link1s.com/XDNgMZ85
151.139.128.10301 Moved Permanently 0 B IP 151.139.128.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /XDNgMZ85 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 19 Jan 2023 06:17:54 GMT
Accept-Ranges: bytes
Cache-Control: max-age=0
Location: https://link1s.com/XDNgMZ85
X-HW: 1674109074.cds257.sk1.h2,1674109074.cds013.sk1.c
Access-Control-Allow-Origin: *
x-sp-metadata: HS256.CKLdo54GEkoKJDMzYmYxNWU0LTcwNzQtNDE4Yy05MDdiLTY0MzE2MzUzZWNkYxC46Pv98af8AhoGCJLBo54GIgw5MS45MC40Mi4xNTQohxYwAhooCAESJDdjYTc1ZDZhLWNmYTUtNDA4Ni1hY2I0LWNhNDM1NzNiMDJmZSIYCAISFGNkczAxMy5zazEuaHdjZG4ubmV0.Y/PyNutNf5m3eqN61GAed7CSqpvL9T2xDRcXKhzu4GQ=
Connection: keep-alive
Content-Length: 0
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b36ef73c20dffb6bc10194bbd2d0dcfa
a67a4023dc8b4944debaeb92f3ba0f1402c079a6
05a7a4d832cf9e593ca44efea309edcbd80734583bada15fda3e740612eff991
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "05A7A4D832CF9E593CA44EFEA309EDCBD80734583BADA15FDA3E740612EFF991"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5552
Expires: Thu, 19 Jan 2023 07:50:26 GMT
Date: Thu, 19 Jan 2023 06:17:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12058
Expires: Thu, 19 Jan 2023 09:38:52 GMT
Date: Thu, 19 Jan 2023 06:17:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6c8239f3894cfba54d1f3a9ea1c85db5
a70f2b3bf79f2aa26b0cc0340dd182565c3eb946
64dc0508d3fcea1ec92fb60310e9b3f5454c0b69f61e8453fd443bc46ab9471b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "64DC0508D3FCEA1EC92FB60310E9B3F5454C0B69F61E8453FD443BC46AB9471B"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11903
Expires: Thu, 19 Jan 2023 09:36:17 GMT
Date: Thu, 19 Jan 2023 06:17:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 19 Jan 2023 05:49:25 GMT
content-type: application/json
age: 1709
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4q1JNaHPKwycgHANbicnNzXOO8nDJO1n2UzLWooa6ooUEb5bT+saoNY1fAZsv1hbft8KuIyHosw=
x-amz-request-id: C7JCY19BT82BVTQ4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 19 Jan 2023 06:17:06 GMT
age: 48
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 06:17:54 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 19 Jan 2023 05:48:57 GMT
age: 1738
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 79af32d8e279b4cfec147ab51cb6fcb3
d726903292bd1e08a6d9fe0719d2cd5b33dc5fe6
bfcb2d8f14d89736ac6b771f1618a8fc5e707691d60807a574fb719c8e9393ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3802
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:55 GMT
Last-Modified: Thu, 19 Jan 2023 05:14:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.96.68101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.96.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8aVEyESpsDLA1RCsSG05ZA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4W7ylv909rqB3QlTPeEZyK6JGeQ=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4360
Expires: Thu, 19 Jan 2023 07:30:37 GMT
Date: Thu, 19 Jan 2023 06:17:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4360
Expires: Thu, 19 Jan 2023 07:30:37 GMT
Date: Thu, 19 Jan 2023 06:17:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4360
Expires: Thu, 19 Jan 2023 07:30:37 GMT
Date: Thu, 19 Jan 2023 06:17:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4360
Expires: Thu, 19 Jan 2023 07:30:37 GMT
Date: Thu, 19 Jan 2023 06:17:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 89055b1f42119cc1e7a33ce2fc364e76
20550fd56bf49a8aa30e18a923be22cda3f2ba7b
7698e9bb59f46011dbd3b6b74fc5784ac60d64c9d8403e8fe3aa18a60c17393d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7698E9BB59F46011DBD3B6B74FC5784AC60D64C9D8403E8FE3AA18A60C17393D"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4360
Expires: Thu, 19 Jan 2023 07:30:37 GMT
Date: Thu, 19 Jan 2023 06:17:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f0e28e6-b0e8-4d6a-86c1-1fc0c9c5513e.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f0e28e6-b0e8-4d6a-86c1-1fc0c9c5513e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f69a0610e549f99b84e2ac1355ec1d6
c957e6d925e932c8f4939b5b723bccb532b5bf44
0304ec77a98bcd152446d03f4d630304bb6362d3ff99c58c883ebeb3f1448130
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f0e28e6-b0e8-4d6a-86c1-1fc0c9c5513e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8665
x-amzn-requestid: d4ef9b00-3cff-4ca0-be67-39074ca71996
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ewYQuE1NIAMFymQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c33a6a-57f41f0a286ffffd2ca5ee8b;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 23:27:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ESbnZ69JgaSSqmynXtDLCCkPi9I3KeFPISrQUr1WMJWQBIyxhTHW5w==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 17:37:08 GMT
age: 45649
etag: "c957e6d925e932c8f4939b5b723bccb532b5bf44"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94ef2ebf-b368-4c49-877b-a14ed2f748c4.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94ef2ebf-b368-4c49-877b-a14ed2f748c4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0a101619de7c42082cb54416bf0cba0
a759ba4a1a95674e9b8c7146ba748826d22bc60f
7b75ffde64861431963ec226259f03d3848aada46f611962d10dff8a4aa88bd4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94ef2ebf-b368-4c49-877b-a14ed2f748c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4017
x-amzn-requestid: 3f89e17a-7a8d-460b-9bea-ee8c23b88379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3nBpFr9oAMFbbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61ed7-21c5578f084a3f36640ac14e;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 04:06:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QZKDFQMsEJJbTgg9f3qDQLIy3VXn9gLaX9OX4aalwKqbvqektWwZQA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 17:34:10 GMT
age: 45827
etag: "a759ba4a1a95674e9b8c7146ba748826d22bc60f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe65902c3-48ee-4167-857a-c14e7f6464fc.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe65902c3-48ee-4167-857a-c14e7f6464fc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c604448d6f1f1622279878df4f545cf
a412b00226d0d0ed3b9d8576d16d0ed2c516de91
16e45cd5e0ee3905a217af05d8f42e7e218551addca9d684c71bdeedde825929
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe65902c3-48ee-4167-857a-c14e7f6464fc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7020
x-amzn-requestid: 194bad3a-32af-458a-b131-5eeb73bffac1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ejsalGskoAMFeuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be2776-3bfeb6920bf5eeea61aaf7dd;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 03:05:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v1LIU0SBfsPgyxhTIua1kvaAYib73vF9pGfMfDS-y1uFZ85HwJGOmw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:54:04 GMT
age: 30233
etag: "a412b00226d0d0ed3b9d8576d16d0ed2c516de91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F698f24eb-f312-4a20-b261-be41dd92564c.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F698f24eb-f312-4a20-b261-be41dd92564c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffb6957f05eb26875b60b795a1a0e818
44c2febdf59c4f08401e7c3edd0837dd4b1a8886
0fdb841fbf2f336f58cc4b63d271c8cdd3fba345de4c774651826ea24e3628b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F698f24eb-f312-4a20-b261-be41dd92564c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6399
x-amzn-requestid: e4b80b20-8aad-47aa-9059-7f7729f901bf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e7UZ1ExQoAMFXKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c79aa5-66622b6c3e8fd210011618c5;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 07:07:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HSec-atXiQMoOd0Jqu8_jiC3cHqeyPpYvFJxKzqJcpp9i6sZhGMMEg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 07:27:24 GMT
age: 82233
etag: "44c2febdf59c4f08401e7c3edd0837dd4b1a8886"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 511bbd0c410838e4a978d471d361d876
706be1b2636ad65bf5fe78ef7301af472c015275
e124c1ba6059fb613d0ab8f7ad37f4524323e7bbde851f78e9e5727c7d20f19f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ef64b6-6b9b-4860-a201-58a01048084b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9916
x-amzn-requestid: 42bb326d-889c-4b91-b989-47c1fd650afa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e96pVF61oAMF76g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8a4a1-2f33e6be45e298a7120d1119;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 02:02:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 68BfqCCeDzqQURstD87lSuWaXjwrqVQnXX8ws6EeFfQtbu_ad9JEgw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 19 Jan 2023 02:14:04 GMT
age: 14633
etag: "706be1b2636ad65bf5fe78ef7301af472c015275"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2758caaf-6955-42af-b99c-67f8cd8d18db.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2758caaf-6955-42af-b99c-67f8cd8d18db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash daa6c8cbfdb22eedd188d992484088b5
96e668a856ab723df7b5fe51f9ab4e2becff79d9
bd4b16b8ab3ed87c047de09a58bff222ae5a18e3f6b0637eb915928fa35d7225
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2758caaf-6955-42af-b99c-67f8cd8d18db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6270
x-amzn-requestid: 95b61111-de2e-4047-a891-d6314d88ec9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: etktkG8joAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c21b23-56a6ddee52ee16312140fb11;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 03:01:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V92MTsdRHnRzy-kYw34uTLqfkS8Fd8HZFePtxxJMgWnOw_twNMsG3w==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 18 Jan 2023 21:54:08 GMT
age: 30229
etag: "96e668a856ab723df7b5fe51f9ab4e2becff79d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
link1s.com/logo1s.png
151.139.128.10200 OK 30 kB IP 151.139.128.10:0
File type PNG image data, 247 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash aa55ddb783a9ed3a7530dd55d848ee64
e2437805b86dc3858bea3c80567447ece8b96ec4
a1e2b0dcdc48527c85aa69b5f00854c11cb4b4554544098f2473119428c38017
GET /logo1s.png HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 19 Jan 2023 06:17:57 GMT
content-length: 30338
content-type: image/png
last-modified: Sun, 28 Feb 2021 03:13:41 GMT
accept-ranges: bytes
etag: "603b0a65-7682"
cache-control: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-sp-metadata: HS256.CKXdo54GEocBCiRhOTVkNWFiNi1iYzI5LTQ1M2UtODEwNi1hZDU3MzkwNzQ2ZmUQuOj7/fGn/AIaBgiVwaOeBiIMOTEuOTAuNDIuMTU0KMHLAzADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkOTNmMDFlNjItZTAzYi00YWExLTg4M2QtYjE3ODE5MDRkZjgzGILtASIYCAISFGNkczA2OS5zazEuaHdjZG4ubmV0.YHXdpVAqGdQOcRkJ0iHsD8/qgtFjXqn2RcBi2WAPFiI=
x-hw: 1674109077.cds204.sk1.hn,1674109077.cds069.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 783c01fa14ade2316e22ead869b3dbf8
71e20a947b3a9e10cb2bf046e2ca3da294d97f70
9b0aee93ad83dd0c14a106a2514b86ab950b2fc679596fd621841242b5c7e95c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-197930515-1
216.58.207.200200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-197930515-1
IP 216.58.207.200:0
File type ASCII text, with very long lines (1921)
Hash b88071a426775b16ba789738673098d5
4a7650d1b755ef9e23d54ead22fd9bd42aa9d2e7
1e37a7c76fc6b012929453cc80174af06aa03723395c64a6b3a3097c68d16885
GET /gtag/js?id=UA-197930515-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 19 Jan 2023 06:17:57 GMT
expires: Thu, 19 Jan 2023 06:17:57 GMT
cache-control: private, max-age=900
last-modified: Thu, 19 Jan 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43934
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 783c01fa14ade2316e22ead869b3dbf8
71e20a947b3a9e10cb2bf046e2ca3da294d97f70
9b0aee93ad83dd0c14a106a2514b86ab950b2fc679596fd621841242b5c7e95c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 6ffc62725eb8d702d9aebcb456457fb2
0b5f6c5f99abfc8cc37016f8b76e19097c3ba294
f0d158f00224cad7d42c75dfdbbbe4f7ab6a4cdb221d3faa5aeb9917d98d4f0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 19 Jan 2023 05:45:20 GMT
expires: Thu, 19 Jan 2023 07:45:20 GMT
cache-control: public, max-age=7200
age: 1957
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 6ffc62725eb8d702d9aebcb456457fb2
0b5f6c5f99abfc8cc37016f8b76e19097c3ba294
f0d158f00224cad7d42c75dfdbbbe4f7ab6a4cdb221d3faa5aeb9917d98d4f0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 6ffc62725eb8d702d9aebcb456457fb2
0b5f6c5f99abfc8cc37016f8b76e19097c3ba294
f0d158f00224cad7d42c75dfdbbbe4f7ab6a4cdb221d3faa5aeb9917d98d4f0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 6ffc62725eb8d702d9aebcb456457fb2
0b5f6c5f99abfc8cc37016f8b76e19097c3ba294
f0d158f00224cad7d42c75dfdbbbe4f7ab6a4cdb221d3faa5aeb9917d98d4f0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 6ffc62725eb8d702d9aebcb456457fb2
0b5f6c5f99abfc8cc37016f8b76e19097c3ba294
f0d158f00224cad7d42c75dfdbbbe4f7ab6a4cdb221d3faa5aeb9917d98d4f0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssp.web1s.com/ser.php?t=AADIV56&f=56&psc=
151.139.128.10200 OK 51 kB URL HTTP/2 ssp.web1s.com/ser.php?t=AADIV56&f=56&psc=
IP 151.139.128.10:0
Hash 2a5b8b114444388b78d6c05be3383f20
f96308575750bcb883a67414825b80292ad71cb1
3e1738307a8038dcd8ae9dc0cb541764fb1700c73d42b22f1cfad766f4b5cd37
GET /ser.php?t=AADIV56&f=56&psc= HTTP/1.1
Host: ssp.web1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 06:17:57 GMT
accept-ranges: bytes
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
x-hw: 1674109077.cds219.sk1.hn,1674109077.cds228.sk1.sc,1674109077.cds228.sk1.p
server: nginx
cache-control: no-cache, must-revalidate
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-sp-metadata: HS256.CKXdo54GEocBCiRkOGRlZjhlYy1jMWE5LTRiM2MtODYzYi1mZTA1ZjY5ODEzNDgQmL3y9Kv/+wIaBgiVwaOeBiIMOTEuOTAuNDIuMTU0KKW7AjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GikSJDgyMDcxOWZkLTJiMmQtNGI2ZC04ZGI5LTdiY2JhNTk5MGYyNxj1CiIaCAISFGNkczIyOC5zazEuaHdjZG4ubmV0GAk=.o/bRGPnA/1PeqjAG+xvJOzxetVsSIcNbRKrf9setizY=
access-control-allow-origin: *
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.162200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.162:0
File type ASCII text, with very long lines (39368)
Hash 369d022734818ff72ec512e0a8c43c31
5733603acec13d94c00b20c1e8cbd109c29941c6
57cde9fe0ad30388d2192d6da8723351c18aaa77d0c20af9029237c791e3d563
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27718
date: Thu, 19 Jan 2023 06:17:57 GMT
expires: Thu, 19 Jan 2023 06:17:57 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1456 / 115 of 1000 / last-modified: 1674085591"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 6ffc62725eb8d702d9aebcb456457fb2
0b5f6c5f99abfc8cc37016f8b76e19097c3ba294
f0d158f00224cad7d42c75dfdbbbe4f7ab6a4cdb221d3faa5aeb9917d98d4f0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 6ffc62725eb8d702d9aebcb456457fb2
0b5f6c5f99abfc8cc37016f8b76e19097c3ba294
f0d158f00224cad7d42c75dfdbbbe4f7ab6a4cdb221d3faa5aeb9917d98d4f0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f649efb402dd2596e03df5a6a2bdae21
c08f7ebb64f65eb4259f1399c0bac0bff959f044
2fd39524dac49cf618314241f401fd993eae62bceaf268e83293060a5e5e398c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2FD39524DAC49CF618314241F401FD993EAE62BCEAF268E83293060A5E5E398C"
