f3e9b5-a7f0-49fc-b195-2a662072764c&_u=YEBAAEABAAAAACAAII~&jid=1306971698&gjid=1555181479&cid=1505777796.1679643949&tid=UA-221044685-1&_gid=1364686659.1679643949&_fplc=0&_r=1>m=45Fe33m0n81T3H5V3H&z=1733059485
IP 216.239.32.21:0
POST /j/collect?v=1&_v=j99&a=1806142712&t=pageview&_s=1&dl=https%3A%2F%2Fyieldtrk.com%2Fen%2F60c52a38-c810-46a9-b3e2-3aa764857da2%2F%3Fcam%3Df3f3e9b5-a7f0-49fc-b195-2a662072764c%26lid%3D60c52a38-c810-46a9-b3e2-3aa764857da2%26tsid%3Df0410e4e-6f85-431e-83fa-bc03d284193e%26utm_source%3Df0410e4e-6f85-431e-83fa-bc03d284193e%26utm_campaign%3Df3f3e9b5-a7f0-49fc-b195-2a662072764c%26utm_medium%3D%26utm_content%3D%26utm_term%3D%26ref%3Ddhvya.taitlastwebegan.com%26pr%3D%26sid%3D959433%26ecid%3D%26aid%3D%26reg%3D%26dev%3D%26fl%3D%26cep%3DRd5Ugpcjh4YR__i5pNnm2EB943dSuvq6IZ9-ZNO3JYHlJdTvUi-27M0502h3mKVLVL7WOhV3A_oGxpuwVSE73qpxRu0UxcZdNnoutLnLcDYTU_-bMIiGxDXKWUcSHcSvCdgh3dVuZTY9bKuvRNeEYr9nKWqu7udL_tCceKxuSUc3_TmEVdfaZyd3fJmzEfgyn6dzOumrJhZvBSJFkF0u_Rnw5RamdoXabRdIUiGqV0mDqRYy4I4D8EO2ynsKPVvoMyaV7I4lSwSUS5Sh7qNFnxDstZimkTMMd281vGbdK8Iiq8OW2wRGOWP9gO-0R2oqrWu2fpXPFFtsg8LUl_Ef-4aVuiKtIH6eRw0QHNMCobSPvfJuJeNcZG4GSaw9_uJJjsrDlNSHOyWlbwAKwVrLu0m5V-Gyv6sl8eGrPvdb_YRROUS9KHbtGVPs7wyG0F7RHvymB-Av4IdhRVP2UvV_d7ceGMzSAMA_uCK7_px6xYI%26lptoken%3D16bd791c6402570037de%26siteid%3D959433%26conversion%3D1554042989593815530&dr=http%3A%2F%2Fdhvya.taitlastwebegan.com%2F&ul=en-us&de=windows-1252&dt=Download%20Now!&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&cn=f3f3e9b5-a7f0-49fc-b195-2a662072764c&_u=YEBAAEABAAAAACAAII~&jid=1306971698&gjid=1555181479&cid=1505777796.1679643949&tid=UA-221044685-1&_gid=1364686659.1679643949&_fplc=0&_r=1>m=45Fe33m0n81T3H5V3H&z=1733059485 HTTP/1.1
Host: trk.yieldtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://yieldtrk.com
Connection: keep-alive
Referer: https://yieldtrk.com/
Cookie: _ga=GA1.2.1505777796.1679643949; _gid=GA1.2.1364686659.1679643949; _gat_UA-221044685-1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 302 Found
date: Fri, 24 Mar 2023 07:45:38 GMT
access-control-allow-origin: https://yieldtrk.com
access-control-allow-credentials: true
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-221044685-1&cid=1505777796.1679643949&jid=1306971698&_gid=1364686659.1679643949&gjid=1555181479&_v=j99&z=1733059485
via: 1.1 google
X-Firefox-Spdy: h2