Last-Modified: Wed, 18 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12945
Expires: Thu, 19 Jan 2023 09:53:42 GMT
Date: Thu, 19 Jan 2023 06:17:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b24f3ed55b250d83ab66b93d518e6dc7
9efcdd30689719ed09df026a572f57808ef03ded
020c203aaeee7ac0a10ce720a995d994614a75d3d530347d83846867ffa08d28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "020C203AAEEE7AC0A10CE720A995D994614A75D3D530347D83846867FFA08D28"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16550
Expires: Thu, 19 Jan 2023 10:53:47 GMT
Date: Thu, 19 Jan 2023 06:17:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43048316f1760ceb00e800413012ed3c
6ff491c279b588489be6b4ddb9f68404fc358070
222f798f4c277a58babb8e14399cb8f5067ce9fe92f7ce6944b3e25dfb435cc0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "222F798F4C277A58BABB8E14399CB8F5067CE9FE92F7CE6944B3E25DFB435CC0"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9030
Expires: Thu, 19 Jan 2023 08:48:27 GMT
Date: Thu, 19 Jan 2023 06:17:57 GMT
Connection: keep-alive
upskittyan.com/zone?pub=0&zone_id=5118379&is_mobile=false&domain=www.byboe.com&var=&ymid=&var_3=
139.45.197.251200 OK 687 B URL HTTP/2 upskittyan.com/zone?pub=0&zone_id=5118379&is_mobile=false&domain=www.byboe.com&var=&ymid=&var_3=
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (686)
Hash aadb286c823703b081d645d5604926bb
6fa752dcff2ad7b3024a878637b8f5bcc765c48c
51786b9e438d2a024fd7a4f22712a1e032cd914d77d91a50fcaf13abfe83ced3
Analyzer Verdict Alert quad9 Sinkholed
GET /zone?pub=0&zone_id=5118379&is_mobile=false&domain=www.byboe.com&var=&ymid=&var_3= HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Origin: https://www.byboe.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 06:17:57 GMT
content-type: application/json; charset=utf-8
content-length: 687
x-trace-id: 7d15988e241845763553c41fe9bd0fcb
access-control-allow-origin: https://www.byboe.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 51bca4e15ceab78698f08ec2c3d293b2
749b336c38397cd89cae2ab5bb2055d483531213
45b40ad33bb94556f33f631cd6de278cbde803ac940f54919a4ee330a81b8e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "45B40AD33BB94556F33F631CD6DE278CBDE803AC940F54919A4EE330A81B8E00"
Last-Modified: Wed, 18 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2748
Expires: Thu, 19 Jan 2023 07:03:46 GMT
Date: Thu, 19 Jan 2023 06:17:58 GMT
Connection: keep-alive
my.rtmark.net/gid.js?userId=f076d8d9c40445e6afb1ef633b9d0c88
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=f076d8d9c40445e6afb1ef633b9d0c88
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 9d50cb996a83738894de31b330dfca67
222daa8f0da9eeea6dbe6d1f939dea8f60d2436c
49022f8fc32b3d28fdddbca21d490c81e02058c6b282b34f0cb68888fdf617b6
GET /gid.js?userId=f076d8d9c40445e6afb1ef633b9d0c88 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Origin: https://www.byboe.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 06:17:58 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.byboe.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f076d8d9c40445e6afb1ef633b9d0c88; expires=Fri, 19 Jan 2024 06:17:58 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cb8c74d6e35f51e581fd6e2411baf577
6ae08e6c318c7af1b5666c9b7b7718e4084ab06a
4860e0b467551f1b4fd00c44d83d01ded25498c990600915aae4316e23e91aba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4860E0B467551F1B4FD00C44D83D01DED25498C990600915AAE4316E23E91ABA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2767
Expires: Thu, 19 Jan 2023 07:04:05 GMT
Date: Thu, 19 Jan 2023 06:17:58 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 558ca082e2b49b22ae356cf10b191c68
c3956046019b64bc525381a4ab7f0c70002b5b17
862dfa54857c199a1d5450b0b07d8fcc3e2702476e7a0938b3d34e2fab332af3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
offfurreton.com/400/5112623
139.45.197.237200 OK 32 kB URL HTTP/2 offfurreton.com/400/5112623
IP 139.45.197.237:0
Hash e543b6485e1fc74ca93b84b54aa52827
a029ecc367075437cef1eeb6f6fbaf8ed67ed9ef
6c957d4c1a318e271810bd609cd072a111db7f95778de81552421f89bc83fa6e
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5112623 HTTP/1.1
Host: offfurreton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 06:17:57 GMT
content-type: application/javascript
x-trace-id: f4ec31204a29c9704051289926e74a32
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=71db7ff2a3ad4b328cac4081671c8eab; expires=Fri, 19 Jan 2024 06:17:57 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.byboe.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.byboe.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.byboe.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 19 Jan 2023 06:17:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
upskittyan.com/pfe/current/universal.min.js?v=3.1.411
139.45.197.251200 OK 34 kB URL HTTP/2 upskittyan.com/pfe/current/universal.min.js?v=3.1.411
IP 139.45.197.251:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9994454860b47ea84cfcabfa466e97f7
5a501fbf817113d306f64690b407596fd60a3ade
d8918e0ecb2279d58b64ce8e1be4041cb2f2b058196884284aa21dc7edd48ee9
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.411 HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Origin: https://www.byboe.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 06:17:57 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 12:58:18 GMT
etag: W/"63a302ea-18c6c"
access-control-allow-origin: https://www.byboe.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ugroocuw.net/5/5112622
139.45.197.239200 OK 25 kB IP 139.45.197.239:0
Hash ca310cf0c7b8fb2c5e751401067b4a5e
96ab30a267c70436222f06681ecc4c53347dbbf9
3457339f355392c5e4221bb9f072dcf27a80bc785e5afa7827b2cacbcd790701
GET /5/5112622 HTTP/1.1
Host: ugroocuw.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 06:17:57 GMT
content-type: application/javascript
x-trace-id: 29d9aec771c3ad18db1436a819caea08
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=f076d8d9c40445e6afb1ef633b9d0c88; expires=Fri, 19 Jan 2024 06:17:57 GMT; path=/; secure; SameSite=None
oaidts=1674109077; expires=Fri, 19 Jan 2024 06:17:57 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 558ca082e2b49b22ae356cf10b191c68
c3956046019b64bc525381a4ab7f0c70002b5b17
862dfa54857c199a1d5450b0b07d8fcc3e2702476e7a0938b3d34e2fab332af3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 96932e7ee122dfbe89a87a0265f8bf94
a260e5fb88fa73efaedcd7880f4bfea7acf44fbb
e806134fe3187494ab16df5a777bb4d7b8d0a8c400b542a5414b63c7ef3ac3e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 870b56b31988dbba7484d107a3455332
bcea1ac4e6afb8d92bf1f074910db7492098e854
d6a42a2b06ca9f6aca467356435ee125626474f28803b4ed8e4b4271b03e0068
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 870b56b31988dbba7484d107a3455332
bcea1ac4e6afb8d92bf1f074910db7492098e854
d6a42a2b06ca9f6aca467356435ee125626474f28803b4ed8e4b4271b03e0068
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.byboe.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.byboe.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.byboe.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 19 Jan 2023 06:17:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
a4e984ed196c3e6da90100f6b9aab6d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 2.7 kB URL HTTP/2 a4e984ed196c3e6da90100f6b9aab6d0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: a4e984ed196c3e6da90100f6b9aab6d0.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Thu, 19 Jan 2023 06:17:58 GMT
expires: Fri, 19 Jan 2024 06:17:58 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.byboe.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.byboe.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.byboe.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Thu, 19 Jan 2023 06:17:58 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.itskiddien.club/apu.php?zoneid=5115166
139.45.197.236200 OK 30 kB URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=5115166
IP 139.45.197.236:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 081a0ac88e746857603036495adbb64a
eae64dbf0d0167869e2b9919f0ef7c30176a4075
82323a0bffd429f4f0ed56da91833f0ae51b2e2a946c86062aa00a2709188a4a
GET /apu.php?zoneid=5115166 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 06:17:58 GMT
content-type: application/javascript
x-trace-id: 72da405211986a5581b4e5d08b6676a0
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=f7fe71086f824c9aadc53d24c49707ce; expires=Fri, 19 Jan 2024 06:17:58 GMT; path=/; secure; SameSite=None
oaidts=1674109078; expires=Fri, 19 Jan 2024 06:17:58 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
upskittyan.com/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.byboe.com/
Origin: https://www.byboe.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 06:17:58 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.byboe.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
upskittyan.com/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Content-Type: application/json
Origin: https://www.byboe.com
Content-Length: 363
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 06:17:58 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 0e57f1f37b5ea61754c6731be76f73ab
access-control-allow-origin: https://www.byboe.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash cd55997dd608ce987f0dbf559cb6e927
87253a8c3b1587d897c507818006e89180936f91
a20d1577b7836b149485c757ee21cd3d243d6646e74dd504f3fd59e0a34ece17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash cd55997dd608ce987f0dbf559cb6e927
87253a8c3b1587d897c507818006e89180936f91
a20d1577b7836b149485c757ee21cd3d243d6646e74dd504f3fd59e0a34ece17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 607bf9684e4803d817fdd1120427dcdd
886fa77396c792751868f05806793937a4f11be6
d17df5470015b9c3be3fc1e9c8fa5f2b732231eed453b689e94897f6f1da3911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js
216.58.207.193200 OK 7.5 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1506)
Hash 8f655c82309c733b541714b09f3ea320
bdf2de225c83acd6dc65ec140ae7b4fc3e351133
0ce7e98377eae99ed3c343ad0225744a1ea70494b50c33085c67d46ca565c4c1
GET /pagead/js/r20230117/r20110914/client/qs_click_protection_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 7515
x-xss-protection: 0
date: Wed, 18 Jan 2023 18:35:56 GMT
expires: Wed, 01 Feb 2023 18:35:56 GMT
cache-control: public, max-age=1209600
age: 42122
etag: 5914713042212191929
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 607bf9684e4803d817fdd1120427dcdd
886fa77396c792751868f05806793937a4f11be6
d17df5470015b9c3be3fc1e9c8fa5f2b732231eed453b689e94897f6f1da3911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite_fy2021.js
216.58.207.193200 OK 8.9 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20230117/r20110914/abg_lite_fy2021.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1569)
Hash d0f6d23b1376a9ac548d096ca52b3500
f83aa48a2a430fef64e3b2be5b5092d02e16954e
a5eac18ba0b287b6e22cf570569804de8b17c95c6fd21568b850b89b1a5bbbd6
GET /pagead/js/r20230117/r20110914/abg_lite_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 8872
x-xss-protection: 0
date: Wed, 18 Jan 2023 19:11:13 GMT
expires: Wed, 01 Feb 2023 19:11:13 GMT
cache-control: public, max-age=1209600
age: 40005
etag: 4731094640903799552
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 607bf9684e4803d817fdd1120427dcdd
886fa77396c792751868f05806793937a4f11be6
d17df5470015b9c3be3fc1e9c8fa5f2b732231eed453b689e94897f6f1da3911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.css
142.250.74.74200 OK 2.8 kB URL HTTP/2 imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.css
IP 142.250.74.74:0
File type ASCII text, with very long lines (14567), with no line terminators
Hash 0ea7c62c1ffefe2c0695008097779f30
30701f1fa6b52c2a2216b540f189d654c2a6c458
07686fcb89f2ba27df013c73b4ad2ebf0d28e3103fd0f835450606d0a832c941
GET /formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.css HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
timing-allow-origin: *
content-length: 2798
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 13:37:04 GMT
expires: Thu, 18 Jan 2024 13:37:04 GMT
cache-control: public, max-age=31536000
age: 60054
last-modified: Wed, 11 Jan 2023 11:45:15 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js
142.250.74.74200 OK 135 kB URL HTTP/2 imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (2030)
Size 135 kB (135245 bytes)
Hash 86606e275e408b1e05ef80a475a80c5a
4c4b18222217a0eba289b54395a730b048e2e828
0ace7a69d4726f098069c0235527bb27e9ca8833481351fabe6e320b1efc67cb
GET /formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
timing-allow-origin: *
content-length: 135245
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 13:37:04 GMT
expires: Thu, 18 Jan 2024 13:37:04 GMT
cache-control: public, max-age=31536000
age: 60054
last-modified: Wed, 11 Jan 2023 11:45:15 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 607bf9684e4803d817fdd1120427dcdd
886fa77396c792751868f05806793937a4f11be6
d17df5470015b9c3be3fc1e9c8fa5f2b732231eed453b689e94897f6f1da3911
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 351d468463fc9ee6485308d8454758c6
972aeae058e95fb77cb15b3f38eb013221d731a5
58c4e4d96d14b3c1528163434fe39cc0920cc4eaa2508a1a4d933632d7d2557a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 351d468463fc9ee6485308d8454758c6
972aeae058e95fb77cb15b3f38eb013221d731a5
58c4e4d96d14b3c1528163434fe39cc0920cc4eaa2508a1a4d933632d7d2557a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 351d468463fc9ee6485308d8454758c6
972aeae058e95fb77cb15b3f38eb013221d731a5
58c4e4d96d14b3c1528163434fe39cc0920cc4eaa2508a1a4d933632d7d2557a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 1.1 kB IP 142.250.74.163:0
File type gzip compressed data, max compression\012- data
Hash 6b4bf303a3eb85d49602b3692d48d33f
59dc3fcc70fce048b48b79ae7b09955155a132eb
a8067d8f6a7aafe0362bfa7946788ebd7d473ab69de53847257e904949ffa291
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 351d468463fc9ee6485308d8454758c6
972aeae058e95fb77cb15b3f38eb013221d731a5
58c4e4d96d14b3c1528163434fe39cc0920cc4eaa2508a1a4d933632d7d2557a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
216.58.207.193200 OK 62 kB URL HTTP/2 cdn.ampproject.org/rtv/012301041800000/amp4ads-v0.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (65008)
Hash b37f0fdda94f3d96c80d921bd49a4ff6
8893cf93146a0a4206940e9fdd7588f40a4952ae
61c4f4857c121032f2d81e7a61976837793959d626d14312f2a6eff3a4a33957
GET /rtv/012301041800000/amp4ads-v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.byboe.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 61740
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 18:07:14 GMT
expires: Wed, 17 Jan 2024 18:07:14 GMT
cache-control: public, max-age=31536000
etag: "8e9029bac2b10828"
content-type: text/javascript; charset=UTF-8
age: 130244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs
216.58.207.193200 OK 5.2 kB URL HTTP/2 cdn.ampproject.org/rtv/012301041800000/v0/amp-ad-exit-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (14751)
Hash 9b2fa0ca8fedfa9c1a541b6076dac6bc
ab34bcb7d69924174f6ee927c647d9c14b00fa3f
5daabdf8435ed7f00b999bfa3cf7fa2c622837de6e9d68eea023662ed3e21b3e
GET /rtv/012301041800000/v0/amp-ad-exit-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 5230
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 18:07:14 GMT
expires: Wed, 17 Jan 2024 18:07:14 GMT
cache-control: public, max-age=31536000
etag: "98e8559bf0300638"
content-type: text/javascript; charset=UTF-8
age: 130244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs
216.58.207.193200 OK 1.9 kB URL HTTP/2 cdn.ampproject.org/rtv/012301041800000/v0/amp-fit-text-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (5021)
Hash b913b3787b79681182d68d2b7a341870
9cf786f53f889636326d670537a6f19397551af6
efe6ebcc59af653b1973557ab2d8274224b0f51a9a2eea49d3d9187d7165579f
GET /rtv/012301041800000/v0/amp-fit-text-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 1904
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 18:07:14 GMT
expires: Wed, 17 Jan 2024 18:07:14 GMT
cache-control: public, max-age=31536000
etag: "c26873ae23a2dfcc"
content-type: text/javascript; charset=UTF-8
age: 130244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs
216.58.207.193200 OK 29 kB URL HTTP/2 cdn.ampproject.org/rtv/012301041800000/v0/amp-analytics-0.1.mjs
IP 216.58.207.193:0
File type ASCII text, with very long lines (65534)
Hash 6ea2e015977100a8ee102a32db3de717
f3c00e3b9b9ca63c587a92745863371ae6140879
d7b2de930a3b1c4b2c00b4116d2bc91c86e18604a6c636e7c3b4316a0a23e0a1
GET /rtv/012301041800000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28829
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 18:07:14 GMT
expires: Wed, 17 Jan 2024 18:07:14 GMT
cache-control: public, max-age=31536000
etag: "80143a542ab189b2"
content-type: text/javascript; charset=UTF-8
age: 130244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs
216.58.207.193200 OK 13 kB URL HTTP/2 cdn.ampproject.org/rtv/012301041800000/v0/amp-form-0.1.mjs
IP 216.58.207.193:0
File type Unicode text, UTF-8 text, with very long lines (41068)
Hash f3830fcbc4ff7b5f3ead1fcb52316a76
07feb8c8593d99e330eb045c7152453154312c7c
a1b02333ca6a4a51dd095f4de977a179d400faba70b7af7aa64f58d5ee5b1da8
GET /rtv/012301041800000/v0/amp-form-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 12956
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 18:07:14 GMT
expires: Wed, 17 Jan 2024 18:07:14 GMT
cache-control: public, max-age=31536000
etag: "a53f7d5e2894160e"
content-type: text/javascript; charset=UTF-8
age: 130244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash db72b0cf36b635e3c0825b954e3f0571
f0f3d97119b058f86553062c835f89b1b283945d
bf6ecaa45a5dbd66d0c657e5f33345ac46bdc94d8cae1274fcaf01c0ff302b97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto:700,500,400,300
142.250.74.106200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:700,500,400,300
IP 142.250.74.106:0
Hash 293f73d8f652b3ca900bd99490908ec1
835c781e6ec8e463868726b0f812ec17468178b7
e79dd3841828f99767f6ae85f62d1a7c3e7259b0b28b96b2240060b96ce8da58
GET /css?family=Roboto:700,500,400,300 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 19 Jan 2023 06:17:58 GMT
date: Thu, 19 Jan 2023 06:17:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash db72b0cf36b635e3c0825b954e3f0571
f0f3d97119b058f86553062c835f89b1b283945d
bf6ecaa45a5dbd66d0c657e5f33345ac46bdc94d8cae1274fcaf01c0ff302b97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 19:34:08 GMT
expires: Thu, 18 Jan 2024 19:34:08 GMT
cache-control: public, max-age=31536000
age: 38631
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 14:07:32 GMT
expires: Thu, 18 Jan 2024 14:07:32 GMT
cache-control: public, max-age=31536000
age: 58227
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.byboe.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 19:34:21 GMT
expires: Thu, 18 Jan 2024 19:34:21 GMT
cache-control: public, max-age=31536000
age: 38618
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
offfurreton.com/500/5112623?excludes=&oaid=f076d8d9c40445e6afb1ef633b9d0c88&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.byboe.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 17 kB URL HTTP/2 offfurreton.com/500/5112623?excludes=&oaid=f076d8d9c40445e6afb1ef633b9d0c88&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.byboe.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 0788807956c47ed863c45ff10122fcbf
55f6eb5c49945081f2a170fccd459467887def15
3652c8f3bf4e848e931a037dd1d02a6dcf1caca1617888887744f0879e90796a
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5112623?excludes=&oaid=f076d8d9c40445e6afb1ef633b9d0c88&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.byboe.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: offfurreton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Content-Type: application/json
Origin: https://www.byboe.com
Connection: keep-alive
Cookie: OAID=71db7ff2a3ad4b328cac4081671c8eab
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 06:17:58 GMT
content-type: application/javascript
x-trace-id: 5350bbb4fd40193ffd8a5725114ac2a6
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://www.byboe.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f076d8d9c40445e6afb1ef633b9d0c88; expires=Fri, 19 Jan 2024 06:17:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash db72b0cf36b635e3c0825b954e3f0571
f0f3d97119b058f86553062c835f89b1b283945d
bf6ecaa45a5dbd66d0c657e5f33345ac46bdc94d8cae1274fcaf01c0ff302b97
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash efac8d32469e6807b1b1f2916a47edf1
68d91e7af565f1cf6597bcdd642a78dbada50a8d
22639289563bb576a7c20b9c733bdd7f98c41519fdddeef0d710f0d058c5bf88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CR4palC1XV8sob7ZvJV2MytQayak1e-ekLhjyTEWju5U4RQc9lxtq781HRKtyj1Kp2adqPnLQ7rsagNSrxZa5UGPKMsQ&dbm_d=AKAmf-CHLxWG0x1KXrEB8W81RqhdSbTcnLqjuUhOC3eUC4E-B_YbZuprC3x8NObXUvTOkPh-AG3Y5RYxm_v8vgfkV6z2DDKHFD_Dg_9RlrSjMjJ5zs7ueXUVidj9tO2kgk6JaaEnIqNdcnqTDYO0A9EemytPMFfmGDITekAcoYtgISUNBVYhjQMHI8FQu5zD1EnvZvoUTkVL9Hc4L6wbp0jMD8skDbv-dfsY6Wg0HNB3ltYFYV_xlU_LZcCyPQLoNxHOF_4xsxEH1wse4cafz_u5NUhLhLSuUyIjUItS5To8g62OTMAZJdbAgqCA5_puG-axYLnVGQ2mnZliTNFpLSDMuFENMLkaOVfWZa1bQkhpvFhdYQ9OjwkraGwudUe73ZZ95JGgCQKrknxgMEn8tNYLFT9LI8Z7B-7GSwpKT9lV5IEVox3MYIdS3UHrd4l-wECQQj41w2Vlq8CDEKNb9XOJEcl-_t-fAQmLSdI5M9gaHkEU5jmSdzpYBgTOW6-JccACzYvv8v80wa9fyqy3LL2wuA_DTJd1PYtgliPn_t0DyB05mFe_V1CXjq2MwW839caZF-qdfWzz_XBVW05tPj3QfUUDlqBDOfPUCbYTIUvOWtKtLdSz_jYhOuNVhOA40uawwc5tDj2XBgZV_MBOL9Hub9RmdxR2y0Y8oW2X7W2zYfnVqR7Koync9Bo_cYBem6Nsdd4dsH8RZS6jMnp9nDoipI0mG130pINROeNhN6hxFrq6zKq3B34wSGAuHr6Z-yBddWhr7KkBd68dLQNo1ds7QMJOt3VL1dhzwRh_YcccpyOXmsme37QqT2RUQAesRgEyx1Qgs7x-9EW6u99eFThuYDaC3a1L-dywXyXru6onIIDInif6XSi2gemm9PU8hW6qwt-2w82tH2vL8F66WzCENjp7WWPXZGz4x4OKFver-Po5wm_cx6rBw7wYJ8AA0wx5Q_tjDp5PyI47esUsKF8GlOkZmjxzVh_-Yj7d_cvSQK0w-N3pOS5fkxMm7renpSgyqi6hymSR4YByrBu-KsKlNHKEk2JiPGODjDs3qv_2Z7OSFAul08aXAFBR2shVUqEiTrsOivn2YyaNOt3sWGj7Y9iLZQxrk1HK6NS5BpKnQpIeMo5PAr_RQ3XXWSyrdAiLHv8SD4MVwpwefiL_NijJHTwjC2dwdTs2bjUrNfCSf0RkxvE72f5kbhYdg2u182oMmtef3mo2yYkdX8y0k_05T9_L4gXLE9hRFF3AmCA-NPhxk1AJ4vESHRZq72qDxUjlDx5OH7oypNk1dY07ACEFoXlhZYw6eF0UrAw50CcqmzKNAX7AkjLqvys7Uk4p1OpEZHXwfByNdSCxvpUIV_lbXrQZ4QUSaYNe_z64exhklNGznrt6OfCeNWd2IA0g4Sgwtu0nkCYzu0A9bcHmBeAYVpV5Y6E5qyQdz5n6rihYPU8sLxjVT9xWvsgnm4wLw9MWQIYZ20KmJsBqtoeAGujkZSGFgvepPYCco3TYWupZ6aeYzaqN6yt2XaroMWoazBTco5S9kO_8icvI9ao6001oe5cKAgEFMheiYQ-5eW0IjE2k4DXgGIvU8qZXAPZxOJ9M11WJkJN0pQPcBxwa-RbVO4SslEwqumzUBhn1v1HqdNco2mod2urwgFdKTFGdgLL4etSiU4fZ8oYlOrgq5XynTg38CxtJrkMrhgkD9QmTHGW8ZqOzxRbv9iyZOkzc8w4Jn_cTMCHBt41bG7bIp7uK5RcHG3Zl-3aalsR4gIOLnv7O0pvHzAQFOHm-YoKk0kIu0cb9wgtw7yPnciuEOnBLP7hsYv-38xfyKpGLBTqbTmtxkToWDlwoG1m_9n16COKS0ToGbVVdUycMU1CllGrlYfGTrK-TYiU7sDJ-vZItafVMH-TADuxjdSE2Ryy4gvzk-GygJ-U4IGQlsVsy4Q89D08WNZzQeLqGAct-e2bsjxVDyn9eMCTFuEz6jr7IZItvIsDwxRmi703mJNiY5X0QQNSrLqX-8PHDpZoXp_lIVVl64lWAYXmBAwL6SM0r8hDPWuyCCyMqq1TcpBUcluWhLoKVnzQLR9JPyySB1LTaF3nyZ3gb6gqNs25LH6pjDURn69rJnzlRqzpPWoiiU-erHmOUmomqmIkUGLV9AEY1l0cKKVy2RbmgxEjl0JVM97pGk5NgUqTgTEFRWVekuMBfsgXITGx3rlcaKt2UTEvuY33pbwpbj-9bJY1BKsqhq_WYJfp1CWvRRX50gA5g8Nqc7jwICrdCOG5RsK6ATotASX6kIgsUj4_1txKori5XWDzjswloCGVSNinVqMjw4JllzvZbVAHvywoFXvOSGwPZe_lc65wwwAWsb2nHYutx9sCMzZzE27_hMedNMcHObaRPgM6yXr3eDeKNh0kUaraB5w5gJsM2KAAiEHPYT31ILCliZrTAKQt4gZ14sMlOq7pBldjHYm96wsM89vDJ9S_5nSFpjbWASVZhJhE-Q79BeOHWTsdop0E9kRaMDEwYrEgeVT_jPeW7ieK6gF_zfc3DondQIYibVkCr_cWpgGma1LFD4_z8DNgTnuJFkHfi-f9PF34O-Qno-zOztt0t0-65lX_att27ZoiHqJqAJnznORBmkCqH1iWgpkZXkIJlRXeNPSL0gn1zaPHBQJ38zjTBP2k7JxQ8ccLG-Ya9-6HDN1UqLwn4D7VGhbS5vC_rN-LJcU4uaRVBVE1n8jdzvUzgzmG2VAGhneXtgAFQUCyH628Kf-llBFLaB71GRSQtpyeuXMRdENXCOgfy2kRmq0nI-nacfXw_Q2gS4wLAneWPHsXJRTxfVBM3rtGYbWYLD5lAdIhMBLT8om7UN_IuSGGqMyhlPqLLimQDJ5_9goCS1hzBOaUy54YmrcAAgAaRHTWWxqGVD8SJ38aeCkK81pwwALctgGuQkJL585Ykc6ogxcHRkJ7qTC4SmPwr97Kt95YZD-KpKlvTrrcf9YAncCBCVLs6Rlkm4F1wRNAXzXVPz-pzd6L4mn5iUSnrD2yjlLB7PirMMXFeAY15PMqfT_dhHW44-F2zUtbC0n7FdF1L08nTdMcP8cQJlc67rY7MRLONFZCjpvVC0keq6EjHxv0myj57mYyoTG59cN8Jee7MQEXqcLTwowwIlJnsa2MPCYU3DAr4czcpAGfAMr0m34SNadtWPAjJbAjXUtC7T4ZRZWtRD0JODIN2sYDIxkHqW4VLgbO_kvhjh52oZ74bvtfMCa8FeWSezBrwReUmf2QLWEXXxn_hjqRbce42dFH9xfQ4glVLcUUfmSYt8BwduKvMjgQB4cy9LkNBEbcZxuGRLCigDO8pewvh0MN6Xcmv1nFfiOK4lb7fEiIEoCGGeo40CBs5u6vuxIk&cid=CAQSTADq26N9LM66phhBe510SC7PTLtJlPLN48BkIXSwy1v3DdzYrV9sC7KtHDMcx5Mp_GXlYq2wSJ0CKESQPeSEjvvtbexPwFpA5C12eDEYASAT&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
142.251.1.155200 OK 16 kB URL HTTP/2 bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CR4palC1XV8sob7ZvJV2MytQayak1e-ekLhjyTEWju5U4RQc9lxtq781HRKtyj1Kp2adqPnLQ7rsagNSrxZa5UGPKMsQ&dbm_d=AKAmf-CHLxWG0x1KXrEB8W81RqhdSbTcnLqjuUhOC3eUC4E-B_YbZuprC3x8NObXUvTOkPh-AG3Y5RYxm_v8vgfkV6z2DDKHFD_Dg_9RlrSjMjJ5zs7ueXUVidj9tO2kgk6JaaEnIqNdcnqTDYO0A9EemytPMFfmGDITekAcoYtgISUNBVYhjQMHI8FQu5zD1EnvZvoUTkVL9Hc4L6wbp0jMD8skDbv-dfsY6Wg0HNB3ltYFYV_xlU_LZcCyPQLoNxHOF_4xsxEH1wse4cafz_u5NUhLhLSuUyIjUItS5To8g62OTMAZJdbAgqCA5_puG-axYLnVGQ2mnZliTNFpLSDMuFENMLkaOVfWZa1bQkhpvFhdYQ9OjwkraGwudUe73ZZ95JGgCQKrknxgMEn8tNYLFT9LI8Z7B-7GSwpKT9lV5IEVox3MYIdS3UHrd4l-wECQQj41w2Vlq8CDEKNb9XOJEcl-_t-fAQmLSdI5M9gaHkEU5jmSdzpYBgTOW6-JccACzYvv8v80wa9fyqy3LL2wuA_DTJd1PYtgliPn_t0DyB05mFe_V1CXjq2MwW839caZF-qdfWzz_XBVW05tPj3QfUUDlqBDOfPUCbYTIUvOWtKtLdSz_jYhOuNVhOA40uawwc5tDj2XBgZV_MBOL9Hub9RmdxR2y0Y8oW2X7W2zYfnVqR7Koync9Bo_cYBem6Nsdd4dsH8RZS6jMnp9nDoipI0mG130pINROeNhN6hxFrq6zKq3B34wSGAuHr6Z-yBddWhr7KkBd68dLQNo1ds7QMJOt3VL1dhzwRh_YcccpyOXmsme37QqT2RUQAesRgEyx1Qgs7x-9EW6u99eFThuYDaC3a1L-dywXyXru6onIIDInif6XSi2gemm9PU8hW6qwt-2w82tH2vL8F66WzCENjp7WWPXZGz4x4OKFver-Po5wm_cx6rBw7wYJ8AA0wx5Q_tjDp5PyI47esUsKF8GlOkZmjxzVh_-Yj7d_cvSQK0w-N3pOS5fkxMm7renpSgyqi6hymSR4YByrBu-KsKlNHKEk2JiPGODjDs3qv_2Z7OSFAul08aXAFBR2shVUqEiTrsOivn2YyaNOt3sWGj7Y9iLZQxrk1HK6NS5BpKnQpIeMo5PAr_RQ3XXWSyrdAiLHv8SD4MVwpwefiL_NijJHTwjC2dwdTs2bjUrNfCSf0RkxvE72f5kbhYdg2u182oMmtef3mo2yYkdX8y0k_05T9_L4gXLE9hRFF3AmCA-NPhxk1AJ4vESHRZq72qDxUjlDx5OH7oypNk1dY07ACEFoXlhZYw6eF0UrAw50CcqmzKNAX7AkjLqvys7Uk4p1OpEZHXwfByNdSCxvpUIV_lbXrQZ4QUSaYNe_z64exhklNGznrt6OfCeNWd2IA0g4Sgwtu0nkCYzu0A9bcHmBeAYVpV5Y6E5qyQdz5n6rihYPU8sLxjVT9xWvsgnm4wLw9MWQIYZ20KmJsBqtoeAGujkZSGFgvepPYCco3TYWupZ6aeYzaqN6yt2XaroMWoazBTco5S9kO_8icvI9ao6001oe5cKAgEFMheiYQ-5eW0IjE2k4DXgGIvU8qZXAPZxOJ9M11WJkJN0pQPcBxwa-RbVO4SslEwqumzUBhn1v1HqdNco2mod2urwgFdKTFGdgLL4etSiU4fZ8oYlOrgq5XynTg38CxtJrkMrhgkD9QmTHGW8ZqOzxRbv9iyZOkzc8w4Jn_cTMCHBt41bG7bIp7uK5RcHG3Zl-3aalsR4gIOLnv7O0pvHzAQFOHm-YoKk0kIu0cb9wgtw7yPnciuEOnBLP7hsYv-38xfyKpGLBTqbTmtxkToWDlwoG1m_9n16COKS0ToGbVVdUycMU1CllGrlYfGTrK-TYiU7sDJ-vZItafVMH-TADuxjdSE2Ryy4gvzk-GygJ-U4IGQlsVsy4Q89D08WNZzQeLqGAct-e2bsjxVDyn9eMCTFuEz6jr7IZItvIsDwxRmi703mJNiY5X0QQNSrLqX-8PHDpZoXp_lIVVl64lWAYXmBAwL6SM0r8hDPWuyCCyMqq1TcpBUcluWhLoKVnzQLR9JPyySB1LTaF3nyZ3gb6gqNs25LH6pjDURn69rJnzlRqzpPWoiiU-erHmOUmomqmIkUGLV9AEY1l0cKKVy2RbmgxEjl0JVM97pGk5NgUqTgTEFRWVekuMBfsgXITGx3rlcaKt2UTEvuY33pbwpbj-9bJY1BKsqhq_WYJfp1CWvRRX50gA5g8Nqc7jwICrdCOG5RsK6ATotASX6kIgsUj4_1txKori5XWDzjswloCGVSNinVqMjw4JllzvZbVAHvywoFXvOSGwPZe_lc65wwwAWsb2nHYutx9sCMzZzE27_hMedNMcHObaRPgM6yXr3eDeKNh0kUaraB5w5gJsM2KAAiEHPYT31ILCliZrTAKQt4gZ14sMlOq7pBldjHYm96wsM89vDJ9S_5nSFpjbWASVZhJhE-Q79BeOHWTsdop0E9kRaMDEwYrEgeVT_jPeW7ieK6gF_zfc3DondQIYibVkCr_cWpgGma1LFD4_z8DNgTnuJFkHfi-f9PF34O-Qno-zOztt0t0-65lX_att27ZoiHqJqAJnznORBmkCqH1iWgpkZXkIJlRXeNPSL0gn1zaPHBQJ38zjTBP2k7JxQ8ccLG-Ya9-6HDN1UqLwn4D7VGhbS5vC_rN-LJcU4uaRVBVE1n8jdzvUzgzmG2VAGhneXtgAFQUCyH628Kf-llBFLaB71GRSQtpyeuXMRdENXCOgfy2kRmq0nI-nacfXw_Q2gS4wLAneWPHsXJRTxfVBM3rtGYbWYLD5lAdIhMBLT8om7UN_IuSGGqMyhlPqLLimQDJ5_9goCS1hzBOaUy54YmrcAAgAaRHTWWxqGVD8SJ38aeCkK81pwwALctgGuQkJL585Ykc6ogxcHRkJ7qTC4SmPwr97Kt95YZD-KpKlvTrrcf9YAncCBCVLs6Rlkm4F1wRNAXzXVPz-pzd6L4mn5iUSnrD2yjlLB7PirMMXFeAY15PMqfT_dhHW44-F2zUtbC0n7FdF1L08nTdMcP8cQJlc67rY7MRLONFZCjpvVC0keq6EjHxv0myj57mYyoTG59cN8Jee7MQEXqcLTwowwIlJnsa2MPCYU3DAr4czcpAGfAMr0m34SNadtWPAjJbAjXUtC7T4ZRZWtRD0JODIN2sYDIxkHqW4VLgbO_kvhjh52oZ74bvtfMCa8FeWSezBrwReUmf2QLWEXXxn_hjqRbce42dFH9xfQ4glVLcUUfmSYt8BwduKvMjgQB4cy9LkNBEbcZxuGRLCigDO8pewvh0MN6Xcmv1nFfiOK4lb7fEiIEoCGGeo40CBs5u6vuxIk&cid=CAQSTADq26N9LM66phhBe510SC7PTLtJlPLN48BkIXSwy1v3DdzYrV9sC7KtHDMcx5Mp_GXlYq2wSJ0CKESQPeSEjvvtbexPwFpA5C12eDEYASAT&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
IP 142.251.1.155:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (17143)
Hash f38c5b21e29cb79993e9ac14ef6ef453
3ebf0cbb6c91bfc7915c09c91d4577d25aea918e
ed72e1ff7ef7ea652d836638ef0b92e8dbc902911d8f27e722ddaa8d274e00a5
GET /dbm/vast?dbm_c=AKAmf-CR4palC1XV8sob7ZvJV2MytQayak1e-ekLhjyTEWju5U4RQc9lxtq781HRKtyj1Kp2adqPnLQ7rsagNSrxZa5UGPKMsQ&dbm_d=AKAmf-CHLxWG0x1KXrEB8W81RqhdSbTcnLqjuUhOC3eUC4E-B_YbZuprC3x8NObXUvTOkPh-AG3Y5RYxm_v8vgfkV6z2DDKHFD_Dg_9RlrSjMjJ5zs7ueXUVidj9tO2kgk6JaaEnIqNdcnqTDYO0A9EemytPMFfmGDITekAcoYtgISUNBVYhjQMHI8FQu5zD1EnvZvoUTkVL9Hc4L6wbp0jMD8skDbv-dfsY6Wg0HNB3ltYFYV_xlU_LZcCyPQLoNxHOF_4xsxEH1wse4cafz_u5NUhLhLSuUyIjUItS5To8g62OTMAZJdbAgqCA5_puG-axYLnVGQ2mnZliTNFpLSDMuFENMLkaOVfWZa1bQkhpvFhdYQ9OjwkraGwudUe73ZZ95JGgCQKrknxgMEn8tNYLFT9LI8Z7B-7GSwpKT9lV5IEVox3MYIdS3UHrd4l-wECQQj41w2Vlq8CDEKNb9XOJEcl-_t-fAQmLSdI5M9gaHkEU5jmSdzpYBgTOW6-JccACzYvv8v80wa9fyqy3LL2wuA_DTJd1PYtgliPn_t0DyB05mFe_V1CXjq2MwW839caZF-qdfWzz_XBVW05tPj3QfUUDlqBDOfPUCbYTIUvOWtKtLdSz_jYhOuNVhOA40uawwc5tDj2XBgZV_MBOL9Hub9RmdxR2y0Y8oW2X7W2zYfnVqR7Koync9Bo_cYBem6Nsdd4dsH8RZS6jMnp9nDoipI0mG130pINROeNhN6hxFrq6zKq3B34wSGAuHr6Z-yBddWhr7KkBd68dLQNo1ds7QMJOt3VL1dhzwRh_YcccpyOXmsme37QqT2RUQAesRgEyx1Qgs7x-9EW6u99eFThuYDaC3a1L-dywXyXru6onIIDInif6XSi2gemm9PU8hW6qwt-2w82tH2vL8F66WzCENjp7WWPXZGz4x4OKFver-Po5wm_cx6rBw7wYJ8AA0wx5Q_tjDp5PyI47esUsKF8GlOkZmjxzVh_-Yj7d_cvSQK0w-N3pOS5fkxMm7renpSgyqi6hymSR4YByrBu-KsKlNHKEk2JiPGODjDs3qv_2Z7OSFAul08aXAFBR2shVUqEiTrsOivn2YyaNOt3sWGj7Y9iLZQxrk1HK6NS5BpKnQpIeMo5PAr_RQ3XXWSyrdAiLHv8SD4MVwpwefiL_NijJHTwjC2dwdTs2bjUrNfCSf0RkxvE72f5kbhYdg2u182oMmtef3mo2yYkdX8y0k_05T9_L4gXLE9hRFF3AmCA-NPhxk1AJ4vESHRZq72qDxUjlDx5OH7oypNk1dY07ACEFoXlhZYw6eF0UrAw50CcqmzKNAX7AkjLqvys7Uk4p1OpEZHXwfByNdSCxvpUIV_lbXrQZ4QUSaYNe_z64exhklNGznrt6OfCeNWd2IA0g4Sgwtu0nkCYzu0A9bcHmBeAYVpV5Y6E5qyQdz5n6rihYPU8sLxjVT9xWvsgnm4wLw9MWQIYZ20KmJsBqtoeAGujkZSGFgvepPYCco3TYWupZ6aeYzaqN6yt2XaroMWoazBTco5S9kO_8icvI9ao6001oe5cKAgEFMheiYQ-5eW0IjE2k4DXgGIvU8qZXAPZxOJ9M11WJkJN0pQPcBxwa-RbVO4SslEwqumzUBhn1v1HqdNco2mod2urwgFdKTFGdgLL4etSiU4fZ8oYlOrgq5XynTg38CxtJrkMrhgkD9QmTHGW8ZqOzxRbv9iyZOkzc8w4Jn_cTMCHBt41bG7bIp7uK5RcHG3Zl-3aalsR4gIOLnv7O0pvHzAQFOHm-YoKk0kIu0cb9wgtw7yPnciuEOnBLP7hsYv-38xfyKpGLBTqbTmtxkToWDlwoG1m_9n16COKS0ToGbVVdUycMU1CllGrlYfGTrK-TYiU7sDJ-vZItafVMH-TADuxjdSE2Ryy4gvzk-GygJ-U4IGQlsVsy4Q89D08WNZzQeLqGAct-e2bsjxVDyn9eMCTFuEz6jr7IZItvIsDwxRmi703mJNiY5X0QQNSrLqX-8PHDpZoXp_lIVVl64lWAYXmBAwL6SM0r8hDPWuyCCyMqq1TcpBUcluWhLoKVnzQLR9JPyySB1LTaF3nyZ3gb6gqNs25LH6pjDURn69rJnzlRqzpPWoiiU-erHmOUmomqmIkUGLV9AEY1l0cKKVy2RbmgxEjl0JVM97pGk5NgUqTgTEFRWVekuMBfsgXITGx3rlcaKt2UTEvuY33pbwpbj-9bJY1BKsqhq_WYJfp1CWvRRX50gA5g8Nqc7jwICrdCOG5RsK6ATotASX6kIgsUj4_1txKori5XWDzjswloCGVSNinVqMjw4JllzvZbVAHvywoFXvOSGwPZe_lc65wwwAWsb2nHYutx9sCMzZzE27_hMedNMcHObaRPgM6yXr3eDeKNh0kUaraB5w5gJsM2KAAiEHPYT31ILCliZrTAKQt4gZ14sMlOq7pBldjHYm96wsM89vDJ9S_5nSFpjbWASVZhJhE-Q79BeOHWTsdop0E9kRaMDEwYrEgeVT_jPeW7ieK6gF_zfc3DondQIYibVkCr_cWpgGma1LFD4_z8DNgTnuJFkHfi-f9PF34O-Qno-zOztt0t0-65lX_att27ZoiHqJqAJnznORBmkCqH1iWgpkZXkIJlRXeNPSL0gn1zaPHBQJ38zjTBP2k7JxQ8ccLG-Ya9-6HDN1UqLwn4D7VGhbS5vC_rN-LJcU4uaRVBVE1n8jdzvUzgzmG2VAGhneXtgAFQUCyH628Kf-llBFLaB71GRSQtpyeuXMRdENXCOgfy2kRmq0nI-nacfXw_Q2gS4wLAneWPHsXJRTxfVBM3rtGYbWYLD5lAdIhMBLT8om7UN_IuSGGqMyhlPqLLimQDJ5_9goCS1hzBOaUy54YmrcAAgAaRHTWWxqGVD8SJ38aeCkK81pwwALctgGuQkJL585Ykc6ogxcHRkJ7qTC4SmPwr97Kt95YZD-KpKlvTrrcf9YAncCBCVLs6Rlkm4F1wRNAXzXVPz-pzd6L4mn5iUSnrD2yjlLB7PirMMXFeAY15PMqfT_dhHW44-F2zUtbC0n7FdF1L08nTdMcP8cQJlc67rY7MRLONFZCjpvVC0keq6EjHxv0myj57mYyoTG59cN8Jee7MQEXqcLTwowwIlJnsa2MPCYU3DAr4czcpAGfAMr0m34SNadtWPAjJbAjXUtC7T4ZRZWtRD0JODIN2sYDIxkHqW4VLgbO_kvhjh52oZ74bvtfMCa8FeWSezBrwReUmf2QLWEXXxn_hjqRbce42dFH9xfQ4glVLcUUfmSYt8BwduKvMjgQB4cy9LkNBEbcZxuGRLCigDO8pewvh0MN6Xcmv1nFfiOK4lb7fEiIEoCGGeo40CBs5u6vuxIk&cid=CAQSTADq26N9LM66phhBe510SC7PTLtJlPLN48BkIXSwy1v3DdzYrV9sC7KtHDMcx5Mp_GXlYq2wSJ0CKESQPeSEjvvtbexPwFpA5C12eDEYASAT&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1 HTTP/1.1
Host: bid.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 06:17:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://googleads.g.doubleclick.net
content-type: text/xml; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 15917
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Jan-2023 06:32:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash efac8d32469e6807b1b1f2916a47edf1
68d91e7af565f1cf6597bcdd642a78dbada50a8d
22639289563bb576a7c20b9c733bdd7f98c41519fdddeef0d710f0d058c5bf88
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a03c1b05d4fd2df8726c1d4a618cda2a
83eeed527617ea7b042b442ddd8ebbab904f6693
954e6ba072ba88bdede092c1c95062a7c47a2d394fde8969d0a9033ee7acb8d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
172.217.21.166200 OK 38 kB URL HTTP/2 s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
IP 172.217.21.166:0
File type ASCII text, with very long lines (3095)
Hash 4f9b890a6c4cfbbfd0fb7eff98bf4dde
2db204fb0ee448842b40f84463234ea496763130
8e0d4c67a688228e1ba10b1e1dc367c078edf7e9bc35be0bd4ae8c0ce980647c
GET /879366/express_html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a4e984ed196c3e6da90100f6b9aab6d0.safeframe.googlesyndication.com
Connection: keep-alive
Referer: https://a4e984ed196c3e6da90100f6b9aab6d0.safeframe.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 37872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 05:58:24 GMT
expires: Fri, 20 Jan 2023 05:58:24 GMT
cache-control: public, max-age=86400
age: 1175
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash a03c1b05d4fd2df8726c1d4a618cda2a
83eeed527617ea7b042b442ddd8ebbab904f6693
954e6ba072ba88bdede092c1c95062a7c47a2d394fde8969d0a9033ee7acb8d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:17:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s0.2mdn.net/sadbundle/5166309341203439714/index.html
172.217.21.166200 OK 1.4 kB URL HTTP/2 s0.2mdn.net/sadbundle/5166309341203439714/index.html
IP 172.217.21.166:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (706)
Hash e3a56d1879cee515343d5b5da66a32fa
3597e4dee5d5d75a9c807b4a628ff6cb791e1c02
dcc3d189d3a08ec791925cab6a0490cb40bead1d64c393205f08d0426a156551
GET /sadbundle/5166309341203439714/index.html HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a4e984ed196c3e6da90100f6b9aab6d0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1430
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 23:00:02 GMT
expires: Mon, 15 Jan 2024 23:00:02 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 27 May 2022 12:48:33 GMT
content-type: text/html
age: 285477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
172.217.21.166200 OK 3.2 kB URL HTTP/2 s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
IP 172.217.21.166:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash d0333148dc541e200d71e3c0a581f41d
149dd059cfbe6d83e7fb1ecda4054c1421743c37
83d6982543bb4ef23bf269c1fc1441e245cfbc0642bcc41530d122a82bc0a9a2
GET /sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247 HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3176
date: Thu, 19 Jan 2023 06:17:59 GMT
expires: Fri, 19 Jan 2024 06:17:59 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 05 Jan 2023 14:37:52 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
142.250.74.163200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Hash 53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.byboe.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 15:21:36 GMT
expires: Thu, 18 Jan 2024 15:21:36 GMT
cache-control: public, max-age=31536000
age: 53783
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
csi.gstatic.com/csi?v=2&s=osv&puid=1~ld2pbk81&c=3528417203664&slotId=1764208601832&qqid=CL_0u6f-0vwCFRPAOwIdfEMBxA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
142.250.189.195204 No Content 0 B URL HTTP/2 csi.gstatic.com/csi?v=2&s=osv&puid=1~ld2pbk81&c=3528417203664&slotId=1764208601832&qqid=CL_0u6f-0vwCFRPAOwIdfEMBxA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
IP 142.250.189.195:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csi?v=2&s=osv&puid=1~ld2pbk81&c=3528417203664&slotId=1764208601832&qqid=CL_0u6f-0vwCFRPAOwIdfEMBxA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream HTTP/1.1
Host: csi.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: *
date: Thu, 19 Jan 2023 06:17:59 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/adlib.css
172.217.21.166200 OK 1.9 kB URL HTTP/2 s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/adlib.css
IP 172.217.21.166:0
Hash f790f1b63871c1d4f2b078c581a45f8a
c9d62a3254f5a98d6bd4838427c907417ddf8522
1997074deeeda22435c77df9eabe7fd010ed663d97a7968065ae3e328ca5bfa2
GET /sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/adlib.css HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1887
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 21:20:35 GMT
expires: Sat, 13 Jan 2024 21:20:35 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 05 Jan 2023 14:37:52 GMT
content-type: text/css
age: 464245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/adStyle.css
172.217.21.166200 OK 837 B URL HTTP/2 s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/adStyle.css
IP 172.217.21.166:0
Hash 0ef242299e918172dbff2622ce2cbf50
c50026506b255285636365f0de63458e018d3fdd
d93f63a02fc8c275ecc4f927151fea00874daf04267415b4f3b3c19dd80d5efc
GET /sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/adStyle.css HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 837
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 13:06:30 GMT
expires: Tue, 16 Jan 2024 13:06:30 GMT
cache-control: public, max-age=31536000
age: 234690
last-modified: Thu, 05 Jan 2023 14:37:52 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/879366/Enabler_01_247.js
172.217.21.166200 OK 41 kB URL HTTP/2 s0.2mdn.net/879366/Enabler_01_247.js
IP 172.217.21.166:0
File type ASCII text, with very long lines (2858)
Hash d3b6882d7fcb684bc453014570ded187
15fcdcdf593c62dd188395959483613e6dc5a0e9
0124b685bf91fa4849c3c6e50bc022dfb8e854674aa1b9c7988f806fc679933e
GET /879366/Enabler_01_247.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 41099
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 22:44:48 GMT
expires: Thu, 19 Jan 2023 22:44:48 GMT
cache-control: public, max-age=86400
age: 27192
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/adlibUtils-v3.js
172.217.21.166200 OK 11 kB URL HTTP/2 s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/adlibUtils-v3.js
IP 172.217.21.166:0
File type ASCII text, with very long lines (6365)
Hash 1e2a7615c3862417402a04502e0b01f1
78d44c8fc4eac71850a71296ab9e227fa1a939b2
857e56bc8b7caa5e826f7712614c456a1d6f4843599b6a2846da2189fe1db826
GET /sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/adlibUtils-v3.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 10659
date: Mon, 16 Jan 2023 13:06:30 GMT
expires: Tue, 16 Jan 2024 13:06:30 GMT
cache-control: public, max-age=31536000
age: 234690
last-modified: Thu, 05 Jan 2023 14:37:52 GMT
content-type: application/x-javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
172.217.21.166200 OK 23 kB URL HTTP/2 s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
IP 172.217.21.166:0
File type ASCII text, with very long lines (58431)
Hash bcdca5d85f90bc77cb2102a114c1b0e2
1c26237718c441febafb383e75d3f43b9606e529
0403da003d05984ad997552169c662d43e5c8bd961d87e897a6d46682f49ba0f
GET /ads/studio/cached_libs/gsap_3.2.4_min.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 23276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 06:18:00 GMT
expires: Thu, 19 Jan 2023 06:18:00 GMT
cache-control: public, max-age=0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
content-type: text/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/animation.js
172.217.21.166200 OK 1.2 kB URL HTTP/2 s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/animation.js
IP 172.217.21.166:0
Hash 436790614434e96ae0ca2387db01987a
c8f252cde383fa87ae822c913f90b7550c8884e8
eb24f54911217809e07ef537230db8c2ba94ab8a952748b1f66987b80288cd29
GET /sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/animation.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1242
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 08:20:00 GMT
expires: Sun, 14 Jan 2024 08:20:00 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 05 Jan 2023 14:37:52 GMT
content-type: application/x-javascript
age: 424680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaLuAbiLasUfS2DzQMgpDKzSknKGg8WmDb63gtO4zoeMxCDWivYAor73UNSWl6IAyQWmApqkXbzaqW9tC6KgcxAIKeGiO2bBK2GcqMdO1WdwP3pjijCPdsH0dvtqVHlYWEk-6bYljNVdqZVKT9ied9q0GyYvQhs-XHyzT137OfZumw8-H4UsUybZE15xjrBp_F5VsY7XVMb5lk6CR_AsrAQ67hFhME9jWMg3KsukjRglS5BzKmqR-oErUZqazPsX-rl32KFgI5wN-14H2UxT9Wp3vl9eLOLu0OPoUUqAu7tYEQ3lRxYGMMtPzNNFUxlnIDD9_FKK5Tv447GtG9jONACcfnqw6L6mAnCXJsddUjk-0Z69nN40ftZb_CaCA04AkDGGlxMvrhFD5wsGWXsD3z9a54sm-zstNKe4a0LIh8yDqLUDuQt1zInKNFdKZyxv4ePT9639AAH32Z31Jt62RvsX6yl15bFfM2rjsDTEr7gLlfQcSIXTP0qtDdRYfVBHz8TQhcAQJgycu5DuiuRybC4oT5qPu8CDVS-IMI3f5_ZLidRLEHdlySXIv1EY9qrg5goePB0lQcJ6kWM4SGEH0J-xA34onL1lW65fpDjW5_Zg87IXRNh6MxLbZcPoqn9v-7zVsErB5x1Bj_DvOFRNQlq-djoAnAeedXrNgEl6_8ptnVhWAQwCMg3ldvS7yxcNHEYcmzPQ1mVmZVmEYdXaJ9xDe_ASMsw7bEbB9IgIgh3xOVCwyMg0bOMso_S1quyzfq-ebwXkmUecyi_jvKnaLnhfsLMHDmz02IKjPnCg6rPZnQ4eaoSgZ4d6PYXci-NdYYDMV_eiGLsmn6kWRnx_LJas6VB4QFgZGvXkVFsrsgNcaDHTlATCBmSlS_C2W6nnXX-Gh1QI7gs49M9udrJL5491BFShytMrZGft169UbvGDz6Sxrjj9KxnfdR3Y8a9_5lJ5uf2I1n9KnyYPs_1OLI-qVhFuDaFO0NWG0kcljTJEkjXIqZW2rWM5kgmPLvmw8JpTkQG-BlyB8JHeS9mh8Yspx27MjOWqmCa7rJgP6042KPbpRmXQRW-wH7x_oynlq2_iF_FWQENBqr7Hmr_dOyd2CPNYH-C5J7qBGCKS8arAOj28MKhkBXlzT3nGR7juQw2x0rJ44aCH9yMsGb27lVTKy1STONI6KBO3JfrMKG23oneGTxL1arVGbiZ4PJ7ndtCfbfWfk&sai=AMfl-YTYhJxFNX0YeCiaXXoILbJoiSKWp_nbRZguhsY7NQj1CIYhUXRu1qEebL9MRIfw_JBKkBICLHn_yGT5m7HtASaNkFPiDmPEp41KTGdU8vZkFUVxpaPv9v3osMZRJsrCeEfPHnNMtBPGfBtTPCsQIYcuEoAkFeRaNcaERLo_ubmuTSznq009E-CgoCKqzQvxDr3O5P8GJwKXhCQO7YbCHNrNAwOjzoZfu5B1uVM3DuQ_vlZWKuesl2B3gvBwoTBq6Sqd7v6tqOd7SPoxkuhiRiz-FkbvJ4BRFdA7Iaz9gdH5QZHSvpA&sig=Cg0ArKJSzBqzFGJ2RGm2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=345&cbvp=1&cstd=330&cisv=r20230117.45822&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaLuAbiLasUfS2DzQMgpDKzSknKGg8WmDb63gtO4zoeMxCDWivYAor73UNSWl6IAyQWmApqkXbzaqW9tC6KgcxAIKeGiO2bBK2GcqMdO1WdwP3pjijCPdsH0dvtqVHlYWEk-6bYljNVdqZVKT9ied9q0GyYvQhs-XHyzT137OfZumw8-H4UsUybZE15xjrBp_F5VsY7XVMb5lk6CR_AsrAQ67hFhME9jWMg3KsukjRglS5BzKmqR-oErUZqazPsX-rl32KFgI5wN-14H2UxT9Wp3vl9eLOLu0OPoUUqAu7tYEQ3lRxYGMMtPzNNFUxlnIDD9_FKK5Tv447GtG9jONACcfnqw6L6mAnCXJsddUjk-0Z69nN40ftZb_CaCA04AkDGGlxMvrhFD5wsGWXsD3z9a54sm-zstNKe4a0LIh8yDqLUDuQt1zInKNFdKZyxv4ePT9639AAH32Z31Jt62RvsX6yl15bFfM2rjsDTEr7gLlfQcSIXTP0qtDdRYfVBHz8TQhcAQJgycu5DuiuRybC4oT5qPu8CDVS-IMI3f5_ZLidRLEHdlySXIv1EY9qrg5goePB0lQcJ6kWM4SGEH0J-xA34onL1lW65fpDjW5_Zg87IXRNh6MxLbZcPoqn9v-7zVsErB5x1Bj_DvOFRNQlq-djoAnAeedXrNgEl6_8ptnVhWAQwCMg3ldvS7yxcNHEYcmzPQ1mVmZVmEYdXaJ9xDe_ASMsw7bEbB9IgIgh3xOVCwyMg0bOMso_S1quyzfq-ebwXkmUecyi_jvKnaLnhfsLMHDmz02IKjPnCg6rPZnQ4eaoSgZ4d6PYXci-NdYYDMV_eiGLsmn6kWRnx_LJas6VB4QFgZGvXkVFsrsgNcaDHTlATCBmSlS_C2W6nnXX-Gh1QI7gs49M9udrJL5491BFShytMrZGft169UbvGDz6Sxrjj9KxnfdR3Y8a9_5lJ5uf2I1n9KnyYPs_1OLI-qVhFuDaFO0NWG0kcljTJEkjXIqZW2rWM5kgmPLvmw8JpTkQG-BlyB8JHeS9mh8Yspx27MjOWqmCa7rJgP6042KPbpRmXQRW-wH7x_oynlq2_iF_FWQENBqr7Hmr_dOyd2CPNYH-C5J7qBGCKS8arAOj28MKhkBXlzT3nGR7juQw2x0rJ44aCH9yMsGb27lVTKy1STONI6KBO3JfrMKG23oneGTxL1arVGbiZ4PJ7ndtCfbfWfk&sai=AMfl-YTYhJxFNX0YeCiaXXoILbJoiSKWp_nbRZguhsY7NQj1CIYhUXRu1qEebL9MRIfw_JBKkBICLHn_yGT5m7HtASaNkFPiDmPEp41KTGdU8vZkFUVxpaPv9v3osMZRJsrCeEfPHnNMtBPGfBtTPCsQIYcuEoAkFeRaNcaERLo_ubmuTSznq009E-CgoCKqzQvxDr3O5P8GJwKXhCQO7YbCHNrNAwOjzoZfu5B1uVM3DuQ_vlZWKuesl2B3gvBwoTBq6Sqd7v6tqOd7SPoxkuhiRiz-FkbvJ4BRFdA7Iaz9gdH5QZHSvpA&sig=Cg0ArKJSzBqzFGJ2RGm2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=345&cbvp=1&cstd=330&cisv=r20230117.45822&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjssaLuAbiLasUfS2DzQMgpDKzSknKGg8WmDb63gtO4zoeMxCDWivYAor73UNSWl6IAyQWmApqkXbzaqW9tC6KgcxAIKeGiO2bBK2GcqMdO1WdwP3pjijCPdsH0dvtqVHlYWEk-6bYljNVdqZVKT9ied9q0GyYvQhs-XHyzT137OfZumw8-H4UsUybZE15xjrBp_F5VsY7XVMb5lk6CR_AsrAQ67hFhME9jWMg3KsukjRglS5BzKmqR-oErUZqazPsX-rl32KFgI5wN-14H2UxT9Wp3vl9eLOLu0OPoUUqAu7tYEQ3lRxYGMMtPzNNFUxlnIDD9_FKK5Tv447GtG9jONACcfnqw6L6mAnCXJsddUjk-0Z69nN40ftZb_CaCA04AkDGGlxMvrhFD5wsGWXsD3z9a54sm-zstNKe4a0LIh8yDqLUDuQt1zInKNFdKZyxv4ePT9639AAH32Z31Jt62RvsX6yl15bFfM2rjsDTEr7gLlfQcSIXTP0qtDdRYfVBHz8TQhcAQJgycu5DuiuRybC4oT5qPu8CDVS-IMI3f5_ZLidRLEHdlySXIv1EY9qrg5goePB0lQcJ6kWM4SGEH0J-xA34onL1lW65fpDjW5_Zg87IXRNh6MxLbZcPoqn9v-7zVsErB5x1Bj_DvOFRNQlq-djoAnAeedXrNgEl6_8ptnVhWAQwCMg3ldvS7yxcNHEYcmzPQ1mVmZVmEYdXaJ9xDe_ASMsw7bEbB9IgIgh3xOVCwyMg0bOMso_S1quyzfq-ebwXkmUecyi_jvKnaLnhfsLMHDmz02IKjPnCg6rPZnQ4eaoSgZ4d6PYXci-NdYYDMV_eiGLsmn6kWRnx_LJas6VB4QFgZGvXkVFsrsgNcaDHTlATCBmSlS_C2W6nnXX-Gh1QI7gs49M9udrJL5491BFShytMrZGft169UbvGDz6Sxrjj9KxnfdR3Y8a9_5lJ5uf2I1n9KnyYPs_1OLI-qVhFuDaFO0NWG0kcljTJEkjXIqZW2rWM5kgmPLvmw8JpTkQG-BlyB8JHeS9mh8Yspx27MjOWqmCa7rJgP6042KPbpRmXQRW-wH7x_oynlq2_iF_FWQENBqr7Hmr_dOyd2CPNYH-C5J7qBGCKS8arAOj28MKhkBXlzT3nGR7juQw2x0rJ44aCH9yMsGb27lVTKy1STONI6KBO3JfrMKG23oneGTxL1arVGbiZ4PJ7ndtCfbfWfk&sai=AMfl-YTYhJxFNX0YeCiaXXoILbJoiSKWp_nbRZguhsY7NQj1CIYhUXRu1qEebL9MRIfw_JBKkBICLHn_yGT5m7HtASaNkFPiDmPEp41KTGdU8vZkFUVxpaPv9v3osMZRJsrCeEfPHnNMtBPGfBtTPCsQIYcuEoAkFeRaNcaERLo_ubmuTSznq009E-CgoCKqzQvxDr3O5P8GJwKXhCQO7YbCHNrNAwOjzoZfu5B1uVM3DuQ_vlZWKuesl2B3gvBwoTBq6Sqd7v6tqOd7SPoxkuhiRiz-FkbvJ4BRFdA7Iaz9gdH5QZHSvpA&sig=Cg0ArKJSzBqzFGJ2RGm2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=345&cbvp=1&cstd=330&cisv=r20230117.45822&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 19 Jan 2023 06:18:00 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Jan-2023 06:33:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Jan 2023 06:18:00 GMT
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXEv8NZFewn_PrYT6jQUUbSFZAKECjYKxZcP5b_SHq3g_NpN2_I4qaKMKMH5MVZxZyZ0QAAeewmCF8lR7e4CY3G2jNEOIsEfD_3GbOJWD_It2fs24_ezh1evQC1A-lEAOpYjDgNmw422VHny4mwVCnXpL5vsBx0C3A1Knkbu86TJenj4ECohJRb31lymFMbC8ZfwT4E2LqPMbQr_JafjD1FXlj65KXFtqoAACyK4M9uYVZZoZh5JlNMR1XDx7glJ8xWE8Zw0JZU5xGagQdFMS4WFzFXdC3vp8g0Tc3XpU_8BFKdh0ducNSELG-LBScSdrbfSVbf5B7W2D26-faxCwL-Up15SmdaSHA1Zfm51kxkR0isyvlzGx2GzSCX8mr4Zh6dWR4C8yuAq21b7zITl5E5C76n-yEkmHSCpeGF9E-_VgF4xF20w5ag5S6S4W1BxqWhE-VTWJ_9iGiAVbwtJ2FV4pgToYlFF8JTustZ3DptNd55AiqwfxDVipykLHyYBSoU_qxJEsRfYPRi1DKDF5o8s8CGV-M7kuSelJ1wNgfzeXdTp9xVFKQzil88XrdP0fY1BLGLZdnowm0rpMi_Zm8Jmd8PriX6Wj5IloIq3D5r2CLXXrNPwko2tVVaEWHd57htn7pNt3Hln5NiQe_CU53MhhTk1Hjp_M-UJbGLC7ugBSxnQp5-_jhXsFB42T3VauGJhgPod0l2vkDr1y0O9VIIucoFZqe_3kLUycy3loP1nZ3Xq8n5WomsFZyV29_RyYbvp3BiYN_EoWLY3KQ7mxRypNwq5M0auA42XNYEK9t7oK4CgQ4XTMtZRDKr3wo8cUwgep8aOqEr_2lJXNKMl2Al-63v56xdi5FwThGgF3inGiEBMO0x0YKeoY8PMwQDGsONheiK9Dz9sPs8IVSsWtZAWnyJiS8QZqWpMBFNsFFuSBktgSweI6XytzAf1OjfE4iOWG4tAxXyCYtIe_9W8FkGBkas2xt2iSUI_4QhcpbmLY27lVDx6-y5gaKzPAos4n6tWEgd9o1f0lnVf7R5-ea_HKZf-1AW2h65REfaQozzZCGO74XVmYcnPuDsU7f-dXGXjgfTbtMTXh9vUaeJjljmRsc5pEhCxGkolmac3oXy2CjrCGODiMVWeIy7dKIs3DgfHfXVwR_yQBdGUET2nbk9OuJJXJwPLh6LRPh&sai=AMfl-YTHHA-rXVj0gbZtZTYTnTNQUS5gBj3rpdcA_o2FImM_7UGUVSA2QnKSGfzqPZ3Ssq_tC6kuyltNfLmZRl0xWeh1EwW4ACRfjhHUtAwTEvyGyHtrEqnjT0rwW95y6DYlI97-J0hxd80la9uKqcycWEeeW1ZKzk7bqjmWWewxE9_xvUrdE206aRwcftXRuf7XxDCJi9ZUkEeKfhqusK9KQhcpLsKuShnoh3-Ns633ec7__l_pU3ZPAbafgwvbG8wZzuU3C-G57Ebezn6LOxnB-H8tP-KCdDkvjsT5Oei4zfenszG_W14&sig=Cg0ArKJSzNoVyCKvBAn8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=143&cbvp=1&cstd=138&cisv=r20230117.86439&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXEv8NZFewn_PrYT6jQUUbSFZAKECjYKxZcP5b_SHq3g_NpN2_I4qaKMKMH5MVZxZyZ0QAAeewmCF8lR7e4CY3G2jNEOIsEfD_3GbOJWD_It2fs24_ezh1evQC1A-lEAOpYjDgNmw422VHny4mwVCnXpL5vsBx0C3A1Knkbu86TJenj4ECohJRb31lymFMbC8ZfwT4E2LqPMbQr_JafjD1FXlj65KXFtqoAACyK4M9uYVZZoZh5JlNMR1XDx7glJ8xWE8Zw0JZU5xGagQdFMS4WFzFXdC3vp8g0Tc3XpU_8BFKdh0ducNSELG-LBScSdrbfSVbf5B7W2D26-faxCwL-Up15SmdaSHA1Zfm51kxkR0isyvlzGx2GzSCX8mr4Zh6dWR4C8yuAq21b7zITl5E5C76n-yEkmHSCpeGF9E-_VgF4xF20w5ag5S6S4W1BxqWhE-VTWJ_9iGiAVbwtJ2FV4pgToYlFF8JTustZ3DptNd55AiqwfxDVipykLHyYBSoU_qxJEsRfYPRi1DKDF5o8s8CGV-M7kuSelJ1wNgfzeXdTp9xVFKQzil88XrdP0fY1BLGLZdnowm0rpMi_Zm8Jmd8PriX6Wj5IloIq3D5r2CLXXrNPwko2tVVaEWHd57htn7pNt3Hln5NiQe_CU53MhhTk1Hjp_M-UJbGLC7ugBSxnQp5-_jhXsFB42T3VauGJhgPod0l2vkDr1y0O9VIIucoFZqe_3kLUycy3loP1nZ3Xq8n5WomsFZyV29_RyYbvp3BiYN_EoWLY3KQ7mxRypNwq5M0auA42XNYEK9t7oK4CgQ4XTMtZRDKr3wo8cUwgep8aOqEr_2lJXNKMl2Al-63v56xdi5FwThGgF3inGiEBMO0x0YKeoY8PMwQDGsONheiK9Dz9sPs8IVSsWtZAWnyJiS8QZqWpMBFNsFFuSBktgSweI6XytzAf1OjfE4iOWG4tAxXyCYtIe_9W8FkGBkas2xt2iSUI_4QhcpbmLY27lVDx6-y5gaKzPAos4n6tWEgd9o1f0lnVf7R5-ea_HKZf-1AW2h65REfaQozzZCGO74XVmYcnPuDsU7f-dXGXjgfTbtMTXh9vUaeJjljmRsc5pEhCxGkolmac3oXy2CjrCGODiMVWeIy7dKIs3DgfHfXVwR_yQBdGUET2nbk9OuJJXJwPLh6LRPh&sai=AMfl-YTHHA-rXVj0gbZtZTYTnTNQUS5gBj3rpdcA_o2FImM_7UGUVSA2QnKSGfzqPZ3Ssq_tC6kuyltNfLmZRl0xWeh1EwW4ACRfjhHUtAwTEvyGyHtrEqnjT0rwW95y6DYlI97-J0hxd80la9uKqcycWEeeW1ZKzk7bqjmWWewxE9_xvUrdE206aRwcftXRuf7XxDCJi9ZUkEeKfhqusK9KQhcpLsKuShnoh3-Ns633ec7__l_pU3ZPAbafgwvbG8wZzuU3C-G57Ebezn6LOxnB-H8tP-KCdDkvjsT5Oei4zfenszG_W14&sig=Cg0ArKJSzNoVyCKvBAn8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=143&cbvp=1&cstd=138&cisv=r20230117.86439&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsvXEv8NZFewn_PrYT6jQUUbSFZAKECjYKxZcP5b_SHq3g_NpN2_I4qaKMKMH5MVZxZyZ0QAAeewmCF8lR7e4CY3G2jNEOIsEfD_3GbOJWD_It2fs24_ezh1evQC1A-lEAOpYjDgNmw422VHny4mwVCnXpL5vsBx0C3A1Knkbu86TJenj4ECohJRb31lymFMbC8ZfwT4E2LqPMbQr_JafjD1FXlj65KXFtqoAACyK4M9uYVZZoZh5JlNMR1XDx7glJ8xWE8Zw0JZU5xGagQdFMS4WFzFXdC3vp8g0Tc3XpU_8BFKdh0ducNSELG-LBScSdrbfSVbf5B7W2D26-faxCwL-Up15SmdaSHA1Zfm51kxkR0isyvlzGx2GzSCX8mr4Zh6dWR4C8yuAq21b7zITl5E5C76n-yEkmHSCpeGF9E-_VgF4xF20w5ag5S6S4W1BxqWhE-VTWJ_9iGiAVbwtJ2FV4pgToYlFF8JTustZ3DptNd55AiqwfxDVipykLHyYBSoU_qxJEsRfYPRi1DKDF5o8s8CGV-M7kuSelJ1wNgfzeXdTp9xVFKQzil88XrdP0fY1BLGLZdnowm0rpMi_Zm8Jmd8PriX6Wj5IloIq3D5r2CLXXrNPwko2tVVaEWHd57htn7pNt3Hln5NiQe_CU53MhhTk1Hjp_M-UJbGLC7ugBSxnQp5-_jhXsFB42T3VauGJhgPod0l2vkDr1y0O9VIIucoFZqe_3kLUycy3loP1nZ3Xq8n5WomsFZyV29_RyYbvp3BiYN_EoWLY3KQ7mxRypNwq5M0auA42XNYEK9t7oK4CgQ4XTMtZRDKr3wo8cUwgep8aOqEr_2lJXNKMl2Al-63v56xdi5FwThGgF3inGiEBMO0x0YKeoY8PMwQDGsONheiK9Dz9sPs8IVSsWtZAWnyJiS8QZqWpMBFNsFFuSBktgSweI6XytzAf1OjfE4iOWG4tAxXyCYtIe_9W8FkGBkas2xt2iSUI_4QhcpbmLY27lVDx6-y5gaKzPAos4n6tWEgd9o1f0lnVf7R5-ea_HKZf-1AW2h65REfaQozzZCGO74XVmYcnPuDsU7f-dXGXjgfTbtMTXh9vUaeJjljmRsc5pEhCxGkolmac3oXy2CjrCGODiMVWeIy7dKIs3DgfHfXVwR_yQBdGUET2nbk9OuJJXJwPLh6LRPh&sai=AMfl-YTHHA-rXVj0gbZtZTYTnTNQUS5gBj3rpdcA_o2FImM_7UGUVSA2QnKSGfzqPZ3Ssq_tC6kuyltNfLmZRl0xWeh1EwW4ACRfjhHUtAwTEvyGyHtrEqnjT0rwW95y6DYlI97-J0hxd80la9uKqcycWEeeW1ZKzk7bqjmWWewxE9_xvUrdE206aRwcftXRuf7XxDCJi9ZUkEeKfhqusK9KQhcpLsKuShnoh3-Ns633ec7__l_pU3ZPAbafgwvbG8wZzuU3C-G57Ebezn6LOxnB-H8tP-KCdDkvjsT5Oei4zfenszG_W14&sig=Cg0ArKJSzNoVyCKvBAn8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=143&cbvp=1&cstd=138&cisv=r20230117.86439&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a4e984ed196c3e6da90100f6b9aab6d0.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-security-policy: script-src 'none'; object-src 'none'
access-control-allow-origin: *
cache-control: private
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 19 Jan 2023 06:18:00 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Jan-2023 06:33:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Jan 2023 06:18:00 GMT
X-Firefox-Spdy: h2
cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/index.html
54.230.111.86200 OK 2.1 kB URL HTTP/2 cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/index.html
IP 54.230.111.86:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (6940), with no line terminators
Hash be0edd7fb76a8d61fc3dbcef9cb5713d
8429378605c5ebc4db843269e3ba2cffb4df6c2e
c5cefda8d2985a0f86c9ef403672f1006f907d71080bd2a078a24eae4d3e4489
GET /2eHz/auMO/Yc5m/xtK5/BZpH/live/index.html HTTP/1.1
Host: cdn.zuuvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 2103
x-amz-replication-status: COMPLETED
last-modified: Thu, 07 Jul 2022 12:01:13 GMT
content-encoding: gzip
x-amz-version-id: IurXYv2EDdJdgXupR39S_SOevmg7BEnn
accept-ranges: bytes
server: AmazonS3
x-robots-tag: noindex; nofollow
date: Thu, 19 Jan 2023 05:02:44 GMT
etag: "be0edd7fb76a8d61fc3dbcef9cb5713d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S6-NUi6HqoUbpXFgWM9THI_QV457K4dekD_X1JBCa_Fi0H76sLb0Vg==
age: 4516
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 532289832b1f21cd9014c904ca0a1ad6
16b0dbd03283cf8a80316e49ab0a0299fd237d99
e0b0758c8bea976e4963c7ca91cc223d9b68f1e45048dd9d5cce73c9f20a08a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:18:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/drt/ui
216.58.211.4302 Found 0 B URL HTTP/2 www.google.com/pagead/drt/ui
IP 216.58.211.4:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 19 Jan 2023 06:18:00 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/logo.svg
172.217.21.166200 OK 1.3 kB URL HTTP/2 s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/logo.svg
IP 172.217.21.166:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (660)
Hash abb009eb5cde6e6a440aaad94607c57d
bddff0818720de19fc9f73e80df10228bd0211e5
f2e962cd7cab3d3a4eb137b9542b4eaf4ab1f4a60641a5aad6606874b99d6b4b
GET /sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/logo.svg HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 1340
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 13:06:30 GMT
expires: Tue, 16 Jan 2024 13:06:30 GMT
cache-control: public, max-age=31536000
age: 234690
last-modified: Thu, 05 Jan 2023 14:37:52 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.zuuvi.com/zuuviapi/gsap/gsap3/gsap.min.js
54.230.111.86200 OK 61 kB URL HTTP/2 cdn.zuuvi.com/zuuviapi/gsap/gsap3/gsap.min.js
IP 54.230.111.86:0
File type ASCII text, with very long lines (60805)
Hash 5b20e1b9b1c3ead05cd6c0c385128526
7f2f39b5572ad3b34e88b9a332851e8c6180241c
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
GET /zuuviapi/gsap/gsap3/gsap.min.js HTTP/1.1
Host: cdn.zuuvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
content-length: 61102
x-amz-replication-status: COMPLETED
last-modified: Fri, 21 May 2021 09:52:52 GMT
x-amz-version-id: 86gKStuxMdiW5tQi0fz3GVaMv8KhOQGk
accept-ranges: bytes
server: AmazonS3
date: Wed, 18 Jan 2023 17:42:17 GMT
etag: "5b20e1b9b1c3ead05cd6c0c385128526"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CUEmA7PtJVV_vjyViIVID4My6_I3igho6on4wX8_twcRyMOgvHWp3w==
age: 45344
X-Firefox-Spdy: h2
cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/i_2eHz_650a32af-c952-4a24-a94f-14ad8860ae36_0e56f1c6-ab1d-4c70-9cc4-0fe334245bb0.svg
54.230.111.86200 OK 2.6 kB URL HTTP/2 cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/i_2eHz_650a32af-c952-4a24-a94f-14ad8860ae36_0e56f1c6-ab1d-4c70-9cc4-0fe334245bb0.svg
IP 54.230.111.86:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 313ad1554af06404ce4a676057506c9f
c82e72e3eaf3c63c40322fdd36016c221f25eeb9
3049d7696c4ae7150d46b12ba0cb68540fb65b5dadb4cf06959c00f9fc0a3fd6
GET /2eHz/auMO/Yc5m/xtK5/BZpH/live/i_2eHz_650a32af-c952-4a24-a94f-14ad8860ae36_0e56f1c6-ab1d-4c70-9cc4-0fe334245bb0.svg HTTP/1.1
Host: cdn.zuuvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 2611
x-amz-replication-status: COMPLETED
last-modified: Thu, 07 Jul 2022 12:01:07 GMT
content-encoding: gzip
x-amz-version-id: linZZBdOCJy3QfS9gOOPO5zTuS4AfB4I
accept-ranges: bytes
server: AmazonS3
x-robots-tag: noindex; nofollow
date: Thu, 19 Jan 2023 05:26:35 GMT
etag: "313ad1554af06404ce4a676057506c9f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hoZQUNgn0u1ii4avRklzpOYeQogRQe9yf5xxuVp2Ihs30ZO3KBmCUw==
age: 3086
X-Firefox-Spdy: h2
cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/i_2eHz_109fbe7c-840a-4642-ab61-fd2aeb6c41d2_d46faf88-b22b-4ec2-8b34-65f3854c8cfa.png
54.230.111.86200 OK 1.4 kB URL HTTP/2 cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/i_2eHz_109fbe7c-840a-4642-ab61-fd2aeb6c41d2_d46faf88-b22b-4ec2-8b34-65f3854c8cfa.png
IP 54.230.111.86:0
Hash 559a104a749a81cea18dd160d2141e0f
2dd1b4751e3cf79614ea7ed0322c18dd7e08bfa1
945467e765b30219f1f5336221b0e8172682a2cb5bdd4f6dec1e9d1b4275c233
GET /2eHz/auMO/Yc5m/xtK5/BZpH/live/i_2eHz_109fbe7c-840a-4642-ab61-fd2aeb6c41d2_d46faf88-b22b-4ec2-8b34-65f3854c8cfa.png HTTP/1.1
Host: cdn.zuuvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 871
x-amz-replication-status: COMPLETED
last-modified: Thu, 07 Jul 2022 12:01:08 GMT
content-encoding: gzip
x-amz-version-id: ia0IlJCRrr0bLOlhbGa3o84GWV_MD9Ex
accept-ranges: bytes
server: AmazonS3
x-robots-tag: noindex; nofollow
date: Thu, 19 Jan 2023 05:04:23 GMT
etag: "4a2a8e4d40d50e864046fd4c41501c8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tfyMt_tpUT5l0dldXNvDaeRUh8tR8tgZuTVi8WEpQIpgcZCPoqKsHQ==
age: 4418
X-Firefox-Spdy: h2
cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/i_2eHz_1e668185-1fc4-48ce-836d-2b1a5e61811a_26f5016f-1aea-4cf7-bb42-491069f55f53.png
54.230.111.86200 OK 22 kB URL HTTP/2 cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/i_2eHz_1e668185-1fc4-48ce-836d-2b1a5e61811a_26f5016f-1aea-4cf7-bb42-491069f55f53.png
IP 54.230.111.86:0
Hash d271bcf57ef07a4fa347fc027c6d892c
e8c31c1f98cb9d66ec6777482e2e5a2f17fe5046
d93a08e5e44ce06c4ec22e437f7a136f34cd736954ed7c786a7b8783e3e88fc0
GET /2eHz/auMO/Yc5m/xtK5/BZpH/live/i_2eHz_1e668185-1fc4-48ce-836d-2b1a5e61811a_26f5016f-1aea-4cf7-bb42-491069f55f53.png HTTP/1.1
Host: cdn.zuuvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 21044
x-amz-replication-status: COMPLETED
last-modified: Thu, 07 Jul 2022 12:01:07 GMT
content-encoding: gzip
x-amz-version-id: I5e_ByKVbwTJ75xEWUHafbUyxv_fKH.Q
accept-ranges: bytes
server: AmazonS3
x-robots-tag: noindex; nofollow
date: Thu, 19 Jan 2023 05:03:19 GMT
etag: "dcbe4d122311ac7e4cd48e0d717fcd3b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IUaEL0NLsTX03RDA-3AoOw8FJUyzP6I16hZBRmbho7nhl2nU5nrXWw==
age: 4482
X-Firefox-Spdy: h2
cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/i_2eHz_d046e2b7-506f-439a-995b-68321cade7bd_d976487a-be4f-4f18-8445-c1b5847df67b.jpg
54.230.111.86200 OK 13 kB URL HTTP/2 cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/i_2eHz_d046e2b7-506f-439a-995b-68321cade7bd_d976487a-be4f-4f18-8445-c1b5847df67b.jpg
IP 54.230.111.86:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x160, components 3\012- data
Hash 26414042cab8f7d63440dfe497425880
c412493bb8e8bd0b375bd1e2f525e99b04c0a21b
0a07e165c2278db8e85380b1c90cafa87777d642fa844f90b56018bb0eabe2df
GET /2eHz/auMO/Yc5m/xtK5/BZpH/live/i_2eHz_d046e2b7-506f-439a-995b-68321cade7bd_d976487a-be4f-4f18-8445-c1b5847df67b.jpg HTTP/1.1
Host: cdn.zuuvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 12875
x-amz-replication-status: COMPLETED
last-modified: Thu, 07 Jul 2022 12:01:08 GMT
content-encoding: gzip
x-amz-version-id: jihUHlEYNCtE39EueWj5ZXEqkdPgZR.C
accept-ranges: bytes
server: AmazonS3
x-robots-tag: noindex; nofollow
date: Thu, 19 Jan 2023 05:21:54 GMT
etag: "26414042cab8f7d63440dfe497425880"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: e4axnmQ7_uYj6NSGRJZ99skicacRnAYoXM5MTQZWCUHeNrdcy9jf0g==
age: 4110
X-Firefox-Spdy: h2
cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/7949f9b7-e718-4ab3-867f-0dc7f5e26b58.ttf
54.230.111.86200 OK 3.6 kB URL HTTP/2 cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/7949f9b7-e718-4ab3-867f-0dc7f5e26b58.ttf
IP 54.230.111.86:0
File type TrueType Font data, 18 tables, 1st "FFTM", 30 names, Macintosh\012- data
Hash 6eeae6544bc3ef5b279ec559fbbc7435
a200d78d3ff1e33c02a900ccedf7d3fe8eda5552
c1651e59243e1aabfe56e525f048db9e5a852c92bbe8cc94526980cfdacff207
GET /2eHz/auMO/Yc5m/xtK5/BZpH/live/7949f9b7-e718-4ab3-867f-0dc7f5e26b58.ttf HTTP/1.1
Host: cdn.zuuvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/index.html
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/x-font-ttf
content-length: 3633
date: Thu, 19 Jan 2023 06:18:01 GMT
x-amz-replication-status: COMPLETED
last-modified: Thu, 07 Jul 2022 12:01:08 GMT
etag: "6eeae6544bc3ef5b279ec559fbbc7435"
content-encoding: gzip
x-amz-version-id: GFeRtlBKCUkZFWFqKroj5dn37zHTL7Qr
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fGhY6zkXdY5cJBYHL0cYQSEpMrFlBijYUuET4ZcR42IH-gm3B_94-w==
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaLuAbiLasUfS2DzQMgpDKzSknKGg8WmDb63gtO4zoeMxCDWivYAor73UNSWl6IAyQWmApqkXbzaqW9tC6KgcxAIKeGiO2bBK2GcqMdO1WdwP3pjijCPdsH0dvtqVHlYWEk-6bYljNVdqZVKT9ied9q0GyYvQhs-XHyzT137OfZumw8-H4UsUybZE15xjrBp_F5VsY7XVMb5lk6CR_AsrAQ67hFhME9jWMg3KsukjRglS5BzKmqR-oErUZqazPsX-rl32KFgI5wN-14H2UxT9Wp3vl9eLOLu0OPoUUqAu7tYEQ3lRxYGMMtPzNNFUxlnIDD9_FKK5Tv447GtG9jONACcfnqw6L6mAnCXJsddUjk-0Z69nN40ftZb_CaCA04AkDGGlxMvrhFD5wsGWXsD3z9a54sm-zstNKe4a0LIh8yDqLUDuQt1zInKNFdKZyxv4ePT9639AAH32Z31Jt62RvsX6yl15bFfM2rjsDTEr7gLlfQcSIXTP0qtDdRYfVBHz8TQhcAQJgycu5DuiuRybC4oT5qPu8CDVS-IMI3f5_ZLidRLEHdlySXIv1EY9qrg5goePB0lQcJ6kWM4SGEH0J-xA34onL1lW65fpDjW5_Zg87IXRNh6MxLbZcPoqn9v-7zVsErB5x1Bj_DvOFRNQlq-djoAnAeedXrNgEl6_8ptnVhWAQwCMg3ldvS7yxcNHEYcmzPQ1mVmZVmEYdXaJ9xDe_ASMsw7bEbB9IgIgh3xOVCwyMg0bOMso_S1quyzfq-ebwXkmUecyi_jvKnaLnhfsLMHDmz02IKjPnCg6rPZnQ4eaoSgZ4d6PYXci-NdYYDMV_eiGLsmn6kWRnx_LJas6VB4QFgZGvXkVFsrsgNcaDHTlATCBmSlS_C2W6nnXX-Gh1QI7gs49M9udrJL5491BFShytMrZGft169UbvGDz6Sxrjj9KxnfdR3Y8a9_5lJ5uf2I1n9KnyYPs_1OLI-qVhFuDaFO0NWG0kcljTJEkjXIqZW2rWM5kgmPLvmw8JpTkQG-BlyB8JHeS9mh8Yspx27MjOWqmCa7rJgP6042KPbpRmXQRW-wH7x_oynlq2_iF_FWQENBqr7Hmr_dOyd2CPNYH-C5J7qBGCKS8arAOj28MKhkBXlzT3nGR7juQw2x0rJ44aCH9yMsGb27lVTKy1STONI6KBO3JfrMKG23oneGTxL1arVGbiZ4PJ7ndtCfbfWfk&sai=AMfl-YTYhJxFNX0YeCiaXXoILbJoiSKWp_nbRZguhsY7NQj1CIYhUXRu1qEebL9MRIfw_JBKkBICLHn_yGT5m7HtASaNkFPiDmPEp41KTGdU8vZkFUVxpaPv9v3osMZRJsrCeEfPHnNMtBPGfBtTPCsQIYcuEoAkFeRaNcaERLo_ubmuTSznq009E-CgoCKqzQvxDr3O5P8GJwKXhCQO7YbCHNrNAwOjzoZfu5B1uVM3DuQ_vlZWKuesl2B3gvBwoTBq6Sqd7v6tqOd7SPoxkuhiRiz-FkbvJ4BRFdA7Iaz9gdH5QZHSvpA&sig=Cg0ArKJSzBqzFGJ2RGm2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1087&vt=11&dtpt=742&dett=3&cstd=330&cisv=r20230117.45822&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssaLuAbiLasUfS2DzQMgpDKzSknKGg8WmDb63gtO4zoeMxCDWivYAor73UNSWl6IAyQWmApqkXbzaqW9tC6KgcxAIKeGiO2bBK2GcqMdO1WdwP3pjijCPdsH0dvtqVHlYWEk-6bYljNVdqZVKT9ied9q0GyYvQhs-XHyzT137OfZumw8-H4UsUybZE15xjrBp_F5VsY7XVMb5lk6CR_AsrAQ67hFhME9jWMg3KsukjRglS5BzKmqR-oErUZqazPsX-rl32KFgI5wN-14H2UxT9Wp3vl9eLOLu0OPoUUqAu7tYEQ3lRxYGMMtPzNNFUxlnIDD9_FKK5Tv447GtG9jONACcfnqw6L6mAnCXJsddUjk-0Z69nN40ftZb_CaCA04AkDGGlxMvrhFD5wsGWXsD3z9a54sm-zstNKe4a0LIh8yDqLUDuQt1zInKNFdKZyxv4ePT9639AAH32Z31Jt62RvsX6yl15bFfM2rjsDTEr7gLlfQcSIXTP0qtDdRYfVBHz8TQhcAQJgycu5DuiuRybC4oT5qPu8CDVS-IMI3f5_ZLidRLEHdlySXIv1EY9qrg5goePB0lQcJ6kWM4SGEH0J-xA34onL1lW65fpDjW5_Zg87IXRNh6MxLbZcPoqn9v-7zVsErB5x1Bj_DvOFRNQlq-djoAnAeedXrNgEl6_8ptnVhWAQwCMg3ldvS7yxcNHEYcmzPQ1mVmZVmEYdXaJ9xDe_ASMsw7bEbB9IgIgh3xOVCwyMg0bOMso_S1quyzfq-ebwXkmUecyi_jvKnaLnhfsLMHDmz02IKjPnCg6rPZnQ4eaoSgZ4d6PYXci-NdYYDMV_eiGLsmn6kWRnx_LJas6VB4QFgZGvXkVFsrsgNcaDHTlATCBmSlS_C2W6nnXX-Gh1QI7gs49M9udrJL5491BFShytMrZGft169UbvGDz6Sxrjj9KxnfdR3Y8a9_5lJ5uf2I1n9KnyYPs_1OLI-qVhFuDaFO0NWG0kcljTJEkjXIqZW2rWM5kgmPLvmw8JpTkQG-BlyB8JHeS9mh8Yspx27MjOWqmCa7rJgP6042KPbpRmXQRW-wH7x_oynlq2_iF_FWQENBqr7Hmr_dOyd2CPNYH-C5J7qBGCKS8arAOj28MKhkBXlzT3nGR7juQw2x0rJ44aCH9yMsGb27lVTKy1STONI6KBO3JfrMKG23oneGTxL1arVGbiZ4PJ7ndtCfbfWfk&sai=AMfl-YTYhJxFNX0YeCiaXXoILbJoiSKWp_nbRZguhsY7NQj1CIYhUXRu1qEebL9MRIfw_JBKkBICLHn_yGT5m7HtASaNkFPiDmPEp41KTGdU8vZkFUVxpaPv9v3osMZRJsrCeEfPHnNMtBPGfBtTPCsQIYcuEoAkFeRaNcaERLo_ubmuTSznq009E-CgoCKqzQvxDr3O5P8GJwKXhCQO7YbCHNrNAwOjzoZfu5B1uVM3DuQ_vlZWKuesl2B3gvBwoTBq6Sqd7v6tqOd7SPoxkuhiRiz-FkbvJ4BRFdA7Iaz9gdH5QZHSvpA&sig=Cg0ArKJSzBqzFGJ2RGm2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1087&vt=11&dtpt=742&dett=3&cstd=330&cisv=r20230117.45822&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjssaLuAbiLasUfS2DzQMgpDKzSknKGg8WmDb63gtO4zoeMxCDWivYAor73UNSWl6IAyQWmApqkXbzaqW9tC6KgcxAIKeGiO2bBK2GcqMdO1WdwP3pjijCPdsH0dvtqVHlYWEk-6bYljNVdqZVKT9ied9q0GyYvQhs-XHyzT137OfZumw8-H4UsUybZE15xjrBp_F5VsY7XVMb5lk6CR_AsrAQ67hFhME9jWMg3KsukjRglS5BzKmqR-oErUZqazPsX-rl32KFgI5wN-14H2UxT9Wp3vl9eLOLu0OPoUUqAu7tYEQ3lRxYGMMtPzNNFUxlnIDD9_FKK5Tv447GtG9jONACcfnqw6L6mAnCXJsddUjk-0Z69nN40ftZb_CaCA04AkDGGlxMvrhFD5wsGWXsD3z9a54sm-zstNKe4a0LIh8yDqLUDuQt1zInKNFdKZyxv4ePT9639AAH32Z31Jt62RvsX6yl15bFfM2rjsDTEr7gLlfQcSIXTP0qtDdRYfVBHz8TQhcAQJgycu5DuiuRybC4oT5qPu8CDVS-IMI3f5_ZLidRLEHdlySXIv1EY9qrg5goePB0lQcJ6kWM4SGEH0J-xA34onL1lW65fpDjW5_Zg87IXRNh6MxLbZcPoqn9v-7zVsErB5x1Bj_DvOFRNQlq-djoAnAeedXrNgEl6_8ptnVhWAQwCMg3ldvS7yxcNHEYcmzPQ1mVmZVmEYdXaJ9xDe_ASMsw7bEbB9IgIgh3xOVCwyMg0bOMso_S1quyzfq-ebwXkmUecyi_jvKnaLnhfsLMHDmz02IKjPnCg6rPZnQ4eaoSgZ4d6PYXci-NdYYDMV_eiGLsmn6kWRnx_LJas6VB4QFgZGvXkVFsrsgNcaDHTlATCBmSlS_C2W6nnXX-Gh1QI7gs49M9udrJL5491BFShytMrZGft169UbvGDz6Sxrjj9KxnfdR3Y8a9_5lJ5uf2I1n9KnyYPs_1OLI-qVhFuDaFO0NWG0kcljTJEkjXIqZW2rWM5kgmPLvmw8JpTkQG-BlyB8JHeS9mh8Yspx27MjOWqmCa7rJgP6042KPbpRmXQRW-wH7x_oynlq2_iF_FWQENBqr7Hmr_dOyd2CPNYH-C5J7qBGCKS8arAOj28MKhkBXlzT3nGR7juQw2x0rJ44aCH9yMsGb27lVTKy1STONI6KBO3JfrMKG23oneGTxL1arVGbiZ4PJ7ndtCfbfWfk&sai=AMfl-YTYhJxFNX0YeCiaXXoILbJoiSKWp_nbRZguhsY7NQj1CIYhUXRu1qEebL9MRIfw_JBKkBICLHn_yGT5m7HtASaNkFPiDmPEp41KTGdU8vZkFUVxpaPv9v3osMZRJsrCeEfPHnNMtBPGfBtTPCsQIYcuEoAkFeRaNcaERLo_ubmuTSznq009E-CgoCKqzQvxDr3O5P8GJwKXhCQO7YbCHNrNAwOjzoZfu5B1uVM3DuQ_vlZWKuesl2B3gvBwoTBq6Sqd7v6tqOd7SPoxkuhiRiz-FkbvJ4BRFdA7Iaz9gdH5QZHSvpA&sig=Cg0ArKJSzBqzFGJ2RGm2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1087&vt=11&dtpt=742&dett=3&cstd=330&cisv=r20230117.45822&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 19 Jan 2023 06:18:00 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Jan-2023 06:33:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Jan 2023 06:18:00 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/redhatdisplay/v14/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
142.250.74.163200 OK 29 kB URL HTTP/2 fonts.gstatic.com/s/redhatdisplay/v14/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 28964, version 1.0\012- data
Hash 4b9f3c6c8298eda8f3d47b63aa300277
7ced89a14b86a7ba68a3c91af1d0741132fddaff
1dbe80d2c777c173f7f7b2fe368fbdd6b3de977c9e02548b03d15cc441a80a69
GET /s/redhatdisplay/v14/8vIQ7wUr0m80wwYf0QCXZzYzUoTg_T6h.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cdn.zuuvi.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 15 Jan 2023 10:37:24 GMT
expires: Mon, 15 Jan 2024 10:37:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 17:54:58 GMT
content-type: font/woff2
age: 330036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXEv8NZFewn_PrYT6jQUUbSFZAKECjYKxZcP5b_SHq3g_NpN2_I4qaKMKMH5MVZxZyZ0QAAeewmCF8lR7e4CY3G2jNEOIsEfD_3GbOJWD_It2fs24_ezh1evQC1A-lEAOpYjDgNmw422VHny4mwVCnXpL5vsBx0C3A1Knkbu86TJenj4ECohJRb31lymFMbC8ZfwT4E2LqPMbQr_JafjD1FXlj65KXFtqoAACyK4M9uYVZZoZh5JlNMR1XDx7glJ8xWE8Zw0JZU5xGagQdFMS4WFzFXdC3vp8g0Tc3XpU_8BFKdh0ducNSELG-LBScSdrbfSVbf5B7W2D26-faxCwL-Up15SmdaSHA1Zfm51kxkR0isyvlzGx2GzSCX8mr4Zh6dWR4C8yuAq21b7zITl5E5C76n-yEkmHSCpeGF9E-_VgF4xF20w5ag5S6S4W1BxqWhE-VTWJ_9iGiAVbwtJ2FV4pgToYlFF8JTustZ3DptNd55AiqwfxDVipykLHyYBSoU_qxJEsRfYPRi1DKDF5o8s8CGV-M7kuSelJ1wNgfzeXdTp9xVFKQzil88XrdP0fY1BLGLZdnowm0rpMi_Zm8Jmd8PriX6Wj5IloIq3D5r2CLXXrNPwko2tVVaEWHd57htn7pNt3Hln5NiQe_CU53MhhTk1Hjp_M-UJbGLC7ugBSxnQp5-_jhXsFB42T3VauGJhgPod0l2vkDr1y0O9VIIucoFZqe_3kLUycy3loP1nZ3Xq8n5WomsFZyV29_RyYbvp3BiYN_EoWLY3KQ7mxRypNwq5M0auA42XNYEK9t7oK4CgQ4XTMtZRDKr3wo8cUwgep8aOqEr_2lJXNKMl2Al-63v56xdi5FwThGgF3inGiEBMO0x0YKeoY8PMwQDGsONheiK9Dz9sPs8IVSsWtZAWnyJiS8QZqWpMBFNsFFuSBktgSweI6XytzAf1OjfE4iOWG4tAxXyCYtIe_9W8FkGBkas2xt2iSUI_4QhcpbmLY27lVDx6-y5gaKzPAos4n6tWEgd9o1f0lnVf7R5-ea_HKZf-1AW2h65REfaQozzZCGO74XVmYcnPuDsU7f-dXGXjgfTbtMTXh9vUaeJjljmRsc5pEhCxGkolmac3oXy2CjrCGODiMVWeIy7dKIs3DgfHfXVwR_yQBdGUET2nbk9OuJJXJwPLh6LRPh&sai=AMfl-YTHHA-rXVj0gbZtZTYTnTNQUS5gBj3rpdcA_o2FImM_7UGUVSA2QnKSGfzqPZ3Ssq_tC6kuyltNfLmZRl0xWeh1EwW4ACRfjhHUtAwTEvyGyHtrEqnjT0rwW95y6DYlI97-J0hxd80la9uKqcycWEeeW1ZKzk7bqjmWWewxE9_xvUrdE206aRwcftXRuf7XxDCJi9ZUkEeKfhqusK9KQhcpLsKuShnoh3-Ns633ec7__l_pU3ZPAbafgwvbG8wZzuU3C-G57Ebezn6LOxnB-H8tP-KCdDkvjsT5Oei4zfenszG_W14&sig=Cg0ArKJSzNoVyCKvBAn8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1148&vt=11&dtpt=1005&dett=3&cstd=138&cisv=r20230117.86439&arae=0&ftch=1&adurl=
142.250.74.98200 OK 0 B URL HTTP/2 googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvXEv8NZFewn_PrYT6jQUUbSFZAKECjYKxZcP5b_SHq3g_NpN2_I4qaKMKMH5MVZxZyZ0QAAeewmCF8lR7e4CY3G2jNEOIsEfD_3GbOJWD_It2fs24_ezh1evQC1A-lEAOpYjDgNmw422VHny4mwVCnXpL5vsBx0C3A1Knkbu86TJenj4ECohJRb31lymFMbC8ZfwT4E2LqPMbQr_JafjD1FXlj65KXFtqoAACyK4M9uYVZZoZh5JlNMR1XDx7glJ8xWE8Zw0JZU5xGagQdFMS4WFzFXdC3vp8g0Tc3XpU_8BFKdh0ducNSELG-LBScSdrbfSVbf5B7W2D26-faxCwL-Up15SmdaSHA1Zfm51kxkR0isyvlzGx2GzSCX8mr4Zh6dWR4C8yuAq21b7zITl5E5C76n-yEkmHSCpeGF9E-_VgF4xF20w5ag5S6S4W1BxqWhE-VTWJ_9iGiAVbwtJ2FV4pgToYlFF8JTustZ3DptNd55AiqwfxDVipykLHyYBSoU_qxJEsRfYPRi1DKDF5o8s8CGV-M7kuSelJ1wNgfzeXdTp9xVFKQzil88XrdP0fY1BLGLZdnowm0rpMi_Zm8Jmd8PriX6Wj5IloIq3D5r2CLXXrNPwko2tVVaEWHd57htn7pNt3Hln5NiQe_CU53MhhTk1Hjp_M-UJbGLC7ugBSxnQp5-_jhXsFB42T3VauGJhgPod0l2vkDr1y0O9VIIucoFZqe_3kLUycy3loP1nZ3Xq8n5WomsFZyV29_RyYbvp3BiYN_EoWLY3KQ7mxRypNwq5M0auA42XNYEK9t7oK4CgQ4XTMtZRDKr3wo8cUwgep8aOqEr_2lJXNKMl2Al-63v56xdi5FwThGgF3inGiEBMO0x0YKeoY8PMwQDGsONheiK9Dz9sPs8IVSsWtZAWnyJiS8QZqWpMBFNsFFuSBktgSweI6XytzAf1OjfE4iOWG4tAxXyCYtIe_9W8FkGBkas2xt2iSUI_4QhcpbmLY27lVDx6-y5gaKzPAos4n6tWEgd9o1f0lnVf7R5-ea_HKZf-1AW2h65REfaQozzZCGO74XVmYcnPuDsU7f-dXGXjgfTbtMTXh9vUaeJjljmRsc5pEhCxGkolmac3oXy2CjrCGODiMVWeIy7dKIs3DgfHfXVwR_yQBdGUET2nbk9OuJJXJwPLh6LRPh&sai=AMfl-YTHHA-rXVj0gbZtZTYTnTNQUS5gBj3rpdcA_o2FImM_7UGUVSA2QnKSGfzqPZ3Ssq_tC6kuyltNfLmZRl0xWeh1EwW4ACRfjhHUtAwTEvyGyHtrEqnjT0rwW95y6DYlI97-J0hxd80la9uKqcycWEeeW1ZKzk7bqjmWWewxE9_xvUrdE206aRwcftXRuf7XxDCJi9ZUkEeKfhqusK9KQhcpLsKuShnoh3-Ns633ec7__l_pU3ZPAbafgwvbG8wZzuU3C-G57Ebezn6LOxnB-H8tP-KCdDkvjsT5Oei4zfenszG_W14&sig=Cg0ArKJSzNoVyCKvBAn8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1148&vt=11&dtpt=1005&dett=3&cstd=138&cisv=r20230117.86439&arae=0&ftch=1&adurl=
IP 142.250.74.98:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjsvXEv8NZFewn_PrYT6jQUUbSFZAKECjYKxZcP5b_SHq3g_NpN2_I4qaKMKMH5MVZxZyZ0QAAeewmCF8lR7e4CY3G2jNEOIsEfD_3GbOJWD_It2fs24_ezh1evQC1A-lEAOpYjDgNmw422VHny4mwVCnXpL5vsBx0C3A1Knkbu86TJenj4ECohJRb31lymFMbC8ZfwT4E2LqPMbQr_JafjD1FXlj65KXFtqoAACyK4M9uYVZZoZh5JlNMR1XDx7glJ8xWE8Zw0JZU5xGagQdFMS4WFzFXdC3vp8g0Tc3XpU_8BFKdh0ducNSELG-LBScSdrbfSVbf5B7W2D26-faxCwL-Up15SmdaSHA1Zfm51kxkR0isyvlzGx2GzSCX8mr4Zh6dWR4C8yuAq21b7zITl5E5C76n-yEkmHSCpeGF9E-_VgF4xF20w5ag5S6S4W1BxqWhE-VTWJ_9iGiAVbwtJ2FV4pgToYlFF8JTustZ3DptNd55AiqwfxDVipykLHyYBSoU_qxJEsRfYPRi1DKDF5o8s8CGV-M7kuSelJ1wNgfzeXdTp9xVFKQzil88XrdP0fY1BLGLZdnowm0rpMi_Zm8Jmd8PriX6Wj5IloIq3D5r2CLXXrNPwko2tVVaEWHd57htn7pNt3Hln5NiQe_CU53MhhTk1Hjp_M-UJbGLC7ugBSxnQp5-_jhXsFB42T3VauGJhgPod0l2vkDr1y0O9VIIucoFZqe_3kLUycy3loP1nZ3Xq8n5WomsFZyV29_RyYbvp3BiYN_EoWLY3KQ7mxRypNwq5M0auA42XNYEK9t7oK4CgQ4XTMtZRDKr3wo8cUwgep8aOqEr_2lJXNKMl2Al-63v56xdi5FwThGgF3inGiEBMO0x0YKeoY8PMwQDGsONheiK9Dz9sPs8IVSsWtZAWnyJiS8QZqWpMBFNsFFuSBktgSweI6XytzAf1OjfE4iOWG4tAxXyCYtIe_9W8FkGBkas2xt2iSUI_4QhcpbmLY27lVDx6-y5gaKzPAos4n6tWEgd9o1f0lnVf7R5-ea_HKZf-1AW2h65REfaQozzZCGO74XVmYcnPuDsU7f-dXGXjgfTbtMTXh9vUaeJjljmRsc5pEhCxGkolmac3oXy2CjrCGODiMVWeIy7dKIs3DgfHfXVwR_yQBdGUET2nbk9OuJJXJwPLh6LRPh&sai=AMfl-YTHHA-rXVj0gbZtZTYTnTNQUS5gBj3rpdcA_o2FImM_7UGUVSA2QnKSGfzqPZ3Ssq_tC6kuyltNfLmZRl0xWeh1EwW4ACRfjhHUtAwTEvyGyHtrEqnjT0rwW95y6DYlI97-J0hxd80la9uKqcycWEeeW1ZKzk7bqjmWWewxE9_xvUrdE206aRwcftXRuf7XxDCJi9ZUkEeKfhqusK9KQhcpLsKuShnoh3-Ns633ec7__l_pU3ZPAbafgwvbG8wZzuU3C-G57Ebezn6LOxnB-H8tP-KCdDkvjsT5Oei4zfenszG_W14&sig=Cg0ArKJSzNoVyCKvBAn8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1148&vt=11&dtpt=1005&dett=3&cstd=138&cisv=r20230117.86439&arae=0&ftch=1&adurl= HTTP/1.1
Host: googleads4.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a4e984ed196c3e6da90100f6b9aab6d0.safeframe.googlesyndication.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Thu, 19 Jan 2023 06:18:00 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 19-Jan-2023 06:33:00 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 19 Jan 2023 06:18:00 GMT
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230117&st=env
142.250.74.130200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230117&st=env
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with very long lines (14557), with no line terminators
Hash 8264052cbcccc431ee8e1c635832df7b
c0fd4f71480e9ff45795ed2defbae4811d33a19b
21bc6aaba1a61a7a86520a5d656ed99b1212cb0fd5f8279cbf8d7aec32df4f3d
GET /getconfig/sodar?sv=200&tid=gda&tv=r20230117&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Origin: https://www.byboe.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 19 Jan 2023 06:18:00 GMT
server: cafe
content-length: 10989
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.zuuvi.com/zuuviapi/gsap/gsap3/CustomEase.min.js
54.230.111.86200 OK 3.7 kB URL HTTP/2 cdn.zuuvi.com/zuuviapi/gsap/gsap3/CustomEase.min.js
IP 54.230.111.86:0
Hash 495e26d5a7935235f8b65599e5eeb9f6
4731bd3d5462a25f974973e039bc6434c7cd71de
3eaef4ad58ee0075d1f4c9a640297bd96d7769b5f6ef47ccf770e1db80f287d5
GET /zuuviapi/gsap/gsap3/CustomEase.min.js HTTP/1.1
Host: cdn.zuuvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
x-amz-replication-status: COMPLETED
last-modified: Fri, 21 May 2021 09:52:52 GMT
x-amz-version-id: .RMdMfuMjqHKyfysPhxvCJW9KaDOyJPZ
server: AmazonS3
content-encoding: gzip
date: Wed, 18 Jan 2023 13:35:29 GMT
etag: W/"37e567ab1cb84afc819e00e385e7a379"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xf4eaXnZ3K47CCGrHJ9hcn1kO-LOtA4jxJEjzszmtEg8kL_B6D2RHg==
age: 60152
X-Firefox-Spdy: h2
offerimage.com/www/images/0fb6066747e1a495065815fb44fb9b41.png
172.67.22.216200 OK 12 kB URL HTTP/2 offerimage.com/www/images/0fb6066747e1a495065815fb44fb9b41.png
IP 172.67.22.216:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fb6066747e1a495065815fb44fb9b41
c62f83dec41d2b508176f11784edc75db8dbb6f8
dca249be9c1aeee895ea79046856c178a1830f46a55cfc7f552b95b04eb3e5a6
GET /www/images/0fb6066747e1a495065815fb44fb9b41.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 06:18:00 GMT
content-type: image/png
content-length: 11899
last-modified: Thu, 25 Aug 2022 05:53:00 GMT
etag: "63070e3c-2e7b"
expires: Thu, 19 Jan 2023 07:50:05 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 80875
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78bd735a5bb2b51b-OSL
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
142.250.74.130200 OK 5.7 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
IP 142.250.74.130:0
File type JSON data\012- , ASCII text, with very long lines (7499), with no line terminators
Hash e1c35f6e9a8756c2947ffe202c3bf063
ae9efefeb70cc70b8185cf961e41abe54e6fa060
6710e6d9a79a82d322f1d087848cebd8258958fafc7cf9564d3660fd3f52a161
GET /getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://s0.2mdn.net
Connection: keep-alive
Referer: https://s0.2mdn.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Thu, 19 Jan 2023 06:18:00 GMT
server: cafe
content-length: 5677
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 19a57df43786b85de3f7519c28ac76d5
1ba75d8f1925301cb9c1b04d79add612ac7cfc15
3ac0cee91f5b3cdf8907ea9bbad110d8f2f38c59259532588d013e0426b2bce2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 19 Jan 2023 06:18:00 GMT
Last-Modified: Thu, 19 Jan 2023 05:34:17 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Mw-g6TfJ_PxufPALZTS7DWcJWLr9QdAC-f79UEqhxag4X6T028r9yQ==
Age: 2623
unified.adsafeprotected.com/v2/1324750/68818591?mon=68818592&omidPartner=[OMIDPARTNER]&apiframeworks=[APIFRAMEWORKS]&bundleId=&ias_xappb=&ias_dspId=3&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~&originalVast=https://ad.doubleclick.net/ddm/pfadx/N448205.3522413GOOGLEDV360/B29211219.357221857%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://www.byboe.com/%3Fves%3DdGltZXN0YW1wOiAxNjc0MTA5MDc5MTg2CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzc3U4ZkFBbnJmYzJBbWNaSXEyU3Q0VjNlVWZZdDlhTEZWV2YyeHhFdlJNX19zb2JhRHFoazBjenZCUFlHYWRGcVpDcWF6M1FJNmdmZ2h3U1o2eUdxZGNGZDdXYzBVSDRGSGdxdEViS1BQUTBlY1dTdzV4MTVPc0VrdTRzeFBXZjRhTlcwcmROM0lNcE80SlNPMUZaY3Vjd3phZlJ1X3NFTGpUWDE0ZHI3VFR6MFRQZDZmN1k2SEYydXNGTkRrQUh0NlBWSzZlbV82UVNhWHl5RzdHNUdiS2tuNDFhcTl6MnBGcnhWbmI2TEZFNU14ZGtXY2RhQm5Ta0FvZXBaQkJ0STltNG9WcWN2cnlxQS1wSVdpVHdjcTdSTVVheEwzLTNwZG9RcVYzUlAtRUZUMjUxWFpqWFJ4eGJsN3dxcVJiZFVSZUNRQzJTZUxFUDJWSXhxYUtOOExWNHdJTHFLRTlHQTdITUNFRndFWm5keDA0Rjh6cThlQUNqbDdTenlEY2NZNkx2bFRMa1RPMzAxdGFOSlFpalBpTk84RjFNd18tWVl1QTBKYkZveGdDV0tDUnJOTDY3NTdZLTVnbHc4VTJrZE0xVElWdHVSaFpYZUVYa0dsUUhLVjRoY2VyZDBQajZndFpyODFXZTZKWGxpM053QVp6UEk3dGVUMEhCeDRsZDVrOWM5aWNQT09lT05WY0hfYWhReUJySmZNOTNPRlhHTGsyVm5fQm1BcnIwbXJOT2NTamNtZmI0WlBVSlRPckhvSW1jWVIyZnZnV0RxTUVyQk9acmprWjNhS2JrbVA0T3cxT0QwZHVGV3dJeGJiY0V6ZWlpMnY3OFZGQ2FhcGdZVl9PQ1pQQ3NIRE5XRDNlU0NUSDNJUGJMYXNzM2lxQlhjVGpGZUh0U210cmVCUjVfaDBDRWNqdlg4NVZ1dlZ3N1hxMWtvZ1dvMjNoNnk1UklKUkpYN045Y1ZvUURqcTQ2b0Jvb0huU3Z4ZE1BaGJGc3NQZU5Vai1mODFkd2g1bXVfd05paE56M0g1NGd0amg2OFNFUnlQQ1U0aUZvX09sOHZmT0VoVHFjR2cya3hYZE80NktjRnh4bFVybm1FZHExMFVFOUlpWFRxQTFKcURCUktEXzlQc0pvYllKWDdidmpzQllEdlFEVlVUb1dMdVRWR2o4Zk5DUWFfaGFpeTdDVVlyWWZBTjE2S0hLUElLUE4xVGQwMVc2cFk3eDFxN0xtTDVrNWpfSzFLVm5RQjFmemZOLUxXLWp5UzdYTzBkT0NTY0tkdzI5RnRfTXR6Q3dMWGVYTDU0b2NyaEIyVnNmTTAwZjlhcGFKeldJMm5LV2JTLU44c1c3ejR4THhWRXp1S19PTUNlZDV1MW1IbWdxNjFNTWVRcjBwM2gyWUxYM1NwOTlqLVVmVnVLa0FYdTdPd0RDRmhpQmg4eE9iNnNtTkc4NlV2ZHhwc3ZSNV9DNUFkWnFCVFprelh4YzJvdmI3UXA4ZEpoMVNPRUg2UFhmSWRBYzBYb2JVbWh5bWRVV09KZG82SGg5VjhRcmYzejBIdXVIbG9jQW1jZ1Emc2FpPUFNZmwtWVFURGE1eFRGbkRlNkNIbm80aGFscHh5X3Qwb1VzWGdwZXdIQlVWRTAyMGZIQXV0SDBrWGNIRHBrZlVRZVZSODY0VEo2QVdJUjM0dXV1R01pUnNzQmRHUDhqalVnYnNZMnNVd2h3a1pYQnl4cVAtaF9PZFRuaV8yNTI4Ump2MDlIdEwxenI3SURQeFBEUGhCbTFZZFBBOFJHZ29iSHFyekdFRGJSZWcyMHE2N0o1Y0h3ajVJeDYxLWhNU3NuU2JhbmhaNUF1d0MtX1F5TWNLcGFxb1Zycm1oSmIzSzhyREtfclFKM1lQejRSV0hyZzdXUHJRUVZvbXc0MXljX25ZdkVDV3lld0xrcXBmRUg2dFFQY0FMTXVtSG9rQmRVdnVyR2JlM0FoY3lZUjFnV1RPcmVSZHY0Y3J3dXQyR1hyUiZzaWc9Q2cwQXJLSlN6TWtNSE5WclFteXZFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LmNvY2EtY29sYS5uby9tZWFscyUzRnV0bV9zb3VyY2UlM0RPTFZfcCUyNnV0bV9tZWRpdW0lM0RWaWRlbyUyNnV0bV9jYW1wYWlnbiUzRE1lYWxzQU9RMSUyNnV0bV9jb250ZW50JTNEdmlkZW8lMjZkY2xpZCUzRCUyNWVkY2xpZCEiCg%26dc_cid%3D185565648%26dc_adid%3D548098692
52.18.234.150200 OK 4.7 kB URL HTTP/1.1 unified.adsafeprotected.com/v2/1324750/68818591?mon=68818592&omidPartner=[OMIDPARTNER]&apiframeworks=[APIFRAMEWORKS]&bundleId=&ias_xappb=&ias_dspId=3&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~&originalVast=https://ad.doubleclick.net/ddm/pfadx/N448205.3522413GOOGLEDV360/B29211219.357221857%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://www.byboe.com/%3Fves%3DdGltZXN0YW1wOiAxNjc0MTA5MDc5MTg2CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzc3U4ZkFBbnJmYzJBbWNaSXEyU3Q0VjNlVWZZdDlhTEZWV2YyeHhFdlJNX19zb2JhRHFoazBjenZCUFlHYWRGcVpDcWF6M1FJNmdmZ2h3U1o2eUdxZGNGZDdXYzBVSDRGSGdxdEViS1BQUTBlY1dTdzV4MTVPc0VrdTRzeFBXZjRhTlcwcmROM0lNcE80SlNPMUZaY3Vjd3phZlJ1X3NFTGpUWDE0ZHI3VFR6MFRQZDZmN1k2SEYydXNGTkRrQUh0NlBWSzZlbV82UVNhWHl5RzdHNUdiS2tuNDFhcTl6MnBGcnhWbmI2TEZFNU14ZGtXY2RhQm5Ta0FvZXBaQkJ0STltNG9WcWN2cnlxQS1wSVdpVHdjcTdSTVVheEwzLTNwZG9RcVYzUlAtRUZUMjUxWFpqWFJ4eGJsN3dxcVJiZFVSZUNRQzJTZUxFUDJWSXhxYUtOOExWNHdJTHFLRTlHQTdITUNFRndFWm5keDA0Rjh6cThlQUNqbDdTenlEY2NZNkx2bFRMa1RPMzAxdGFOSlFpalBpTk84RjFNd18tWVl1QTBKYkZveGdDV0tDUnJOTDY3NTdZLTVnbHc4VTJrZE0xVElWdHVSaFpYZUVYa0dsUUhLVjRoY2VyZDBQajZndFpyODFXZTZKWGxpM053QVp6UEk3dGVUMEhCeDRsZDVrOWM5aWNQT09lT05WY0hfYWhReUJySmZNOTNPRlhHTGsyVm5fQm1BcnIwbXJOT2NTamNtZmI0WlBVSlRPckhvSW1jWVIyZnZnV0RxTUVyQk9acmprWjNhS2JrbVA0T3cxT0QwZHVGV3dJeGJiY0V6ZWlpMnY3OFZGQ2FhcGdZVl9PQ1pQQ3NIRE5XRDNlU0NUSDNJUGJMYXNzM2lxQlhjVGpGZUh0U210cmVCUjVfaDBDRWNqdlg4NVZ1dlZ3N1hxMWtvZ1dvMjNoNnk1UklKUkpYN045Y1ZvUURqcTQ2b0Jvb0huU3Z4ZE1BaGJGc3NQZU5Vai1mODFkd2g1bXVfd05paE56M0g1NGd0amg2OFNFUnlQQ1U0aUZvX09sOHZmT0VoVHFjR2cya3hYZE80NktjRnh4bFVybm1FZHExMFVFOUlpWFRxQTFKcURCUktEXzlQc0pvYllKWDdidmpzQllEdlFEVlVUb1dMdVRWR2o4Zk5DUWFfaGFpeTdDVVlyWWZBTjE2S0hLUElLUE4xVGQwMVc2cFk3eDFxN0xtTDVrNWpfSzFLVm5RQjFmemZOLUxXLWp5UzdYTzBkT0NTY0tkdzI5RnRfTXR6Q3dMWGVYTDU0b2NyaEIyVnNmTTAwZjlhcGFKeldJMm5LV2JTLU44c1c3ejR4THhWRXp1S19PTUNlZDV1MW1IbWdxNjFNTWVRcjBwM2gyWUxYM1NwOTlqLVVmVnVLa0FYdTdPd0RDRmhpQmg4eE9iNnNtTkc4NlV2ZHhwc3ZSNV9DNUFkWnFCVFprelh4YzJvdmI3UXA4ZEpoMVNPRUg2UFhmSWRBYzBYb2JVbWh5bWRVV09KZG82SGg5VjhRcmYzejBIdXVIbG9jQW1jZ1Emc2FpPUFNZmwtWVFURGE1eFRGbkRlNkNIbm80aGFscHh5X3Qwb1VzWGdwZXdIQlVWRTAyMGZIQXV0SDBrWGNIRHBrZlVRZVZSODY0VEo2QVdJUjM0dXV1R01pUnNzQmRHUDhqalVnYnNZMnNVd2h3a1pYQnl4cVAtaF9PZFRuaV8yNTI4Ump2MDlIdEwxenI3SURQeFBEUGhCbTFZZFBBOFJHZ29iSHFyekdFRGJSZWcyMHE2N0o1Y0h3ajVJeDYxLWhNU3NuU2JhbmhaNUF1d0MtX1F5TWNLcGFxb1Zycm1oSmIzSzhyREtfclFKM1lQejRSV0hyZzdXUHJRUVZvbXc0MXljX25ZdkVDV3lld0xrcXBmRUg2dFFQY0FMTXVtSG9rQmRVdnVyR2JlM0FoY3lZUjFnV1RPcmVSZHY0Y3J3dXQyR1hyUiZzaWc9Q2cwQXJLSlN6TWtNSE5WclFteXZFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LmNvY2EtY29sYS5uby9tZWFscyUzRnV0bV9zb3VyY2UlM0RPTFZfcCUyNnV0bV9tZWRpdW0lM0RWaWRlbyUyNnV0bV9jYW1wYWlnbiUzRE1lYWxzQU9RMSUyNnV0bV9jb250ZW50JTNEdmlkZW8lMjZkY2xpZCUzRCUyNWVkY2xpZCEiCg%26dc_cid%3D185565648%26dc_adid%3D548098692
IP 52.18.234.150:0
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (7694)
Hash e0b4efc00ac91656bc1bf150e908e245
f542cf528f587dbf9e9bf4aabc2496f5bf65ffcc
43f41bf826f509a7b87e36bf04690a929b137bcdc0d2b4964361cb1c8ddc9432
GET /v2/1324750/68818591?mon=68818592&omidPartner=[OMIDPARTNER]&apiframeworks=[APIFRAMEWORKS]&bundleId=&ias_xappb=&ias_dspId=3&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_par&ias_impId=v4~~&originalVast=https://ad.doubleclick.net/ddm/pfadx/N448205.3522413GOOGLEDV360/B29211219.357221857%3Bsz%3D0x0%3Bord%3D%5Btimestamp%5D%3Bdc_lat%3D%3Bdc_rdid%3D%3Btag_for_child_directed_treatment%3D%3Btfua%3D%3Bdcmt%3Dtext/xml%3Bdc_sdkv%3Dh.0.0.0%3Bdc_osd%3D2%3Bdc_frm%3D2%3Bdc_sdr%3D1%3Bdc_ref%3Dhttps://www.byboe.com/%3Fves%3DdGltZXN0YW1wOiAxNjc0MTA5MDc5MTg2CmNsaWNrX3Rocm91Z2hfdXJsOiAiaHR0cHM6Ly9hZGNsaWNrLmcuZG91YmxlY2xpY2submV0L3Bjcy9jbGljaz94YWk9QUtBT2pzc3U4ZkFBbnJmYzJBbWNaSXEyU3Q0VjNlVWZZdDlhTEZWV2YyeHhFdlJNX19zb2JhRHFoazBjenZCUFlHYWRGcVpDcWF6M1FJNmdmZ2h3U1o2eUdxZGNGZDdXYzBVSDRGSGdxdEViS1BQUTBlY1dTdzV4MTVPc0VrdTRzeFBXZjRhTlcwcmROM0lNcE80SlNPMUZaY3Vjd3phZlJ1X3NFTGpUWDE0ZHI3VFR6MFRQZDZmN1k2SEYydXNGTkRrQUh0NlBWSzZlbV82UVNhWHl5RzdHNUdiS2tuNDFhcTl6MnBGcnhWbmI2TEZFNU14ZGtXY2RhQm5Ta0FvZXBaQkJ0STltNG9WcWN2cnlxQS1wSVdpVHdjcTdSTVVheEwzLTNwZG9RcVYzUlAtRUZUMjUxWFpqWFJ4eGJsN3dxcVJiZFVSZUNRQzJTZUxFUDJWSXhxYUtOOExWNHdJTHFLRTlHQTdITUNFRndFWm5keDA0Rjh6cThlQUNqbDdTenlEY2NZNkx2bFRMa1RPMzAxdGFOSlFpalBpTk84RjFNd18tWVl1QTBKYkZveGdDV0tDUnJOTDY3NTdZLTVnbHc4VTJrZE0xVElWdHVSaFpYZUVYa0dsUUhLVjRoY2VyZDBQajZndFpyODFXZTZKWGxpM053QVp6UEk3dGVUMEhCeDRsZDVrOWM5aWNQT09lT05WY0hfYWhReUJySmZNOTNPRlhHTGsyVm5fQm1BcnIwbXJOT2NTamNtZmI0WlBVSlRPckhvSW1jWVIyZnZnV0RxTUVyQk9acmprWjNhS2JrbVA0T3cxT0QwZHVGV3dJeGJiY0V6ZWlpMnY3OFZGQ2FhcGdZVl9PQ1pQQ3NIRE5XRDNlU0NUSDNJUGJMYXNzM2lxQlhjVGpGZUh0U210cmVCUjVfaDBDRWNqdlg4NVZ1dlZ3N1hxMWtvZ1dvMjNoNnk1UklKUkpYN045Y1ZvUURqcTQ2b0Jvb0huU3Z4ZE1BaGJGc3NQZU5Vai1mODFkd2g1bXVfd05paE56M0g1NGd0amg2OFNFUnlQQ1U0aUZvX09sOHZmT0VoVHFjR2cya3hYZE80NktjRnh4bFVybm1FZHExMFVFOUlpWFRxQTFKcURCUktEXzlQc0pvYllKWDdidmpzQllEdlFEVlVUb1dMdVRWR2o4Zk5DUWFfaGFpeTdDVVlyWWZBTjE2S0hLUElLUE4xVGQwMVc2cFk3eDFxN0xtTDVrNWpfSzFLVm5RQjFmemZOLUxXLWp5UzdYTzBkT0NTY0tkdzI5RnRfTXR6Q3dMWGVYTDU0b2NyaEIyVnNmTTAwZjlhcGFKeldJMm5LV2JTLU44c1c3ejR4THhWRXp1S19PTUNlZDV1MW1IbWdxNjFNTWVRcjBwM2gyWUxYM1NwOTlqLVVmVnVLa0FYdTdPd0RDRmhpQmg4eE9iNnNtTkc4NlV2ZHhwc3ZSNV9DNUFkWnFCVFprelh4YzJvdmI3UXA4ZEpoMVNPRUg2UFhmSWRBYzBYb2JVbWh5bWRVV09KZG82SGg5VjhRcmYzejBIdXVIbG9jQW1jZ1Emc2FpPUFNZmwtWVFURGE1eFRGbkRlNkNIbm80aGFscHh5X3Qwb1VzWGdwZXdIQlVWRTAyMGZIQXV0SDBrWGNIRHBrZlVRZVZSODY0VEo2QVdJUjM0dXV1R01pUnNzQmRHUDhqalVnYnNZMnNVd2h3a1pYQnl4cVAtaF9PZFRuaV8yNTI4Ump2MDlIdEwxenI3SURQeFBEUGhCbTFZZFBBOFJHZ29iSHFyekdFRGJSZWcyMHE2N0o1Y0h3ajVJeDYxLWhNU3NuU2JhbmhaNUF1d0MtX1F5TWNLcGFxb1Zycm1oSmIzSzhyREtfclFKM1lQejRSV0hyZzdXUHJRUVZvbXc0MXljX25ZdkVDV3lld0xrcXBmRUg2dFFQY0FMTXVtSG9rQmRVdnVyR2JlM0FoY3lZUjFnV1RPcmVSZHY0Y3J3dXQyR1hyUiZzaWc9Q2cwQXJLSlN6TWtNSE5WclFteXZFQUUmY3J5PTEmZmJzX2FlaWQ9W2d3X2Zic2FlaWRdJnVybGZpeD0xJmFkdXJsPWh0dHBzOi8vd3d3LmNvY2EtY29sYS5uby9tZWFscyUzRnV0bV9zb3VyY2UlM0RPTFZfcCUyNnV0bV9tZWRpdW0lM0RWaWRlbyUyNnV0bV9jYW1wYWlnbiUzRE1lYWxzQU9RMSUyNnV0bV9jb250ZW50JTNEdmlkZW8lMjZkY2xpZCUzRCUyNWVkY2xpZCEiCg%26dc_cid%3D185565648%26dc_adid%3D548098692 HTTP/1.1
Host: unified.adsafeprotected.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Encoding: gzip
Content-Type: text/xml; charset=UTF-8
Date: Thu, 19 Jan 2023 06:18:01 GMT
Request-Id: cf4e1652k156p4fm9ukg
Vary: Origin
Content-Length: 4684
Connection: keep-alive
s0.2mdn.net/dynamic/2/11036428/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/62615cdd1d0b674a48770b94/content/blank.png_1671535761561_blank.png
172.217.21.166200 OK 927 B URL HTTP/2 s0.2mdn.net/dynamic/2/11036428/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/62615cdd1d0b674a48770b94/content/blank.png_1671535761561_blank.png
IP 172.217.21.166:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash dc511169a5d403eca059e9464c6009ff
910a37f28ec15c890a2bb65fc06c76bf8ec03a95
1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1
GET /dynamic/2/11036428/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/62615cdd1d0b674a48770b94/content/blank.png_1671535761561_blank.png HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 927
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 08:30:33 GMT
expires: Fri, 12 Jan 2024 08:30:33 GMT
cache-control: public, max-age=31536000
age: 596848
last-modified: Tue, 20 Dec 2022 11:29:25 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/dynamic/2/11036428/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/639c8ca90a6a4e7f494afa2d/original/TLOUPREPREMIERE_NO_Single-Title_DISPLAY_300x250.jpg_1673283657104_TLOUPREPREMIERE_NO_Single-Title_DISPLAY_300x250.jpg
172.217.21.166200 OK 49 kB URL HTTP/2 s0.2mdn.net/dynamic/2/11036428/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/639c8ca90a6a4e7f494afa2d/original/TLOUPREPREMIERE_NO_Single-Title_DISPLAY_300x250.jpg_1673283657104_TLOUPREPREMIERE_NO_Single-Title_DISPLAY_300x250.jpg
IP 172.217.21.166:0
File type JPEG image data, progressive, precision 8, 300x124, components 3\012- data
Hash e4abcd0c10063ce754dc1c63ca1c9da5
ce2329073060aad20603a709c95eec992c05d781
2ec4d3004a9b2ba805491bc43634879b67ed9bf7af1ff8417de16e10e11c42fe
GET /dynamic/2/11036428/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/639c8ca90a6a4e7f494afa2d/original/TLOUPREPREMIERE_NO_Single-Title_DISPLAY_300x250.jpg_1673283657104_TLOUPREPREMIERE_NO_Single-Title_DISPLAY_300x250.jpg HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 48720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 18:34:01 GMT
expires: Tue, 16 Jan 2024 18:34:01 GMT
cache-control: public, max-age=31536000
age: 215040
last-modified: Mon, 09 Jan 2023 17:01:05 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/dynamic/2/11036428/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/62615cdd1d0b674a48770b94/content/gradient1.png_1671535761561_gradient1.png
172.217.21.166200 OK 1.9 kB URL HTTP/2 s0.2mdn.net/dynamic/2/11036428/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/62615cdd1d0b674a48770b94/content/gradient1.png_1671535761561_gradient1.png
IP 172.217.21.166:0
File type PNG image data, 91 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash 0c90d7980c22313b9ad4906c7dee632b
80a458e86d61fa0326d01195b78e58b71f3c7d42
7bcd370761d324e10f1b3b8db520a161dfd4e71f1b1a8527d79b51f3a55a1a61
GET /dynamic/2/11036428/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/62615cdd1d0b674a48770b94/content/gradient1.png_1671535761561_gradient1.png HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 1940
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 08:30:29 GMT
expires: Fri, 12 Jan 2024 08:30:29 GMT
cache-control: public, max-age=31536000
age: 596852
last-modified: Tue, 20 Dec 2022 11:29:26 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/dynamic/2/11036428/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/623333d8f71c39b30804cb4e/original/blank.png_1671535761561_blank.png
172.217.21.166200 OK 927 B URL HTTP/2 s0.2mdn.net/dynamic/2/11036428/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/623333d8f71c39b30804cb4e/original/blank.png_1671535761561_blank.png
IP 172.217.21.166:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash dc511169a5d403eca059e9464c6009ff
910a37f28ec15c890a2bb65fc06c76bf8ec03a95
1c45dbdb7b09412d6e8d0a108245bf284d53a80fe178119869ca65654c0621a1
GET /dynamic/2/11036428/cdn.ad-lib.io/v3/partners/60ffb5128da83b16b539580e/assets/singleFiles/623333d8f71c39b30804cb4e/original/blank.png_1671535761561_blank.png HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 927
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 08:30:29 GMT
expires: Fri, 12 Jan 2024 08:30:29 GMT
cache-control: public, max-age=31536000
age: 596852
last-modified: Tue, 20 Dec 2022 11:29:23 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/dynamic/2/11036428/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/62615cdd1d0b674a48770b94/content/gradient2.png_1671535761561_gradient2.png
172.217.21.166200 OK 2.2 kB URL HTTP/2 s0.2mdn.net/dynamic/2/11036428/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/62615cdd1d0b674a48770b94/content/gradient2.png_1671535761561_gradient2.png
IP 172.217.21.166:0
File type PNG image data, 300 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash 80589ba5624a89d520b27deec04e69d7
f0105b83aacaad790682e23ca790b9593762fe7f
d24d7ff076bcda8dd443bad6a7fb87d398231d1fe7900bebad4316cd374ee7a1
GET /dynamic/2/11036428/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/62615cdd1d0b674a48770b94/content/gradient2.png_1671535761561_gradient2.png HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 2220
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 08:30:29 GMT
expires: Fri, 12 Jan 2024 08:30:29 GMT
cache-control: public, max-age=31536000
age: 596852
last-modified: Tue, 20 Dec 2022 11:29:24 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/dynamic/2/11036428/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/62615cdd1d0b674a48770b94/content/bg.png_1671535761561_bg.png
172.217.21.166200 OK 26 kB URL HTTP/2 s0.2mdn.net/dynamic/2/11036428/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/62615cdd1d0b674a48770b94/content/bg.png_1671535761561_bg.png
IP 172.217.21.166:0
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b31033fed7adb43ca5920cd206f69c8
964672e2c6cc98bc0a614aa1d0eac97610dd5240
d5098a9663c30c4efb39f19f45e2d5cf282ed8985f5cc4f531e8e6a957ebe5b0
GET /dynamic/2/11036428/cdn.ad-lib.io/v2/partners/60ffb5128da83b16b539580e/assets/concepts/61e5963a8a3fbc203592f3cf/templates/62615cdd1d0b674a48770b94/content/bg.png_1671535761561_bg.png HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/index.html?e=69&leftOffset=0&topOffset=0&c=83vzD0ehui&t=1&renderingType=2&ev=01_247
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-length: 26066
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Jan 2023 08:30:33 GMT
expires: Fri, 12 Jan 2024 08:30:33 GMT
cache-control: public, max-age=31536000
age: 596848
last-modified: Tue, 20 Dec 2022 11:29:23 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/Gilroy-Bold.woff
172.217.21.166200 OK 37 kB URL HTTP/2 s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/Gilroy-Bold.woff
IP 172.217.21.166:0
File type Web Open Font Format, TrueType, length 36680, version 0.0\012- data
Hash 968e075d7912d97afe52ce08613d2c0c
c41b848b9c43e56f9dd243541b4800133e760e05
b05023db04b56f3f423eec0da9c5f2f9fb009eaf452928ed42f07f2139d65aca
GET /sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/Gilroy-Bold.woff HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/adStyle.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 36680
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 00:07:38 GMT
expires: Sun, 14 Jan 2024 00:07:38 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 05 Jan 2023 14:37:52 GMT
content-type: font/woff
age: 454223
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/Gilroy-Regular.woff
172.217.21.166200 OK 39 kB URL HTTP/2 s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/Gilroy-Regular.woff
IP 172.217.21.166:0
File type Web Open Font Format, TrueType, length 38772, version 0.0\012- data
Hash c920bf4469e0634bc3182a198b49edeb
0f7fadb30bc338cffe518c02eb06acad1b3adc0b
51fa808e1c12083fc9673a294360eaeaf7c98dcb215bee6798d808c0abf634f3
GET /sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/Gilroy-Regular.woff HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://s0.2mdn.net/sadbundle/10906895751862812672/300x250-HBO_SingleTitle_DisplayPrg-Static/adStyle.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 38772
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Sat, 14 Jan 2023 13:43:14 GMT
expires: Sun, 14 Jan 2024 13:43:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 05 Jan 2023 14:37:52 GMT
content-type: font/woff
age: 405287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gcdn.2mdn.net/videoplayback/id/c8551442681949bf/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817970582/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/465A04226F9F0BBE9F0D999231761E96E8766BC7.343A7D3C0F54037A4CA5CB0A58A8F3C61B4F3E0B/key/ck2/file/file.mp4
142.250.74.110302 Found 0 B URL HTTP/2 gcdn.2mdn.net/videoplayback/id/c8551442681949bf/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817970582/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/465A04226F9F0BBE9F0D999231761E96E8766BC7.343A7D3C0F54037A4CA5CB0A58A8F3C61B4F3E0B/key/ck2/file/file.mp4
IP 142.250.74.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /videoplayback/id/c8551442681949bf/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817970582/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/465A04226F9F0BBE9F0D999231761E96E8766BC7.343A7D3C0F54037A4CA5CB0A58A8F3C61B4F3E0B/key/ck2/file/file.mp4 HTTP/1.1
Host: gcdn.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 19 Jan 2023 06:18:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
location: https://r2---sn-5go7ynl6.c.2mdn.net/videoplayback/id/c8551442681949bf/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817970582/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/11F352296A440F16643F1E4C6D28A7D2401FC080.7B31E75170656D28FDEE2BAA8C7FF11E8FD8D1CE/key/cms1/cms_redirect/yes/mh/-y/mip/91.90.42.154/mm/42/mn/sn-5go7ynl6/ms/onc/mt/1674107713/mv/u/mvi/2/pl/21/file/file.mp4
content-type: text/html; charset=UTF-8
server: ClientMapServer
content-length: 641
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 9d3201b9d64bc9a7c58eb37728d0977b
9c2503e7930af6a21f08b2d3b3252f9c783fc5cc
6ccd6d29320c09445794647028441b5245e1e3069af4e8f35211d643f8bb5db4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:18:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r2---sn-5go7ynl6.c.2mdn.net/videoplayback/id/c8551442681949bf/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817970582/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/11F352296A440F16643F1E4C6D28A7D2401FC080.7B31E75170656D28FDEE2BAA8C7FF11E8FD8D1CE/key/cms1/cms_redirect/yes/mh/-y/mip/91.90.42.154/mm/42/mn/sn-5go7ynl6/ms/onc/mt/1674107713/mv/u/mvi/2/pl/21/file/file.mp4
74.125.111.39200 OK 0 B URL HTTP/1.1 r2---sn-5go7ynl6.c.2mdn.net/videoplayback/id/c8551442681949bf/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817970582/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/11F352296A440F16643F1E4C6D28A7D2401FC080.7B31E75170656D28FDEE2BAA8C7FF11E8FD8D1CE/key/cms1/cms_redirect/yes/mh/-y/mip/91.90.42.154/mm/42/mn/sn-5go7ynl6/ms/onc/mt/1674107713/mv/u/mvi/2/pl/21/file/file.mp4
IP 74.125.111.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /videoplayback/id/c8551442681949bf/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817970582/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/11F352296A440F16643F1E4C6D28A7D2401FC080.7B31E75170656D28FDEE2BAA8C7FF11E8FD8D1CE/key/cms1/cms_redirect/yes/mh/-y/mip/91.90.42.154/mm/42/mn/sn-5go7ynl6/ms/onc/mt/1674107713/mv/u/mvi/2/pl/21/file/file.mp4 HTTP/1.1
Host: r2---sn-5go7ynl6.c.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://googleads.g.doubleclick.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Thu, 12 Jan 2023 11:22:41 GMT
Content-Type: video/mp4
Date: Thu, 19 Jan 2023 06:18:01 GMT
Expires: Thu, 19 Jan 2023 06:18:01 GMT
Cache-Control: private, max-age=86400
Accept-Ranges: bytes
Content-Length: 549557
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 9d3201b9d64bc9a7c58eb37728d0977b
9c2503e7930af6a21f08b2d3b3252f9c783fc5cc
6ccd6d29320c09445794647028441b5245e1e3069af4e8f35211d643f8bb5db4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 19 Jan 2023 06:18:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
upskittyan.com/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert quad9 Sinkholed
POST /custom HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Content-Type: application/json
Origin: https://www.byboe.com
Content-Length: 371
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 06:18:03 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 78b21e8d37c3f0198a0439219b3bf12f
access-control-allow-origin: https://www.byboe.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
link1s.com/XDNgMZ85
151.139.128.10302 Found 0 B IP 151.139.128.10:0
GET /XDNgMZ85 HTTP/1.1
Host: link1s.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 19 Jan 2023 06:17:55 GMT
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
set-cookie: SPSI=b9e1cae84bca4305c43e29531ec10d83; path=/; HttpOnly; SameSite=Lax;
SPSE=/t1Kas60keBbGrBKxDlR5aStmTOeYYoTk7jwN1+/LUI1sMNsAORBFYtegeLQxJSF81rg5cNc7IQzd2PpYwPPyA==; path=/; HttpOnly; SameSite=Lax;
spcsrf=e4dbe73672a592b87b6ac77e4c113407; path=/; SameSite=Strict; HttpOnly; expires=Thu, 19-Jan-23 08:17:54 GMT
adOtr=obsvl; path=/; SameSite=Lax; expires=Thu, 2 Aug 2001 20:47:11 UTC
UTGv2=D-h483ee5467a266fda7512f93e05b21829d49; path=/; SameSite=Lax; expires=Tue, 18-Jul-23 06:17:54 GMT
lang=en_US; expires=Sun, 14-Jan-2024 06:17:54 GMT; Max-Age=31104000; path=/
AppSession=oe59e9odedtsnqq6ej34iekd3d; path=/; HttpOnly
csrfToken=3c7b3139a77f7ea2c92d016ff7ef8bbae25b645e4348576c3d1dfd1f0f23bd86d1accf6184d432b86123091786d1d5b68ecfaaa25612de7762caf9bd4aa9dacc; path=/; HttpOnly
app_visitor=Q2FrZQ%3D%3D.YTk5OWFmZDg3ZDYwZDQzNmRiMmQ1ZTdkNTUwMzIwZjNmMjA4Yjc1NzhiMGYzYWI4NWRjNDczODk3ODhlZjQ1NWeDIQnkM2Cp1E%2FswQaG2LB5YofzzOS8XMwV19YUvUD%2BdMSyBUHlExM%2B4StdhFwlotyJ2uT8eVEfX1Yspqd9hc5snJF%2FyKLr7kZzZg9eW6ht; expires=Fri, 20-Jan-2023 06:17:54 GMT; Max-Age=86399; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: no-referrer
location: https://www.byboe.com/verifylv1/?XDNgMZ85
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-powered-by: LarVPS
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: fbs
x-hw: 1674109074.cds209.sk1.hn,1674109074.cds013.sk1.sc,1674109075.cdn2-wafbe01-arn1.stackpath.systems.-.wx,1674109075.cds013.sk1.p
access-control-allow-origin: *
x-sp-metadata: HS256.CKPdo54GEocBCiRjMmU0NDg2NS03ZDY0LTRlM2YtYWJkMC03Yzc0OTYzOWY5M2EQuOj7/fGn/AIaBgiSwaOeBiIMOTEuOTAuNDIuMTU0KMWfATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiYSJDEzNTVlNTBiLTBmNjktNGMwNy1iNDU5LTJmYWYwNTg3ZjVhYSIaCAISFGNkczAxMy5zazEuaHdjZG4ubmV0GAg=.h/jWbAoC3kaUxV26S+1/JDEQ0v1v6Ap0EEaYMEMb7TM=
X-Firefox-Spdy: h2
upskittyan.com/pfe/current/tag.min.js?z=5118379
139.45.197.251200 OK 0 B URL HTTP/2 upskittyan.com/pfe/current/tag.min.js?z=5118379
IP 139.45.197.251:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/tag.min.js?z=5118379 HTTP/1.1
Host: upskittyan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 06:17:57 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 12:58:18 GMT
etag: W/"63a302ea-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
172.217.21.166200 OK 0 B URL HTTP/2 s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
IP 172.217.21.166:0
GET /879366/html_inpage_rendering_lib_200_276.js HTTP/1.1
Host: s0.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 60311
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 18:31:50 GMT
expires: Thu, 19 Jan 2023 18:31:50 GMT
cache-control: public, max-age=86400
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
content-type: text/javascript
age: 42369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.zuuvi.com/zuuviapi/zuuviapi.v1.09.js
54.230.111.86200 OK 0 B URL HTTP/2 cdn.zuuvi.com/zuuviapi/zuuviapi.v1.09.js
IP 54.230.111.86:0
GET /zuuviapi/zuuviapi.v1.09.js HTTP/1.1
Host: cdn.zuuvi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.zuuvi.com/2eHz/auMO/Yc5m/xtK5/BZpH/live/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
x-amz-replication-status: COMPLETED
last-modified: Mon, 29 Nov 2021 15:31:04 GMT
x-amz-version-id: lzXpJktKalKMdaQ71buLspK7gexu_Zum
server: AmazonS3
content-encoding: gzip
date: Wed, 18 Jan 2023 13:18:36 GMT
etag: W/"eb3b5ab04b403c46805223811301e5e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pQBpoHbHpX82pQaB_bvr0blc8NmZ33tYJHrrT-rr1x_ej6LQJdWWlw==
age: 61165
X-Firefox-Spdy: h2
www.byboe.com/verifylv1/?XDNgMZ85
104.21.22.124307 Temporary Redirect 0 B URL HTTP/2 www.byboe.com/verifylv1/?XDNgMZ85
IP 104.21.22.124:0
GET /verifylv1/?XDNgMZ85 HTTP/1.1
Host: www.byboe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
date: Thu, 19 Jan 2023 06:17:55 GMT
content-type: text/html; charset=UTF-8
location: https://byboe.com
referrer-policy: no-referrer, strict-origin-when-cross-origin
set-cookie: JSON_fetchlv1=XDNgMZ85; expires=Thu, 19-Jan-2023 06:19:52 GMT; Max-Age=200; path=/
JSON_fetch=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchnet=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetch1sh=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv0=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv3s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv4=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv4s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv5=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
JSON_fetchlv5s=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
x-xss-protection: 1;mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-powered-by: WPTangTocOLS
permissions-policy: accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0ov7Q7MIxtQeIIhSSZDuloSxASV8tVQpf28Z6hS3pz2KY%2BSjx5SLOkAuZh9%2FSPzvpt%2BGd8SNIGg9Th%2F4lDRSw%2FNqomQ97NY8WbmTcyXOwFYuzyZkc2NeMA8816opFPo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78bd73378a58b4fd-OSL
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/4.3.1/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 19 Jan 2023 06:17:57 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 12/27/2021 07:28:05
cdn-edgestorageid: 756
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 5a4f218ff2cc791bfca3e2943b0791a7
cdn-cache: HIT
cf-cache-status: HIT
age: 19555701
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78bd7344cedbb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.itskiddien.club/?rb=epZRO_1PBgoFuRvUYDR4z6g8NSE-iW0l9w0ocbQ3v3fnQrN8b5GV2kmdpucy8NqBzqQ7zUpwm-Cl3sywH5gw4noCbwOdmluX3dboZL8aAFJaIHHZqKDKTuaxYifLfnM-qN8NT0w6doZkB0m-xNXDL-MXHNYabQzHFCbLcxupgMFTfUlEy3K9l_V3wDY1isEcCtC-FLjYpQORXyZyT9newfV23dSRV6zCkW_i3RxNVxw%3D&request_ab2=0&zoneid=5115166&js_build=iclick-v1.471.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fwww.byboe.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.471.1&bs=81c0323d-7b0a-4c2e-b9ac-ae566c80c158&userId=f076d8d9c40445e6afb1ef633b9d0c88&m=link
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddien.club/?rb=epZRO_1PBgoFuRvUYDR4z6g8NSE-iW0l9w0ocbQ3v3fnQrN8b5GV2kmdpucy8NqBzqQ7zUpwm-Cl3sywH5gw4noCbwOdmluX3dboZL8aAFJaIHHZqKDKTuaxYifLfnM-qN8NT0w6doZkB0m-xNXDL-MXHNYabQzHFCbLcxupgMFTfUlEy3K9l_V3wDY1isEcCtC-FLjYpQORXyZyT9newfV23dSRV6zCkW_i3RxNVxw%3D&request_ab2=0&zoneid=5115166&js_build=iclick-v1.471.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fwww.byboe.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.471.1&bs=81c0323d-7b0a-4c2e-b9ac-ae566c80c158&userId=f076d8d9c40445e6afb1ef633b9d0c88&m=link
IP 139.45.197.236:0
GET /?rb=epZRO_1PBgoFuRvUYDR4z6g8NSE-iW0l9w0ocbQ3v3fnQrN8b5GV2kmdpucy8NqBzqQ7zUpwm-Cl3sywH5gw4noCbwOdmluX3dboZL8aAFJaIHHZqKDKTuaxYifLfnM-qN8NT0w6doZkB0m-xNXDL-MXHNYabQzHFCbLcxupgMFTfUlEy3K9l_V3wDY1isEcCtC-FLjYpQORXyZyT9newfV23dSRV6zCkW_i3RxNVxw%3D&request_ab2=0&zoneid=5115166&js_build=iclick-v1.471.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=https%3A%2F%2Fwww.byboe.com%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.471.1&bs=81c0323d-7b0a-4c2e-b9ac-ae566c80c158&userId=f076d8d9c40445e6afb1ef633b9d0c88&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.byboe.com/
Origin: https://www.byboe.com
Connection: keep-alive
Cookie: OAID=f7fe71086f824c9aadc53d24c49707ce; oaidts=1674109078
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 19 Jan 2023 06:17:58 GMT
content-type: application/json
x-trace-id: c1b5b88bf657a026c61e1c3a59c976cb
access-control-allow-origin: https://www.byboe.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=f076d8d9c40445e6afb1ef633b9d0c88; expires=Fri, 19 Jan 2024 06:17:58 GMT; path=/; secure; SameSite=None
oaidts=1674109078; expires=Fri, 19 Jan 2024 06:17:58 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 26 Jan 2023 06:17:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
r2---sn-5go7ynl6.c.2mdn.net/videoplayback/id/c8551442681949bf/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817970582/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/11F352296A440F16643F1E4C6D28A7D2401FC080.7B31E75170656D28FDEE2BAA8C7FF11E8FD8D1CE/key/cms1/cms_redirect/yes/mh/-y/mip/91.90.42.154/mm/42/mn/sn-5go7ynl6/ms/onc/mt/1674107713/mv/u/mvi/2/pl/21/file/file.mp4
74.125.111.39206 Partial Content 0 B URL HTTP/1.1 r2---sn-5go7ynl6.c.2mdn.net/videoplayback/id/c8551442681949bf/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817970582/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/11F352296A440F16643F1E4C6D28A7D2401FC080.7B31E75170656D28FDEE2BAA8C7FF11E8FD8D1CE/key/cms1/cms_redirect/yes/mh/-y/mip/91.90.42.154/mm/42/mn/sn-5go7ynl6/ms/onc/mt/1674107713/mv/u/mvi/2/pl/21/file/file.mp4
IP 74.125.111.39:0
GET /videoplayback/id/c8551442681949bf/itag/18/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3817970582/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/11F352296A440F16643F1E4C6D28A7D2401FC080.7B31E75170656D28FDEE2BAA8C7FF11E8FD8D1CE/key/cms1/cms_redirect/yes/mh/-y/mip/91.90.42.154/mm/42/mn/sn-5go7ynl6/ms/onc/mt/1674107713/mv/u/mvi/2/pl/21/file/file.mp4 HTTP/1.1
Host: r2---sn-5go7ynl6.c.2mdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 206 Partial Content
Last-Modified: Thu, 12 Jan 2023 11:22:41 GMT
Content-Type: video/mp4
Date: Thu, 19 Jan 2023 06:18:01 GMT
Expires: Thu, 19 Jan 2023 06:18:01 GMT
Cache-Control: private, max-age=86400
Content-Range: bytes 0-549556/549557
Accept-Ranges: bytes
Content-Length: 549557
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
X-Content-Type-Options: nosniff
Server: gvs 1.0